gated.conf.4 (2010 09)
g
gated.conf(4) gated.conf(4)
many more routes. The speed of the kernel interface becomes critical when these protocols are used.
To prevent GateD from locking up for significant periods of time installing large numbers of routes (up to
a minute or more has been observed on real networks), the processing of these routes is now done in
batches. The size of these batches may be controlled by the tuning parameters described below, but nor-
mally the default parameters will provide the proper functionality.
During normal shutdown processing, GateD normally deletes all the routes it has installed in the kernel
forwarding table, except for those marked with retain. Optionally, GateD can leave all routes in the ker-
nel forwarding table by not deleting any routes. In this case changes will be made to insure that routes
with a retain indication are installed in the table. This is useful on systems with large numbers of routes
as it prevents the need to re-install the routes when GateD restarts. This can greatly reduce the time it
takes to recover from a restart.
Forwarding tables and Routing tables
The table in the kernel that controls the forwarding of packets is a forwarding table, also know in ISO
speak as a forwarding information base,orFIB. The table that GateD uses internally to store routing
information it learns from routing protocols is a routing table, known in ISO speak as a routing informa-
tion base,orRIB. The routing table is used to collect and store routes from various protocols. For each
unique combination of network and mask an active route is chosen, this route will be the one with the
best (numerically smallest) preference. All the active routes are installed in the kernel forwarding table.
The entries in this table are what the kernel actually uses to forward packets.
Updating the Forwarding Table
There are two main methods of updating the kernel FIB, the ioctl() interface and the routing socket
interface. Their various characteristics are described here.
Updating the Forwarding Table with the ioctl interface
The ioctl interface to the forwarding table was introduced in BSD 4.3 and widely distributed in BSD
4.3. This is a one-way interface, it only allows GateD to update the kernel forwarding table. It has several
other limitations:
Fixed subnet masks
The BSD 4.3 networking code assumed that all subnets of a given network had the same sub-
net mask. This limitation is enforced by the kernel. The network mask is not stored in the ker-
nel forwarding table, but determined when a packet is forwarded by searching for interfaces
on the same network.
One way interface
GateD is able to update the kernel forwarding table, but it is not aware of other modifications
of the forwarding table. GateD is able to listen to ICMP messages and guess how the kernel
has updated the forwarding table with response to ICMP redirects.
Blind updates
GateD is not able to detect changes to the forwarding table resulting from the use of the route
command by the system administrator. Use of the route command on systems that use the
ioctl() interface is strongly discouraged while GateD is running.
Changes not supported
In all known implementations, there is no change operation supported, to change a route that
exists in the kernel, the route must be deleted and a new one added.
Updating the Forwarding Table with the routing socket interface
The routing socket interface to the kernel forwarding table was introduced in BSD 4.3 Reno, widely dis-
tributed in BSD 4.3 Net/2 and improved in BSD 4.4. This interface is simply a socket, similar to a UDP
socket, on which the kernel and GateD exchange messages. It has several advantages over the ioctl()
interface:
Variable subnet masks
The network mask is passed to the kernel explicitly. This allows different masks to be used on
subnets of the same network. It also allows routes with masks that are more general than the
natural mask to be used. This is known as classless routing.
Two way interface
Not only is GateD able to change the kernel forwarding table with this interface, but the ker-
nel can also report changes to the forwarding table to GateD. The most interesting of these is
an indication that a redirect has modified the kernel forwarding table; this means that gated
36 Hewlett-Packard Company − 36 − HP-UX 11i Version 3: September 2010