mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-12-29 15:10:57 +01:00
bcff8e2ae4
Down to only about 100 items left to cleanup! :-)
349 lines
10 KiB
Groff
349 lines
10 KiB
Groff
.\" Copyright (c) 1983, 1991, 1993
|
|
.\" The Regents of the University of California. All rights reserved.
|
|
.\"
|
|
.\" Redistribution and use in source and binary forms, with or without
|
|
.\" modification, are permitted provided that the following conditions
|
|
.\" are met:
|
|
.\" 1. Redistributions of source code must retain the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer.
|
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer in the
|
|
.\" documentation and/or other materials provided with the distribution.
|
|
.\" 3. All advertising materials mentioning features or use of this software
|
|
.\" must display the following acknowledgement:
|
|
.\" This product includes software developed by the University of
|
|
.\" California, Berkeley and its contributors.
|
|
.\" 4. Neither the name of the University nor the names of its contributors
|
|
.\" may be used to endorse or promote products derived from this software
|
|
.\" without specific prior written permission.
|
|
.\"
|
|
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
.\" SUCH DAMAGE.
|
|
.\"
|
|
.\" @(#)routed.8 8.2 (Berkeley) 12/11/93
|
|
.\"
|
|
.Dd December 11, 1993
|
|
.Dt ROUTED 8
|
|
.Os BSD 4.2
|
|
.Sh NAME
|
|
.Nm routed
|
|
.Nd network routing daemon
|
|
.Sh SYNOPSIS
|
|
.Nm routed
|
|
.Op Fl d
|
|
.Op Fl g
|
|
.Op Fl q
|
|
.Op Fl s
|
|
.Op Fl t
|
|
.Op Ar logfile
|
|
.Sh DESCRIPTION
|
|
.Nm Routed
|
|
is invoked at boot time to manage the network routing tables.
|
|
The routing daemon uses a variant of the Xerox NS Routing
|
|
Information Protocol in maintaining up to date kernel routing
|
|
table entries.
|
|
It used a generalized protocol capable of use with multiple
|
|
address types, but is currently used only for Internet routing
|
|
within a cluster of networks.
|
|
.Pp
|
|
In normal operation
|
|
.Nm routed
|
|
listens on the
|
|
.Xr udp 4
|
|
socket for the
|
|
.Xr route 8
|
|
service (see
|
|
.Xr services 5 )
|
|
for routing information packets. If the host is an
|
|
internetwork router, it periodically supplies copies
|
|
of its routing tables to any directly connected hosts
|
|
and networks.
|
|
.Pp
|
|
When
|
|
.Nm routed
|
|
is started, it uses the
|
|
.Dv SIOCGIFCONF
|
|
.Xr ioctl 2
|
|
to find those
|
|
directly connected interfaces configured into the
|
|
system and marked ``up'' (the software loopback interface
|
|
is ignored). If multiple interfaces
|
|
are present, it is assumed that the host will forward packets
|
|
between networks.
|
|
.Nm Routed
|
|
then transmits a
|
|
.Em request
|
|
packet on each interface (using a broadcast packet if
|
|
the interface supports it) and enters a loop, listening
|
|
for
|
|
.Em request
|
|
and
|
|
.Em response
|
|
packets from other hosts.
|
|
.Pp
|
|
When a
|
|
.Em request
|
|
packet is received,
|
|
.Nm routed
|
|
formulates a reply based on the information maintained in its
|
|
internal tables. The
|
|
.Em response
|
|
packet generated contains a list of known routes, each marked
|
|
with a ``hop count'' metric (a count of 16, or greater, is
|
|
considered ``infinite''). The metric associated with each
|
|
route returned provides a metric
|
|
.Em relative to the sender .
|
|
.Pp
|
|
.Em Response
|
|
packets received by
|
|
.Nm routed
|
|
are used to update the routing tables if one of the following
|
|
conditions is satisfied:
|
|
.Bl -enum
|
|
.It
|
|
No routing table entry exists for the destination network
|
|
or host, and the metric indicates the destination is ``reachable''
|
|
(i.e. the hop count is not infinite).
|
|
.It
|
|
The source host of the packet is the same as the router in the
|
|
existing routing table entry. That is, updated information is
|
|
being received from the very internetwork router through which
|
|
packets for the destination are being routed.
|
|
.It
|
|
The existing entry in the routing table has not been updated for
|
|
some time (defined to be 90 seconds) and the route is at least
|
|
as cost effective as the current route.
|
|
.It
|
|
The new route describes a shorter route to the destination than
|
|
the one currently stored in the routing tables; the metric of
|
|
the new route is compared against the one stored in the table
|
|
to decide this.
|
|
.El
|
|
.Pp
|
|
When an update is applied,
|
|
.Nm routed
|
|
records the change in its internal tables and updates the kernel
|
|
routing table.
|
|
The change is reflected in the next
|
|
.Em response
|
|
packet sent.
|
|
.Pp
|
|
In addition to processing incoming packets,
|
|
.Nm routed
|
|
also periodically checks the routing table entries.
|
|
If an entry has not been updated for 3 minutes, the entry's metric
|
|
is set to infinity and marked for deletion. Deletions are delayed
|
|
an additional 60 seconds to insure the invalidation is propagated
|
|
throughout the local internet.
|
|
.Pp
|
|
Hosts acting as internetwork routers gratuitously supply their
|
|
routing tables every 30 seconds to all directly connected hosts
|
|
and networks.
|
|
The response is sent to the broadcast address on nets capable of that function,
|
|
to the destination address on point-to-point links, and to the router's
|
|
own address on other networks.
|
|
The normal routing tables are bypassed when sending gratuitous responses.
|
|
The reception of responses on each network is used to determine that the
|
|
network and interface are functioning correctly.
|
|
If no response is received on an interface, another route may be chosen
|
|
to route around the interface, or the route may be dropped if no alternative
|
|
is available.
|
|
.Pp
|
|
Options supported by
|
|
.Nm routed :
|
|
.Bl -tag -width Ds
|
|
.It Fl d
|
|
Enable additional debugging information to be logged,
|
|
such as bad packets received.
|
|
.It Fl g
|
|
This flag is used on internetwork routers to offer a route
|
|
to the ``default'' destination.
|
|
This is typically used on a gateway to the Internet,
|
|
or on a gateway that uses another routing protocol whose routes
|
|
are not reported to other local routers.
|
|
.It Fl s
|
|
Supplying this
|
|
option forces
|
|
.Nm routed
|
|
to supply routing information whether it is acting as an internetwork
|
|
router or not.
|
|
This is the default if multiple network interfaces are present,
|
|
or if a point-to-point link is in use.
|
|
.It Fl q
|
|
This
|
|
is the opposite of the
|
|
.Fl s
|
|
option.
|
|
.It Fl t
|
|
If the
|
|
.Fl t
|
|
option is specified, all packets sent or received are
|
|
printed on the standard output. In addition,
|
|
.Nm routed
|
|
will not divorce itself from the controlling terminal
|
|
so that interrupts from the keyboard will kill the process.
|
|
.El
|
|
.Pp
|
|
Any other argument supplied is interpreted as the name
|
|
of file in which
|
|
.Nm routed Ns \'s
|
|
actions should be logged. This log contains information
|
|
about any changes to the routing tables and, if not tracing all packets,
|
|
a history of recent messages sent and received which are related to
|
|
the changed route.
|
|
.Pp
|
|
In addition to the facilities described above,
|
|
.Nm routed
|
|
supports the notion of ``distant''
|
|
.Em passive
|
|
and
|
|
.Em active
|
|
gateways. When
|
|
.Nm routed
|
|
is started up, it reads the file
|
|
.Pa /etc/gateways
|
|
to find gateways which may not be located using
|
|
only information from the
|
|
.Dv SIOCGIFCONF
|
|
.Xr ioctl 2 .
|
|
Gateways specified in this manner should be marked passive
|
|
if they are not expected to exchange routing information,
|
|
while gateways marked active
|
|
should be willing to exchange routing information (i.e.
|
|
they should have a
|
|
.Nm routed
|
|
process running on the machine).
|
|
Routes through passive gateways are installed in the
|
|
kernel's routing tables once upon startup.
|
|
Such routes are not included in
|
|
any routing information transmitted.
|
|
Active gateways are treated equally to network
|
|
interfaces. Routing information is distributed
|
|
to the gateway and if no routing information is
|
|
received for a period of time, the associated
|
|
route is deleted.
|
|
Gateways marked
|
|
.Em external
|
|
are also passive, but are not placed in the kernel
|
|
routing table nor are they included in routing updates.
|
|
The function of external entries is to inform
|
|
.Nm routed
|
|
that another routing process
|
|
will install such a route, and that alternate routes to that destination
|
|
should not be installed.
|
|
Such entries are only required when both routers may learn of routes
|
|
to the same destination.
|
|
.Pp
|
|
The
|
|
.Pa /etc/gateways
|
|
is comprised of a series of lines, each in
|
|
the following format:
|
|
.Bd -ragged
|
|
.Pf < Cm net No \&|
|
|
.Cm host Ns >
|
|
.Ar name1
|
|
.Cm gateway
|
|
.Ar name2
|
|
.Cm metric
|
|
.Ar value
|
|
.Pf < Cm passive No \&|
|
|
.Cm external Ns >
|
|
.Ed
|
|
.Pp
|
|
The
|
|
.Cm net
|
|
or
|
|
.Cm host
|
|
keyword indicates if the route is to a network or specific host.
|
|
.Pp
|
|
.Ar Name1
|
|
is the name of the destination network or host. This may be a
|
|
symbolic name located in
|
|
.Pa /etc/networks
|
|
or
|
|
.Pa /etc/hosts
|
|
(or, if started after
|
|
.Xr named 8 ,
|
|
known to the name server),
|
|
or an Internet address specified in ``dot'' notation; see
|
|
.Xr inet 3 .
|
|
.Pp
|
|
.Ar Name2
|
|
is the name or address of the gateway to which messages should
|
|
be forwarded.
|
|
.Pp
|
|
.Ar Value
|
|
is a metric indicating the hop count to the destination host
|
|
or network.
|
|
.Pp
|
|
One of the keywords
|
|
.Cm passive
|
|
or
|
|
.Cm external
|
|
indicates if the gateway should be treated as
|
|
.Em passive
|
|
or
|
|
.Em active
|
|
(as described above),
|
|
or whether the gateway is
|
|
.Em external
|
|
to the scope of the
|
|
.Nm routed
|
|
protocol.
|
|
.Sh FILES
|
|
.Bl -tag -width /etc/gateways -compact
|
|
.It Pa /etc/gateways
|
|
for distant gateways
|
|
.El
|
|
.Sh SEE ALSO
|
|
.Xr udp 4 ,
|
|
.Xr icmp 4 ,
|
|
.Xr IPXrouted 8
|
|
.\" .Xr XNSrouted 8 ,
|
|
.\" .Xr htable 8
|
|
.Rs
|
|
.%T Internet Transport Protocols
|
|
.%R XSIS 028112
|
|
.%Q Xerox System Integration Standard
|
|
.Re
|
|
.Sh BUGS
|
|
The kernel's routing tables may not correspond to those of
|
|
.Nm routed
|
|
when redirects change or add routes.
|
|
.Nm Routed
|
|
should note any redirects received by reading
|
|
the
|
|
.Tn ICMP
|
|
packets received via a raw socket.
|
|
.Pp
|
|
.Nm Routed
|
|
should incorporate other routing protocols,
|
|
such as Xerox
|
|
.Tn \&NS
|
|
.Pq Xr XNSrouted 8
|
|
and
|
|
.Tn EGP .
|
|
Using separate processes for each requires configuration options
|
|
to avoid redundant or competing routes.
|
|
.Pp
|
|
.Nm Routed
|
|
should listen to intelligent interfaces, such as an
|
|
.Tn IMP ,
|
|
to gather more information.
|
|
It does not always detect unidirectional failures in network interfaces
|
|
(e.g., when the output side fails).
|
|
.Sh HISTORY
|
|
The
|
|
.Nm
|
|
command appeared in
|
|
.Bx 4.2 .
|