Setting up a Linux Router
Setting up a static router
If you are unfamiliar with how networking routing is done, you should read The CTDP Networking Guide. This section contains some information contained in that guide. Information about how routers and routing works is included in The CTDP Networking Guide, but that information is not included in this section. This section only explains how to set up routing and routing tables.
In Linux, the "ifconfig" command is used to configure the NIC and the command "route" is used to set up routing tables for that machine. Please note that in Redhat Linux, the GUI interface programs "netconf" and "linuxconf" may be used to set this up also. These GUI interface programs will set these changes up to be permanent by writing them to files that are used to configure network information. Changes made with "route" without adding the changes to permanent files will no longer be valid when you reboot the machine. The command "ifconfig eth0 192.168.2.2 netmask 255.255.255.0" will set the NIC card up with its address and network number. You can type "netconfig", then select "basic host information" and do the same thing. The command "route add -net default gw 192.168.2.1 dev eth0" will add the route required for this computer for its gateway. This can be done using "ifconf" by selecting "routing and gateways" and "defaults", then setting the address of the default gateway, and enabling routing. Please be aware that various versions of Linux have different means of storing and retrieving network and routing information and you must use the tools that come with your system or learn it well enough to determine what files to modify. On Redhat 6.1 the file "/etc/sysconfig/static-routes" can be modified to make your route changes permanent, but this does not apply to your default route. Other files are "/etc/sysconfig/routed" and "/etc/sysconfig/network". Other files include "/etc/gateways", "/etc/networks", "/proc/net/route", "/proc/net/rt_cache", and "/proc/net/ipv6_route". The file "/etc/sysconfig/network-scripts" is a script file that controls the network setup when the system is booted.
If you type "route" for this machine, the routing table below will be displayed:
Here is a simple explanation of routing tables and their purpose. All computers that are networked have a routing table in one form or another. A routing table is a simple set of rules that tell what will be done with network packets. In programming language it is easiest to think of it as a set of instructions, very similar to a case statement which has a "default" at its end. If can also be thought of as a series of if..then..elseif..then..else statements. If the lines above are labeled A through C and a default (the last line), an appropriate case statement is: (Don't count the header line)
case A: send to me;break;
case B: send to my network;break;
case C: send to my local interface;break;
default: send to gateway 192.168.2.1
An appropriate if statement is:
if (address=me) then send to me;
elseif (address=my network) then send to my network;
elseif (address=my local) then send to my local interface;
else send to my gateway 192.168.2.1;
In everyday terms this is similar to a basic decision process. Imagine you are holding a letter. If it is addressed to you, you keep it, if it is addressed to someone in your town, you drop it in the local slot at the post office, but if it is addressed to someone out of town, you would drop it in the out of town slot.
Note how the routing table is arranged. It is arranged from the most specific to the least specific. Therefore as you go down the table, more possibilities are covered. You will notice the first Genmask is 255.255.255.255 and the last is 0.0.0.0. There can be no doubt that the last line is the default. The genmasks between the start and the end have a decreasing number of least significant bits set.
The above default routing table may be added manually with the command:
route add -net default gw 192.168.2.1 dev eth0
The routing table for machine a gateway for the network 192.168.2.0 to be routed to network 192.168.1.0 is as follows. The network card addresses are 192.168.2.1 and 192.168.1.2.
The Iface specifies the card where packets for this route will be sent. The address of eth1 is 192.168.1.2 and eth0 is 192.168.2.1. The NIC card addresses could have easily been switched. Line 1 (above) provides for the eth0 address, while line 2 provides for the address of eth1. Lines 3 and 4 are the rules for traffic going from network 192.168.1.0 to network 192.168.2.0 which will be sent out on NIC eth0. Lines 5 and 6 are the rules for traffic going from network 192.168.2.0 to network 192.168.1.0 which will be sent out NIC eth1. This may seem confusing, but please note the first value on lines 3 and 4 is 192.168.2.0 which the header indicates as the destination of the packet. Don't think of it as source! The last line is the default line which specifies that any packet not on one of the networks 192.168.1.0 or 192.168.2.0 will be sent to the gateway 192.168.1.1. This is how the internet access can be attained, though IP masquerading will probably be used. The flags above mean the following:
- U - Route is up
- H - Target is a host
- G - Use gateway
There are other flags, you can look up by typing "man route". Also the metric value above, indicating the distance to the target, is not used by current Linux kernels but may be needed by some routing daemons. Please note that if route knows the name of the gateway machine, it may list its name rather than the IP address. The same is true for defined networks. Networks may be defined in the file "/etc/networks" as in the example:
The routing table above can be set up with the following commands.
route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.2.1 dev eth0
route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.2 dev eth1
Again be aware that you are specifying destination networks here and the ethernet device and address the data is to be sent on.
In Redhat Linux this can be specified using "netconf" by selecting "routing and gateways" and "other routes to networks" and entering the following:
Alternatively in Redhat Linux, you can add the following two lines to the file "/etc/sysconfig/static-routes":
eth0 net 192.168.2.0 netmask 255.255.255.0 gw 192.168.2.1
eth1 net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.2
The commands to delete the above routes with route are:
route del -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.2.1 dev eth0
route del -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.2 dev eth1
Be aware, the program route is very particular on how the commands are entered. Even though it may seem that you entered them as the man page specifies, it will not always accept the commands. I don't know if this is a bug or not, but if you enter them as described here with the network, netmask, gateway, and device specified, it should work. The slightest misnomer in network name, netmask, gateway, device, or command syntax and the effort will fail.
To run the routed daemon, all you need to do is to start routed. There is no configuration file. Routed will listen for RIP updates on the network and use them to build a routing table. RIP is not a good routing choice for very large networks but is easy to administer and works well for small networks.
The /etc/gateways file allows static routes to be added to the routed daemon so that routes associated with routers that can't provide updates to routing tables are manually provided for. The format of the file is as follows:
startkeyword destinationaddress gateway gwaddress metric value active/passive
- The startkeyword is one of:
- net - A route to a network
- host - A route to a host
- The destination address tells where the packet. If the destination is 0.0.0.0, then that is the default route
- The gateway defines the external gateway used to reach the destination, with the gwaddress specifying the IP address of the gateway.
- Metric is a required keyword and the metric value is the cost (in hops) to the destination.
- The active/passive value indicates whether a router performs routing updates. Active indicates it does.
An example follows:
net 0.0.0.0 gateway 10.11.199.1 metric 1 active
net 192.168.198.0 gateway 10.11.199.20 metric 1 active
Gated supports multiple routing protocols.