ValueDescription RTPROT_STATIC Route installed by administrator. Not used. Table 36-9. Values of fib_protocol used by user space ValueDescription RTPROT_GATED The route was added by GateD. RTPROT_RA The route was added by RDISC (IPv4) and ND (IPv6) router advertisements. There is a mechanism, the ICMP Router Discovery Protocol defined in RFC 1256, that lets hosts find neighboring routers. rdisc, which is part of the iputils package, is the user-space tool that implements ICMP Router Discovery Messages. RTPROT_MRT The route was added by the Multi-Threaded Routing Toolkit (MRT). RTPROT_ZEBRA The route was added by Zebra. RTPROT_BIRD The route was added by BIRD. RTPROT_DNROUTED The route was added by the DECnet routing daemon. RTPROT_XORP The route was added by the XORP routing daemon. u32 fib_prefsrc Preferred source IP address. See the section "Selecting the Source IP Address" in Chapter 35. u32 fib_priority Priority of the route. The smaller the value, the higher the priority. Its value can be configured with IPROUTE2 using the metric/priority/preference keywords. When not explicitly set, it has the default value 0 to which it is initialized by the kernel. u32 fib_metrics[RTAX_MAX] When you configure a route, the ip route command allows you to also specify a set of metrics. fib_metrics is a vector used to store them. Metrics not explicitly configured are initialized to zero. See the section "Essential Elements of Routing" in Chapter 30 for a list of the available metrics. Table 36-10 shows the relationships between the metrics listed in that section and the associated kernel symbols RTAX_XXX defined in include/linux/rtnetlink.h. This document was created by an unregistered ChmMagic, please go to http://www.bisenter.com to register it. Thanks. Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com Table 36-10. Routing metrics MetricKernel symbol Not a metric RTAX_LOCK Path MTU RTAX_MTU Maximum Advertised Window RTAX_WINDOW Round Trip Time RTAX_RTT RTT Variance RTAX_RTTVAR Slow Start threshold RTAX_SSTHRESH Congestion Window RTAX_CWND Maximum Segment Size RTAX_ADVMSS Maximal Reordering RTAX_REORDERING Default Time To Live (TTL) RTAX_HOPLIMIT Initial Congestion Window RTAX_INITCWND Not a metric RTAX_FEATURES int fib_power This field is part of the data structure only when the kernel is compiled with support for multipath. See the section "Concepts Behind Multipath Routing" in Chapter 31. struct fib_nh fib_nh[0] int fib_nhs fib_nh is a variable-length vector of fib_nh structures, and fib_nhs is its size. fib_nhs can be greater than 1 only when the kernel supports the Multipath feature. See the section "Concepts Behind Multipath Routing" in Chapter 31, and see Figure 34-1 in Chapter 34. u32 fib_mp_alg Multipath caching algorithm. The IP_MP_ALG_XXX IDs of the algorithms introduced in the section "Cache Support for Multipath" in Chapter 31 are listed in include/linux/ip_mp_alg.h. This field is part of the data structure only when the kernel is compiled with support for multipath caching. #define fib_dev fib_nh[0].nh_dev Macro used to access the nh_dev field of the first fib_nh instance of the fib_nh vector. See Figure 34-1 in Chapter 34. This document was created by an unregistered ChmMagic, please go to http://www.bisenter.com to register it. Thanks. Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com #define fib_mtu fib_metrics[RTAX_MTU-1] #define fib_window fib_metrics[RTAX_WINDOW-1] #define fib_rtt fib_metrics[RTAX_RTT-1] #define fib_advmss fib_metrics[RTAX_ADVMSS-1] Macros used to access specific elements of the fib_metrics vector. 36.5.6. fib_nh Structure For each next hop, the kernel needs to keep more than just the IP address. The fib_nh structure stores that extra information in the following fields. struct net_device *nh_dev This is the net_device data structure associated with the device ID nh_oif (described later). Since both the ID and the pointer to the net_device structure are needed (in different contexts), both of them are kept in the fib_nh structure, even though either one could be used to retrieve the other. struct hlist_node nh_hash Used to insert the structure into the hash table described in the section "Organization of Next-Hop Router Structures" in Chapter 34. struct fib_info *nh_parent Pointer to the fib_info structure that contains this fib_nh instance. See Figure 34-1 in Chapter 34. unsigned nh_flags A set of RTNH_F_XXX flags defined in include/linux/rtnetlink.h and listed in Table 36-7 earlier in this chapter. unsigned char nh_scope Scope of the route used to get to the next hop. It is RT_SCOPE_LINK in most cases. This field is initialized by fib_check_nh. int nh_weight This document was created by an unregistered ChmMagic, please go to http://www.bisenter.com to register it. Thanks. Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com int nh_power These two fields are part of the fib_nh data structure only when the kernel is compiled with support for multipath, and are described in detail in the section "Concepts Behind Multipath Routing" in Chapter 31. nh_power is initialized by the kernel; nh_weight is set by the user with the keyword weight. _ _u32 nh_tclassid This field is part of the fib_nh data structure only when the kernel is compiled with support for the routing table based classifier. Its value is set with the realms keyword. See the section "Policy Routing and Routing Table Based Classifier" in Chapter 35. int nh_oif ID of the egress device. It is set with the keywords oif and dev. u32 nh_gw IP address of the next hop gateway provided with the keyword via. Note that in the case of NAT, this represents the address that the NAT router advertises to the world, and to which replies are sent before the router sends them on to the host on the internal network. For example, the command ip route add nat 10.1.1.253/32 via 151.41.196.1 would set nh_gw to 151.41.196.1. Note that NAT support in the routing code, known as FastNAT, has been dropped in 2.6 kernels. 36.5.7. fib_rule Structure Policy routing rules (also called policies) are configured with the ip rule command. If the IPROUTE2 package is installed on your Linux system, you can type ip rule help to see the syntax of the command. Policies are stored in fib_rule structures, whose fields are described here: struct fib_rule *r_next Links these structures within a global list that contains all fib_rule structures (see Figure 35-8 in Chapter 35). atomic_t r_clntref Reference count. It is incremented by fib_lookup (in the Policy Routing version only), which explains why fib_res_put (which decrements it) is always called after a successful lookup. u32 r_preference Priority of the rule. This can be configured using the keywords priority, preference and order when the administrator adds a policy with IPROUTE2. When not explicitly configured, the kernel assigns a priority that is one unit smaller than the priority of the last user-added rule (see inet_rtm_newrule). Priorities 0, 0x7FFE, and 0x7FFF are reserved for special rules installed by This document was created by an unregistered ChmMagic, please go to http://www.bisenter.com to register it. Thanks. Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com the kernel (see the section "fib_lookup with Policy Routing" in Chapter 35, and the definitions of the three default rules local_rule, main_rule, and default_rule in net/ipv4/fib_rules.c). unsigned char r_table Routing table identifier. Ranges from 0 to 255. When it is not specified by the user, IPROUTE2 uses the following defaults: RT_TABLE_MAIN when the user command adds a rule, and RT_TABLE_UNSPEC in other cases (e.g., when deleting a rule). unsigned char r_action The values allowed for this field are the rtm_type enum listed in include/linux/rtnetlink.h (RTN_UNICAST, etc.). The meanings of these values are described in the section "rtable Structure." This field can be explicitly set by the user using the type keyword when configuring a rule. When it is not explicitly configured by the user, IPROUTE2 sets it to RTN_UNICAST when adding rules, and RTN_UNSPEC otherwise (e.g., when deleting rules). unsigned char r_dst_len unsigned char r_src_len Length of the destination and source IP addresses, expressed in bits. They are used to compute r_srcmask and r_dstmask. When not initialized, they are set to zero. u32 r_src u32 r_srcmask IP address and netmask, respectively, of the source network from which packets must come. u32 r_dst u32 r_dstmask IP address and netmask, respectively, of the destination network to which packets must be directed. u32 r_srcmap Field that used to be set with the user-space keywords nat and map-to and was used by the Routing NAT implementation. Routing NAT support has been removed, so this field is not used anymore. See the section "Recently Dropped Options" in Chapter 32. u8 r_flags Set of flags. Currently not used. This document was created by an unregistered ChmMagic, please go to http://www.bisenter.com to register it. Thanks. Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com u8 r_tos IP header's TOS field. Included because the definition of a rule can include a condition placed on the IP header TOS field. u32 r_fwmark When the kernel is compiled with support for the "Use Netfilter MARK value as routing key" feature, it is possible to define rules in terms of firewall tags. This is the tag specified by the fwmark keyword when the administrator defines a policy rule. int r_ifindex char r_ifname[IFNAMSIZ] r_ifname is the name of the device the policy applies to. Given r_ifname, the kernel finds the associated net_device instance and copies the value of its ifindex field into r_ifindex. The value -1 for r_ifindex is used to disable the rule (see the section "Impacts on the policy database" in Chapter 32. _ _u32 r_tclassid; This field is included in the data structure only when the kernel is compiled with support for the routing table based classifier. Its meaning is described in the section "Policy Routing and Routing Table Based Classifier" in Chapter 35. int r_dead When a rule is available for use, this field is 0. When the rule is removed with inet_rtm_delrule, this field is set to 1. Every time a reference to the fib_rule data structure is removed with fib_rule_put, the reference count is decremented, and when it gets to zero the structure is supposed to be freed. At that point, however, if r_dead is not set, it means that something wrong happened (for instance, code has set the reference count incorrectly). 36.5.8. fib_result Structure The fib_result structure is initialized by fib_semantic_match to the result of a routing lookup. See Chapters 33 and 35 (in particular, the section "Semantic Matching on Subsidiary Criteria") for more details. The fields in the structure are: unsigned char prefixlen Prefix length of the matching route. See the description of fz_order in the section "fn_zone Structure." unsigned char nh_sel Multipath routes are defined with multiple next hops. This field identifies the next hop that has been selected. This document was created by an unregistered ChmMagic, please go to http://www.bisenter.com to register it. Thanks. Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com unsigned char type unsigned char scope These two fields are initialized to the values of the fa_type and fa_scope fields of the matching fib_alias instance. _ _u32 network _ _u32 netmask These two fields are included in the data structure definition only when the kernel is compiled with support for multipath caching. See the section "Weighted Random Algorithm" in Chapter 33 for how they are used by the weighted random multipath caching algorithm. struct fib_info *fi The fib_info instance associated with the matching fib_alias instance. struct fib_rule *r Unlike the previous fields, this one is initialized by fib_lookup. This field is included in the data structure definition only when the kernel is compiled with support for Policy Routing. 36.5.9. rtable Structure IPv4 uses rtable data structures to store routing table entries in the cache. [*] To dump the contents of the routing cache, you can view /proc/net/rt_cache (see the section "Tuning via /proc Filesystem"), or issue the ip route list cacheor route -C commands. Here is a field-by-field description of the data structure: [*] IPv6 uses rt6_info, and DECnet (not covered in this book) uses dn_route. union { } u This union is used to embed a dst_entry structure into the rtable structure (see the section "Hash Table Organization" in Chapter 33). One of its fields, rt_next, is used to link the rtable instances that collide into the same hash table's bucket. struct in_device *idev Pointer to the IP configuration block of the egress device. Note that when the route is used for ingress packets that are to be delivered locally, the egress device is the loopback device. This document was created by an unregistered ChmMagic, please go to http://www.bisenter.com to register it. Thanks. Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com unsigned rt_flags The flags you can set in this bitmap are the RTCF_XXX values defined in include/linux/in_route.h and listed in Table 36-11. Table 36-11. Possible values for rt_flags FlagDescription RTCF_NOTIFY Interested user-space applications are notified of any change to the routing entry via Netlink. This option is not yet completely implemented. The flag is set with commands such as ip route get 10.0.1.0/24 notify. RTCF_REDIRECTED The entry has been added in response to a received ICMP_REDIRECTmessage (see ip_rt_redirect and its caller). RTCF_DOREDIRECT This flag is set by ip_route_input_slow when an ICMP_REDIRECT message must be sent back to the source. ip_forward, described in detail in Chapter 20, decides whether to actually send the ICMP redirect based on this flag and other information. For instance, if the packet was source routed, no ICMP redirect would be generated. RTCF_DIRECTSRC This flag is used mostly to tell the ICMP code that it should not reply to Address Mask Request Messages. The flag is set every time a call to fib_validate_source says that the source of the received packet is reachable with a next hop that has a local scope (RT_SCOPE_HOST). See Chapters 25 and 35 for more detail. RTCF_SNAT RTCF_DNAT RTCF_NAT These flags are not used anymore by IPv4. They were used by the FastNAT feature that has been removed from the 2.6 kernels (see the section "Recently Dropped Options" in Chapter 32). RTCF_BROADCAST The destination address of the route is a broadcast address. RTCF_MULTICAST The destination address of the route is a multicast address. RTCF_LOCAL The destination address of the route is local (i.e., configured on one of the local interfaces). This flag is also set for local broadcast and multicast addresses (see ip_route_input_mc). RTCF_REJECT Not used. According to the syntax of IPROUTE2's ip rule command, there is a reject keyword, but it is not accepted. RTCF_TPROXY Not used. RTCF_DIRECTDST Not used. RTCF_FAST Not used. This flag is obsolete; it used to be set to mark a route as eligible for Fast Switching, a feature that has been dropped in the 2.6 kernels. RTCF_MASQ Not used anymore by IPv4. The flag was supposed to mark packets coming from masqueraded source addresses. unsigned rt_type Type of route. It indirectly defines the action to take when the route matches on a routing lookup. The possible values for this field are the RTN_XXX macros defined in include/linux/rtnetlink.h and listed in Table 36-12. This document was created by an unregistered ChmMagic, please go to http://www.bisenter.com to register it. Thanks. Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com Table 36-12. Possible values for rt_type Route typeDescription RTN_UNSPEC Defines a noninitialized value. This value is used, for instance, when removing an entry from the routing table, because that operation does not require the type of entry to be specified. RTN_LOCAL The destination address is configured on a local interface. RTN_UNICAST The route is a direct or indirect (via a gateway) route to a unicast address. This is the default value set by the ip route command when no other type is specified by the user. RTN_MULTICAST The destination address is a multicast address. RTN_BROADCAST The destination address is a broadcast address. Matching ingress packets are delivered locally as broadcasts, and matching egress packets are sent as broadcasts. RTN_ANYCAST Matching ingress packets are delivered locally as broadcasts, and matching egress packets are sent as unicast. Not used by IPv4. RTN_BLACKHOLE RTN_UNREACHABLE RTN_PROHIBIT RTN_THROW These values are associated with specific administrative configurations rather than destination address types. See the section "Route Types and Actions" in Chapter 30. RTN_NAT The source and/or destination IP address must be translated. Not used because the associated feature, FastNAT, has been dropped in the 2.6 kernels. RTN_XRESOLVE An external resolver will take care of this route. This functionality is currently not implemented. _ _u16 rt_multipath_alg Multipath caching algorithm. It is initialized based on the algorithm configured on the associated route (see fib_mp_alg in the section "fib_info Structure"). _ _u32 rt_dst _ _u32 rt_src Destination and source IP addresses. int rt_iif ID of the ingress device. Its value is extracted from the net_device data structure of the ingress device. For traffic generated locally (and hence not received on any interface), the field is set to the ifindex field of the outgoing device. Do not confuse this field with the iif field of the flowi data structure fl described later in this chapter. The latter field is set to zero (loopback_dev) for locally generated traffic. This document was created by an unregistered ChmMagic, please go to http://www.bisenter.com to register it. Thanks. Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com _ _u32 rt_gateway When the destination host is directly connected (it is on-link), rt_gateway matches the destination address. When a gateway is needed to reach the destination, rt_gateway is set to the next hop gateway identified by the route. struct flowi fl Search key used for the cache lookups, described in the section "flowi Structure." _ _u32 rt_spec_dst RFC 1122-specific destination, explained in the section "Preferred Source Address Selection" in Chapter 35. struct inet_peer *peer The inet_peer structure, introduced in Chapter 19, stores long-living information about the IP peer, which is the host with the destination IP address of this cached route. There is an inet_peer structure for each remote IP address to which the local host has been talking in the recent past. 36.5.10. dst_entry Structure The data structure dst_entry is used to store the protocol-independent information concerning cached routes. L3 protocols keep their own, additional private information in separate structures. (For example, IPv4 uses rtable structures.) Here is the field-by-field description: struct dst_entry *next Used to link the dst_entry instances that collide into the same hash table's bucket. See Figure 33-1 in Chapter 33. struct dst_entry *child unsigned short header_len unsigned short trailer_len struct dst_entry *path struct xfrm_state *xfrm This document was created by an unregistered ChmMagic, please go to http://www.bisenter.com to register it. Thanks. Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com [...]... developed ad-hoc software based on the Linux kernel, was a scientific consultant for a project on remote collaboration, and served as an instructor for several training sessions on networking The trainings, held mainly in Europe, Africa, and South America were all based on Linux systems and addressed to scientists from developing countries, where the ICTP has been promoting Linux for many years He occasionally... our distinctive approach to technical topics, breathing personality and life into potentially dry subjects Philip Dangler was the production editor, and Audrey Doyle was the copyeditor for Understanding Linux Network Internals Sada Preisch proofread the book Mary Brady and Colleen Gorman provided quality control Rachel Monaghan, Lydia Onofrei, and Laurel Ruma provided production assistance Angela Howard... Between the DST and Calling Protocols in Chapter 33 Here is the field-by-field description: " unsigned short family Address family See AF_XXX values in include /linux/ socket.h unsigned short protocol Protocol ID See ETH_P_XXX values in include /linux/ if_ether.h unsigned gc_thresh This field, used by the garbage collection algorithm, specifies the size (number of buckets) of the routing cache The initialization... collaborates with a nonprofit organization founded by ICTP members, Collaborium.org, to continue promoting Linux on developing countries In the past few years he worked as a software engineer for Cisco Systems in the Silicon Valley, where he focused on Layer 2 switching, high availability, and network security moc.fdpopmis.www//:ptth - noisreV deretsigernU tilpS dna egreM FDP opmiS This document was... the configuration of a local network device See the sections "Adding an IP address" and "Removing an IP address" in Chapter 32 fib_del_ifaddr fib_magic fib_rules_detach fib_rules_attach rtmsg_fib Used by the kernel to insert routes under specific conditions See the section "Routes Inserted by the Kernel: The fib_magic Function." Enables and disables routing policies when network devices are registered... 36-13 Functions, variables, and data structures in the routing subsystem Functions for_ifa, endfor_ifa for_primary_ifa, endfor_ifa FIB_RES_XXX Macros used to browse the IPv4 addresses configured on a network device See the section "Primary and Secondary IP Addresses in Chapter 32 " Set of macros used to access the fields of the fib_result structure See the section " Generic Helper Routines and Macros"... TCP This vector is initialized with a copy of the fib_info->fib_metrics vector (if it is defined), and default values are used where needed See the function rt_set_nexthop and Chapter 35 See Table 36 -10 for a description of the vector's possible values The RTAX_LOCK value needs a little explanation.RTAX_LOCK is not a metric but a bitmap: when the bit in position is set, it n means that the metric with... removed and therefore cannot be used, and -1 is used by IPsec and IPv6 but not by IPv4 int flags Set of flags DST_HOST is used by TCP and means the route leads to a host (i.e., it is not a route to a network or a broadcast/multicast address) DST_NOXFRM, DST_NOPOLICY, and DST_NOHASH are used only by IPsec unsigned long lastuse Timestamp used to remember the last time this entry was used It is updated... destination or source IP addresses, respectively Examples of sanity checks are that the source IP address cannot be multicast or broadcast and that the destination address cannot belong to the so-called zero-networkthat is, it cannot look like 0.n.n.n gc_total gc_ignored gc_goal_miss gc_dst_overflow These four fields are updated by rt_garbage_collect, described in the section "rt_garbage_collect Function"... moc.fdpopmis.www//:ptth - noisreV deretsigernU tilpS dna egreM FDP opmiS This document was created by an unregistered ChmMagic, please go to http://www.bisenter.com to register it Thanks void (*mp_alg_set_nhinfo) (_ _u32 network, _ _u32 netmask, unsigned char prefixlen, const struct fib_nh *nh) void (*mp_alg_remove) (struct rtable *rth) These functions are invoked by the algorithm-independent wrappers described in the . to http://www.bisenter.com to register it. Thanks. Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com Table 36 -10. Routing metrics MetricKernel symbol Not a metric RTAX_LOCK Path. Thanks. Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com unsigned rt_flags The flags you can set in this bitmap are the RTCF_XXX values defined in include /linux/ in_route.h. http://www.bisenter.com to register it. Thanks. Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com void (*mp_alg_set_nhinfo) (_ _u32 network, _ _u32 netmask, unsigned char prefixlen,