{"id":304,"date":"2020-08-18T19:23:47","date_gmt":"2020-08-18T20:23:47","guid":{"rendered":"http:\/\/www.linux-tutorial.info\/?page_id=77"},"modified":"2020-08-22T19:26:18","modified_gmt":"2020-08-22T20:26:18","slug":"this-is-the-page-title-toplevel-139","status":"publish","type":"page","link":"http:\/\/www.linux-tutorial.info\/?page_id=304","title":{"rendered":"Routing and IP Gateways"},"content":{"rendered":"\nRouting and IP Gateways<\/title>\n<p>\nI mentioned previously that <glossary>IP<\/glossary>\nis an unreliable, <glossary>connection-less<\/glossary> <glossary>protocol<\/glossary>.\nThat is, it contains no provision to ensure that the <glossary>packet<\/glossary>\narrives correctly at the destination, nor\nis there anything that guarantees that when packets do arrive they arrive in the\ncorrect order. Although <glossary>IP<\/glossary>\nis responsible to ensure that the packets get to the right machine, it has\nessentially no understanding of the physical connection between the two\nmachines. <glossary>IP<\/glossary> will happily run on machines that are\nconnected with something as simple as a telephone wire, to something as complex\nas satellites. <glossary>IP<\/glossary> depends on some other means to\n“physically” carry it across the <glossary>network<\/glossary>.\n<\/p>\n<p>\nWhat this means is that the system <glossary>administrator<\/glossary>\n(or <glossary>network<\/glossary> administrator)\nis responsible for laying the “map” that is used to define which\n<glossary>network<\/glossary> address go with what sets of machines and what\n<glossary>IP<\/glossary> addresses are assigned to individual\nmachines.\n<\/p>\n<question id=\"29\" text=\"What is the process of directing network packets from one machine to the correct destination network?\" \/>\n<question id=\"290\" text=\"Among other things, IP addresses are used for routing packets to the correct destination network.\" \/>\n<question id=\"\" type=\"tf\" text=\"The process of directing packets to the correct destination network is called 'routing'.\" \/>\n<concept id=\"175\" description=\"The process of directing packets to the correct destination network is called 'routing'.\" \/>\n<question id=\"\" type=\"mc\" text=\"What protocol is used for routing between computers?\" \/>\n<question id=\"\" type=\"mc\" text=\"What is the primary piece of information applications need to get data from one machine to another?\" \/>\n<p>\nOne important job that <glossary>IP<\/glossary>\ndoes is routing. That is, getting the <glossary>packet<\/glossary>\nto the right machine. If the source and destination machines are directly\nconnected, that is on the same <glossary>network<\/glossary>, then routing is easy. Essentially there isn’t any.\n<glossary>IP<\/glossary>\nsees this fact and simply hands the packets off to the data link\nlayer. Otherwise, <glossary>IP<\/glossary> has to figure out how and where to send it.\n<\/p>\n<p>\nUsually the “how” is over a <em>router<\/em>. A <glossary>router<\/glossary>\nis some piece of hardware that\nacts like an air traffic controller send one <glossary>packet<\/glossary>\noff one way and others off a different\nway. Often routers are separate pieces of equipment that can be configured in very\ndetailed ways. The disadvantage to this is that with power comes price. The ability to\nconfigure a <glossary>router<\/glossary>\nin many different ways usually means a high price tag. Fortunately,\nmany operating systems, including Linux allow <glossary>IP<\/glossary>\nto serve as router-software, thereby avoiding the cost of special <glossary>router<\/glossary>\nhardware.\n<\/p>\n<question id=\"292\" text=\"Originally, a gateway was a machine that converted from one protocol to another.\" \/>\n<concept id=\"\" description=\"Originally, a gateway was a machine that converted from one protocol to another.\" \/>\n<p>\nIn comparison to the <glossary>router<\/glossary>\nis the concept of a <i>gateway.<\/i> Like a router, a\ngateway has knowledge of other networks and how to reach them. In general, we can think of\na <glossary>router<\/glossary>\nas a special piece of hardware that does the work for us. In fact, there are\ncompanies that sell equipment called routers. A <glossary>gateway<\/glossary>\nis more of a concept, in that is\nthe means by which you go from one <glossary>network<\/glossary>\nto another. Today, the distinction between a\nrouter and a <glossary>gateway<\/glossary>\nis blurred. Originally, a gateway was a machine that converted from\none <glossary>protocol<\/glossary>\nto another. However, in common usage today, routers can server as gateways,\ngateways can serve as routers.\n<\/p>\n<question id=\"\" type=\"mc\" text=\"What is the terms for the path a network packet takes from one machine to the next?\" \/>\n<p>\nThe path the <glossary>packet<\/glossary>\ntakes from one machine to the next is called a <em>route<\/em>.\nAlthough each machine can maintain static routes for specific destinations, the default\ngateway is usually used to find remote destinations. (The default <glossary>gateway<\/glossary>\nis needed only for computers that are part of an internetwork.) If you have a <glossary>gateway<\/glossary> connected to\nseveral other networks, there will (probably) be <glossary>route<\/glossary>\ndefinitions for each of those other\nnetworks.\n<\/p>\n<p>\nLet’s look at this process as if we were sending a letter, as we did a little while\nago. Each letter we send has an envelope which contains a message. On the envelope we\nwrite the source and destination addresses. When we mail the letter it gets to the post\noffice and the person sorting the mail checks the destination zip code. If it’s the same\nas the local zip code, the envelope is sent to one of the carriers for delivery. If the zip\ncode is different, then it is sent to some other location. Perhaps all non-local mail is\nsent to the same place.\n<\/p>\n<p>\nIf you live across the country from me, the letter probably doesn’t go directly from\nmy local post office to yours. (assuming I don’t live in San Francisco and you don’t live\nin New York) The same applies to <glossary>IP<\/glossary>\npackets. My letter first goes to my local post office,\nif it is destined for a local <glossary>address<\/glossary>\nit is processed there. If not, it is sent along to a\nlarger post office. If I sent a letter from Santa Cruz, California destined for Annsville,\nPennsylvania, it will probably go first to San Francisco and then to New York (or\nPhiladelphia) before it gets sent to Annsville.\n<\/p>\n<p>\nAgain, the same applies to <glossary>IP<\/glossary>\npackets. If I were communicating with a <glossary>network<\/glossary>\non the other side of the country, my machine needs to know how to get to the other one. This is\nthe concept of a “gateway”. A <glossary>gateway<\/glossary>\nis the first step in the path, or “route” to the\nremote machine. Just as there are a couple of post offices between Santa Cruz and\nAnnsville, there can be multiple gateways between computers.\n<\/p>\n<p>\nSince San Francisco is the closest “major” city to Santa Cruz, it is possible that all\nmail bound for points beyond must first go through there. What if I lived in Fresno, which\nis about halfway between San Francisco and Los Angeles? If I sent a letter to Annsville,\nit could go through Los Angeles or it could go through San Francisco. To make things easy,\nit might always get sent through San Francisco it not destined for a local <glossary>address<\/glossary>.<\/p>\n<p>\nWhat if the letter is bound for Los Angeles? It seems silly to go through San Francisco first\nwhen it is bound for LA. At the post office in Fresno, they might have a special procedure\nthat says all remote mail goes through San Francisco, except for those with a zip code in\na special range.\n<\/p>\n<p>\nHere, too, the same applies to <glossary>IP<\/glossary>\naddresses. One machine may be defined as the “default” <glossary>gateway<\/glossary>,\n but if an IP <glossary>packet<\/glossary>\nwas bound for a particular <glossary>network<\/glossary>\nit could be told to use a completely different gateway. Which gateway to use to\nget to a particular machine or network is the concept of “routes.” If I want\nall remotely-bound packets to use a particular <glossary>route<\/glossary>, I\nadd that route as a default to my machine. If packets bound for a particular\nnetwork are to go via a different route, I can add that route as well.\n<\/p>\n<p>\n<img decoding=\"async\" src=\"gateway.png\" width=434 height=389 border=0 usemap=\"#gateway_map\">\n<map name=\"gateway_map\">\n<area shape=\"RECT\" coords=\"30,261,406,319\" href=\"popup#Gateways#Packets bound for the local network do not go through a gateway.\">\n<area shape=\"RECT\" coords=\"87,210,351,257\" href=\"popup#Gateways#Packets bound for other networks, such as the Internet, go through the gateway.\">\n<area shape=\"RECT\" coords=\"177,134,260,205\" href=\"popup#gateway#Depending on how it is configured, a gateway will send data to many different networks.\">\n<area shape=\"RECT\" coords=\"165,1,266,206\" href=\"popup#Gateways#Packets bound for other networks, such as the Internet, go through the gateway.\">\n<\/map>\n<\/p>\n<p>\n<icaption>Image – Network gateway (<b>interactive<\/b>)<\/icaption>\n<\/p>\n<p>\nWhen <glossary>IP<\/glossary>\nprepares to send a “message”, it inserts the local (source) and destination\nIP addresses in the IP <glossary>header<\/glossary>.\n It then checks whether the <glossary>network<\/glossary>\nID of the destination and source match (the zip codes). If so, the <glossary>packet<\/glossary>\nis sent directly to the destination, since it is on the local network. If the\nnetwork IDs don’t match, the routing table is examined for static routes. If\nnone are found, the packet is forwarded to the default\n<glossary>gateway<\/glossary>.\n<\/p>\n<p>\nThe default <glossary>gateway<\/glossary>\nis a computer connected to the local <glossary>subnet<\/glossary>\nand other networks that has knowledge of the\nIDs for other networks and how to reach them. Because the default gateway knows\nhow to reach the other networks, it can forward the\n<glossary>packet<\/glossary>, either to other gateways or directly to that\nmachine if the gateway is on the same network as the destination. This process\nis known as routing.\n<\/p>\n<p>\nIf you only have a single <glossary>network<\/glossary>,\n there is no reason to have a <glossary>gateway<\/glossary>,\nas each machine is directly connected to every other. It’s possible that you\nonly want certain machines within your network to go beyond the local net to\nthe outside. In this case, these machine can have a default (or static)\n<glossary>route<\/glossary> default, while the others have none. However, users\ncan add routes themselves, using the route command.\n<\/p>\n<question id=\"293\" text=\"In which file are the 'well-known' ports listed?\" \/>\n<question id=\"\" type=\"mc\" text=\"What are 'well-known' ports?\" \/>\n<concept id=\"176\" description=\"So-called 'well-known ports' are listed in the file '\/etc\/services'.\" \/>\n<question id=\"294\" text=\"Which process serves as 'telephone operator' for network connections?\" \/>\n<p>\nAs we talked about earlier, <glossary>TCP<\/glossary>\nconnections are not the only ones that are managed by inetd. Basically all\n<glossary>network<\/glossary> connections are. This can be understood if we go\nback to the telephone operator analogy. If the operator (inetd) is also the\nreceptionist, we can then think of <glossary>TCP<\/glossary> connections as incoming telephone calls\nand <glossary>UDP<\/glossary> packets as incoming letters. Like incoming phones\ncalls, the receptionist is responsible to <glossary>route<\/glossary> the\nincoming mail to the right person. (This is a valid analogy, because like regular\nmail, there is nothing to guarantee the delivery of the message in the letter,\nalthough with TCP connections you can ask your partner to resend the message.)\nLike TCP connections, UDP daemons are “listening” on specific ports. Also like\nTCP connections, these well-known ports are listed in\n<file type=\"\">\/etc\/services<\/file>.\n<\/p>\n<question id=\"\" type=\"mc\" text=\"What is the function of 'routed'?\" \/>\n<p>\nOne common <glossary>UDP<\/glossary>\nconnection is the routing daemon: <command>routed<\/command>. Routed supplies (as you might have\nguessed) routing information in the form of routing packets. If your system is\nserving as a <glossary>router<\/glossary>, then routed periodically sends copies\nof its routing tables to other machines.\n<\/p>\n<p>\nOne key difference is that <command>routed<\/command> is not actually started by <command>inetd<\/command>. Instead,\nit is normally started through one of the scripts under <directory>\/etc\/rc.d<\/directory> as the system\nis booting. This actually calls the script\n<file type=\"\">\/etc\/sysconfig\/network-scripts\/ifcfg-routes<\/file>.\n<\/p>\n<question id=\"295\" text=\"How does the routing daemon (routed) keep track of the various routes?\" \/>\n<question id=\"\" type=\"mc\" text=\"What is the function of a 'loopback' driver?\" \/>\n<p>\nWhen it starts, <command>routed<\/command> makes the assumption that it will forward packets\nbetween all interfaces on the system. This only includes those that are “up”\nand does not include the <glossary>loopback<\/glossary>\n driver. (The loopback driver is a special\nTCP\/IP interface that simply loops the packets back to the local machine. Hence\nthe name.) Routed then transmits a REQUEST <glossary>packet<\/glossary> on each\nof these interfaces and waits for a RESPONSE packet for any other hosts.\nPotentially there are other machines on the <glossary>network<\/glossary> that\nare also sending REQUESTS packets, so routed can also respond to them.\n<\/p>\n<question id=\"296\" text=\"What is the term used for the intermediary computers a packet goes through?\" \/>\n<concept id=\"177\" description=\"The term used for the intermediary computers a packet goes through is 'hop'.\" \/>\n<p>\nThe response <command>routed<\/command> gives is based on information it has in it’s <em>routing\ntables<\/em>. This contains information about known routes, including how far\naway the destination machine is in turns of <i>hops<\/i> or intermediary\nmachines. When routed receives a RESPONSE <glossary>packet<\/glossary>, it uses\nthe information contained in that packet to update it’s own routing tables. Look\nat the routed <glossary>man-page<\/glossary> for more information.\n<\/p>\n<question id=\"\" type=\"\" text=\"What command is used to add or remove network routes to your system?\" \/>\n<p>\nRoutes are added to and removed from the system using the <glossary>route<\/glossary>\ncommand. The general syntax is:<\/p>\n<p>\n<commandexample command=\"route\">route <option> command destination <glossary>gateway<\/glossary>\nmetric<\/commandexample>\n<\/p>\n<p>\nThe two commands used are <keyinput>add<\/keyinput> and <keyinput>delete<\/keyinput>.\nThe <keyinput>destination<\/keyinput> is the <glossary>IP<\/glossary>\n<glossary>address<\/glossary>\nof the machine or <glossary>network<\/glossary>\nyou want to reach. You can also use <glossary>tokens<\/glossary> for the network name by including\nentries in the <file>\/etc\/networks<\/file> file. This is an <glossary>ASCII<\/glossary> file\ncontaining two columns. The first is the name of the network and the second\ncolumn is the network address. You can then use that name in the\n<glossary>route<\/glossary> command.\n<\/p>\n<p>\nThe <glossary>gateway<\/glossary> is the <glossary>IP<\/glossary>\n<glossary>address<\/glossary> of the interface to which the packets need to be addressed. Keep in mind that\nthe system must already know how to get to the gateway for this to work.\n<\/p>\n<question id=\"\" type=\"\" text=\"In regards to routing, what is meant by a 'metric'?\" \/>\n<question id=\"\" type=\"\" text=\"In regards to routing, what terms is used to indicate the maximum number of intermediate machines?\" \/>\n<p>\nThe metric is a value that normally indicates the number of intermediate\nmachines (hops). The system uses this value in determining the shortest\n<glossary>route<\/glossary> to a particular machine.\n<\/p>\n<p>\nFor example, let’s assume we have an entry in <file>\/etc\/networks<\/file> like this:<\/p>\n<p>\n<screenoutput>siemau 132.147<\/screenoutput>\n<\/p>\n<p>\nLet’s also assume that the machine I need to use to access this <glossary>route<\/glossary>\nhas an <glossary>IP<\/glossary>\n<glossary>address<\/glossary> of 199.142.147.1. I could then run the route command like this:\n<\/p>\n<p>\n<commandexample command=\"route\">route add siemau netmask 255.255.255.0 gw 199.142.147.1 0<\/commandexample>\n<\/p>\n<p>\n<em>Note: Kernels prior to 2.2.x did not require you to include the netmask.<\/em>\n<\/p>\n<p>\nThis says that any <glossary>packet<\/glossary>\ndestined for the <i>siemau<\/i> <glossary>network<\/glossary>\n(as defined in \/etc\/networks) should go to the <glossary>IP<\/glossary>\n<glossary>address<\/glossary>\n199.142.174.1 with a metric of 0. Normally, 0 is used when the <glossary>IP address<\/glossary>\nyou specify is directly connected to your machine.\n<\/p>\n<p>\nIf you have a single machine that serves as your <glossary>gateway<\/glossary>\nto the rest of the world, you can specify default instead of a specific\n<glossary>address<\/glossary> or <glossary>network<\/glossary> as your\ndestination. In the example above, if we wanted to use the same machine for all\nnetworks instead of just siemau, the command would look like this:\n<\/p>\n<question id=\"\" type=\"mc\" text=\"Which of the follow commands would add the default route to the machine 192.168.2.42?\" \/>\n<p>\n<commandexample command=\"route\">route add default gw 199.142.147.1 0<\/commandexample>\n<\/p>\n<question id=\"297\" text=\"Routes are built dynamically as connections are made between computers.\" \/>\n<concept id=\"178\" description=\"Routes are built dynamically as connections are made between computers.\" \/>\n<p>\nAs you move about the <glossary>network<\/glossary>,\ndynamic entries are created by the routing <glossary>protocol<\/glossary>\nthat you use. (Most commonly <command>routed<\/command>) The routing protocol communicates with it’s\ncounterpart on other machines and adds entries to the routing tables\nautomatically.\n<\/p>\n<question id=\"\" type=\"mc\" text=\"What does the \/etc\/gateways file contain?\" \/>\n<p>\nWhen it starts, <command>routed<\/command> looks for the file <file type=\"\">\/etc\/gateways<\/file>, which contains\na list of gateways. (What else?) The general format for this file is:<\/p>\n<p>\n<filecontents type=\"\"><net|host> name <glossary>gateway<\/glossary> metric type<\/filecontents>\n<\/p>\n<p>\nThe first field specifies whether the <glossary>gateway<\/glossary>\nis to a specific machine or <glossary>network<\/glossary>.\nThe name field is the name of the destination <glossary>host<\/glossary>\nor network. This can either be an <glossary>IP<\/glossary>\n<glossary>address<\/glossary>\nor a <glossary>token<\/glossary>. If using a token, then the <glossary>hostname<\/glossary>\nmust be located in <file type=\"\">\/etc\/hosts<\/file> or can be determined through <glossary>DNS<\/glossary>.\nIf through DNS, routed must be started after <command>named<\/command>. If a network, the name\nmust be in <file type=\"\">\/etc\/networks<\/file>.\n<\/p>\n<question id=\"\" type=\"mc\" text=\"What is the 'metrics' field in the \/etc\/gateways file?\" \/>\n<p>\nThe <glossary>gateway<\/glossary>\nfield is the name or <glossary>address<\/glossary>\nof the gateway that is to be used. The metric is the same as for routes and\nindicates the number of <glossary term=\"hop\">hops<\/glossary>. The type can be either\npassive, active or external. A passive gateway is one that is not expected to\nexchange routing information. Active gateways will exchange information and\nusually have routed running on them. External gateways are ones that are managed\nby another system, but alternate routes should not be installed.\n<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Routing and IP Gateways I mentioned previously that IP is an unreliable, connection-less protocol. That is, it contains no provision to ensure that the packet arrives correctly at the destination, nor is there anything that guarantees that when packets do … <a href=\"http:\/\/www.linux-tutorial.info\/?page_id=304\">Continue reading <span class=\"meta-nav\">→<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-304","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"http:\/\/www.linux-tutorial.info\/index.php?rest_route=\/wp\/v2\/pages\/304","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.linux-tutorial.info\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"http:\/\/www.linux-tutorial.info\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"http:\/\/www.linux-tutorial.info\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.linux-tutorial.info\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=304"}],"version-history":[{"count":1,"href":"http:\/\/www.linux-tutorial.info\/index.php?rest_route=\/wp\/v2\/pages\/304\/revisions"}],"predecessor-version":[{"id":684,"href":"http:\/\/www.linux-tutorial.info\/index.php?rest_route=\/wp\/v2\/pages\/304\/revisions\/684"}],"wp:attachment":[{"href":"http:\/\/www.linux-tutorial.info\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=304"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}