1 00:00:00,000 --> 00:00:18,559 Hey guys and welcome back. So in the previous nugget we had talked about the ARP table and 2 00:00:18,559 --> 00:00:23,920 the way we could retrieve this information was using the ARP command. Now what I want 3 00:00:23,920 --> 00:00:30,560 to talk to you about is the root command. Now again this is another deprecated command 4 00:00:30,560 --> 00:00:37,240 that we are dealing with but it just so happens that the LPEG2 examination does require we 5 00:00:37,240 --> 00:00:44,680 do have familiarity with these old commands and tools. So we must charge on and learn 6 00:00:44,680 --> 00:00:49,320 how to use it. So that is exactly what we're going to do. Okay so before we actually look 7 00:00:49,320 --> 00:00:55,840 at this command a very brief word on the concept of rooting. So in the previous nugget we actually 8 00:00:55,840 --> 00:01:03,359 talked about how devices actually communicate when they are within the same local network. So 9 00:01:03,359 --> 00:01:09,519 the way we communicate over a local network, devices ultimately talk to other devices using 10 00:01:09,519 --> 00:01:15,079 that MAC address hence why we were relying on the address resolution protocol so that we could 11 00:01:15,079 --> 00:01:21,679 actually ascertain and bind the MAC address information to particular IP address information. 12 00:01:21,679 --> 00:01:27,280 Now what we're going to talk about now is connections between remote networks. This means 13 00:01:27,280 --> 00:01:32,439 connecting to networks that are not the network that you happen to be on. So that would mean 14 00:01:32,439 --> 00:01:38,840 that if you are here, this could be your little computer and you want to speak to the big bad 15 00:01:38,840 --> 00:01:44,960 internet. Well the internet is a collection of many different networks and these are remote 16 00:01:44,960 --> 00:01:50,480 networks. You will be aware that the way you connect to the internet is via a device known as a 17 00:01:50,480 --> 00:01:58,040 router or if you are in America a router and quite simply all this device does is that it holds 18 00:01:58,040 --> 00:02:05,560 information about different networks in something called a rooting table. So if a packet is destined 19 00:02:05,560 --> 00:02:11,080 for a remote network, you send it to the router and the router will look it up in its rooting 20 00:02:11,080 --> 00:02:18,000 table and it will know which interface to send that packet out. Now we also have a concept of a 21 00:02:18,000 --> 00:02:25,280 default gateway. Now all a default gateway is, it is a router i.e. a device that is capable of 22 00:02:25,280 --> 00:02:31,879 reaching remote networks and you set that as your default next hop when you're trying to reach a 23 00:02:31,919 --> 00:02:38,120 remote network. Simply put your local machine, if it does not have rooting capabilities the way an 24 00:02:38,120 --> 00:02:45,199 actual router can, you're not able to reach remote networks but you can reach the router that is on 25 00:02:45,199 --> 00:02:52,919 and present within your local network. That will be the default place you send that traffic to. So 26 00:02:52,919 --> 00:02:58,359 whenever you have a remote destination that you're trying to reach, you don't worry about how to get 27 00:02:58,360 --> 00:03:04,600 there, you just by default send that information to your local router and the router will calculate 28 00:03:04,600 --> 00:03:10,720 the correct path and how to get that traffic to that destination. So like I say integral to this 29 00:03:10,720 --> 00:03:19,120 process is the concept of a rooting table. Now we also have our own form of a rooting table within 30 00:03:19,120 --> 00:03:25,800 our local Linux machine but it's much much simpler than what you would see on a typical enterprise 31 00:03:26,040 --> 00:03:31,400 router that we're talking about. Instead it's just going to have information relating to things like 32 00:03:31,400 --> 00:03:38,760 our gateway and the way we can actually display our rooting table on our little Linux machine is we 33 00:03:38,760 --> 00:03:45,400 can use this root command. Similarly we can also make modifications to the rooting table via the 34 00:03:45,400 --> 00:03:51,280 very same command using particular options and switches. So we can just say root and this is 35 00:03:51,360 --> 00:03:57,960 the information we get right here. What this is saying is that if we do not have another root 36 00:03:57,960 --> 00:04:05,080 specified for a particular packet, the default is to send it simply to the gateway. Now what about 37 00:04:05,080 --> 00:04:12,280 this one right here? For example here we can see if we have a packet that is destined for 192.168.0.0 38 00:04:13,280 --> 00:04:22,920 with a slash 24 mask. What do we do with it? Well it says here we're sending it to 0.0.0.0.0. Now when 39 00:04:22,920 --> 00:04:28,720 we see this in the rooting table what it actually means is that we should just broadcast this 40 00:04:28,720 --> 00:04:36,800 communication over the local network which indeed does make sense. Now notice we also get the 41 00:04:37,040 --> 00:04:42,800 interface related information. If we want to happen to make a manual change to the rooting 42 00:04:42,800 --> 00:04:51,040 table then we can do this by using the root command followed by the option add to add a root to the 43 00:04:51,040 --> 00:04:58,080 rooting table or we can say the word del to delete an entry in the rooting table. So let's say I 44 00:04:58,080 --> 00:05:05,000 wanted to manually add a new root. What I could say is sudo root add and I could specify the 45 00:05:05,040 --> 00:05:11,839 network I want to add. I will say dash net and the network will be 192.168. Let's just say maybe 46 00:05:11,839 --> 00:05:21,800 50.0 with a net mask of slash 24 so that's 255.255.255.0 and now what I want to do is to specify the 47 00:05:21,800 --> 00:05:28,319 default gateway so I'll say GW and the gateway would have to be on our local network so I'll say 48 00:05:28,439 --> 00:05:37,360 192.168.0. something and I will have that as 0.1. So if I hit enter type in my password and I say 49 00:05:37,360 --> 00:05:43,480 root now notice that I actually have manually added this entry here if we want to go to this 50 00:05:43,480 --> 00:05:50,279 network then we send it to 192.168.0.1 which happens to be my default gateway which we can 51 00:05:50,319 --> 00:05:57,959 actually ping right now 192.168.0.1 that is just simply my home router. Now if we want to remove 52 00:05:57,959 --> 00:06:05,159 this entry from the rooting table what I could say is sudo root del net and I'll say 192.168.50 53 00:06:05,159 --> 00:06:14,479 and again the same syntax net mask and the gateways 192.168.0.1 if I hit enter and I now say root 54 00:06:14,680 --> 00:06:21,120 that information of that entry should I say has now been updated and removed so really if you 55 00:06:21,120 --> 00:06:25,759 happen to be having issues connecting to remote networks you could use the root command see that 56 00:06:25,759 --> 00:06:31,400 you do have a default gateway configured and if you want to statically modify the rooting table 57 00:06:31,400 --> 00:06:36,759 to add your own entries as you so wish or remove entries which you believe may be causing you 58 00:06:36,759 --> 00:06:44,040 issues then by using the very same root command you can update the rooting table by either adding 59 00:06:44,080 --> 00:06:49,960 or removing networks or adding or removing gateways as you need but like I say the root 60 00:06:49,960 --> 00:06:56,120 command is indeed deprecated it is not the recommended way to perform such an action anymore 61 00:06:56,120 --> 00:07:01,879 it really is just there for legacy purposes for the examination there is a newer command on the 62 00:07:01,879 --> 00:07:07,800 block which has replaced the ifconfig command as well as the root command and others and that is the 63 00:07:07,800 --> 00:07:12,520 ip command and it's that command that we're going to be looking at next so I hope this has been 64 00:07:12,519 --> 00:07:15,079 informative for you and I'd like to thank you for viewing