This article discusses the routing subsystem of IPV4. (The IPv6 is different from the routing process).
Basic concepts
The routing subsystem works on layer three, which is used to forward ingress traffic.
The routing subsystem mainly designs routers, routes, routing tables and other concepts.
Router: A device that is equipped with multiple network interface cards (NICs) and can use its own network information for ingress traffic forwarding.
Routing: Traffic Forwarding, the process of determining the destination
routing table: The forwarding information base, which stores whether routes need to be received locally or forwarded, and what information is required to forward traffic. (That is, the information base is used to determine whether to forward, if forwarding, where to forward).
We understand that routers have multiple network cards, but the devices of multiple NICs are not necessarily routers. In some special cases, a non-routed host may also be equipped with multiple network interface cards for special reasons. These reasons are mainly as follows:
High availability: In the case of a NIC failure, the host can continue to work with other NICs.
Stronger routing capability: different NICs connect to different LANs, but do not forward inter-LAN traffic.
Multi-Channel transmission: Multiple NICs are bundled to increase network load.
Non-routable addresses, private addresses, and local loopback addresses are not routable. When a host of a local area network (private address) wants to communicate with a host other than that LAN, a NAT is required to hide the non-routable subnet.
Directed broadcasts:
Subnet broadcast: A broadcast packet with the destination address of the local subnet.
Directed broadcast: The destination address is a broadcast packet with a remote terminal network.
Directed subnet broadcasts are specially handled for ICMP ECHO request to avoid malicious attacks.
Primary address, secondary address, device alias
The address belongs to the host, not the interface, and an interface can configure multiple aliases. (IP address Add).
One NIC can be configured with multiple address and secondary addresses, and a subnet mask can have only one specific primary address.
Scope
Both the route and the IP address can specify a scope to tell the kernel under what circumstances it is valid. The following is a common scope:
For address:
Host: The scope is the host when the address is used for native communication only. such as: 127.0.0.1
Link: Only on the LAN-young host, scope for the link.
Whole domain: An address that can be used anywhere else, with a scope of global scope.
For routing:
Host: When the destination address for the route is local, the scope is the host.
Link: scope is a link when the destination address for the route is a local network.
Global: When a route represents a destination address that exceeds the next hop, its scope is the global domain.
Use of scopeIP address scope and routing scope are widely used in the routing subsystem and other parts of the kernel.
routing table, route cache, routing Lookup routing tableThe routing table is a routing database.We know that after the 3 layer protocol receives traffic, there are two trends: pass to the upper layer protocol (such as TCP, UDP), or forward to another host.In general, the Linux default two routing tables hold two routing information. Routing tables for local addresses: routing tables that are closely related to the kernel for other addresses: User manual configuration, or routing protocol dynamic insertion.
Route main action: Black Hole: Drop packet Unreachable: Drop packet, generate ICMP host unreachable message Forbidden: Discard packet, generate ICMP filtered message discard: Used in conjunction with Policy Routing
Route cacheItems in the routing table can reach hundreds of thousands of, so a smaller route cache table is required.Linux divides the routing cache into two parts:1. Protocol-related caching-cache framework Section2. Protocol-Independent caching (DST)-nested in the first part
Recycling:Synchronous Recycling:Asynchronous Reclamation:
Find
maximum prefix matching:There may be multiple routes to a destination address, and greedy matching is required.
Deep understanding of Linux Network Technology Insider--The concept of routing subsystem and Advanced routing