After you have configured all of your network devices you need to think about how your machine is going to route IP datagrams. If you have only one network device configured then your choice is easy, as all datagrams for any machine other than yours must go via that interface. If you have more than one network interface then your choice is a little more complicated. You might have both an ethernet device and SLIP connection to your machine at home. In this situation you must direct all datagrams for your machine at home via your SLIP interface and all else via the ethernet device. Routing is actually a very simple mechanism, but don't worry if you find it slightly difficult to understand at first; everybody does.
You can display the contents of your routing table by using the route command without any options.
There are four commonly used routing mechanisms for unix network configurations. I'll briefly discuss each in turn.
Static routing, as its name implies, is `hard coded' routing, that is, it will not change if your network suffers some failure, or if an alternate route becomes available. Static routes are often used in cases where you have a very simple network with no alternate routes available to a destination host, that is, there is only one possible network path to a destination host, or where you want to route a particular way to a host regardless of network changes.
In Linux there is a special use for manual routes and that is for adding a route to a SLIP or plip host where you have used the ifconfig pointopoint parameter. If you have a SLIP/plip link and have the pointopoint parameter specifying the address of the remote host, then you should add a static route to that address so that the ip routing software knows how to route datagrams to that address. The route command you would use for the SLIP/plip link via leased line example presented earlier would be:
#/sbin/route add IPR.IPR.IPR.IPR
Where:
represents the IP address of the remote end.
The default route mechanism is probably the most common and most useful to most end-user workstations and hosts on most networks. The default route is a special static route that matches every destination address, so that if there is no more specific route for a datagram to be sent to, then the default route will be used.
If you have a configuration where you have only a single ethernet interface, or a single SLIP interface device defined then you should point your default route via it. In the case of an ethernet interface, the Linux kernel knows where to send datagrams for any host on your network. It works this out using the network address and the network mask as discussed earlier. This means that the only datagrams the kernel won't know how to properly route will be those for people not on your network. To make this work you would normally have your default route point to your router address, as it is your means of getting outside of your local network. If you are using a SLIP connection, then your SLIP server will be acting as your router, so your default route will be via your SLIP server.
To configure your default route, add the following to your
rc.inet1
after all of your network device configurations:
#
# Add a default route.
#
/sbin/route add default gw RGA.RGA.RGA.RGA
#
Where:
represents your Router/Gateway Address.
This method is ugly, hazard prone and should be used with extreme care, some of you will want to use it anyway.
Those with the greatest need for proxy arp will be those of you who are configuring your Linux machine as a SLIP dial-in server. For those of you who will be using PPP, the PPP daemon simplifies and automates this task, making it a lot safer to use.
Normally when a tcp/ip host on your ethernet network wants to talk to you, it knows your IP address, but doesn't know what hardware (ethernet) address to send datagrams to. The ARP mechanism is there specifically to provide that mapping function between network address and hardware address. The ethernet protocol provides a special address that is recognised by all ethernet cards, this is called the broadcast address. ARP works by sending a specially formatted datagram containing the IP address of the host it wishes to discover the hardware address of and transmits it to the ethernet broadcast address. Every host will receive this datagram and the host that is configured with the matching IP address will reply with its hardware address. The host that performed the arp will then know what hardware address to use for the desired IP address.
If you want to use your machine as a server for other machines, you must get
your machine to answer ARP requests for their IP addresses on their behalf, as
they will not be physically connected to the ethernet network. Lets say that
you have been assigned a number of IP addresses on your local network that you
will be offering to dial-in SLIP users. Lets say those addresses are:
128.253.154.120-124
and that you have an ethernet card with a
hardware address of 00:00:C0:AD:37:1C
. (You can find the
hardware address of your ethernet card by using the ifconfig
command with no options). To instruct your Linux server to answer arp requests
by proxy for these addresses you would need to add the following
commands to the end of your rc.inet1
file:
#
# Proxy ARP for those dialin users who will be using this
# machine as a server:
#
/sbin/arp -s 128.263.154.120 00:00:C0:AD:37:1C pub
/sbin/arp -s 128.263.154.121 00:00:C0:AD:37:1C pub
/sbin/arp -s 128.263.154.122 00:00:C0:AD:37:1C pub
/sbin/arp -s 128.263.154.123 00:00:C0:AD:37:1C pub
/sbin/arp -s 128.263.154.124 00:00:C0:AD:37:1C pub
#
# End proxy arps.
The pub
argument stands for `publish'. It is this argument
that instructs your machine to answer requests for these addresses, even though
they are not for your machine. When it answers it will supply the hardware
address specified, which is of course its own hardware address.
Naturally you will need to ensure that you have routes configured in your linux server that point these addresses to the SLIP device on which they will be connecting.
If you are using PPP, you don't need to worry about manually messing with the arp table, as the pppd will manage those entries for you if you use the proxyarp parameter and as long as the IP addresses of the remote machine and the server machine are in the same network. You will need to supply the netmask of the network on the server's pppd command line.
gated could be used in place of proxy arp in some cases and would certainly be much cleaner, but its primary use is if you want your linux machine to act as an intelligent ip router for your network. gated provides support for a number of routing protocols. Among these are RIP, BGP, EGP, HELLO and OSPF. The most commonly used in small networks being rip. rip stands for `Routing Information Protocol'. If you run gated, configured for rip, your linux machine will periodically broadcast a copy of its routing table to your network in a special format. In this way, all of the other machines on your network will know what addresses are accessible via your machine.
gated can be used to replace proxy arp when all hosts on
your network run either gated or routed. If you have a
network where you use a mixture of manual and dynamic routes, you should
mark any manual routes as passive
to ensure that they aren't destroyed
by gated because it hasn't received an update for them. The best way
to add static routes if you are using gated is to add a
static
stanza to your /etc/gated.conf
file. This is described
below.
gated would normally be started from your rc.inet2
which
is covered in the next section. You might already see a daemon called
routed running. gated is superior to routed in
that it is more flexible and more functional. So you should use gated
and not routed.
Gated is available from:
sunsite.unc.edu
/pub/Linux/system/Network/daemons/gated11_bin.tgz
The gated binary distribution comprises three programs and two sample configuration files.
The programs are:
the actual gated daemon.
the operational user interface for gated. gdc is for controlling the gated daemon, stopping and starting it, obtaining its status and the like.
a diagnostic tool to query the known routes of a gateway using either a `rip query' or a `rip poll'.
The configuration files are:
this is the actual configuration file for the gated daemon. It allows you to specify how gated will behave when it is running. You can enable and disable any of the routing protocols and control the behaviour of those routing protocols running.
a text file that describes the version number of the gated daemon
The gated binary distribution will not install the gated files in the correct place for you. Fortunately there aren't very many, so its fairly simple to do.
To install the binaries try the following:
# cd /tmp
# gzip -dc .../gated.linux.bin.tgz | tar xvf -
# install -m 500 bin/gated /usr/sbin
# install -m 444 bin/gated.conf bin/gated.version /etc
# install -m 555 bin/ripquery bin/gdc /sbin
# rm -rf /tmp/bin
I keep the networking daemons in /usr/sbin
, if yours are somewhere
else then naturally you'll have to change the target directory. The sample
gated configuration file included configures gated to
emulate the old routed daemon. It will probably work for you in
most circumstances and it looks like this:
#
# This configuration emulates routed. It runs RIP and only sends
# updates if there are more than one interfaces up and IP forwarding is
# enabled in the kernel.
#
# NOTE that RIP *will not* run if UDP checksums are disabled in
# the kernel.
#
rip yes ;
traceoptions all;
#
If you have any static routes you wish to add, you can add them in a
static
stanza appended to your /etc/gated.conf
as follows:
#
static {
37.0.0.0 mask 255.0.0.0 gateway 44.136.8.97 ;
host 44.136.8.100 gateway 44.136.8.97 ;
} ;
#
The above example would create a static route to the Class A network
37.0.0.0
via gateway 44.136.8.97
and a static route to a
host with address 44.136.8.100
via gateway 44.136.8.97
.
If you do this you do not need to add the routes using the route
command, gated will add and manage the routes for you.
To install the man files, try the following:
# cd /tmp
# gzip -dc .../gated.linux.man.tgz | tar xvf -
# install -m 444 man/*.8 /usr/man/man8
# install -m 444 man/*.5 /usr/man/man5
# rm -rf /tmp/man
The man files contain concise and detailed information on the
configuration and use of gated. For information on configuring
gated, refer to the gated-config
man page.