UNIX System Administration Handbook - Evi Nemeth [172]
In this section we examine the forwarding function and look at how routes can be manually added to or deleted from the routing table. We defer the more complicated topic of routing protocols that build and maintain the routing table until Chapter 14.
Routing tables
You can examine a machine’s routing table with netstat -r on all systems and also with the route get command on BSD-based systems. We discuss netstat in more detail starting on page 631, but here is a short example to give you a better idea of what routes look like. This host has two network interfaces: 132.236.227.93 (eth0) on the 132.236.227.0/24 net and 132.236.212.1 (eth1) on the 132.236.212.0/26 net.
% netstat -r -n
Kernel IP routing table
Destination Mask Gateway Fl MSS If
132.236.227.0 255.255.255.0 132.236.227.93 U 1500 eth0
default 0.0.0.0 132.236.227.1 UG 1500 eth0
132.236.212.0 255.255.255.192 132.236.212.1 U 1500 eth1
132.236.220.64 255.255.255.192 132.236.212.6 UG 1500 eth1
127.0.0.1 255.255.255.255 127.0.0.1 U 3584 lo0
The destination field is usually a network address; the gateway must be a host address. For example, the fourth route says that to reach the network 132.236.220.64/26, packets must be sent to the gateway 132.236.212.6 via interface eth1. The second entry is a default route; packets not explicitly addressed to any of the three networks listed (or to the machine itself) will be sent to the default gateway host, 132.236.227.1. Hosts can route packets only to gateway machines that are directly attached to their same network.
Routing tables can be configured statically, dynamically, or with a combination of the two approaches. A static route is one that you enter explicitly with the route command. Static routes should stay in the routing table as long as the system is up; they are often set up at boot time from one of the system startup scripts. For example, the Red Hat commands
# route add -net 132.236.220.64 netmask 255.255.255.192 132.236.212.6
# route add default 132.236.227.1
would add the fourth and second routes displayed by netstat -r -n above. (The first and third routes in that display were added by ifconfig when the eth0 and eth1 interfaces were configured.)
See page 302 for more information about the route command.
The final route is also added at boot time. It configures a pseudo-device called the loopback interface. The loopback prevents packets sent from the host to itself from going out on the network; instead, they are transferred directly from the network output queue to the network input queue inside the kernel.
In a stable local network, static routing is an efficient solution. It is easy to manage and reliable. However, it requires that the system administrator know the topology of the network accurately at boot time and that the topology not change often.
Most machines on a local area network have only one way to get out to the rest of the network, and so the routing problem is easy. A default route added at boot time suffices to point toward the way out.
For more complicated network topologies, dynamic routing is required. Dynamic routing is typically performed by a daemon process that maintains and modifies the routing table. Routing daemons on different hosts communicate to discover the topology of the network and to figure out how to reach distant destinations. Several routing daemons are available. In Chapter 14, we describe the standard UNIX daemon, routed (“route dee”), and a more full featured daemon called gated (“gate dee”) as well as the routing protocols they speak.
ICMP redirects
Although IP generally does not concern itself with the management of routing information, it does define a small damage control feature called an ICMP redirect. When a router forwards a packet to a machine on the same network from which the packet was originally received, something is clearly wrong. Since the sender, the router, and the next-hop router are all on the same network, the packet could have been forwarded in one hop rather than