network-routing.html

这是很好的学习嵌入式LINUX的文章

</pre>

<p>It is also possible to do it directly from the command line with the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=route&sektion=8"><span
class="CITEREFENTRY"><span class="REFENTRYTITLE">route</span>(8)</span></a> command:</p>

<pre class="SCREEN">
<samp class="PROMPT">#</samp> <kbd class="USERINPUT">route add default 10.20.30.1</kbd>
</pre>

<p>For more informations on manual manipulation of network routing tables, consult <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=route&sektion=8"><span
class="CITEREFENTRY"><span class="REFENTRYTITLE">route</span>(8)</span></a> manual
page.</p>
</div>

<div class="SECT2">
<h2 class="SECT2"><a id="AEN36181" name="AEN36181">24.2.3 Dual Homed Hosts</a></h2>

<p>There is one other type of configuration that we should cover, and that is a host that
sits on two different networks. Technically, any machine functioning as a gateway (in the
example above, using a PPP connection) counts as a dual-homed host. But the term is
really only used to refer to a machine that sits on two local-area networks.</p>

<p>In one case, the machine has two Ethernet cards, each having an address on the
separate subnets. Alternately, the machine may only have one Ethernet card, and be using
<a href="http://www.FreeBSD.org/cgi/man.cgi?query=ifconfig&sektion=8"><span
class="CITEREFENTRY"><span class="REFENTRYTITLE">ifconfig</span>(8)</span></a> aliasing.
The former is used if two physically separate Ethernet networks are in use, the latter if
there is one physical network segment, but two logically separate subnets.</p>

<p>Either way, routing tables are set up so that each subnet knows that this machine is
the defined gateway (inbound route) to the other subnet. This configuration, with the
machine acting as a router between the two subnets, is often used when we need to
implement packet filtering or firewall security in either or both directions.</p>

<p>If you want this machine to actually forward packets between the two interfaces, you
need to tell FreeBSD to enable this ability. See the next section for more details on how
to do this.</p>
</div>

<div class="SECT2">
<h2 class="SECT2"><a id="NETWORK-DEDICATED-ROUTER" name="NETWORK-DEDICATED-ROUTER">24.2.4
Building a Router</a></h2>

<p>A network router is simply a system that forwards packets from one interface to
another. Internet standards and good engineering practice prevent the FreeBSD Project
from enabling this by default in FreeBSD. You can enable this feature by changing the
following variable to <var class="LITERAL">YES</var> in <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=rc.conf&sektion=5"><span
class="CITEREFENTRY"><span class="REFENTRYTITLE">rc.conf</span>(5)</span></a>:</p>

<pre class="PROGRAMLISTING">
gateway_enable=YES          # Set to YES if this host will be a gateway
</pre>

<p>This option will set the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=sysctl&sektion=8"><span
class="CITEREFENTRY"><span class="REFENTRYTITLE">sysctl</span>(8)</span></a> variable
<var class="VARNAME">net.inet.ip.forwarding</var> to <var class="LITERAL">1</var>. If you
should need to stop routing temporarily, you can reset this to <var
class="LITERAL">0</var> temporarily.</p>

<p>Your new router will need routes to know where to send the traffic. If your network is
simple enough you can use static routes. FreeBSD also comes with the standard BSD routing
daemon <a href="http://www.FreeBSD.org/cgi/man.cgi?query=routed&sektion=8"><span
class="CITEREFENTRY"><span class="REFENTRYTITLE">routed</span>(8)</span></a>, which
speaks RIP (both version 1 and version 2) and IRDP. Support for BGP v4, OSPF v2, and
other sophisticated routing protocols is available with the <a
href="http://www.FreeBSD.org/cgi/url.cgi?ports/net/zebra/pkg-descr"><tt
class="FILENAME">net/zebra</tt></a> package. Commercial products such as <b
class="APPLICATION"><span class="TRADEMARK">GateD</span>&reg;</b> are also available for
more complex network routing solutions.</p>

<p>Even when FreeBSD is configured in this way, it does not completely comply with the
Internet standard requirements for routers. It comes close enough for ordinary use,
however.</p>
</div>

<div class="SECT2">
<h2 class="SECT2"><a id="AEN36223" name="AEN36223">24.2.5 Setting Up Static
Routes</a></h2>

<i class="AUTHORGROUP"><span class="CONTRIB">Contributed by</span> Al Hoang.</i> 

<div class="SECT3">
<h3 class="SECT3"><a id="AEN36231" name="AEN36231">24.2.5.1 Manual Configuration</a></h3>

<p>Let us assume we have a network as follows:</p>

<p><img src="advanced-networking/static-routes.png" /></p>

<p>In this scenario, <tt class="HOSTID">RouterA</tt> is our FreeBSD machine that is
acting as a router to the rest of the Internet. It has a default route set to <tt
class="HOSTID">10.0.0.1</tt> which allows it to connect with the outside world. We will
assume that <tt class="HOSTID">RouterB</tt> is already configured properly and knows how
to get wherever it needs to go. (This is simple in this picture. Just add a default route
on <tt class="HOSTID">RouterB</tt> using <tt class="HOSTID">192.168.1.1</tt> as the
gateway.)</p>

<p>If we look at the routing table for <tt class="HOSTID">RouterA</tt> we would see
something like the following:</p>

<pre class="SCREEN">
<samp class="PROMPT">%</samp> <kbd class="USERINPUT">netstat -nr</kbd>
Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use  Netif  Expire
default            10.0.0.1           UGS         0    49378    xl0
127.0.0.1          127.0.0.1          UH          0        6    lo0
10.0.0/24          link#1             UC          0        0    xl0
192.168.1/24       link#2             UC          0        0    xl1
</pre>

<p>With the current routing table <tt class="HOSTID">RouterA</tt> will not be able to
reach our Internal Net 2. It does not have a route for <tt
class="HOSTID">192.168.2.0/24</tt>. One way to alleviate this is to manually add the
route. The following command would add the Internal Net 2 network to <tt
class="HOSTID">RouterA</tt>'s routing table using <tt class="HOSTID">192.168.1.2</tt> as
the next hop:</p>

<pre class="SCREEN">
<samp class="PROMPT">#</samp> <kbd
class="USERINPUT">route add -net 192.168.2.0/24 192.168.1.2</kbd>
</pre>

<p>Now <tt class="HOSTID">RouterA</tt> can reach any hosts on the <tt
class="HOSTID">192.168.2.0/24</tt> network.</p>
</div>

<div class="SECT3">
<h3 class="SECT3"><a id="AEN36261" name="AEN36261">24.2.5.2 Persistent
Configuration</a></h3>

<p>The above example is perfect for configuring a static route on a running system.
However, one problem is that the routing information will not persist if you reboot your
FreeBSD machine. The way to handle the addition of a static route is to put it in your
<tt class="FILENAME">/etc/rc.conf</tt> file:</p>

<pre class="PROGRAMLISTING">
# Add Internal Net 2 as a static route
static_routes="internalnet2"
route_internalnet2="-net 192.168.2.0/24 192.168.1.2"
</pre>

<p>The <var class="LITERAL">static_routes</var> configuration variable is a list of
strings separated by a space. Each string references to a route name. In our above
example we only have one string in <var class="LITERAL">static_routes</var>. This string
is <var class="REPLACEABLE">internalnet2</var>. We then add a configuration variable
called <var class="LITERAL">route_<var class="REPLACEABLE">internalnet2</var></var> where
we put all of the configuration parameters we would give to the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=route&sektion=8"><span
class="CITEREFENTRY"><span class="REFENTRYTITLE">route</span>(8)</span></a> command. For
our example above we would have used the command:</p>

<pre class="SCREEN">
<samp class="PROMPT">#</samp> <kbd
class="USERINPUT">route add -net 192.168.2.0/24 192.168.1.2</kbd>
</pre>

<p>so we need <var class="LITERAL">"-net 192.168.2.0/24 192.168.1.2"</var>.</p>

<p>As said above, we can have more than one string in <var
class="LITERAL">static_routes</var>. This allows us to create multiple static routes. The
following lines shows an example of adding static routes for the <tt
class="HOSTID">192.168.0.0/24</tt> and <tt class="HOSTID">192.168.1.0/24</tt> networks on
an imaginary router:</p>

<pre class="PROGRAMLISTING">
static_routes="net1 net2"
route_net1="-net 192.168.0.0/24 192.168.0.1"
route_net2="-net 192.168.1.0/24 192.168.1.1"
</pre>
</div>
</div>

<div class="SECT2">
<h2 class="SECT2"><a id="AEN36285" name="AEN36285">24.2.6 Routing Propagation</a></h2>

<p>We have already talked about how we define our routes to the outside world, but not
about how the outside world finds us.</p>

<p>We already know that routing tables can be set up so that all traffic for a particular
address space (in our examples, a class-C subnet) can be sent to a particular host on
that network, which will forward the packets inbound.</p>

<p>When you get an address space assigned to your site, your service provider will set up
their routing tables so that all traffic for your subnet will be sent down your PPP link
to your site. But how do sites across the country know to send to your ISP?</p>

<p>There is a system (much like the distributed DNS information) that keeps track of all
assigned address-spaces, and defines their point of connection to the Internet Backbone.
The ``Backbone'' are the main trunk lines that carry Internet traffic across the country,
and around the world. Each backbone machine has a copy of a master set of tables, which
direct traffic for a particular network to a specific backbone carrier, and from there
down the chain of service providers until it reaches your network.</p>

<p>It is the task of your service provider to advertise to the backbone sites that they
are the point of connection (and thus the path inward) for your site. This is known as
route propagation.</p>
</div>

<div class="SECT2">
<h2 class="SECT2"><a id="AEN36295" name="AEN36295">24.2.7 Troubleshooting</a></h2>

<p>Sometimes, there is a problem with routing propagation, and some sites are unable to
connect to you. Perhaps the most useful command for trying to figure out where routing is
breaking down is the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=traceroute&sektion=8"><span
class="CITEREFENTRY"><span class="REFENTRYTITLE">traceroute</span>(8)</span></a> command.
It is equally useful if you cannot seem to make a connection to a remote machine (i.e. <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ping&sektion=8"><span
class="CITEREFENTRY"><span class="REFENTRYTITLE">ping</span>(8)</span></a> fails).</p>

<p>The <a href="http://www.FreeBSD.org/cgi/man.cgi?query=traceroute&sektion=8"><span
class="CITEREFENTRY"><span class="REFENTRYTITLE">traceroute</span>(8)</span></a> command
is run with the name of the remote host you are trying to connect to. It will show the
gateway hosts along the path of the attempt, eventually either reaching the target host,
or terminating because of a lack of connection.</p>

<p>For more information, see the manual page for <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=traceroute&sektion=8"><span
class="CITEREFENTRY"><span class="REFENTRYTITLE">traceroute</span>(8)</span></a>.</p>
</div>

<div class="SECT2">
<h2 class="SECT2"><a id="AEN36315" name="AEN36315">24.2.8 Multicast Routing</a></h2>

<p>FreeBSD supports both multicast applications and multicast routing natively. Multicast
applications do not require any special configuration of FreeBSD; applications will
generally run out of the box. Multicast routing requires that support be compiled into
the kernel:</p>

<pre class="PROGRAMLISTING">
options MROUTING
</pre>

<p>In addition, the multicast routing daemon, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=mrouted&sektion=8"><span
class="CITEREFENTRY"><span class="REFENTRYTITLE">mrouted</span>(8)</span></a> must be
configured to set up tunnels and <acronym class="ACRONYM">DVMRP</acronym> via <tt
class="FILENAME">/etc/mrouted.conf</tt>. More details on multicast configuration may be
found in the manual page for <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=mrouted&sektion=8"><span
class="CITEREFENTRY"><span class="REFENTRYTITLE">mrouted</span>(8)</span></a>.</p>
</div>
</div>

<div class="NAVFOOTER">
<hr align="LEFT" width="100%" />
<table summary="Footer navigation table" width="100%" border="0" cellpadding="0"
cellspacing="0">
<tr>
<td width="33%" align="left" valign="top"><a href="advanced-networking.html"
accesskey="P">Prev</a></td>
<td width="34%" align="center" valign="top"><a href="index.html"
accesskey="H">Home</a></td>
<td width="33%" align="right" valign="top"><a href="network-wireless.html"
accesskey="N">Next</a></td>
</tr>

<tr>
<td width="33%" align="left" valign="top">Advanced Networking</td>
<td width="34%" align="center" valign="top"><a href="advanced-networking.html"
accesskey="U">Up</a></td>
<td width="33%" align="right" valign="top">Wireless Networking</td>
</tr>
</table>
</div>

<p align="center"><small>This, and other documents, can be downloaded from <a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/doc/">ftp://ftp.FreeBSD.org/pub/FreeBSD/doc/</a>.</small></p>

<p align="center"><small>For questions about FreeBSD, read the <a
href="http://www.FreeBSD.org/docs.html">documentation</a> before contacting &#60;<a
href="mailto:questions@FreeBSD.org">questions@FreeBSD.org</a>&#62;.<br />
For questions about this documentation, e-mail &#60;<a
href="mailto:doc@FreeBSD.org">doc@FreeBSD.org</a>&#62;.</small></p>
</body>
</html>