Узбекистан, Бухара, Бухарский институт высоких технологий, 2013 |
Configuring the local network
Looking at the routing tables
You can show the routing tables with the netstat tool. Option -r shows the routing tables. For example, on freebie you might see:
# net stat -r Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default gw UGSc 9 8732 rl0 localhost localhost UH 0 1255 lo0 223.147.37 link#2 UC 0 0 presto 0:0:c0:44:a5:68 UHLW 13 139702 rl0 1151 freebie 0:a0:24:37:d:2b UHLW 3 38698 lo0 wait 0:60:97:40:fb:e1 UHLW 6 1062 rl0 645 bumble 8:0:20:e:2c:98 UHLW 2 47 rl0 1195 gw 0:60:97:40:fb:e1 UHLW 6 1062 rl0 645 broadcast ff:ff:ff:ff:ff:ff UHLWb 2 5788 rl0
There’s lot to notice about this information:
The first column is the name of a host or a network to which packets can be sent, or the keyword default.
The second column, the gateway, indicates the path to the destination. This field differs significantly even from older versions of UNIX. It can be the name of a host (for example, gw), a pointer to an interface (link#2, which means the second Internet interface; the output from ifconfig is in the same sequence), or an Ethernet address (8:0:20:e:2c:98). Older versions of UNIX do not use the last two forms.
We’ll look at the fags below. The most important ones to note are G (gateway) and H (host).
The fields Refs, Use and Expire are only of interest when you're running a routing protocol. See the man page netstat(l) for more details.
Netif is the name of the interface by which the gateway can be reached. In the case of a link, this is the interface, so the Netif field is empty.
The order of the entries is not important. The system searches the table for a best fit, not a first fit.
The default entry points to gw, as we would expect. The interface, rl0, is the interface by which gw can be reached.
You will also get some additional output for IPv6 ("Internet "). If you're not using IPv6, you can ignore it. If it gets on your nerves, you can limit your view to IPv4 by entering the command netstat -rfinet. The -f fag specifies which address family you're interested in, and inet specifies IPv4.
Flags
Compared to earlier versions of netstat, the current version displays many more fags. The following table gives you an overview.
Packet forwarding
We saw above that when a system receives packet that is not intended for itself, it looks for a route to the destination. In fact, this is not always the case: by default, FreeBSD just silently drops the packet. This is desirable for security reasons, and indeed it’s required by RFC 1122, but if you want to access the Internet via another machine on your local net, it’s less than convenient.
The rationale for this is that most systems are only connected to one network, and it doesn't make sense to have packet forwarding enabled. Earlier systems made this a kernel option, so that disabling packet forwarding also made the kernel fractionally smaller. In current versions of FreeBSD, the code is always there, even if it is disabled.
It’s straightforward enough to set up your machine as a router (or gateway): you can set it with the sysctl command:
# sysctl -w net.inet.ip.forwarding=1 net.inet.ip.forwarding: 0 -> 1
In /etc/rc.conf you can set this with the variable gateway_enable:
gateway_enable="YES " # Set to YES if this host will be a gateway.
Configuration summary
In the course of this chapter, we've discussed a number of different configurations. In this section we'll summarize the configuration for for free-gw.example.net, since it is the most complicated. You enter the following information in your /etc/rc.conf:
- Set your host name:
hostname="free-gw.exarrple. net "
- For each interface, specify IP addresses and possibly net masks for each interface on the machine:
ifconfig_rl0="inet 139.130.237.117"
The PPP interfaces are configured independently,so we won't look at them here, but we might need their addresses for static routes. The local interface address for pppO is 139.130.136.9, and the local address for ppp3 is 139.130.136.129.
- Decide on a default route. In this case, it is the gateway machine igw.example.net, with the address 139.130.237.65
defaultrouter="139.130.237.65" # Set to default gateway (or NO).
- Decide on other routes. In this case, we have two, to example.org and biguser.com. List them in the variable static_routes:
static_routes="freebie biguser" # Set to static route list
- For each static route, create a variable describing the route:
route_freebie="-net 223.147.37.0 139.130.136.133" route_biguser="-net 223.147.38.0 -iface ppp0"
- Enable IP forwarding:
gateway enable="YES " # Set to YES if this host will be a gateway.
Without the comments, this gives the following entries:
hostname="free-gw.example.net" ifconfig_rl0="inet 139.130.237.117" default router="139.130.237.65" # Set to default gateway (or NO). static_routes="freebie biguser" # Set to static route list route_freebie="-net 223.147.37.0 139.130.136.133" route_biguser="-net 223.147.38.0 -iface ppp0" gateway enable="YES " # Set to YES if this host will be a gateway.
For machine configured with DHCP, you might have:
hostname="andante.example.net" ifconfig_wi0=DHCP