aboutsummaryrefslogtreecommitdiff
path: root/handbook/routing.sgml
blob: 19f6643c2ee14ef0db484271553b192a88077efe (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
<!-- $Id: routing.sgml,v 1.1 1995-10-07 04:31:41 jfieber Exp $ -->
<!-- The FreeBSD Documentation Project -->
<!-- <!DOCTYPE linuxdoc PUBLIC '-//FreeBSD//DTD linuxdoc//EN'> -->

  <sect><heading>Gateways and routes<label id="routing"></heading>

    <p><em>Contributed by &a.gryphon;.<newline>6 October 1995.</em>

      For one machine to be able to find another, there must be a
      mechanism in place to describe how to get from one to the
      other. This is called Routing.  A ``route'' is a defined
      pair of addresses: a <bf>destination</bf> and a
      <bf>gateway</bf>.  The pair indicates that if you are
      trying to get to this <em>destination</em>, send along
      through this <em>gateway</em>. There are three types of
      destinations: individual hosts, subnets, and ``default''. The
      ``default route'' is used if none of the other routes
      apply. We will talk a little bit more about default routes
      later on.  There are also three types of gateways:
      individual hosts, interfaces (also called ``links''), and
      ethernet hardware addresses.

    <sect1><heading>An example</heading>

      <p>To illustrate different aspects of routing, we will use
	the following example which is the output of the command
	<tt>netstat -r</tt>:

<tscreen><verb>
Destination      Gateway            Flags     Refs     Use     Netif Expire

default          outside-gw         UGSc       37      418      ppp0
localhost        localhost          UH          0      181       lo0
test0            0:e0:b5:36:cf:4f   UHLW        5    63288       ed0     77
10.20.30.255     link#1             UHLW        1     2421 
foobar.com       link#1             UC          0        0 
host1            0:e0:a8:37:8:1e    UHLW        3     4601       lo0
host2            0:e0:a8:37:8:1e    UHLW        0        5       lo0 =>
host2.foobar.com link#1             UC          0        0
224              link#1	            UC          0        0
</verb></tscreen>

      The first two lines specify the default route (which we
      will cover in the next section) and the <tt>localhost</tt> route.

      The interface (<tt>Netif</tt> column) that it specifies to use
      for <tt>localhost</tt> is <tt>lo0</tt>, also known as the
      loopback device. This says to keep all traffic for this
      destination internal, rather than sending it out over the
      LAN, since it will only end up back where it started
      anyway.

      The next thing that stands out are the
      ``<tt>0:e0:...</tt>'' addresses. These are ethernet
      hardware addresses. FreeBSD will automatically identify any
      hosts (<tt>test0</tt> in the example) on the local ethernet and
      add a route for that host, directly to it over the ethernet
      interface, <tt>ed0</tt>. There is also a timeout
      (<tt>Expire</tt> column) associated with this type of route,
      which is used if we fail to hear from the host in a
      specific amount of time. In this case the route will be
      automatically deleted. These hosts are identified using a
      mechanism known as RIP (Routing Information Protocol),
      which figures out routes to local hosts based upon a
      shortest path determination.

      FreeBSD will also add subnet routes for the local subnet
      (<tt>10.20.30.255</tt> is the broadcast address for the subnet
      <tt>10.20.30</tt>, and <tt>foobar.com</tt> is the domain name
      associated with that subnet). The designation <tt>link&num;1</tt>
      refers to the first ethernet card in the machine. You'll
      notice no additional interface is specified for those.

      Both of these groups (local network hosts and local
      subnets) have their routes automatically configured by a
      daemon called <tt>routed</tt>. If this is not run, then only
      routes which are statically defined (ie. entered
      explicitly) will exist.

      The <tt>host1</tt> line refers to our host, which it knows by
      ethernet address.  Since we are the sending host, FreeBSD
      knows to use the loopback interface (<tt>lo0</tt>) rather than
      sending it out over the ethernet interface.

      The two <tt>host2</tt> lines are an example of what happens
      when we use an ifconfig alias (see the section of ethernet
      for reasons why we would do this).  The <tt>=&gt</tt>
      symbol after the <tt>lo0</tt> interface says that not only are
      we using the loopback (since this is address also refers to
      the local host), but specifically it is an alias. Such
      routes only show up on the host that supports the alias;
      all other hosts on the local network will simply have a
      <tt>link&num;1</tt> line for such.

      The final line (destination subnet <tt>224</tt>) deals with
      MultiCasting, which will be covered in a another section.

      The other column that we should talk about are the
      <tt>Flags</tt>.  Each route has different attributes that are
      described in the column.  Below is a short table of some of
      these flags and their meanings:

      <descrip>

	<tag/U/ <bf/Up:/ The route is active.

	<tag/H/ <bf/Host:/ The route destination is a single host.

	<tag/G/ <bf/Gateway:/ Send anything for this destination
	  on to this remote system, which will figure out from
	  there where to send it.

	<tag/S/ <bf/Static:/ This route was configured manually,
	  not automatically generated by the system.

	<tag/C/ <bf/Clone:/ Generates a new route based upon this
	  route for machines we connect to. This type of route is
	  normally used for local networks.

	<tag/W/ <bf/WasCloned/ Indicated a route that was
	  auto-configured based upon a local area network (Clone)
	  route.

	<tag/L/ <bf/Link:/ Route involves references to ethernet
	  hardware.

      </descrip>


    <sect1><heading>Default routes</heading>

      <p>When the local system needs to make a connection to
	remote host, it checks the routing table to determine if
	a known path exists. If the remote host falls into a
	subnet that we know how to reach (Cloned routes), then
	the system checks to see if it can connect along that
	interface.

	If all known paths fail, the system has one last option:
	the <bf>default</bf> route.  This route is a special type
	of gateway route (usually the only one present in the
	system), and is always marked with a ``<tt>c</tt>'' in
	the flags field.  For hosts on a local area network, this
	gateway is set to whatever machine has a direct
	connection to the outside world (whether via PPP link, or
	your hardware device attached to a dedicated data line).

	If you are configuring the default route for a machine
	which itself is functioning as the gateway to the outside
	world, then the default route will be the gateway machine
	at your Internet Service Provider's (ISP) site.

	Let's look at an example of default routes. This is a
	common configuration:
<tscreen><verb>
[Local2]  <--ether-->  [Local1]  <--PPP-->  [ISP-Serv]  <--ether-->  [T1-GW]
</verb></tscreen>

	The hosts <tt>Local1</tt> and <tt>Local2</tt> are at your
	site, with the formed being your PPP connection to your
	ISP's Terminal Server. Your ISP has a local network at
	their site, which has, among other things, the server
	where you connect and a hardware device (T1-GW) attached
	to the ISP's internet feed.

	The default routes for each of your machines will be:

<tscreen><verb>
host            default gateway        interface
----            ---------------        ---------
Local2          Local1                 ethernet
Local1          T1-GW                  PPP
</verb></tscreen>

	A common question is ``Why (or how) would we set the
	T1-GW to be the default gateway for Local1, rather than
	the ISP server it is connected to?''.

	Remember, since the PPP interface is using an address on
	the ISP's local network for your side of the connection,
	routes for any other machines on the ISP's local network
	will be automatically generated. Hence, you will already
	know how to reach the T1-GW machine, so there is no need
	for the intermediate step of sending traffic to the ISP
	server.

	As a final note, it is common to use the address ``<tt>...1</tt>''
	as the gateway address for your local network. So (using
	the same example), if your local class-C address space
	was <tt>10.20.30</tt> and your ISP was using <tt>10.9.9</tt> then the
	default routes would be:

<tscreen><verb>
Local2 (10.20.30.2)             -->  Local1 (10.20.30.1)
Local1 (10.20.30.1, 10.9.9.30)  -->  T1-GW (10.9.9.1)
</verb></tscreen>

    <sect1><heading>Dual homed hosts</heading>

      <p>There is one other type of configuration that we should
	cover, and that is a host that sits on two different
	networks. Technically, any machine functioning as a
	gateway (in the example above, using a PPP connection)
	counts as a dual-homed host. But the term is really only
	used to refer to a machine that sits on two local-area
	networks.

	In one case, the machine as two ethernet cards, each
	having an address on the seperate subnets. Alternately,
	the machine may only have one ethernet card, and be using
	ifconfig aliasing. The former is used if two physically
	separate ethernet networks are in use, the latter if
	there is one physical network segment, but two logically
	seperate subnets.

	Either way, routing tables are set up so that each subnet
	knows that this machine is the defined gateway (inbound
	route) to the other subnet.  This configuration, with the
	machine acting as a Bridge between the two subnets, is
	often used when we need to implement packet filtering or
	firewall security in either or both directions.

    <sect1><heading>Routing propogation</heading>

      <p>We have already talked about how we define our routes to
	the outside world, but not about how the outside world
	finds us.

	We already know that routing tables can be set up so that
	all traffic for a particular address space (in our
	examples, a class-C subnet) can be sent to a particular
	host on that network, which will forward the packets
	inbound.

	When you get an address space assigned to your site, your
	service provider will set up their routing tables so that
	all traffic for your subnet will be sent down your PPP
	link to your site. But how do sites across the country
	know to send to your ISP?

	There is a system (much like the distributed DNS
	information) that keeps track of all assigned
	address-spaces, and defines their point of connection to
	the Internet Backbone. The ``Backbone'' are the main
	trunk lines that carry internet traffic across the
	country, and around the world. Each backbone machine has
	a copy of a master set of tables, which direct traffic
	for a particular network to a specific backbone carrier,
	and from there down the chain of service providers until
	it reaches your network.

	It is the task of your service provider to advertise to
	the backbone sites that they are the point of connection
	(and thus the path inward) for your site.  This is known
	as route propogation.

<!--
    <sect1><heading>Multicast Routing</heading>
-->

    <sect1><heading>Troubleshooting</heading>

      <p>Sometimes, there is a problem with routing propogation,
	and some sites are unable to connect to you. Perhaps the
	most useful command for trying to figure out where a
	routing is breaking down is the <tt>traceroute(8)</tt>
	command.  It is equally useful if you cannot seem to make
	a connection to a remote machine (ie. <tt>ping(8)</tt>
	fails).

	The <tt>traceroute(8)</tt> command is run with the name
	of the remote host you are trying to connect to. It will
	show the gateway hosts along the path of the attempt,
	eventually either reaching the target host, or
	terminating because of a lack of connection.

	For more information, see the manual page for
	<tt>traceroute(8)</tt>.