Introducing the Route TableIntroducing Route Table Entries Table 7-1 shows the route table fields and descriptions.. Table 7-1 Route Table Entries Destination The destination network or
Trang 1Introducing Routing Protocol TypesInterior Routing Protocols
IGP is a route table protocol within an autonomous system
IGPs are used within an organization or an organization’s site ExteriorGateway Protocols (EGPs, as shown in Figure 7-5) are used betweenorganizations or sites, for example, a large wide area network (WAN),such as the Internet or a large corporation’s intranet
Figure 7-5 shows the role of EGP in Internet routing
Figure 7-5 Role of EGP in Internet Routing
Many routing protocols pass route table information within an
autonomous system Two popular protocols are the RIP and the OpenShortest Path First (OSPF) Protocol
RIP is a distance-vector protocol that exchanges route information
between IP routers Distance-vector algorithms obtain their name from thefact that they compute the least-cost path by using information that isexchanged with other routers that describes reachable networks with theirdistances in the form of hop counts
EGP
EGP EGP
AS
AS
AS
Trang 2Introducing Routing Protocol Types
OSPF is a link-state protocol OSPF maintains a map of the networktopology instead of computing route paths that are based on distancevectors in the way that RIP computes the route paths
OSPF provides a global view of the network and provides the shortestpath choices on routes The map on each OSPF router is updatedregularly
Exterior Routing Protocols
An exterior routing protocol is a routing protocol that communicatesroutes between autonomous systems EGP and the Border GatewayProtocol (BGP) are the two principal protocols that exchange route tableinformation among autonomous systems
EGP was developed in the early 1980s The concept of an autonomoussystem developed out of the research and development of EGP
BGP was developed in the mid 1990s to replace EGP BGP replaces thedistance-vector algorithm of EGP with a path-vector algorithm The pathvector that is implemented by BGP causes the route table information toinclude a complete path (all autonomous system numbers) from thesource to the destination This eliminates the possibility of loopingproblems that might arise from complex network topologies, such as theInternet A loop is detected by BGP when the path it receives has anautonomous system listed twice If this occurs, BGP generates an errorcondition
Trang 3Introducing the Route TableIntroducing the Route Table
A system’s route table acts as a dynamic environment for storing routeentries for the system The route table is referenced when a path toanother computer is required The route table is often interrogated byutilities when you troubleshoot connectivity issues
Displaying the Route Table
To display the contents of a system’s route table without interpreting thenames of the systems, use thenetstatutility with the-rand -noptions.The-roption causes the route table to be displayed The-noption causesthe IP addresses to be displayed instead of resolving them to names
sys11# netstat -rn
Routing Table: IPv4
Destination Gateway Flags Ref Use Interface - - - - - -192.168.9.0 192.168.1.3 UG 1 0
Trang 4Introducing the Route Table
Introducing Route Table Entries
Table 7-1 shows the route table fields and descriptions
Table 7-1 Route Table Entries
Destination The destination network or host address
Gateway The system that delivers or forwards the datagram.Flags The status of this route This field uses the following
flags:
● U –The interface is up
● H –The destination is a system, not a network
● G –The delivery system is another system (anindirect path)
● D –The entry was added dynamically by anICMP redirect
Ref The current number of routes that share the same
network interface (Ethernet) address
Use The number of datagrams that are using this route For
thelocalhost entry, it is a snapshot of the number ofdatagrams that are received
Interface The local interface that reaches the destination
Trang 5Introducing the Route Table
Figure 7-6 shows the network used in this module
Figure 7-6 Classroom Network Diagram
le0
sys23 qfe0
.30 32
.1
192.168.2.0 192.168.30.0
.2
.3
sys11 qfe0
qfe0 sys12
sys13 qfe0
Trang 6Introducing the Route Table
Introducing Route Table Search Order
Thekernelrouting algorithm searches route table entries in the followingorder:
1 The kernelrouting algorithm checks the LAN for destination hosts.Thekernelextracts the destination IP address from the IP datagramand computes the destination network number The destinationnetwork number is then compared with the network numbers of all
of the local interfaces (interfaces that are physically attached to thesystem) for a match If the destination network number matches that
of a local interface network number, the kernelencapsulates the IPdatagram inside an Ethernet frame and sends it through the
matching local interface for delivery
2 The kernelrouting algorithm checks the route table for a matchinghost IP address
The kernelsearches the route table entries for a matching host IPaddress If an entry that matches the host IP address is found, thekernelencapsulates the IP datagram inside an Ethernet frame andsends the frame to the router that is associated with that destination
3 The kernelrouting algorithm checks the route table for a matchingnetwork number
The kernelsearches the route table entries for a matching networknumber If a matching number is found, the kernelsets the
destination Ethernet address to that of the corresponding router anddelivers the frame to that router The router that receives the framerepeats the execution of the route algorithm, but leaves the
destination IP address unchanged
4 Thekernelrouting algorithm checks for a default entry in the routetable
The kernelsearches the route table entries for a default entry If adefault entry is found, thekernelencapsulates the datagram, setsthe destination Ethernet address to that of the default router, leavesthe destination IP address unchanged, and delivers the datagramthrough the interface that is local to the default router
5 If there is no route to the destination, the kernelrouting algorithmcheck generates an ICMP error message
The cannot forward the datagram, and an error message
Trang 7Introducing the Route Table
Figure 7-7 shows the kernelrouting process
Figure 7-7 KernelRouting Algorithm
Extract the destination
IP address, and compute the
network number.
Encapsulate the datagram
by setting the destination Ethernet address to that
of the router associated with the host route table entry Deliver the frame through the interface connected to the router.
Encapsulate the datagram
by setting the destination Ethernet address to that
of the router associated with the route table entry Deliver the frame through the interface connected to the router.
Encapsulate the datagram
by setting the destination Ethernet address to that
of the default router found
in the route table.
Deliver the packet through the interface frame connected to the router.
Generate a routing error
message through ICMP
Is there
a default entry in
the route table?
Does the destination IP address
match a host-specific route
in the route table?
Does the network number match
one found in the
Trang 8Introducing the Route Table
Associating Network Name and Network Number
To associate a network name to a network number, edit the/etc/inet/networksfile
The fields in the networksfile are under the columns organized bynetwork name, network number, and nicknames
sys11# tail -2 /etc/inet/networks
sys11# route add net 192.168.3.0 192.168.30.31
add net 192.168.3.0: gateway 192.168.30.31
sys11# route add net two 192.168.30.31
add net two: gateway 192.168.30.31
sys11#
Trang 9Introducing the Route Table
To view how defined networks are displayed in the output from thenetstatutility, use thenetstatutility with the-roption:
sys11# netstat -r
Routing Table: IPv4
Destination Gateway Flags Ref Use Interface - - - - - -192.168.9.0 sys13 UG 1 0
one sys11-dat-qfe1 U 1 53 qfe1
one sys11 U 1 0 qfe0:1
one sys11 U 1 0 qfe1:1
Trang 10Configuring Static Routes
Configuring Static Routes
You can configure a route that does not change or time-out This type ofroute is called a static route
Configuring Static Direct Routes
You can use therouteutility to define a static direct route A static route
is a route that is not automatically removed by thein.routedprocess if amore efficient route is identified Theifconfigutility initially builds thedirect route entries when the network interface is configured duringsystem startup To view the results of the utility, perform the command:
sys11# netstat -r
Routing Table: IPv4
Destination Gateway Flags Ref Use Interface - - - - - -sys12 sys11 UH 1 0 qfe0
one sys11 U 1 75 qfe0
one sys11-dat-qfe1 U 1 75 qfe1
one sys11 U 1 0 qfe0:1
one sys11 U 1 0 qfe1:1
A default route is a route table entry that defines the default routers to use
if no other specific route is available Default route entries can be eitherstatic entries or dynamic entries The default routers must be reliable You
Trang 11Configuring Static Routes
You can define default routers by creating the /etc/defaultrouterfilethat contains host name entries or IP address entries that identify one ormore routers You must use host names that exist in the system’s
/etc/inet/hostsfile because no name-resolution services are available
at the time that this file is initially read at system boot time This fileprevents the startup of thein.routedand in.rdiscdynamic routerprocesses Thein.rdiscprocess adds default route table entriesdynamically
Some advantages of default routing are:
● The /etc/defaultrouterfile prevents unneeded routing processesfrom starting
● The default entries result in a smaller route table, which reduces theprocessing time spent on each IP datagram
● Multiple default routers can be identified, which eliminate singlepoints-of-failure within a network
● Systems that use default route entries do not depend on actualrouting protocols
Some disadvantages of default routing are:
● The default entries created by the /etc/defaultrouterfile or therouteutility are always present, even when the default router is notavailable The system does not learn about other possible routes
● All systems must have a local/etc/defaultrouterfile properlyconfigured because this file cannot be administered by a nameservice This can be an administrative problem on large, evolvingnetworks
The in.routedrouter process reads the optional/etc/gatewaysfile atinitialization to possibly add additional static routes This is another way
to add a static (passive) route The fields in the /etc/gatewaysfile are:net|host destination gateway gateway metric hops passive|active
For example:
sys11# cat /etc/gateways
net 192.168.4.0 gateway sys41ext metric 2 passive
sys11#
Trang 12Configuring Static Routes
Note – It is a better practice to use the IP address rather than the host
name, which might not be able to be resolved
Use directives in the gatewaysfile to prevent RIP (in.routedprocess)datagrams from either going in to or going out of the specified interface.Use thenoripindirective when you want your system to ignore routeinformation that can be received on a specific interface For example, toignore route information received on theqfe3interface, use the followingnoripindirective in thegatewaysfile:
noripin qfe3
Use thenoripoutdirective if you have a multihomed system (systemwith multiple physical interfaces) and do not want your system to act as arouter and advertise routes For example, to ensure that no route
information is sent out of theqfe3interface, use the followingnoripoutdirective in thegatewaysfile:
noripout qfe3
You can choose to use both the noripinand noripoutdirectives orreplace them with a single noripdirective For example, to ignore routeinformation and to not allow route information to be sent out of theqfe3interface, use the followingnoripdirective in thegatewaysfile:
norip qfe3
Refer to thein.routedman page for more information on thegatewaysfile
Configuring Manual Static Routes
Therouteutility enables manual manipulation of the route table Its basicformat is:
route add|delete destination gateway
To add a direct static route between the sys11andsys12systems,perform a command similar to the following:
sys11# route add sys12 sys11
Trang 13Configuring Static Routes
To delete the route between sys12and sys11, perform a commandsimilar to the following:
sys11# route delete sys12 sys11
delete host sys12: gateway sys11
sys11#
To define a default route using the instructorsystem, perform acommand similar to the following:
sys11# route add default instructor
add net default: gateway instructor
sys11#
To retrieve information about a specific route, use the routeutility Forexample, to retrieve information about the default route, perform acommand similar to the following:
sys11# route get default
route to: default
sys11# route change default sys41
change net default: gateway sys41
sys11#
To continuously report any changes to the route table, route lookupmisses, or suspected network partitionings, use the routeutility Forexample, when a route is deleted, to receive the following output, performthe route monitorcommand:
sys11# route monitor
got message of size 124
RTM_DELETE: Delete Route: len 124, pid: 633, seq 1, errno 0,
flags:<UP,GATEWAY,DONE,STATIC>
locks: inits:
sockaddrs: <DST,GATEWAY,NETMASK>
Trang 14Configuring Static Routes
To flush (remove) the route table of all gateway entries, use theflushoption with the routeutility For example, to flush the route table,perform theroute flushcommand:
sys11# route flush
192.168.9 sys13 done
two sys13 done
two sys11ext done
default 172.20.4.248 done
sys11#
To cause the route table to flush before the remaining options areevaluated, use theflushoption in combination with other options Forexample, to flush the route table of gateways and to add a route to the192.168.4.0network, perform a command similar to the following:
sys11# route -f add net 192.168.4.0 sys11ext
add net 192.168.4.0: gateway sys11ext
sys11#
To manually add a route to the multicast address range of 224 through
239, perform the command:
sys11# route add 224.0/4 ‘uname -n‘
Note – You can find the command syntax in the/etc/rc2.d/S72inetsvcstartup file
To define a route that uses a specific netmask to support a network, usethenetmaskoption with therouteutility For example, to add a route tothe192.168.3.0network that uses a netmask of255.255.255.224,perform the command:
sys11# route add net 192.168.3.0 sys31ext -netmask 255.255.255.224
add net 192.168.3.0: gateway sys31ext
sys11#
Trang 15Configuring Static Routes
To achieve the same results in a more concise way, specify the length ofthe subnet mask after the destination For example, enter:
192.168.3.0/27
The 255.255.255.224netmask for the 192.168.3.0network is11111111.11111111.11111111.11100000in binary format There aretwenty-seven 1s in the binary netmask, hence the /27after the networkaddress A command similar to the following is identical to the precedingcommand example:
sys11# route add net 192.168.3.0/27 sys31ext
add net 192.168.3.0/27: gateway sys31ext
sys11#
Note – The in.routedprocess does not detect any route table changesthat are performed by other programs on the machine, for example, routesthat are added, deleted, or flushed as a result of the routeutility
Therefore, do not perform these types of changes while the in.routedprocess is running Instead, shut down the in.routedprocess, make therequired changes, and then restart the in.routedprocess This ensuresthat thein.routedprocess learns of any changes
Using the RDISC Protocol
The RDISC Protocol sends and receives router advertisement messagespertaining to default routes RFC 1256 specifies the format of relatedICMP messages The in.rdiscprocess implements the RDISC Protocol
Routers that run thein.rdiscprocess with the-roption advertise theirpresence using the224.0.0.1multicast address every 600 seconds(10 minutes) Non-routers, running the in.rdiscprocess that is startedwith the -soption, listen to the 224.0.0.1multicast address for theserouter advertisement messages The in.rdiscprocess builds a defaultroute entry for each router from which an advertisement is received.Some advantages of the RDISC Protocol are that it:
● Is routing protocol independent
● Uses a multicast address
● Results in small route tables
● Provides redundancy through multiple default route entries
Trang 16Configuring Static Routes
Some disadvantages of the RDISC protocol are:
● An advertisement period of 10 minutes can result in a black hole Ablack hole is the time period in which a router path is present in thetable, but the router is not actually available The default lifetime for
a non-advertised route is 30 minutes (three times the advertisingtime interval)
● Routers must still run a routing protocol, such as RIP, to learn aboutother networks The RDISC (in.rdisc) Protocol provides a defaultroute from hosts to routers, not between routers
The basic syntax for thein.rdiscprocess is:
The in.rdiscprocess sends three solicitation messages when it starts toquickly discover available routers
To change the interval for router advertisements to 100 seconds from thedefault of 600 seconds, use the following command:
sys11# /usr/sbin/in.rdisc -r -T 100
Trang 17Configuring Dynamic RoutingConfiguring Dynamic Routing
RIP is a routing protocol that is commonly used on computer systems toprovide dynamic routing RIP version 1 is bundled with the Solaris OE.RIP is an Application layer protocol
as a hop The total number of hops is called the hop count The efficiency
of a route is determined by its distance from the source to the destination.RIP maintains only the best route to a destination When multiple paths to
a destination exist, only the first path with the lowest hop count ismaintained Figure 7-8 shows the least hop count between a source hostand a destination host
Figure 7-8 Least Hop Count
RIP specifies a number of features that make its operation more stable inthe face of rapid network topology changes These stability featuresinclude a hop-count limit, hold-down states, split horizons, triggeredupdates, and route poisoning
Trang 18Configuring Dynamic Routing
Hop-Count Limits
RIP permits a maximum hop count of 15 A destination greater than
15 hops away is tagged as unreachable The maximum hop count of RIPgreatly restricts its use in large networks but prevents a problem called
“count to infinity” from causing endless network routing loops
a network failure can send a regular update message (indicating that aroute that has just gone down is still available) to a device that has justbeen notified of the network failure In this case, the latter device nowcontains (and potentially advertises) incorrect route information
Hold-down states tell routers to hold down any changes that can affectrecently removed routes for a specified period of time The hold-downperiod is usually calculated to be just greater than the period of time that
is necessary to update the entire network with a route change
Split Horizons
Split horizons derive from the fact that it is never useful to sendinformation about a route back in the direction from which it came Thesplit-horizon rule prohibits this from happening This helps preventtwo-node routing loops
Triggered Updates
Triggered updates quickly propagate changing route informationthroughout the network As the router becomes aware that new routes areavailable or that existing routes are not available, it immediately
advertises this information rather than waiting until the next 30-second(default) advertisement interval occurs
Trang 19Configuring Dynamic Routing
Route Poisoning
When a router learns that a destination is no longer available, it issues atriggered update for that destination This update includes a hop-countadvertisement of 16 All other hosts and routers consider the destination
as unreachable, and the hosts and routers remove the route entry This is
to ensure that other systems do not attempt to use the “bad” route
The RIP daemon is implemented by the /usr/sbin/in.routedprocess.The /usr/sbin/in.routedprocess causes a system to broadcast its ownroute information if more than one external interface exists A routerbroadcasts to the networks to which it is directly connected every
30 seconds You cannot change this time interval All hosts receive thebroadcast, but only those hosts that run thein.routedprocess access theinformation Routers run thein.routedprocess with the-soption, whilenon-routers run thein.routedprocess with the-qoption
The in.routed Options
The basic syntax for starting the in.routedprocess includes:
Trang 20Configuring Dynamic Routing
The /var/adm/routelogfile is not created or cleared out automatically
To log the actions of thein.routedprocess to the standard output, usethe-toption in combination with either the-sor the -qoptions:
# /usr/sbin/in.routed -s -t
ICMP (Routing) Redirect
ICMP provides control and error messages ICMP on a router or gatewayattempts to send reports of problems to the original source ICMP
datagrams are always encapsulated in IP
ICMP redirects occur when a system uses more than one default route Ifthe router determines a more efficient route, or if there is only one way toforward the datagram, it redirects the datagram using the better or onlyroute and reports that route to the sender Figure 7-9 on page 7-27 shows
an ICMP redirect process where the sys21system needs to communicatewith theserver1system and has a default route ofsys11 The
information does reach theserver1system and thesys11system sends
an ICMP redirect to the sys21system, telling it that the best route to theserver1system is through theinstructorsystem
The sending system’s route table is updated with the new information.The drawback to this method of routing is that for every ICMP redirect,there is a separate entry in the sending system’s route table This actioncan lead to a large route table However, this method of routing alsoensures that the datagrams that are going to all reachable hosts are takingthe shortest route
Caution – An attacker might forge redirect errors to install false routes,
which might initiate a denial of service attack if the newly specified router
is not a router at all There are rules governing valid redirect errors, all ofwhich can be spoofed easily Use thisnddcommand to ignore IPv4 ICMPredirect errors:ndd -set /dev/ip ip_ignore_redirect 1
Refer to the Sun BluePrints™ document Solaris Operating Environment
Network Settings for Security, available at:
http://www.sun.com/solutions/blueprints/1200/
network-updt1.pdf
Trang 21Configuring Dynamic Routing
Figure 7-9 ICMP Redirect
Trang 22Introducing CIDR
Introducing CIDR
The rapid growth of the Internet in the early 1990s created concerns aboutthe ability to scale and support future growth The most severe problemsare:
● Impending depletion of Class B networks
● Increasing the size of route tables
Depletion of Class B networks creates a problem for large organizationsbecause Class C addresses with 254 as their maximum number of hostaddresses are not large enough Assigning multiple Class C networks tocompanies will, over time, dramatically increase the number of routes inthe route table Large route tables cause poor router performance becausethe router spends excessive time performing address lookups
Purpose of CIDR
A task force was created by the Internet Engineering Task Force (IETF) todevelop a solution to these problems That solution became known asCIDR, or supernetting, and is a way to more efficiently use the IP addressspace CIDR is documented in RFC 1517, RFC 1518, RFC 1519, and
RFC 1520 Three important features of CIDR that address scalability andgrowth issues for the Internet are:
● Elimination of network classes (Class A, Class B, and Class C)
● Block address allocation
● Hierarchical routing
Operation of CIDR
CIDR uses classless addresses in that it uses netmasks that are referred to
as network prefixes to create varying network sizes The network prefix isexpressed in the following notation: X.X.X.X/18, which is equivalent tothe netmask of255.255.192.0 The first 18 bits identify the network, andthe remaining 14 bits identify the host
Trang 23Introducing CIDR
Figure 7-10 shows an example of a CIDR prefix
Figure 7-10 CIDR Prefix
This use of netmasks means addresses can be supernetted as well assubnetted Supernetting is the combining of two or more contiguousnetwork addresses CIDR and VLSM are similar because they both allow aportion of the IP address space to be recursively divided into successivelysmaller pieces With VLSM, the recursion occurs on an address space that
is assigned to an organization and is invisible to the Internet CIDR occurs
at the Internet service provider (ISP) level and applies VLSM concepts tothe Internet With CIDR, the largest ISPs are allocated blocks of addressspace, which they then assign in subset address blocks to smaller ISPs.These smaller ISPs can then supply a even smaller subset of addresses to
a customer or private organization
The route table entry for each ISP or organization reflects the first address
in the block assigned to it, for example, 204.106.8.0/22, even thoughthere can be additional network addresses that are associated with theblock A range of CIDR addresses is known as a CIDR block This support
of network addresses eliminates the number of entries required in thebackbone route tables
Classful Routing Protocols
Evolution of Routing Protocols
Classless Routing Protocols
Network Route
Subnet Route
Host Route
Prefix Length Prefix Route
10nnnnnn.nnnnnnnn.00000000.00000000 10nnnnnn.nnnnnnnn.ssssssss.ss0000000 10nnnnnn.nnnnnnnn.ssssssss.sshhhhhhh
pppppppp.pppppppp.pp000000.00000000
n = Network
s = Subnet
h = Host
Trang 24Introducing CIDR
Consider an ISP that requires IP addresses for 1000 clients Based on
254 clients per Class C network, the ISP requires four Class C networks.You can supernet the four Class C networks as:
Figure 7-11 shows an example of supernetting
Figure 7-11 Supernetting Example
Internet
Internet Service Provider 204.106.0.0/16 (65,536 Host Addresses)
204.106.0.0/20 (4096 Host Addresses)
204.106.0.0/21 (2048 Host Addresses) Address Range 204.106.0.0204.106.7.0
204.106.8.0/22 (1024 Host Addresses) Address Range 204.106.8.0204.106.11.0
Trang 25Introducing CIDR
Figure 7-12 shows the network addresses that result from applying
different network prefixes
Figure 7-12 CIDR Network Addresses
Trang 26Configuring Routing at Boot Time
Configuring Routing at Boot Time
You should understand why certain processes are started with certainoptions when you troubleshoot routing issues
Initializing the Router
When a system boots, the /etc/rc2.d/S69inetstartup script looks forthe/etc/defaultrouterfile If the file exists:
● IP forwarding is not enabled No IP datagrams are forwardedthrough the systems’ interfaces
● The in.routedprocess is not started
● The in.rdiscprocess is not startedThis process happens even if the/etc/gatewaysfile exists
Trang 27Configuring Routing at Boot Time
Figure 7-13 shows how the /etc/rc2.d/S69inetinitialization scriptconfigures a system as a router
Figure 7-13 Router Initialization
Create static default router entries No routing processes are started (in.rdisc or in.routed).
Start /usr/sbin/in.routed -s (RIP).
Start /usr/sbin/in.rdisc -r (RDISC).
Turn on ip_forwarding in device /dev/ip.
Turn off ip_forwarding in device /dev/ip.
Are there more
than two inet entries,
point-to-point, or
/etc/gateways?
Yes
Yes Yes
/usr/sbin/in.rdisc -s continues running.
Trang 28Configuring Routing at Boot Time
Configuring the Router Without Rebooting
To configure a Solaris OE system as a router without rebooting, completethe following steps:
1 Verify that the/etc/hostname.interfaceand the/etc/inet/hostsfiles are properly configured
2 Do one of the following:
● Turn on IP forwarding on all of the interfaces:
sys11# ndd -set /dev/ip ip_forwarding 1
● Turn on IP forwarding for specific interfaces:
sys11# ndd -set /dev/ip specific_interface:ip_forwarding 1
3 Stop and restart the in.routedprocess with the-soption:
sys11# pkill in.routed
sys11#
sys11# /usr/sbin/in.routed -s
sys11#
4 Stop and restart the in.rdiscprocess with the -roption:
sys11# pkill in.rdisc
sys11#
sys11# /usr/sbin/in.rdisc -r
sys11#
The system is now functioning as a router
Initializing a Multihomed Host
By default, the Solaris OE considers any system with multiple networkinterfaces to be a router However, you can change a router into amultihomed host, which is a system with two or more physical networkinterfaces that do not forward IP datagrams When the system boots, the/etc/rc2.d/S69inetstartup script looks for the presence of the
/etc/notrouterfile If the file exists, the startup script does not run thein.routed -sorin.rdisc -rprocess and does not turn on IP
forwarding, even if the /etc/gatewaysfile exists
Trang 29Configuring Routing at Boot Time
To create a multihomed host, complete the following steps:
1 Become a superuser on the prospective multihomed system
2 Create an/etc/hostname.interfacefile for each additionalnetwork interface that is installed in the system For example, if theqfe2interface is to be enabled and known on the network, youcreate the/etc/hostname.qfe2file, containing contents similar tothe following:
sys11# cat /etc/hostname.qfe2
sample-hostname-for-qfe2
sys11#
This causes the interfaces to be configured by the start scripts at boottime
3 Add an entry to the /etc/inet/hostsfile so that the interface can
be assigned an IP address at boot time The entry looks similar to thefollowing:
sys11# grep sample /etc/inet/hosts
192.168.19.1 sample-hostname-for-qfe2
sys11#
4 Create the /etc/notrouterfile:
sys11# touch /etc/notrouter
This file is read at boot time, so that the system does not start IPforwarding
5 Do either of the two following procedures:
● Reboot the system with theinit 6command
● Complete the following steps to enable the configurationwithout rebooting:
1 Use theifconfigutility to configure the new interface asappropriate, but do not enable the interface at this stage
sys11# ifconfig qfe2 plumb 192.168.19.1 netmask + broadcast + up
Trang 30Configuring Routing at Boot Time
3 Use thenddutility to turn off IP forwarding on any otherinterfaces as required:
sys11# ndd -set /dev/ip qfe2:ip_forwarding 0
sys11#
4 Use theifconfigutility to enable the interface:
sys11# ifconfig qfe2 up
sys11#
The system is now a multihomed host that has connectivity to more thanone network and can be used without concern of advertising routes andpotentially causing routing issues on any of the networks to which itbelongs
Initializing a Non-Router
Disabling IP forwarding effectively stops a router from routing Completeone of the following tasks:
● Use thenddutility to disable IP forwarding on any relevant interface
sys11# ndd -set /dev/ip specific_interface:ip_forwarding 0
● Create an/etc/notrouterfile, and reboot the system
sys11# touch /etc/notrouter
When the system boots, it initializes itself as a non-router