Solaris Routing

Routing

Good URLs:

http://www.isoc.org/

http://www.nthelp.com/maps.htm - maps of the backbone of the Internet

http://www.caida.org/tools/visualization/mapnet/Backbones - fun maps of the Internet.

http://computer.howstuffworks.com/router12.htm

http://www.napoftheamericas.net/faq.cfm - Information on the NAPs

The Solaris 8 Answerbook pages are very good for this topic.

The book to get: Christian Huitema: Routing in the Internet

The book on BGP: B. Halabi:Internet Routing Architecture

Routing and routers

Routing is the process of directing packets from a source host (where the packet comes from) to a destination host (where the packet goes to). There are two types of routing, depending on whether the destination is on the local area network, or on another network: direct routing and indirect routing.

If the destination is on the local network, the packet is sent via a direct route. In direct routing, the source host uses the ARP protocol to acquire the MAC of the destination host. The IP address of the destination host is placed in the Internet header of the packet, but only the MAC address is used to get the packet to its destination. The packet is then put out on the local network by the source host and picked up by the destination host.

If the packet is on another network, separated from the local network by a router, the packet is forwarded between networks by that router, along an indirect route. In forwarding, a packet is passed from one network to another by a designated device called a router. A router is a computer attached to more than one network, which can be used to pass packets between networks. It has two or more interfaces, each attached to a different network. Each interface on a router has a unique hostname and an IP address belonging to the network to which it is attached.

A source host sends a packet destined for another network to the router, using the ARP protocol to get the router's MAC address, even though the packet contains the IP address of the destination system, not of the router. The router removes the Network Interface header and trailer because the header contains the MAC address of the router. It also removes the Internet layer header that contains the IP address of the destination system. This header will be regenerated but will still contain the IP address of the destination system. The router does not change the Transport layer header. The router decides how to route the packet: directly or indirectly. If the packet is on a network to which the router is connected, it forwards the packet directly. If the packet is on another network, the router forwards the packet to another router that then forwards the packets to another router, until the packet arrives at the router connected to the network containing the destination host. That router issues an ARP request for the hardware address of the destination host, and sends the packet to that system.

The number of routers that must forward a packet is known as the hop count. A hop count is one type of a metric, which is the type of measurement used to describe the distance between a source host and a destination. The type of metric used in routing depends on the routing protocol implemented on a network.

The source host decides which form of routing to use based on the destination's IP address and its local netmask. The IP address, attached to the packet by the Internet Layer, tells the router or originating host the system to which the packet is intended. The local netmask, acquired from the file /etc/netmasks and applied to the destination IP address, allows the system to see if the destination host is on the local network, and may be directly routed, or if it is on another network and must be indirectly routed.

The routing table

When the source host generates a packet, it begins by applying its own netmask or netmasks to the IP address of the destination host to derive its network address. It then checks the entire destination IP address against a routing table, to see if there is a specific entry (host entry) for that host.

The routing table is held in the kernel, and it can be viewed with the command

# netstat –rn

Host entries are marked with the flag "H". The routing table also includes the gateway that should be used to send a packet to the listed host. In modern computer terminology, a gateway is the router that connects an organization's LANs to the Internet, but in the output of netstat -rn, "gateway" is synonymous with "router".

If a host entry exists for the destination host, the source host sends the packet via a direct route if the source host is also the gateway. Otherwise it sends the packet to the router listed in the routing table and the router forwards the packet.

Usually the only host entry in the routing table is for the loopback address. It is not usual for other hosts to have entries. Such an entry would have to be manually added to the routing table.

If there is no host entry for the destination host in the routing table, the source host checks the destination network address of the packet against any network addresses listed in the routing table. If the packet goes to the local network, the originating system issues an ARP request for the hardware address of the destination system, and sends out the packets to the address supplied in response through the interface specified in the routing table.

If the packet is not on the local network, as determined by its IP address and the netmask for the local system, then it must be indirectly routed through a router. The originating host looks for a specified route to the network where the packet is supposed to go, and if it finds such a route, it issues an ARP request for the hardware address of the gateway listed for that network in the routing table. It then sends the packet to the router, using its MAC address. For each network the netmask used to calculate the network number is that of the source host. If the source host has more than one netmask, the netmask that applies to the network that is closest to the IP address of the destination host is used.

If there is entry in the routing table for the network specified, the "default" entry is used and the packet is sent to the "default" router. There must always be a default router specified in the routing table (unless the host is on a system that has no connections to an outside network) and typically, for a small network, the default router is the only router available, and handles all indirectly routed packets. Under normal circumstances there is only one default route defined in any routing table. The only time there should be more than one default route entry in a routing table is if the system has more than one path connecting it to other networks. This might be the case if a system is on a network that is connected to the Internet, and has a backup connection in case the primary network goes off-line. When a primary route goes out of service, it is possible for that route to be automatically or manually disabled. Then the secondary route is used by the routing system. If there are more than one default router, the system alternately uses one then the other (since Solaris 8).

More than you wanted to know:

When the system needs to determine the network portion of an IP address, it looks for the closest matching entry in /etc/netmasks (or the NIS, LDAP or NIS+ equivalent). If there is more than one entry that works, it will use the one that matches the largest portion of the IP address. For example to find the netmask for the host whose IP address is 112.34.56.78, the system first looks for a network entry of 112.34.56.78 with a mask of 255.255.255.255, then for an entry for 112.34.56.78 (again, since the least significant bit is zero anyway) with a mask of 255.255.255.254, then for 112.34.56.76 with 255.255.255.252, then for 112.45.56.72 with 255.255.255.248, etc.; until it finds a match.

Putting this example in partial binary so it makes more sense:

The IP address in partial binary:

[112.34.56.]01001110

The possible network number could be 112.34.56.78, and this could be a /36 network with only one host. If there is no entry for that (112.34.56.78 255.255.255.255) then the system looks for the network number that would be written in partial binary as: [112.34.56.] 01001110 which is still112.34.56.78, but with the netmask 255.255.255.254. If there is no entry for that, then the system looks for the network [112.34.56.]01001100 /34. (112.34.56.76). If there is no entry for that, it tries the network number [112.34.56.]01001000 /34 (112.34.56.72), etc.

Here is a problem: The file /etc/netmasks contains the entries:

10.0.0.0 255.255.0.0

10.100.0.0 255.255.255.0

10.100.100.0 255.255.255.0

Which netmask will be applied to the IP address 10.100.100.100 (either because it has been assigned to an interface, or because it is the destination of a packet) and what will be the netmask assigned to it?

Answer: The THIRD entry. The first entry is for a standard subnet of class A network 10.0.0.0, subnetted bitwise into a set of 254 class B networks (10.0.0.0, 10.1.0.0, 10.2.0.0…). The second entry is for a VLSM subnet for the subnet 10.100.0.0, and NO OTHER. The third entry is a VLSM subnet for the network 10.100.100.0 AND NO OTHER. 10.100.100.100 could be routed using the first entry, with the network number 10.100.0.0/16, but the entry 10.100.100.0/24 matches a larger portion of the 10.100.100.0 and will therefore be used to route it. The netmask assigned to it would be 255.255.255.0. The second entry applies only to the network 10.100.0.0, of which the network number is 10.100.0. Since 10.100.100.100 (or 10.100.99.99, or 10.100.99.100 or any other IP that doesn't start with 10.100.0) can never be in that network, it is ignored.

Static and Dynamic Routes

Routes may be static or dynamic. Static routes stay in the routing table until removed by the administrator, or until the system is rebooted. They are placed into the routing table by the superuser, using the commands "route" or "ifconfig," or by DHCP, or by the boot process from entries in the files /etc/defaultrouter (non-router systems) or /etc/gateways (routers), or by a start script. In each case manual configuration is required. Dynamic routes are automatically loaded into the routing table by the daemons in.rdisc, or in.routed. After that time, they must be reconfirmed by the daemon in.rdisc, or it removes the entry from the routing table. Dynamic routes stay in the routing table for 30 minutes.

Routing Table Configuration

Routing table configuration occurs at boot time and may continue to occur dynamically thereafter. How the routing table is configured depends on whether the host is a router or a non-router. Solaris looks for multiple configured interfaces. If it finds them, it assumes the host is a router and configures it accordingly. If it finds only one configured interface, it assumes the host is a non-router.

The entries in the routing table can be set up in a variety of ways. For a non-router host, the local network (direct) entries (including loopback) are first added during the boot, at run level S, when ifconfig configures the network interfaces. (If the host is on a point-to-point network, the only direct entry other than loopback will be the hostname of the connected system). As part of the configuration process the local network routing entries are added to the routing table. These first routes are static. Then default entries are set up at boot by the script /etc/rc2.d/S69inet. This script checks for the existence of a default entry loaded by DHCP or as part of a diskless client configuration. It may then load default entries from the file /etc/defaultrouter, if such a file exists. Entries in this file consist of the name or IP address of the default router. To set up a network with a Cisco router, /etc/defaultrouter need only contain the address of the router. Entries from /etc/defaultrouter are also static.

If /etc/defaultrouter does not exist, and no default router entry has otherwise been loaded into the routing table, the non-router boot process starts in.rdisc -s. On the non-router, the Router Discovery daemon in.rdisc obtains the default route from the Router Discovery process. Routers run the Router Discovery daemon as in.rdisc -r. On the router, in.rdisc broadcasts RDISC packets advertising default routing. On a non-router host, if in.rdisc finds that no systems on its network are advertising routes using Router Discovery, it exits, and in.routed -q is started, which then builds a routing table from RIP packets that in.routed receives from any available routers on the local network.

On a router system, the same static entries in the routing table are added by ifconfig during boot at run level S as were placed in the non-router's routing table. At run level 2, the daemons in.routed -s and in.rdisc -r are started. These daemons advertise the routing table and receive advertisements from other routers. They use received advertisements to build the remainder of the routing table is built. The daemons in.routed and in.rdisc are started on any router host as long as the files /etc/notrouter and /etc/defaultrouter do not exist. The file /etc/defaultrouter is not used to set up default routing in a router. If this file exists when a system with more than one configured interface boots, by definition, it will not start as a router. If you wish to set up specific static routes on a server, the file /etc/gateways may be created, and its contents will be loaded into the routing table at boot time. This file contains routing information, and can also be used to tell the system not to advertise or receive routing information on specific interfaces with the "norip", "noripin" and "noripout" entries. These are generally used on routers running firewalls.

ICMP redirects may also add entries to a routing table. If a router receives a packet from a host, and knows a better route to the packet's destination, it will send back an ICMP message with the better route. This information is then added to the routing table.

More than you wanted to know: Routes can be added to the routing table to get to network printers. A network printer usually has an IP address loaded and is capable of receiving packets from other systems. The IP address loaded, however, is generally not that of the subnet on which the printer is installed. A route may be added to the routing table for the network of the printer with a metric of zero, using the printer server as the gateway. Thus, if the printer has the IP address of 100.100.1.2, the following command is issued on the print server (whose IP address is 235.2.3.4):

route add net 100.100.1.0 235.2.3.4 0

Thus the server 235.2.3.4 will act as the gateway to the network 100.100.1.0, which is located on the local link (metric of 0). You can then connect to the printer and use the software supplied by the manufacturer on the printer server to configure the printer.

RIP and RDISC

Solaris uses two protocols are involved in the maintenance of the routing table on a local area network and in routing itself: RIP and RDISC. Since these protocols are employed inside an organization's networks, they are said to be Interior Gateway Protocols (IGPs). RDISC is run using the daemon in.rdisc, which is started on non-router machines using the option -s. In this mode, in.rdisc sends out router solicitation messages on 224.0.0.2 asking for routers. If in.rdisc on a router responds, its reply is used to place a default entry into the routing table. Once the routing table has been populated with its default entry or entries, in.rdisc continues to listen for advertisements from the router. These are sent out every 10 minutes. If an advertisement is not received from a router within 30 minutes, the default router entry is deleted from the routing table.

On a router, at boot time in.rdisc is started with the option -r. In this mode,in.rdisc advertises itself as a router on 224.0.0.1 and replies to rdisc information requests from non-router hosts.

RIP v.1 is implemented in Solaris using the daemon in.routed. The daemon in.routed does not start at all on a non-router machine unless in.rdisc has failed to place a default route in the routing table,. In that case, in.routed is started with the -q option, which allows it to build a routing table from advertisements provided by routers. The –q option prevents in.routed from advertising its routing table.

On a router, in.routed is started with the option -s, in which case it multicasts its routing table to any directly connected host every 30 seconds, and listens for multicast packets from other routers. It also enables routing, so if in.routed is not running on a system, it will not route regardless of network connections. If in.routed on a host receives information from another router, it uses that information to update its own routing table if: 1) It has no entry for that network OR 2) The information is from a router which is already in the routing table, that is, the information is from the router's mouth OR 3) There is an entry in the routing table about which the router has gotten no information for 90 seconds, and its metric is the same or larger than the metric in the newly received routing information.

The routing tables advertised by in.routed do not pass along any netmask information, either in dot or slash notation (such as 255.255.0.0 or /16). This distinguishes in.routed and other daemons implementing RIP v.1 from most routing daemons, which DO pass netmask information. As long as a site has classful addresses, or one layer of subnets, all using the same number of bits for the network prefix, the routers will pass the correct network information, and in.routed will have no problem routing correctly. However, if a site wants to use VLSM (Variable Length Subnet Masking), the correct network information will go to the local router, but not to the next router up. Thus if you want to subnet your subnets or have subnets using variable numbers of bits in the network prefix, you must use some other protocol than RIP v.1. The daemon gated implements OSPF, which does pass netmask information along with its routing tables. It can be installed on Solaris systems but is not supported by Sun Microsystems.

More than you wanted to know: Here is an example showing why VLSM does not work unless a system passes netmask information: Let us assume we start with one Class C network X.Y.Z.0. Subnet this using 3 bits into 8 subnets:

X.Y.Z.0/27 X.Y.Z.32/27 X.Y.Z.64/27 X.Y.Z.96/27 X.Y.Z.128/27 X.Y.Z.160/27 X.Y.Z.192/27 X.Y.Z.224/27

Each of these subnets has the netmask 255.255.255.224 (255.255.255.11100000)

Now subnet the subnet X.Y.Z.32 into 2 subnets:

X.Y.Z.32/28 (X.Y.Z.00100000) X.Y.Z.48/28 (X.Y.Z.00110000)

Each of these networks has the netmask 255.255.255.240 (255.255.255.11110000).

Assume that a host on network X.Y.Z.128 wants to send a packet to a system with the IP address X.Y.Z.50 (X.Y.Z.00110010). This host is on network X.Y.Z.48 (although the originating system doesn't know that). It uses its own netmask to find which part of the IP address is the network number (and therefore how it should be routed) and which part is the host number. For X.Y.Z.50, the originating host will find that the network number is X.Y.Z.32 (X.Y.Z.00100000), since its netmask forces it to assume that the destination is on a /27 network too. It then looks in its routing table where it finds entries for X.Y.Z.32 and X.Y.Z.48 (since routers on both those networks advertise), but it ignores the network X.Y.Z.48 and sends the packet to X.Y.Z.32! Had netmask information been passed with the routing advertisement, the system would have known that the packet was on a /28 network, and that it should have been sent to X.Y.Z.48.

Routing outside the local network: The Internet.

Original Internet routing: EGP - the Exterior Gateway Protocol

Originally Internet routing was based on a hierarchical structure. The top of the structure was a single system called the core and the gateways connected to the core were called core gateways or core routers. In this original structure, all routing information is gathered at the core, processed there, then passed back to the core gateways and down the hierarchy. The protocol used to exchange information with core gateways is called Gateway-to-Gateway Protocol or GGP. GGP is only used by core gateways.

The term "gateway" simply means a system that serves as a filter and a connection for the systems behind it. Thus a router on a small subnet is a gateway for the systems behind it to the rest of the network. "Gateway" may also refer to a special kind of router that connects a group of hosts and networks to the Internet. In the latter case, the gateway has the following characteristics: 1. It is a router 2. It is physically connected through other routers and through switches to all the systems behind it and to the Internet. The systems behind it are not connected to the Internet except through the gateway. 3. It does some kind of filtering of outgoing and incoming packets, usually by means of a firewall. 4. It runs some implementation of BGP, the Border Gateway Protocol, discussed later.

The core gateways or core routers were the top level routers for independent networks, called autonomous systems (AS), each of which was identified by an autonomous system number (ASN). An autonomous system is a collection of networks and gateways which manages its own routing information and which is capable of exchanging this information with other autonomous systems over a backbone formed of the core routers. The only connection between an Autonomous System and the Internet is through those core routers. The information exchanged between autonomous systems is called reachability information, and it specifies which networks can be reached through that autonomous system. The protocol used to pass reachability information between autonomous systems was called Exterior Gateway Protocol or EGP. Confusingly, the class of protocols to which EGP belongs is also called the Exterior Gateway Protocols, since protocols that work outside a gateway are all Exterior Gateway Protocols. There are other Exterior Gateway Protocols besides EGP, most notably the newer BGP.

Current Internet Routing: BGP and Domain Routing

A newer routing scheme, called Domain Routing, has replaced the "core" model for the majority of the Internet. A routing domain is similar to an autonomous system under the core model, but a routing domain is generally synonymous with a DNS domain, and each routing domain may connect to other routing domains, exchanging packets and routing information, at more than one point. Unlike the core model, each routing domain makes its own routing decisions rather than relying on a single central system to choose the "best" route. A gateway that connects two or more routing domains is called a border gateway, and the protocol used to exchange routing information between routing domains is called Border Gateway Protocol or BGP, and it supports CIDR or Classless Inter Domain Routing. CIDR allows domains aggregate IP addresses using slash notation and to route via these aggregated addresses.

There are six primary points in North America where major routing domains meet and exchange packets and other information. They are called Priority NAPs. The NAP routers have tables with route entries for all the networks on the Internet. The NAPs started out as MAE's, which were ethernet network segments with border gateway routers from each major routing domain. As technology advanced and the need for higher bandwidth grew, higher speed network segments were added to these networking centers, and they were renamed "NAPs." Each of the NAPs is run by a corporation, under the authority of the National Science Foundation. The corporation serves in the role of the Routing Arbiter, and provides the routing information on the NAP computers. There are now numerous NAPs and more are being added.

Acronyms:

AS – Autonomous system – a collection of systems and networks under the control of a single authority, with a single, 16 bit address assigned by the INTERNIC. An example might be all the computers owned and operated by Sun Microsystems or Washington University. This is an obsolete concept, replaced by routing domains.

BGP – Border Gateway Protocol – a routing protocol used between gateways. Supports CIDR.

CIDR – Classless InterDomain Routing – a protocol that allows route aggregation in order to simplify backbone router's routing tables.

EGP – Exterior Gateway Protocol – protocol used between autonomous systems, like EGP itself or BGP.

IGP – Interior Gateway Protocol – protocol used inside an autonomous system, like RIP, OSPF or IS-IS.

IGRP – Cisco's routing protocol.

IS-IS – Intermediate System to Intermediate System – an OSI routing protocol

ndd – network device driver – a routing control command.

MAE - Metro Area Ethernet

NAP – National Access Points – the major routers that connect NSPs to the internet. These are the top level routers.

NSP – National Service Provider – a company that installs, maintains and manages major internet backbone cable. These lease the use of their cable to ISPs. AT&T is a major NSP.

OSPF – Open Shortest Path First – a routing protocol used by GateD.

RIP – Routing Information Protocol – Version 1 of RIP is the routing protocol used by Sun Solaris.

RDISC – Router DISCovery protocol – the protocol that is used to populate the routing table.

Definitions:

GateD– a daemon which may be downloaded free, which supports VLSM routing via OSPF and BGP. It is not supported by Sun (but is commonly used).

routing – the process of forwarding messages from one network to destination hosts on other networks.

default route – route that a message should take if no other is available.

metric – the count of hops, time or other parameters which limits the time a packet may continue to circulate through the network.

hop count – a metric which measures the number of times a message passes through routers. It is the metric used by RIP v. 1

direct routing – route discovered by ARP on a host on the same network.

indirect routing – route not on the same network

intermediate router – not the first or last router through which a packet passes.

table-driven routing – routing through a routing table on each work station populated by routing daemons and the administrator.

static routing – an entry which stays in the routing table until reboot. It is placed in the table by commands or from the files /etc/gateways.

dynamic routing – entries in the routing table obtained from broadcasts by other routers.

stub AS – an autonomous system connected off the main backbone in EGP.

end system – in IS-IS, a specific host.

triggered update – an update to the routing table that occurs at less than the 30 second update interval, as the result of detecting a change in the routing.

hold-down state – recently changed entries in a routing table are not changed again until enough time has passed for the entire network to be updated. The hold-down state occurs in order to prevent route flapping, where a system makes a change, then receives a broadcast from a not-yet-updated system.

route flapping – occurs when an entry in a routing table changes back and forth as the result of advertisements from updated then non-updated routers on the same network.

black hole – the time during which a router may be unavailable but will still be present in a routing table. By default this is 10 minutes.

multihomed host – a host with multiple ethernet ports, but which has the empty file /etc/notrouter, so that routing does not begin.

in.routed – daemon which broadcasts routing information approximately every 30 seconds if the system has more than one physical interface.

in.rdisc – the route discovery daemon.

Commands:

in.routed –<options> – run the daemon which populates the routing table and does

routing of packets.

-q Run the host in quiet mode – a host with multiple interfaces will come

up without advertising its routing information. This may run on a non-router.

-s Run the host in speaking mode, where it advertises its routing

information every 30 seconds. The router listens for routing information

packets, it transmits a request on each network to which it is attached, and

listens for response packets and requests from other routers. It uses these responses to update the routing table. It also deletes non-updated entries after 90 seconds. This runs on a router.

-v filename (file must exist). log in.routed's actions

-st when in.routed starts in speaking mode, send the output to the screen.

in.rdisc -<options> - run the daemon which advertises routes.

-T <time in seconds> set the advertisement interval on a router.

-s solicit and listen for router advertisements and use them to populate the

routing table with default routers.

-r Advertises IP addresses for which the router has access every 10 minutes.

Such addresses are held in the routing table for 30 minutes.

route - manipulate the routing table

add net|host <IP address of net or host> <IP of gateway> <metric> Adds a

route to the routing table, going to a network or host with the IP address

given, and using the gateway router listed. The metric is the number of

hops to that host or network. More than one route may be in the routing

table, but the route with the lowest metric will be used.

add default <IP of gateway> <metric> Set a default route in the routing

table.

add net <IP of network> <IP address of gateway> <metric> -netmask

<value of netmask> - add a route to the routing table with the netmask

given.

delete net|host <IP of net or host> <IP of gateway> Deletes the route through

the specified gateway from the routing table. Note: RIP must be stopped

and started after deletion of a routing table entry.

get <IP address of network or host> - display route for the specified network or

host. (better choice of command: netstat –r).

monitor – continuously monitor information on routing. The command "route

monitor" doesn't give you back a prompt; instead, it will show changes to the routing table as they occur, whether you make changes using another window, or whether the daemons in.rdisc or in.routed make those changes.

flush – flushes the routing table of all router entries. RIP must be started and

stopped after flushing the routing table for changes to take effect.

-f same as flush.

ndd -set /dev/ip ip_forwarding 1 - set the kernel parameter ip_forwarding,

which permits routing to occur.

ndd -set /dev/ip:hme0 ip_forwarding 1 - allow routing only on the interface

specified (hme0 in this case).

netstat -rn View the routing table (-r) using IP addresses, not names (-n).

Files:

/etc/gateways: The existence of this file indicates that the system is a router. It supplies entries to a routing table. Format of entries:

net|host <dest_name/IP> gateway <router_name|IP> metric <metric_value> passive|active

net|host - is the entry for a network or a specific host?

< destination name/IP> - the name or IP address of the network or host. If names are used there must be corresponding entries in /etc/hosts or /etc/networks.

gateway - means "router" and is followed by the name of the router.

<router_name|IP> - the name or IP address of the router to be used to access this network.

metric

<metric_value> - the number of hops required to get to this network. This value is used to choose which route to use if more than one is available for the destination. The entry with the lowest metric is used.

passive|active – passive means the route is static. Active means the route is dynamic. Active gateways must have in.routed running, or the entry will be quickly deleted.

To create a default router using /etc/gateways, use the value 0.0.0.0 for the destination IP address.

norip[in|out] <interface> (don't allow RIP advertising packets to move in or out of the specified interface. Used on gateways running firewalls.)

It is used to set up a system as a router even if it does not have multiple interfaces.

/etc/rc2.d/S69inet (/etc/init.d/inetinit) – start script that starts in.routed, in.rdisc.

/etc/defaultrouter – The existence of this file implies that the system is NOT a router. Contains IP or hostname of router or routers to use as the default router. If it exists, it prevents in.rdisc and in.routed from starting, so that only the router given in the file /etc/defaultrouter will be used to populate the routing table. If a hostname is used, that host MUST have an entry in /etc/hosts, as NIS and NIS+ are not running when this file is read. If the file is empty, then existing default routes are removed. If default routes are supplied by the DHCP server, then those replace any default routes in this file, regardless of how they were installed.

/etc/inet/networks – similar to /etc/hosts, but for networks. Allows administrator to use the name of a network in files such as /etc/gateways, rather than the network number. Entries:

/etc/notrouter – the existence of this file prevents a system with multiple interfaces from booting up as a router. It is blank.

Misc:

Gotchas:

If the entry in /etc/netmasks is in error, for example, if you have an entry specifying the current subnet number and netmask, rather than the parent network number and the current netmask, one of the interfaces on the router will be improperly configured. There must be an entry for every network, either using RFC 950 style, where there is one parent network number and a netmask, or by listing each network and netmask used on the router.

in.routed must be running in order to have routing. A properly configured routing table is not enough.

The existence of the file /etc/defaultrouter prevents rdisc OR in.routed from staring.

A router cannot be a DHCP client.

If one host has no route to a network, hosts on that network also cannot talk to that host.

Output of netstat -r:

destination gateway flags refcnt use interface

destination: network or host to be reached via the route

gateway: IP of system used to reach the destination.

flags: U – interface is up

G – gateway is a router.

D – ICMP redirect entry

H – destination is a host, not a network.

refcnt: number of routes on that interface. For the loopback address, this number

refers to the applications available to talk to.

use: number of packets sent using that route.

interface: interface through which the route goes.

Setting up a router with reboot:

1. Create /etc/hostname.hme1 (or other interface) with the new hostname for the second interface.

2. Update /etc/inet/hosts with name and IP address of second interface.

3. Edit /etc/netmasks and add a non-default netmask if necessary (for a subnet).

4. reboot -- -r OR init 6 and at the PROM prompt: boot -r

Setting up a router without rebooting:

1. ndd -set /dev/ip ip_forwarding 1 (enables routing)

If routing is already occuring, enable routing just for the interface:

ndd -set /dev/ip hme1:ip_forwarding 1

2. Activate the interface:

ifconfig hme1 <Ip_address> <netmask> broadcast + up

2. stop and start daemons.

/etc/init.d/inetinit stop (if routing already running)

/etc/init.d/inetinit start

Building a routing table using:

1. Protocols: RIP, RDISC, implemented by in.routed and in.rdisc respectively.

2. At the command line with route, ifconfig

3. Using files: /etc/gateway, /etc/defaultrouter

To start a system as a router:

1. It cannot have the files /etc/defaultrouter or /etc/notrouter.

2. It cannot be a DHCP client.

3. It must have multiple interfaces, OR the file /etc/gateways must be present.

4. Start in.rdisc -r, in.routed -s and turn on IP forwarding with

ndd -set /dev/ip ip_forwarding 1

To start a system as a non-router, even if it has multiple interfaces:

Without router discovery: Create the file /etc/defaultrouter and populate with default routers.

With router discovery: Create the file /etc/notrouter, OR set the system up as a DHCP client, then start in.rdisc -s and be sure IP forwarding is turned off

(ndd -set /dev/ip ip_forwarding 0).

Uses:

Exterior Gateway Protocol: what it does:

1.engages in neighbor acquisition: - near neighbors exchange information about reachable routes.

2. engages in neighbor reachability: - "keep alive" packets are sent to verify neighbor system is up and running about 2 minutes apart.

3. checks network reachability – Autonomous Systems pass lists of reachable networks to each other in "update" packets

4. uses a distance vector protocol with 255 maximum hops.

Open Shortest Path First: what it does:

1. uses a link-state algorithm

2. knows the entire network's state so it can switch paths quickly

3. sends link-state advertisements only to its nearest neighbor

Advantages of OSPF:

1. Supports multiple metrics

2. Looping is impossible

3. Supports VLSM by passing a specific netmask with an IP address

4. Allows network load balancing.

Value of using /etc/defaultrouter

1. Smaller routing table

2. Can have more than one default router, for failover purposes.

3. Can use other routing protocols than RIP.

Disadvantages of using default routing:

1. All systems on the subnet must have the file /etc/defaultrouter.

2. If the default router shuts down, no other path is available…even for local hosts.

3. ICMP redirects may occur anyway and add to the routing table.

Characteristics of RDISC:

Jobs: Advertises for routers at 10 minute intervals.

Populates the routing table with default entries, and maintains the routing table.

Default entries in the cache, placed there by RDISC, live 30 minutes. After that, they must be updated.

Advantages: Routing protocol independent, creates a smaller routing table, allows for failover, since the table can have multiple default routers.

Advantages of CIDR:

1. It allows us to get rid of classful IP addressing

2. It solves the routing table explosion at the NAPs.

3. It permits hierarchical routing.

4. It permits supernetting.