FreeBSD Routing Detailed

Source: Internet
Author: User

Computers on the same LAN are directly connected, but computers on different networks are not directly connected and can only be connected through a special dedicated computer-router. Routers are connected to multiple network interfaces, each of which is connected to a corresponding network with an IP address on the network, so that the computers inside the network can communicate with each other on the router itself.

When the computer inside the network is going outward, the packet is actually given to the router, and the router forwards the packet from the network interface that connects to the external network, and the packet passes through such a forwarding process until it reaches the destination. For computers inside the network, it is not necessary to understand the entire forwarding path of the packet and the information of all the routers that pass through, just know which router the first step needs to give the packet to. Therefore, the computer must know the information about the router directly connected to it, which is the process of routing configuration.

There are two ways to configure routing, one is to set all routing information by an administrator, because the data is set manually, so it is called a static routing setting. The other is to start a process that supports the routing switch protocol, which automatically detects all routers on the network and their associated information, which is called dynamic routing settings.

In the case where the FreeBSD system does not have a dedicated router, the generally uses static routing settings sufficient to meet the needs of network communication.

1) Default gateway

In the simplest case, a network is outward connected through a router called the default gateway, which is responsible for almost all outward-connected tasks. Assuming the address of the default gateway is 192.168.1.254, the command to set the default gateway is:

# route Add default 192.168.1.254

Add Net Default:gateway 192.168.1.254

In the route directive, the default is used to represent the entire network, and the router to the entire network is the defaults gateway, and "0.0.0.0" and default have the same meaning.

If the system has already set the default gateway, then the system will report an error, if you want to change the default gateway settings, you need to first clear the original configuration data.

# route Add default 192.168.1.254

Rotue:writing to routing socket:file exists

Add net Default:gateway 192.168.1.254:file exists

# route Delete Default

Delete net Default

Obviously the meaning of the "delete" parameter is the opposite of the "add" parameter and is used to clear the routed data that has already been set. You can use flush to clear all settings in addition to deleting a route using "delete", if all static routing settings are no longer required.

# route Flush

Default 192.168.1.254 Done

The above command takes effect immediately after execution and, therefore, may affect an already established connection. In order to save the configuration of the default gateway, it is also necessary to write the configuration to the system configuration file rc.conf.

Defaultrouter= "192.168.1.254"

The majority of the only configuration of the default gateway is when the computer is at the edge of the entire internet, and only one router is required to access the Internet on the network.

2) Other static routing settings

In more complex cases, the computer's network is connected to multiple networks, there are multiple routers in the network, each router is responsible for forwarding tasks to some networks, and not responsible for forwarding tasks to all networks. In this case, if all the data is sent to a router, in principle it can only correctly forward the data that is responsible for its own network. In actual use, the router uses the ICMP protocol to report a routing error to the host sending the data.

Therefore, you should configure all routers on this network and the routing data for the corresponding networks that these routers are responsible for so that the computer chooses the correct router to forward the packets. Similarly, you must use the route command to increase the static routing data to each network. [Page]

# route Add 192.168.10.0/24 192.168.1.253

# route Add 192.168.20.0 192.168.1.253

# route Add 192.168.30.0/25 192.168.1.253

# route Add 192.168.30.128 192.168.1.253

# route add 192.168.40.0-netmask 255.255.255.0 192.168.1.253

The above instruction gives several different cases, the IP address after the '/24 ' indicates the length of the subnet mask is 24 bits, it represents the binary mode of the network mask is not 0-bit length, 24 non-0-bit mask equivalent to 255.255.255.0, can also ignore this part, the system uses the network address of the missing A save mask, such as 192.168.20.0, belongs to a class C address, so the netmask is 255.255.255.0. However, if you are not the standard A, B, and C addresses, but a partitioned subnet, you must indicate the subnet mask, such as 192.168.30.0/25, which must indicate that the mask length is 25 bits, otherwise the system uses the default mask. If you do not use the form of a mask length, you can specify the network mask in the form of the '-netmask ' parameter.

Even so, the instructions above are not without problems. For a standard network address, the route instruction can determine the network address and mask, but for an address like 192.168.30.128, which normally belongs to a normal IP address of a computer, the route directive can also set a route to a separate computer. So the above command will set a route to the 192.168.30.128 host. The system will return:

# route Add 192.168.30.128 192.168.1.253

Add Host 192.168.30.128:gateway 192.168.1.253

In other cases, the "add Net ..." is returned, indicating that the address represents a network instead of a separate computer. However, in many cases, this address is used as a network address, a network address representing the entire network from 192.168.30.128 to 192.168.30.255, with a mask of 25 bits long and 255.255.255.128.

Even in some extreme cases, address 192.168.10.0 can also be used to represent the IP address of a specific computer, rather than a network address.

In order to specify these non-standard cases, additional parameters must be used.

# route Add-net 192.168.10.0/24 192.168.1.253

# route Add-net 192.168.20.0 192.168.1.253

The-net parameter in the above directive is an optional parameter, which clearly indicates that this route is the route data to a network, otherwise [Page]route can only judge whether it is a network or a computer from the given IP address, it is possible to have settings that are not consistent with the administrator's idea. You can also specify the-host parameter to specify a route for a separate remote computer.

# route Add-host 192.168.20.0 192.168.1.253

Static routing settings for non-default gateways also need to be saved in rc.conf for automatic configuration at the next boot.

static_routes= "Static1 Static2"

route_static1= "-net 192.168.10.0/24 192.168.1.253"

Route_static2= "-net 192.168.20.0/24 192.168.1.253"

The method of saving static routes is slightly more complex, because the number of static routes is not deterministic, so first determine a name for the static route, such as Static1, STATIC2, etc., so that the static_routes variable contains these names, and then save the specific routing settings in the Route_ Static1, such as a variable that consists of static routing names.

It is important to note that some older FreeBSD systems use the name of the static route directly as the variable name, which is set as follows:

static_routes= "Static_route1 Static_route2"

static_route1= "-net 192.168.10.0/24 192.168.1.253"

Static_route2= "-net 192.168.20.0/24 192.168.1.253"

3) View routing information

After you have set up the routing table, you can use the Netstat-r command to view the contents of the current routing table.

# Netstat-r

Routing tables

Internet:

Destination Gateway flags Refs use Netif Expire

Default 192.168.1.254 UGSC 1 941 xl0

127.0.0.1 127.0.0.1 UH 1 644 lo0

192.168.1 link#1 UC 0 0 xl0

192.168.1.254 0:e0:1e:ce:85:a9 UHLW 2 0 xl0

192.168.1.64 0:90:27:4e:f6:67 UHLW 1 6 lo0

192.168.1.253 link#1 UHLW 2 0 xl0

192.168.10 192.168.1.253 UGSC 0 0 xl0

192.168.20 192.168.1.253 UGSC 0 0 xl0

The first column of the result of the command shows the purpose of the route, either a network address or a host address, while the second column shows that the gateway address should be used to reach the destination, there are three forms, for network addresses and host addresses that cannot be reached directly, usually using the IP address of the gateway, For the network directly connected to the computer, usually using the network interface to represent, such as ' link#1 ' represents the first network interface, and for the host address can be reached directly, then use the address of the MAC address to represent the gateway;

The third column is a number of flags for the route attribute, ' U ' indicates that the route is currently available, ' G ' means that the IP packet must be Chinese for the destination, ' S ' means that the static route is manually added, rather than automatically generated route data, ' C ' and ' C ' indicate that a new Routing, usually a route to the network with this flag, because once a specific connection is made, the routing data that arrives at the specific host is added, ' H ' represents the routing data for the isolated host address, ' L ' indicates that the data is sent using the MAC address in the gateway address, ' W ' indicates that the route is ' C ' or ' The C ' flag specifies the route that is generated.

Columns fourth and fifth represent some of the data that the route data is referenced or used in routing processing, and the sixth column identifies the network interface used by the route, and the seventh column identifies the valid time of the route data, which is automatically revoked when the routing data reaches a limited time.

From these results, the system automatically joins the network that can be directly reached into the routing table, that is, ifconfig to change the address while also changing the route, which explains the previous section of the use of the Ifconfig configuration with the network IP address the problem of execution error.

Similarly, directly connected hosts are automatically added to the routing table by the system, and routing information records detailed connections, including which network interface and the MAC address of the address are communicated to the address.

In fact, using the route directive can also be used to manually specify which network interface the address should use for communication, and what the MAC address of the target is.

# route Add-host 192.168.30.122-iface-link Xl0:0:12:3f:2:3:4

The above instruction will be set to 192.168.30.122 to the network interface via XL0, the destination MAC address is 0:12:3f:2:3:4. Obviously, this is not required under normal circumstances, except in some special cases, such as the ATM network interface used to set up the PVC and so on, this practice can also be used to support the so-called MAC address and IP address binding, however, because the MAC address of the computer can be arbitrarily changed, so this The idea of using bindings to increase network security is clearly not of much use.

4) Save Configuration

In order for the system to restart after the configuration is still valid, you must save the above configuration to the configuration file/etc/rc.conf, usually set up the network of this file should be similar to the following example:

Hostname= "wb.example.com.cn"

ifconfig_xl0= "inet 192.168.1.64 netmask 255.255.255.0"

ifconfig_lo0= "inet 127.0.0.1"

Defaultrouter= "192.168.1.1"

static_routes= "Static1 Static2"

route_static1= "-net 192.168.10.0/24 192.168.1.253"

Route_static2= "-net 192.168.20.0/24 192.168.1.253"

FreeBSD Routing Detailed

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.