os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

White space fix only. Translators can ignore.

Browse source 
Sponsored by: iXsystems
This commit is contained in:
Dru Lavigne 2014-03-06 02:34:17 +00:00
parent 178e814996
commit b41196460e
Notes: svn2git 2020-12-08 03:00:23 +00:00 
svn path=/head/; revision=44144
1 changed files with 223 additions and 218 deletions

441
en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml
View file

@ -104,20 +104,19 @@
</indexterm>
<para><firstterm>Routing</firstterm> is the mechanism that allows
a system to find the network path to another system.
A <firstterm>route</firstterm> is a
defined pair of addresses which represent the <quote>destination</quote> and a
a system to find the network path to another system. A
<firstterm>route</firstterm> is a defined pair of addresses
which represent the <quote>destination</quote> and a
<quote>gateway</quote>. The route indicates that when trying
to get to the specified destination, send the packets
through the specified gateway. There are three
types of destinations: individual hosts, subnets, and
<quote>default</quote>. The <quote>default route</quote> is
used if no other routes apply. There are also three
types of gateways: individual hosts, interfaces, also called
links, and Ethernet hardware
to get to the specified destination, send the packets through
the specified gateway. There are three types of destinations:
individual hosts, subnets, and <quote>default</quote>. The
<quote>default route</quote> is used if no other routes apply.
There are also three types of gateways: individual hosts,
interfaces, also called links, and Ethernet hardware
(<acronym>MAC</acronym>) addresses. Known routes are stored in
a routing table.</para>
<para>This section provides an overview of routing basics. It
then demonstrates how to configure a &os; system as a router and
offers some troubleshooting tips.</para>
@ -125,7 +124,8 @@
<sect2 xml:id="network-routing-default">
<title>Routing Basics</title>
<para>To view the routing table of a &os; system, use &man.netstat.1;:</para>
<para>To view the routing table of a &os; system, use
&man.netstat.1;:</para>
<screen>&prompt.user; <userinput>netstat -r</userinput>
Routing tables
@ -148,111 +148,120 @@ host2.example.com link#1 UC 0 0
<varlistentry>
<term>default</term>
<listitem>
<para>The first route in this table specifies the <literal>default</literal>
route. When the local system needs to make a connection to a
remote host, it checks the routing table to determine if a
known path exists. If the remote host matches an entry in the
table, the system checks to see if it
can connect using the interface specified in that entry.</para>
<para>The first route in this table specifies the
<literal>default</literal> route. When the local system
needs to make a connection to a remote host, it checks
the routing table to determine if a known path exists.
If the remote host matches an entry in the table, the
system checks to see if it can connect using the
interface specified in that entry.</para>
<para>If the destination does not match an entry, or if all known
paths fail, the system uses the entry for the
default route. For hosts on a local area network, the
<literal>Gateway</literal> field in the default route is set
to the system which has a direct connection to
the Internet. When reading this entry, verify that the
<literal>Flags</literal> column indicates that the gateway is
usable (<literal>UG</literal>).</para>
<para>If the destination does not match an entry, or if
all known paths fail, the system uses the entry for the
default route. For hosts on a local area network, the
<literal>Gateway</literal> field in the default route is
set to the system which has a direct connection to the
Internet. When reading this entry, verify that the
<literal>Flags</literal> column indicates that the
gateway is usable (<literal>UG</literal>).</para>
<para>The default route for a machine which itself is
functioning as the gateway to the outside world will be the
gateway machine at the Internet Service Provider
(<acronym>ISP</acronym>).</para>
</listitem>
</varlistentry>
<para>The default route for a machine which itself is
functioning as the gateway to the outside world will be
the gateway machine at the Internet Service Provider
(<acronym>ISP</acronym>).</para>
</listitem>
</varlistentry>
<varlistentry>
<term>localhost</term>
<listitem>
<para>The second route is the <literal>localhost</literal> route.
The interface specified in the <literal>Netif</literal> column
for <literal>localhost</literal> is <filename>lo0</filename>,
also known as the loopback device. This indicates that all
traffic for this destination should be internal, rather than sending it
out over the network.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>localhost</term>
<listitem>
<para>The second route is the <literal>localhost</literal>
route. The interface specified in the
<literal>Netif</literal> column for
<literal>localhost</literal> is
<filename>lo0</filename>, also known as the loopback
device. This indicates that all traffic for this
destination should be internal, rather than sending it
out over the network.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>MAC address</term>
<listitem>
<para>The addresses beginning with <systemitem
class="etheraddress">0:e0:</systemitem> are <acronym>MAC</acronym>
addresses. &os; will automatically identify any hosts,
<systemitem>test0</systemitem> in the example, on the local
Ethernet and add a route for that host over the Ethernet
interface, <filename>re0</filename>. This type of route has a
timeout, seen in the <literal>Expire</literal> column, which
is used if the host does not respond in a specific amount of
time. When this happens, the route to this host will be
automatically deleted. These hosts are identified using the
Routing Information Protocol (<acronym>RIP</acronym>), which
calculates routes to local hosts based upon a shortest path
determination.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>MAC address</term>
<listitem>
<para>The addresses beginning with <systemitem
class="etheraddress">0:e0:</systemitem> are
<acronym>MAC</acronym> addresses. &os; will
automatically identify any hosts,
<systemitem>test0</systemitem> in the example, on the
local Ethernet and add a route for that host over the
Ethernet interface, <filename>re0</filename>. This type
of route has a timeout, seen in the
<literal>Expire</literal> column, which is used if the
host does not respond in a specific amount of time.
When this happens, the route to this host will be
automatically deleted. These hosts are identified using
the Routing Information Protocol
(<acronym>RIP</acronym>), which calculates routes to
local hosts based upon a shortest path
determination.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>subnet</term>
<listitem>
<para>&os; will automatically add subnet routes for the local subnet.
In this example, <systemitem class="ipaddress">10.20.30.255</systemitem> is the
broadcast address for the subnet <systemitem
class="ipaddress">10.20.30</systemitem> and <systemitem
class="fqdomainname">example.com</systemitem> is the domain
name associated with that subnet. The designation
<literal>link#1</literal> refers to the first Ethernet card in
the machine.</para>
<varlistentry>
<term>subnet</term>
<listitem>
<para>&os; will automatically add subnet routes for the
local subnet. In this example, <systemitem
class="ipaddress">10.20.30.255</systemitem> is the
broadcast address for the subnet <systemitem
class="ipaddress">10.20.30</systemitem> and
<systemitem
class="fqdomainname">example.com</systemitem> is the
domain name associated with that subnet. The
designation <literal>link#1</literal> refers to the
first Ethernet card in the machine.</para>
<para>Local network hosts and local subnets have their routes
automatically configured by a daemon called &man.routed.8;.
If it is not running, only routes which are statically defined
by the administrator will exist.</para>
</listitem>
</varlistentry>
<para>Local network hosts and local subnets have their
routes automatically configured by a daemon called
&man.routed.8;. If it is not running, only routes which
are statically defined by the administrator will
exist.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>host</term>
<listitem>
<para>The <literal>host1</literal> line refers to the host
by its Ethernet address. Since it is the sending host, &os;
knows to use the loopback interface
(<filename>lo0</filename>) rather than the Ethernet
interface.</para>
<varlistentry>
<term>host</term>
<listitem>
<para>The <literal>host1</literal> line refers to the host
by its Ethernet address. Since it is the sending host,
&os; knows to use the loopback interface
(<filename>lo0</filename>) rather than the Ethernet
interface.</para>
<para>The two <literal>host2</literal> lines represent aliases
which were created using &man.ifconfig.8;. The
<literal>=&gt;</literal> symbol after the
<filename>lo0</filename> interface says that an alias has been
set in addition to the loopback address. Such routes only
show up on the host that supports the alias and all other hosts
on the local network will have a
<literal>link#1</literal> line for such routes.</para>
</listitem>
</varlistentry>
<para>The two <literal>host2</literal> lines represent
aliases which were created using &man.ifconfig.8;. The
<literal>=&gt;</literal> symbol after the
<filename>lo0</filename> interface says that an alias
has been set in addition to the loopback address. Such
routes only show up on the host that supports the alias
and all other hosts on the local network will have a
<literal>link#1</literal> line for such routes.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>224</term>
<listitem>
<para>The final line (destination subnet <systemitem
class="ipaddress">224</systemitem>) deals with
multicasting.</para>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>224</term>
<listitem>
<para>The final line (destination subnet <systemitem
class="ipaddress">224</systemitem>) deals with
multicasting.</para>
</listitem>
</varlistentry>
</variablelist>
<para>Various attributes of each route can be seen in
the <literal>Flags</literal> column. <xref linkend="routeflags"/>
<para>Various attributes of each route can be seen in the
<literal>Flags</literal> column. <xref linkend="routeflags"/>
summarizes some of these flags and their meanings:</para>
<table xml:id="routeflags" frame="none" pgwide="1">
@ -274,15 +283,14 @@ host2.example.com link#1 UC 0 0
<row>
<entry>H</entry>
<entry>The route destination is a single
host.</entry>
<entry>The route destination is a single host.</entry>
</row>
<row>
<entry>G</entry>
<entry>Send anything for this destination on to
this gateway, which will figure out from there
where to send it.</entry>
<entry>Send anything for this destination on to this
gateway, which will figure out from there where to
send it.</entry>
</row>
<row>
@ -292,16 +300,15 @@ host2.example.com link#1 UC 0 0
<row>
<entry>C</entry>
<entry>Clones a new route based upon this
route for machines to connect to. This type of route
is normally used for local networks.</entry>
<entry>Clones a new route based upon this route for
machines to connect to. This type of route is
normally used for local networks.</entry>
</row>
<row>
<entry>W</entry>
<entry>The route was
auto-configured based upon a local area network
(clone) route.</entry>
<entry>The route was auto-configured based upon a local
area network (clone) route.</entry>
</row>
<row>
@ -326,7 +333,7 @@ host2.example.com link#1 UC 0 0
<para>Note that manually added routes will not survive a reboot.
For more information on manual manipulation of network
routing tables, refer to &man.route.8;.</para>
routing tables, refer to &man.route.8;.</para>
</sect2>
<sect2 xml:id="network-static-routes">
@ -352,20 +359,20 @@ host2.example.com link#1 UC 0 0
<para>A &os; system can be configured as the default gateway, or
router, for a network if it is a dual-homed system. A
dual-homed system is a host which resides on at least two
different networks. Typically, each network is connected to a separate
network interface, though <acronym>IP</acronym> aliasing can
be used to bind multiple addresses, each on a different
subnet, to one physical interface.</para>
different networks. Typically, each network is connected to a
separate network interface, though <acronym>IP</acronym>
aliasing can be used to bind multiple addresses, each on a
different subnet, to one physical interface.</para>
<indexterm>
<primary>router</primary>
</indexterm>
<para>In order for the system to forward packets between
interfaces, &os; must be configured as a router. Internet standards and good
engineering practice prevent the &os; Project from enabling
this feature by default, but it can be configured to start at boot
by adding this line to
interfaces, &os; must be configured as a router. Internet
standards and good engineering practice prevent the &os;
Project from enabling this feature by default, but it can be
configured to start at boot by adding this line to
<filename>/etc/rc.conf</filename>:</para>
<programlisting>gateway_enable="YES" # Set to YES if this host will be a gateway</programlisting>
@ -387,31 +394,30 @@ host2.example.com link#1 UC 0 0
<para>The routing table of a router needs additional routes so
it knows how to reach other networks. Routes can be either
added manually using
static routes or routes can be automatically learned using a routing protocol.
Static routes are appropriate for small networks and this
section describes how to add a static routing entry for a
small network.</para>
added manually using static routes or routes can be
automatically learned using a routing protocol. Static routes
are appropriate for small networks and this section describes
how to add a static routing entry for a small network.</para>
<note>
<note>
<para>For large networks, static routes quickly become
unscalable. &os; comes with the standard <acronym>BSD</acronym> routing daemon
&man.routed.8;, which provides the routing protocols <acronym>RIP</acronym>, versions
1 and 2, and <acronym>IRDP</acronym>. Support for the
<acronym>BGP</acronym> and <acronym>OSPF</acronym>
routing protocols can be installed using the
<package>net/zebra</package> package or
port.</para>
unscalable. &os; comes with the standard
<acronym>BSD</acronym> routing daemon &man.routed.8;, which
provides the routing protocols <acronym>RIP</acronym>,
versions 1 and 2, and <acronym>IRDP</acronym>. Support for
the <acronym>BGP</acronym> and <acronym>OSPF</acronym>
routing protocols can be installed using the
<package>net/zebra</package> package or port.</para>
</note>
<para>Consider the following network:</para>
<para>Consider the following network:</para>
<mediaobject>
<imageobject>
<imagedata fileref="advanced-networking/static-routes"/>
</imageobject>
<mediaobject>
<imageobject>
<imagedata fileref="advanced-networking/static-routes"/>
</imageobject>
<textobject>
<textobject>
<literallayout class="monospaced">
INTERNET
| (10.0.0.1/24) Default Router to Internet
@ -435,23 +441,22 @@ host2.example.com link#1 UC 0 0
| 192.168.2.1/24
|
Internal Net 2</literallayout>
</textobject>
</mediaobject>
</textobject>
</mediaobject>
<para>In this scenario, <systemitem>RouterA</systemitem> is a
&os; machine that is acting as a router to the rest of the
Internet. It has a default route set to <systemitem
class="ipaddress">10.0.0.1</systemitem> which allows it to
connect with the outside world.
<systemitem>RouterB</systemitem> is already configured
to use <systemitem
class="ipaddress">192.168.1.1</systemitem> as its default
gateway.</para>
<para>In this scenario, <systemitem>RouterA</systemitem> is a
&os; machine that is acting as a router to the rest of the
Internet. It has a default route set to <systemitem
class="ipaddress">10.0.0.1</systemitem> which allows it to
connect with the outside world.
<systemitem>RouterB</systemitem> is already configured to use
<systemitem class="ipaddress">192.168.1.1</systemitem> as its
default gateway.</para>
<para>Before adding any static routes, the routing table on <systemitem>RouterA</systemitem>
looks like this:</para>
<para>Before adding any static routes, the routing table on
<systemitem>RouterA</systemitem> looks like this:</para>
<screen>&prompt.user; <userinput>netstat -nr</userinput>
<screen>&prompt.user; <userinput>netstat -nr</userinput>
Routing tables
Internet:
@ -461,56 +466,55 @@ default 10.0.0.1 UGS 0 49378 xl0
10.0.0.0/24 link#1 UC 0 0 xl0
192.168.1.0/24 link#2 UC 0 0 xl1</screen>
<para>With the current routing table,
<systemitem>RouterA</systemitem>
does not have a route to the <systemitem
class="ipaddress">192.168.2.0/24</systemitem> network. The
following command adds the <literal>Internal Net 2</literal> network to
<systemitem>RouterA</systemitem>'s routing table using
<systemitem class="ipaddress">192.168.1.2</systemitem> as
the next hop:</para>
<para>With the current routing table,
<systemitem>RouterA</systemitem> does not have a route to the
<systemitem class="ipaddress">192.168.2.0/24</systemitem>
network. The following command adds the <literal>Internal Net
2</literal> network to <systemitem>RouterA</systemitem>'s
routing table using <systemitem
class="ipaddress">192.168.1.2</systemitem> as the next
hop:</para>
<screen>&prompt.root; <userinput>route add -net 192.168.2.0/24 192.168.1.2</userinput></screen>
<screen>&prompt.root; <userinput>route add -net 192.168.2.0/24 192.168.1.2</userinput></screen>
<para>Now, <systemitem>RouterA</systemitem> can reach any host
on the <systemitem
class="ipaddress">192.168.2.0/24</systemitem>
network. However, the routing information will not
persist if the &os; system reboots. If a static route needs
to be persistent, add it to
<filename>/etc/rc.conf</filename>:</para>
<para>Now, <systemitem>RouterA</systemitem> can reach any host
on the <systemitem
class="ipaddress">192.168.2.0/24</systemitem> network.
However, the routing information will not persist if the &os;
system reboots. If a static route needs to be persistent, add
it to <filename>/etc/rc.conf</filename>:</para>
<programlisting># Add Internal Net 2 as a persistent static route
<programlisting># Add Internal Net 2 as a persistent static route
static_routes="internalnet2"
route_internalnet2="-net 192.168.2.0/24 192.168.1.2"</programlisting>
<para>The <literal>static_routes</literal> configuration
variable is a list of strings separated by a space, where
each string references a route name. The variable
<literal>route_internalnet2</literal>
contains the static route for that route name.</para>
<para>The <literal>static_routes</literal> configuration
variable is a list of strings separated by a space, where
each string references a route name. The variable
<literal>route_internalnet2</literal> contains the static
route for that route name.</para>
<para>Using more than one string in
<literal>static_routes</literal> creates multiple static
routes. The following shows an example of adding static
routes for the <systemitem
class="ipaddress">192.168.0.0/24</systemitem> and
<systemitem class="ipaddress">192.168.1.0/24</systemitem>
networks:</para>
<para>Using more than one string in
<literal>static_routes</literal> creates multiple static
routes. The following shows an example of adding static
routes for the <systemitem
class="ipaddress">192.168.0.0/24</systemitem> and
<systemitem class="ipaddress">192.168.1.0/24</systemitem>
networks:</para>
<programlisting>static_routes="net1 net2"
<programlisting>static_routes="net1 net2"
route_net1="-net 192.168.0.0/24 192.168.0.1"
route_net2="-net 192.168.1.0/24 192.168.1.1"</programlisting>
</sect2>
<sect2 xml:id="network-routing-troubleshooting">
<sect2 xml:id="network-routing-troubleshooting">
<title>Troubleshooting</title>
<para>When an address space is assigned to a network, the
service provider configures their routing tables so that all
traffic for the network will be sent to the link for the
site. But how do external sites know to send their packets
to the network's <acronym>ISP</acronym>?</para>
traffic for the network will be sent to the link for the site.
But how do external sites know to send their packets to the
network's <acronym>ISP</acronym>?</para>
<para>There is a system that keeps track of all assigned
address spaces and defines their point of connection to the
@ -530,17 +534,18 @@ route_net2="-net 192.168.1.0/24 192.168.1.1"</programlisting>
<primary>&man.traceroute.8;</primary>
</indexterm>
<para>Sometimes, there is a problem with route propagation
and some sites are unable to connect. Perhaps the most
useful command for trying to figure out where routing is
breaking down is <command>traceroute</command>. It is useful when
<para>Sometimes, there is a problem with route propagation and
some sites are unable to connect. Perhaps the most useful
command for trying to figure out where routing is breaking
down is <command>traceroute</command>. It is useful when
<command>ping</command> fails.</para>
<para>When using <command>traceroute</command>, include the address of the
remote host to connect to. The output will show the gateway
hosts along the path of the attempt, eventually either
reaching the target host, or terminating because of a lack of
connection. For more information, refer to &man.traceroute.8;.</para>
<para>When using <command>traceroute</command>, include the
address of the remote host to connect to. The output will
show the gateway hosts along the path of the attempt,
eventually either reaching the target host, or terminating
because of a lack of connection. For more information, refer
to &man.traceroute.8;.</para>
</sect2>
<sect2 xml:id="network-routing-multicast">
@ -556,29 +561,29 @@ route_net2="-net 192.168.1.0/24 192.168.1.1"</programlisting>
<para>&os; natively supports both multicast applications and
multicast routing. Multicast applications do not require any
special configuration in order to
run on &os;. Support for multicast routing requires that the
following option
be compiled into a custom kernel:</para>
special configuration in order to run on &os;. Support for
multicast routing requires that the following option be
compiled into a custom kernel:</para>
<programlisting>options MROUTING</programlisting>
<para>The multicast routing daemon,
<application>mrouted</application> can be installed
using the <package>net/mrouted</package> package or port.
This daemon implements
the <acronym>DVMRP</acronym> multicast routing protocol and is
configured by editing <filename>/usr/local/etc/mrouted.conf</filename>
in order to set up the tunnels and <acronym>DVMRP</acronym>.
The installation of <application>mrouted</application> also installs
<application>map-mbone</application> and
<application>mrouted</application> can be installed using the
<package>net/mrouted</package> package or port. This daemon
implements the <acronym>DVMRP</acronym> multicast routing
protocol and is configured by editing
<filename>/usr/local/etc/mrouted.conf</filename> in order to
set up the tunnels and <acronym>DVMRP</acronym>. The
installation of <application>mrouted</application> also
installs <application>map-mbone</application> and
<application>mrinfo</application>, as well as their associated
man pages. Refer to these for configuration examples.</para>
<note>
<para><acronym>DVMRP</acronym> has largely been replaced by the
<acronym>PIM</acronym> protocol in many
multicast installations. Refer to &man.pim.4; for more information.</para>
<para><acronym>DVMRP</acronym> has largely been replaced by
the <acronym>PIM</acronym> protocol in many multicast
installations. Refer to &man.pim.4; for more
information.</para>
</note>
</sect2>
</sect1>