Книга: Linux Network Administrator Guide, Second Edition
The Routing Table
The Routing Table
We now focus our attention on how IP chooses a gateway to use to deliver a datagram to a remote network.
We have seen that erdos, when given a datagram for quark, checks the destination address and finds that it is not on the local network. erdos therefore sends the datagram to the default gateway sophus, which is now faced with the same task. sophus recognizes that quark is not on any of the networks it is connected to directly, so it has to find yet another gateway to forward it through. The correct choice would be niels, the gateway to the Physics department. sophus thus needs information to associate a destination network with a suitable gateway.
IP uses a table for this task that associates networks with the gateways by which they may be reached. A catch-all entry (the default route) must generally be supplied too; this is the gateway associated with network 0.0.0.0. All destination addresses match this route, since none of the 32 bits are required to match, and therefore packets to an unknown network are sent through the default route. On sophus, the table might look like this:
| Network | Netmask | Gateway | Interface |
|---|---|---|---|
| 149.76.1.0 | 255.255.255.0 | - | fddi0 |
| 149.76.2.0 | 255.255.255.0 | 149.76.1.2 | fddi0 |
| 149.76.3.0 | 255.255.255.0 | 149.76.1.3 | fddi0 |
| 149.76.4.0 | 255.255.255.0 | - | eth0 |
| 149.76.5.0 | 255.255.255.0 | 149.76.1.5 | fddi0 |
| … | … | … | … |
| 0.0.0.0 | 0.0.0.0 | 149.76.1.2 | fddi0 |
If you need to use a route to a network that sophus is directly connected to, you don't need a gateway; the gateway column here contains a hyphen.
The process for identifying whether a particular destination address matches a route is a mathematical operation. The process is quite simple, but it requires an understanding of binary arithmetic and logic: A route matches a destination if the network address logically ANDed with the netmask precisely equals the destination address logically ANDed with the netmask.
Translation: a route matches if the number of bits of the network address specified by the netmask (starting from the left-most bit, the high order bit of byte one of the address) match that same number of bits in the destination address.
When the IP implementation is searching for the best route to a destination, it may find a number of routing entries that match the target address. For example, we know that the default route matches every destination, but datagrams destined for locally attached networks will match their local route, too. How does IP know which route to use? It is here that the netmask plays an important role. While both routes match the destination, one of the routes has a larger netmask than the other. We previously mentioned that the netmask was used to break up our address space into smaller networks. The larger a netmask is, the more specifically a target address is matched; when routing datagrams, we should always choose the route that has the largest netmask. The default route has a netmask of zero bits, and in the configuration presented above, the locally attached networks have a 24-bit netmask. If a datagram matches a locally attached network, it will be routed to the appropriate device in preference to following the default route because the local network route matches with a greater number of bits. The only datagrams that will be routed via the default route are those that don't match any other route.
You can build routing tables by a variety of means. For small LANs, it is usually most efficient to construct them by hand and feed them to IP using the route command at boot time (see Chapter 5, Configuring TCP/IP Networking). For larger networks, they are built and adjusted at runtime by routing daemons; these daemons run on central hosts of the network and exchange routing information to compute "optimal" routes between the member networks.
Depending on the size of the network, you'll need to use different routing protocols. For routing inside autonomous systems (such as the Groucho Marx campus), the internal routing protocols are used. The most prominent one of these is the Routing Information Protocol (RIP), which is implemented by the BSD routed daemon. For routing between autonomous systems, external routing protocols like External Gateway Protocol (EGP) or Border Gateway Protocol (BGP) have to be used; these protocols, including RIP, have been implemented in the University of Cornell's gated daemon.
Оглавление книги
- Appendix E. Other resources and links
- The final stage of our NAT machine
- Mangle table
- Tables
- PREROUTING chain of the nat table
- Displaying the Routing Table
- 4.4.4 The Dispatcher
- About the author
- Chapter 6. Traversing of tables and chains
- Chapter 7. The state machine
- Chapter 10. Iptables matches
- Chapter 11. Iptables targets and jumps