UNIX System Administration Handbook - Evi Nemeth [216]
Several other global parameters can be set in the definitions section.
routerid host ;
The routerid statement sets the router identification number, which is used by the BGP and OSPF protocols. It should be listed in the form of an IP address, and it defaults to the address of the machine’s first physical interface. This value is important to the protocols that use it, and other routers may need to refer to it explicitly in their configuration files.
martians {
host host [allow] ;
network [allow] [exact | refines] ;
network mask mask [allow] [exact | refines] ;
network masklen number [allow] [exact | refines] ;
default [allow] ;
};
Martian routes are routes to destinations that you would prefer to ignore. There may be misconfigured routers on your network that are broadcasting routes to bogus destinations, or you may simply want to exclude certain destinations from the routing table. Any route to a destination listed in a martians statement is simply ignored by gated.
Each routing destination has an address and a mask associated with it. The various flavors of specification are all just different ways of providing an address/mask pair against which these can be matched.
A network number with a mask or masklen specifies the two values explicitly. If no mask is supplied, the mask implied by the address’s intrinsic class is used.
exact and refines request different flavors of address matching. Actually, there are three. With neither keyword, the mask of the destination is ignored. As long as the portion of the destination address covered by the rule’s mask matches the rule’s address, the destination is considered a martian.
If exact is specified, the destination’s address and mask must both match the rule’s values exactly in order for the destination to be martian. An exact match selects a network, but not its subnets or supernets.
If refines is specified, the destination’s mask must be longer than the rule’s. If it is longer, then the addresses are compared normally (using the rule’s mask only). This has the effect of selecting a network’s subnets without selecting the network itself.
The entries
host host ;
default ;
are equivalent to
host mask 255.255.255.255 exact ;
0.0.0.0 mask 0.0.0.0 exact ;
The allow keyword can be used to reenable certain addresses disabled by a previous, broader specification. For example:
martians {
128.138.0.0 mask 255.255.0.0 ;
128.138.145.0 mask 255.255.255.0 allow ;
};
This configuration rejects all information about the class B network 128.138. However, routes to the 128.138.145 subnet are accepted. The most specific rule always has precedence.
Protocol configuration for RIP
Both versions of the RIP protocol are configured with a rip statement.
rip yes | no | on | off [ {
broadcast ;
nobroadcast ;
preference pref ;
defaultmetric metric ;
interface interface_list
[noripin | ripin] [noripout | ripout]
[version 1]|[version 2 [multicast|broadcast]] ;
trustedgateways gateway_list ;
sourcegateways gateway_list ;
traceoptions [packets | request | response [detail]] ;
}] ;
yes and no are synonymous with on and off. RIP is enabled by default, so you must include the line
rip no ;
if you don’t want to run RIP at all. The broadcast and nobroadcast options are similar to the -s and -q flags of routed: broadcast forces RIP updates to be sent out even if the host does not appear to be on more than one network. nobroadcast prevents RIP from sending out any updates.
The defaultmetric clause assigns the cost metric to routes learned through other protocols when they are rebroadcast through RIP. This is a very crude form of translation, but there isn’t really an elegant solution. By default, this value is set at 16—unreachable—so that other protocol’s routes will never go out over RIP. If you want to redistribute these routes, a good value to use is 10.
Per-interface options are set with the same type of interface specification found in the interfaces statement earlier in the configuration file. ripin accepts RIP