Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Simulating host unreachable - how to achieve/implement it

Here is my scenario:

A is a provisioning server and B is an client. Whenever there is any change in B's setup, it uploads the appropriate config file to A.

I am working as an automation engineer to automate it. One of the scenario says to disconnect A from network or stop the server A. perform some changes to B and make sure that B failed to upload the files to provisioning server A.

To automate it, the simple way to stop the server A and do the appropriate actions.

Since A and B are also used for other purposes by other parties so I can not either disconnect A or B from network OR stop the server at A.

So, I am looking forward for any solution so that I can simulate the host (provisioning server) unreachable scenario. So when B will send an update to A it will fail but in actual A is running as usual.

Please suggest me some way to achieve it.

I am using Perl as a programming language but I am fine if solution is available in other language.

like image 276
rpg Avatar asked Mar 15 '11 15:03

rpg


2 Answers

I've done this before using a null route. This is something that best done from the shell with the ip command.

# blackhole all packets destined for 192.168.2.1
ip route add blackhole 192.168.2.1
# to delete the same route, replace add with del
ip route del blackhole 192.168.2.1

Depending on your use case, an unreachable route may work better, as it returns ICMP-unreachable instead of discarding the packets, although they tend to have the same effect.

ip route add unreachable 192.168.2.1

And for thoroughness, if you really wanted to simulate a host-unreachable situation (vs a network-unreachable), you would have to do that at the firewall level.

# resond with icmp-host-unreachable for *any* outbound packet to 192.168.2.1
iptables -I OUTPUT -d 192.168.2.1 -j REJECT --reject-with=icmp-host-unreachable
# delete the same rule (without looking up the rule #)
iptables -D OUTPUT -d 192.168.2.1 -j REJECT --reject-with=icmp-host-unreachable
like image 131
JimB Avatar answered Nov 02 '22 04:11

JimB


Another, perhaps easier option is to change the configuration on B to have a bogus IP address for A (e.g. 192.0.2.0) when performing the test.

like image 45
Anomie Avatar answered Nov 02 '22 05:11

Anomie