8.01 Prerequisite: Switching, Routing, Gateways and CNI Basics
Abstract
This page covers the Linux networking basics required before learning Kubernetes networking and CNI.
Topics include switching, routing, default gateways, IP forwarding, and key Linux networking commands.
These concepts are important for troubleshooting Kubernetes networking issues in production clusters.
Networking Prerequisites
Before diving into Kubernetes CNI, understand these basics:
- Switching
- Routing
- Default Gateway
- Linux network interfaces
- Linux routing table
- IP forwarding
- Docker and Kubernetes networking basics
Note
Kubernetes networking is built on top of Linux networking concepts.
If Linux networking is unclear, CNI troubleshooting becomes difficult.
Switching
A switch connects systems within the same network.
Example:
| Host | Interface | IP Address |
|---|---|---|
| A | eth0 |
192.168.1.10 |
| B | eth0 |
192.168.1.11 |
Both hosts are in the same network:
They can communicate directly through the switch.
View Network Interfaces
Use ip link to view network interfaces.
Example interface:
Tip
ip link shows whether interfaces are up, down, or connected.
Assign IP Address
Assign an IP address to an interface:
For another host:
Test connectivity:
Warning
IPs configured using ip addr add are temporary and may not persist after reboot.
Routing
A switch connects systems inside one network.
A router connects multiple networks.
Example networks:
| Network | Example Hosts |
|---|---|
192.168.1.0/24 |
Host A, Host B |
192.168.2.0/24 |
Host C, Host D |
A router has one IP in each network:
| Router Interface | IP |
|---|---|
| Network 1 side | 192.168.1.1 |
| Network 2 side | 192.168.2.1 |
Note
Systems need a route to know where to send traffic for other networks.
View Routing Table
Use:
or:
Example route:
Tip
The routing table is the first place to check when a host cannot reach another network.
Add Route to Another Network
If Host A is in 192.168.1.0/24 and wants to reach 192.168.2.0/24, add a route:
This means:
Default Gateway
A default gateway is used when the system does not have a specific route for a destination.
Add default gateway:
Equivalent destination:
Note
default and 0.0.0.0/0 both mean any unknown destination.
Gateway Example
If a system needs internet access, it usually sends unknown traffic to the default gateway.
Example:
Check route:
or:
Warning
Incorrect default gateway configuration is a common reason for internet connectivity issues.
Linux Host as a Router
A Linux host can act as a router if it has interfaces in multiple networks.
Example:
| Host | Interface | IP |
|---|---|---|
| A | eth0 | 192.168.1.5 |
| B | eth0 | 192.168.1.6 |
| B | eth1 | 192.168.2.6 |
| C | eth0 | 192.168.2.5 |
Host B connects both networks.
Add Routes Between Networks
On Host A:
On Host C:
Now both hosts know how to reach each other through Host B.
Enable IP Forwarding
By default, Linux does not forward packets between interfaces.
Check IP forwarding:
Output:
Enable IP forwarding temporarily:
Check again:
Output:
Success
Once IP forwarding is enabled, the Linux host can route packets between interfaces.
Make IP Forwarding Persistent
Temporary changes are lost after reboot.
To persist IP forwarding, update:
Add or update:
Apply changes:
Warning
Enable IP forwarding only when the host is intended to route traffic.
Uncontrolled forwarding can expose private networks.
Key Linux Networking Commands
| Command | Purpose |
|---|---|
ip link |
View or modify interfaces |
ip addr |
View IP addresses |
ip addr add |
Assign IP address |
ip route |
View routing table |
route |
View legacy routing table |
ip route add |
Add route |
ping |
Test connectivity |
cat /proc/sys/net/ipv4/ip_forward |
Check IP forwarding |
CNI Connection to Kubernetes
Kubernetes networking depends on Linux networking fundamentals.
CNI plugins configure:
- pod network interfaces
- IP address allocation
- routing between pods
- network policies
- traffic forwarding
Examples of CNI plugins:
- Calico
- Flannel
- Cilium
- Weave Net
Tip
When troubleshooting Kubernetes networking, start with Linux commands like ip link, ip addr, and ip route.
Production Best Practices
Recommended
- Understand routing before debugging CNI issues
- Verify node interfaces using
ip link - Verify Pod and node IPs using
ip addr - Check routing tables using
ip route - Confirm IP forwarding where routing is required
- Use supported CNI plugins for production
- Document network ranges clearly
Do's
- Use CIDR ranges consistently
- Verify routes before blaming Kubernetes
- Check default gateway during connectivity issues
- Enable IP forwarding only where required
- Use proper CNI plugins for cluster networking
Don'ts
- Don't assume all networks are reachable automatically
- Don't forget return routes
- Don't enable forwarding blindly
- Don't use overlapping CIDR ranges
- Don't ignore routing tables during troubleshooting
Danger
Overlapping CIDR ranges or incorrect routes can break Kubernetes Pod-to-Pod and Pod-to-Service communication.
Troubleshooting Checklist
When networking fails, check:
- Is the interface up?
- Does the host have an IP address?
- Is the destination in the same network?
- Is a route configured?
- Is the default gateway correct?
- Is IP forwarding enabled if the host is routing?
- Is the CNI plugin running correctly?
Quick Takeaways
ip link
ip addr
ip addr add 192.168.1.10/24 dev eth0
ip route
route
ip route add 192.168.2.0/24 via 192.168.1.1
cat /proc/sys/net/ipv4/ip_forward
Summary
Quote
- Switches connect hosts in the same network
- Routers connect different networks
- Gateways tell hosts where to send unknown traffic
- Linux routing is managed with
ip route - IP forwarding allows Linux hosts to route packets
- Kubernetes CNI builds on these Linux networking concepts