network-routing.html

FreeBSD安装说明概述 FreeBSD 提供了一个以文字为主

<col />
<col />
<thead>
<tr>
<th>Host</th>
<th>Default Gateway</th>
<th>Interface</th>
</tr>
</thead>

<tbody>
<tr>
<td>Local2</td>
<td>Local1</td>
<td>Ethernet</td>
</tr>

<tr>
<td>Local1</td>
<td>T1-GW</td>
<td>PPP</td>
</tr>
</tbody>
</table>
</div>

<p>A common question is ``Why (or how) would we set the <tt class="HOSTID">T1-GW</tt> to
be the default gateway for <tt class="HOSTID">Local1</tt>, rather than the ISP server it
is connected to?''.</p>

<p>Remember, since the PPP interface is using an address on the ISP's local network for
your side of the connection, routes for any other machines on the ISP's local network
will be automatically generated. Hence, you will already know how to reach the <tt
class="HOSTID">T1-GW</tt> machine, so there is no need for the intermediate step of
sending traffic to the ISP server.</p>

<p>As a final note, it is common to use the address <tt class="HOSTID">X.X.X.1</tt> as
the gateway address for your local network. So (using the same example), if your local
class-C address space was <tt class="HOSTID">10.20.30</tt> and your ISP was using <tt
class="HOSTID">10.9.9</tt> then the default routes would be:</p>

<div class="INFORMALTABLE"><a id="AEN25351" name="AEN25351"></a>
<table border="0" frame="void" class="CALSTABLE">
<col />
<col />
<thead>
<tr>
<th>Host</th>
<th>Default Route</th>
</tr>
</thead>

<tbody>
<tr>
<td>Local2 (10.20.30.2)</td>
<td>Local1 (10.20.30.1)</td>
</tr>

<tr>
<td>Local1 (10.20.30.1, 10.9.9.30)</td>
<td>T1-GW (10.9.9.1)</td>
</tr>
</tbody>
</table>
</div>
</div>

<div class="SECT2">
<h2 class="SECT2"><a id="AEN25364" name="AEN25364">19.2.3. Dual Homed Hosts</a></h2>

<p>There is one other type of configuration that we should cover, and that is a host that
sits on two different networks. Technically, any machine functioning as a gateway (in the
example above, using a PPP connection) counts as a dual-homed host. But the term is
really only used to refer to a machine that sits on two local-area networks.</p>

<p>In one case, the machine has two Ethernet cards, each having an address on the
separate subnets. Alternately, the machine may only have one Ethernet card, and be using
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ifconfig</span>(8)</span>
aliasing. The former is used if two physically separate Ethernet networks are in use, the
latter if there is one physical network segment, but two logically separate subnets.</p>

<p>Either way, routing tables are set up so that each subnet knows that this machine is
the defined gateway (inbound route) to the other subnet. This configuration, with the
machine acting as a router between the two subnets, is often used when we need to
implement packet filtering or firewall security in either or both directions.</p>

<p>If you want this machine to actually forward packets between the two interfaces, you
need to tell FreeBSD to enable this ability.</p>
</div>

<div class="SECT2">
<h2 class="SECT2"><a id="NETWORK-DEDICATED-ROUTER"
name="NETWORK-DEDICATED-ROUTER">19.2.4. Building a Router</a></h2>

<p>A network router is simply a system that forwards packets from one interface to
another. Internet standards and good engineering practice prevent the FreeBSD Project
from enabling this by default in FreeBSD. You can enable this feature by changing the
following variable to <var class="LITERAL">YES</var> in <span class="CITEREFENTRY"><span
class="REFENTRYTITLE">rc.conf</span>(5)</span>:</p>

<pre class="PROGRAMLISTING">
gateway_enable=YES          # Set to YES if this host will be a gateway
</pre>

<p>This option will set the <span class="CITEREFENTRY"><span
class="REFENTRYTITLE">sysctl</span>(8)</span> variable <var
class="VARNAME">net.inet.ip.forwarding</var> to <var class="LITERAL">1</var>. If you
should need to stop routing temporarily, you can reset this to <var
class="LITERAL">0</var> temporarily.</p>

<p>Your new router will need routes to know where to send the traffic. If your network is
simple enough you can use static routes. FreeBSD also comes with the standard BSD routing
daemon <span class="CITEREFENTRY"><span class="REFENTRYTITLE">routed</span>(8)</span>,
which speaks RIP (both version 1 and version 2) and IRDP. Support for BGP v4, OSPF v2,
and other sophisticated routing protocols is available with the <a
href="http://www.FreeBSD.org/cgi/url.cgi?ports/net/zebra/pkg-descr"><tt
class="FILENAME">net/zebra</tt></a> package. Commercial products such as gated are also
available for more complex network routing solutions.</p>

<p>Even when FreeBSD is configured in this way, it does not completely comply with the
Internet standard requirements for routers. It comes close enough for ordinary use,
however.</p>
</div>

<div class="SECT2">
<h2 class="SECT2"><a id="AEN25404" name="AEN25404">19.2.5. Routing Propagation</a></h2>

<p>We have already talked about how we define our routes to the outside world, but not
about how the outside world finds us.</p>

<p>We already know that routing tables can be set up so that all traffic for a particular
address space (in our examples, a class-C subnet) can be sent to a particular host on
that network, which will forward the packets inbound.</p>

<p>When you get an address space assigned to your site, your service provider will set up
their routing tables so that all traffic for your subnet will be sent down your PPP link
to your site. But how do sites across the country know to send to your ISP?</p>

<p>There is a system (much like the distributed DNS information) that keeps track of all
assigned address-spaces, and defines their point of connection to the Internet Backbone.
The ``Backbone'' are the main trunk lines that carry Internet traffic across the country,
and around the world. Each backbone machine has a copy of a master set of tables, which
direct traffic for a particular network to a specific backbone carrier, and from there
down the chain of service providers until it reaches your network.</p>

<p>It is the task of your service provider to advertise to the backbone sites that they
are the point of connection (and thus the path inward) for your site. This is known as
route propagation.</p>
</div>

<div class="SECT2">
<h2 class="SECT2"><a id="AEN25414" name="AEN25414">19.2.6. Troubleshooting</a></h2>

<p>Sometimes, there is a problem with routing propagation, and some sites are unable to
connect to you. Perhaps the most useful command for trying to figure out where routing is
breaking down is the <span class="CITEREFENTRY"><span
class="REFENTRYTITLE">traceroute</span>(8)</span> command. It is equally useful if you
cannot seem to make a connection to a remote machine (i.e. <span
class="CITEREFENTRY"><span class="REFENTRYTITLE">ping</span>(8)</span> fails).</p>

<p>The <span class="CITEREFENTRY"><span class="REFENTRYTITLE">traceroute</span>(8)</span>
command is run with the name of the remote host you are trying to connect to. It will
show the gateway hosts along the path of the attempt, eventually either reaching the
target host, or terminating because of a lack of connection.</p>

<p>For more information, see the manual page for <span class="CITEREFENTRY"><span
class="REFENTRYTITLE">traceroute</span>(8)</span>.</p>
</div>

<div class="SECT2">
<h2 class="SECT2"><a id="AEN25434" name="AEN25434">19.2.7. Multicast Routing</a></h2>

<p>FreeBSD supports both multicast applications and multicast routing natively. Multicast
applications do not require any special configuration of FreeBSD; applications will
generally run out of the box. Multicast routing requires that support be compiled into
the kernel:</p>

<pre class="PROGRAMLISTING">
options MROUTING
</pre>

<p>In addition, the multicast routing daemon, <span class="CITEREFENTRY"><span
class="REFENTRYTITLE">mrouted</span>(8)</span> must be configured to set up tunnels and
DVMRP via <tt class="FILENAME">/etc/mrouted.conf</tt>. More details on multicast
configuration may be found in the man pages for mrouted.</p>
</div>
</div>

<div class="NAVFOOTER">
<hr align="LEFT" width="100%" />
<table summary="Footer navigation table" width="100%" border="0" cellpadding="0"
cellspacing="0">
<tr>
<td width="33%" align="left" valign="top"><a href="advanced-networking.html"
accesskey="P">Prev</a></td>
<td width="34%" align="center" valign="top"><a href="index.html"
accesskey="H">Home</a></td>
<td width="33%" align="right" valign="top"><a href="network-wireless.html"
accesskey="N">Next</a></td>
</tr>

<tr>
<td width="33%" align="left" valign="top">Advanced Networking</td>
<td width="34%" align="center" valign="top"><a href="advanced-networking.html"
accesskey="U">Up</a></td>
<td width="33%" align="right" valign="top">Wireless Networking</td>
</tr>
</table>
</div>
</body>
</html>