From owner-svn-doc-all@FreeBSD.ORG Thu Mar 6 02:08:28 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 036346DD; Thu, 6 Mar 2014 02:08:28 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id E3B2BBDF; Thu, 6 Mar 2014 02:08:27 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2628RqQ026166; Thu, 6 Mar 2014 02:08:27 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2628R65026165; Thu, 6 Mar 2014 02:08:27 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403060208.s2628R65026165@svn.freebsd.org> From: Dru Lavigne Date: Thu, 6 Mar 2014 02:08:27 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44143 - head/en_US.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Mar 2014 02:08:28 -0000 Author: dru Date: Thu Mar 6 02:08:27 2014 New Revision: 44143 URL: http://svnweb.freebsd.org/changeset/doc/44143 Log: Finish editorial pass through Routing chapter. The section on Multicast needs more content and a working example. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Wed Mar 5 22:34:26 2014 (r44142) +++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Thu Mar 6 02:08:27 2014 (r44143) @@ -349,44 +349,30 @@ host2.example.com link#1 UC dual homed hosts - A dual-homed system is a host which resides on two - different networks. - - The dual-homed machine might have two Ethernet cards, each - having an address on a separate subnet. Alternately, the - machine can have one Ethernet card and uses &man.ifconfig.8; - aliasing. The former is used if two physically separate - Ethernet networks are in use and the latter if there is one - physical network segment, but two logically separate - subnets. - - Either way, routing tables are set up so that each subnet - knows that this machine is the defined gateway (inbound route) - to the other subnet. This configuration, with the machine - acting as a router between the two subnets, is often used - to implement packet filtering or firewall security in - either or both directions. - - For this machine to forward packets between the two - interfaces, &os; must be configured as a router, as - demonstrated in the next section. + A &os; system can be configured as the default gateway, or + router, for a network if it is a dual-homed system. A + dual-homed system is a host which resides on at least two + different networks. Typically, each network is connected to a separate + network interface, though IP aliasing can + be used to bind multiple addresses, each on a different + subnet, to one physical interface. router - A network router is a system that forwards packets from - one interface to another. Internet standards and good + In order for the system to forward packets between + interfaces, &os; must be configured as a router. Internet standards and good engineering practice prevent the &os; Project from enabling - this by default in &os;. This feature can be enabled by - changing the following variable to YES in - &man.rc.conf.5;: + this feature by default, but it can be configured to start at boot + by adding this line to + /etc/rc.conf: gateway_enable="YES" # Set to YES if this host will be a gateway - This option will set the &man.sysctl.8; variable + To enable routing now, set the &man.sysctl.8; variable net.inet.ip.forwarding to - 1. To stop routing, reset this to + 1. To stop routing, reset this variable to 0. @@ -399,15 +385,24 @@ host2.example.com link#1 UC OSPF - The new router will need routes to know where to send the - traffic. If the network is simple enough, static routes can - be used. &os; comes with the standard BSD routing daemon - &man.routed.8;, which speaks RIP versions - 1 and 2, and IRDP. Support for - BGPv4, OSPFv2, and other - sophisticated routing protocols is available with the + The routing table of a router needs additional routes so + it knows how to reach other networks. Routes can be either + added manually using + static routes or routes can be automatically learned using a routing protocol. + Static routes are appropriate for small networks and this + section describes how to add a static routing entry for a + small network. + + + For large networks, static routes quickly become + unscalable. &os; comes with the standard BSD routing daemon + &man.routed.8;, which provides the routing protocols RIP, versions + 1 and 2, and IRDP. Support for the + BGP and OSPF + routing protocols can be installed using the net/zebra package or port. + Consider the following network: @@ -449,12 +444,12 @@ host2.example.com link#1 UC class="ipaddress">10.0.0.1 which allows it to connect with the outside world. RouterB is already configured - properly as it uses 192.168.1.1 as the + to use 192.168.1.1 as its default gateway. - The routing table on RouterA - looks something like this: + Before adding any static routes, the routing table on RouterA + looks like this: &prompt.user; netstat -nr Routing tables @@ -467,45 +462,33 @@ default 10.0.0.1 UG 192.168.1.0/24 link#2 UC 0 0 xl1 With the current routing table, - RouterA cannot reach Internal Net - 2 as it does not have a route for 192.168.2.0/24. The - following command adds the Internal Net 2 network to + RouterA + does not have a route to the 192.168.2.0/24 network. The + following command adds the Internal Net 2 network to RouterA's routing table using 192.168.1.2 as the next hop: &prompt.root; route add -net 192.168.2.0/24 192.168.1.2 - Now RouterA can reach any hosts + Now, RouterA can reach any host on the 192.168.2.0/24 - network. - - - Persistent Configuration - - The above example configures a static route on a - running system. However, the routing information will not - persist if the &os; system reboots. Persistent static - routes can be entered in + network. However, the routing information will not + persist if the &os; system reboots. If a static route needs + to be persistent, add it to /etc/rc.conf: - # Add Internal Net 2 as a static route + # Add Internal Net 2 as a persistent static route static_routes="internalnet2" route_internalnet2="-net 192.168.2.0/24 192.168.1.2" The static_routes configuration variable is a list of strings separated by a space, where - each string references a route name. This example only - has one string in static_routes, - internalnet2. The variable + each string references a route name. The variable route_internalnet2 - contains all of the configuration parameters to - &man.route.8;. This example is equivalent to the - command: - - &prompt.root; route add -net 192.168.2.0/24 192.168.1.2 + contains the static route for that route name. Using more than one string in static_routes creates multiple static @@ -518,11 +501,10 @@ route_internalnet2="-net 192.168.2.0/24 static_routes="net1 net2" route_net1="-net 192.168.0.0/24 192.168.0.1" route_net2="-net 192.168.1.0/24 192.168.1.1" - - - Routing Propagation + + Troubleshooting When an address space is assigned to a network, the service provider configures their routing tables so that all @@ -537,38 +519,32 @@ route_net2="-net 192.168.1.0/24 192.168. backbone machine has a copy of a master set of tables, which direct traffic for a particular network to a specific backbone carrier, and from there down the chain of service - providers until it reaches your network. + providers until it reaches a particular network. It is the task of the service provider to advertise to the backbone sites that they are the point of connection, and thus the path inward, for a site. This is known as route propagation. - - - - Troubleshooting &man.traceroute.8; - Sometimes, there is a problem with routing propagation + Sometimes, there is a problem with route propagation and some sites are unable to connect. Perhaps the most useful command for trying to figure out where routing is - breaking down is &man.traceroute.8;. It is useful when - &man.ping.8; fails. + breaking down is traceroute. It is useful when + ping fails. - When using &man.traceroute.8;, include the name of the + When using traceroute, include the address of the remote host to connect to. The output will show the gateway hosts along the path of the attempt, eventually either reaching the target host, or terminating because of a lack of - connection. - - For more information, refer to &man.traceroute.8;. + connection. For more information, refer to &man.traceroute.8;. - Multicast Routing + Multicast Considerations multicast routing @@ -580,26 +556,29 @@ route_net2="-net 192.168.1.0/24 192.168. &os; natively supports both multicast applications and multicast routing. Multicast applications do not require any - special configuration of &os;; as applications will generally - run out of the box. Multicast routing requires that support + special configuration in order to + run on &os;. Support for multicast routing requires that the + following option be compiled into a custom kernel: options MROUTING - The multicast routing daemon, &man.mrouted.8;, must be - configured to set up tunnels and DVMRP via - /etc/mrouted.conf. More details on - multicast configuration may be found in - &man.mrouted.8;. + The multicast routing daemon, + mrouted can be installed + using the net/mrouted package or port. + This daemon implements + the DVMRP multicast routing protocol and is + configured by editing /usr/local/etc/mrouted.conf + in order to set up the tunnels and DVMRP. + The installation of mrouted also installs + map-mbone and + mrinfo, as well as their associated + man pages. Refer to these for configuration examples. - The &man.mrouted.8; multicast routing daemon implements - the DVMRP multicast routing protocol, - which has largely been replaced by &man.pim.4; in many - multicast installations. &man.mrouted.8; and the related - &man.map-mbone.8; and &man.mrinfo.8; utilities are available - in the &os; Ports Collection as - net/mrouted. + DVMRP has largely been replaced by the + PIM protocol in many + multicast installations. Refer to &man.pim.4; for more information.