Linux makes a full-featured router

zhaozj2021-02-11  209

Linux makes a full-featured router

Linuxaid.com.cn

Wing

Back to〗 Forward〗

Everyone looks at the play. This article mainly introduces how to make a functionally complete router with Linux, which will mainly introduce the configuration of the static router and the dynamic router, but does not include IP camouflage or public an IP address access outside network. It is already the scope of this topic discussed, please refer to the contents such as the firewall configuration. LRP (Linux Router Project) has been established for several years. The purpose of this program is to use the Linux operating system to use the old personal computer as 486 as a network of routers. Routers with low-cost low-cost use of Linux may cause extensive attention in the business community. As Stonefly Technology's system integrated engineer Bret Berger said, users who cannot bear two thousand (USD) Cisco routers, using 486 plus a few Ethernet cards, as a router is used, is another option. For some small businesses, small ISPs, and even government agencies, this is a good solution. In fact, there are currently a lot of domestic universities that use this solution. Since the LRP program has been streamlined, the LRP software can be less than 2MB, and the LRP software can be placed in a floppy disk. That is to say, LPR can also be used in a computer without a hard disk. Michael Kornegay, a software engineer of Virtual Design Group, said that they have installed the Linux router software on an old X86 computer, plus two Ethernet cards, unwinding equipment, just using floppy disk, Yangchun type router is used with firewall. In this chapter, we don't teach you how to make less than 2MB LRP software packs, but tell you how to use Linux to get a good performance, low price router. Although the cost of constructing routers using Linux is inexpensive, there is still a distance from the real router in performance and efficiency. This is a good choice for players or some users who require low requirements. What is a router? Simply put: The functionality of the router is looking for a path - finding the correct path to the IP package to lead to the destination. The following is a more detailed introduction: Principle and action router (Router) is used to connect multiple logically separate networks, and the so-called logical network is representing a separate network or a subnet. When data is transferred from one subnet to another, it can be done by a router. Therefore, the router has functions that determine the network address and the selection path. It can establish a flexible connection in a multi-network interconnection environment, which can connect all kinds of subnets with complete data packets and media access methods, and routers only accept source stations or others. The information of the router is an interconnected device of the network layer. It doesn't care about the hardware devices used by each subnet, but require software that is consistent with the network layer protocol. Generally speaking, heterogeneous network interconnection and multiple subnet interconnections should be accomplished by routers. The main job of the router is to find a best transfer path for each data frame of the router and effectively transmit the data to the destination site. It can be seen that the policy of selecting the best path is the key to the router is the key to the router. In order to complete this work, the related data of various transmission paths (RoutingTable) is saved in the router, and is used when the route is selected. The logo information of the subnet is saved in the path table, the number of online routers, and the name of the next router, etc. The path table can be fixed by the system administrator, or the system is dynamically modified, and can be automatically adjusted by the router or by the host.

The static path table is defined by the system administrator to set the fixed path table, which is generally preset according to the configuration of the network when the system is installed, and the administrator is required when the network structure changes. Handmade the corresponding entry. The dynamic path surface dynamic (Dynamic) path table is the path table that is automatically adjusted by the router according to the operation of the network system. The router automatically calculates the optimal path of data transfer when needed by the function, automatic learning and memory network operations, automatic learning and memory network operations based on the functions provided by Route Selection Protocol (RoutingProtocol). Router's function (1) Protocol conversion: can be converted to the network layer and the protocols below the following layers. (2) Routing: When the packet arrives at the router from the interconnected network, the router can select the best route according to the destination address of the group, and forward the packet forward, and can change the route with the network topology. table. (3) Routing options that support multiple protocols: Router and protocols, different routers have different router protocols, support different network layer protocols. If the interconnected LAN has two different protocols, for example, one is a TCP / IP protocol, and the other is the SPX / IPX protocol (ie NetWare's transport layer / network layer protocol), because these two protocols have many different At the point, on the TCP / IP (or SPX / IPX) host in the Internet, only TCP / IP / IP / IPX) hosts in other Internet can communicate with TCP / IP / IPX / IPX) hosts in other applications. However, it is not possible to communicate with SPX / IP (or TCP / IP) hosts in the same LAN. Multi-protocol routers can support multiple protocols, such as IP, IPX, and X.25 protocols, can establish and maintain different routing tables for different types of protocols. This can not only connect the same type of network, but also connect to different types of networks. Although this function makes the router adaptability, it also makes the overall performance of the router, and now IP protocol is increasingly dominant in the network, so it is only necessary to support IP protocol in the next generation router (such as swap router). . (4) Traffic control: The router does not only have a buffer, but also controls the data traffic to send and receive two parties, making both more matching. (5) Segmentation and assembly function: When multiple networks are interconnected by the router, the size of the data packets transmitted by each network may not be the same, which requires a router to segment or assemble the packet. That is, the router can block the received large grouping and package into a small grouping, or put the received small packet set into a large group forwarding. If the router does not have a segment assembly function, the entire Internet can only be transmitted in accordance with a minimum group allowed, greatly reduces the effectiveness of other networks. (6) Network management function: The router is a collection point to connect a variety of networks. It is more convenient to monitor and manage the packets and devices in the network here. Therefore, both high-end routers are configured to improve network management, reliability, and maintenance lines. A router must have a network interface greater than or equal to 2, so that it has the function of the route, otherwise, if there is only one interface, it doesn't matter "seeking the way"! The network interface here is not necessarily a physical interface, such as a NIC or other, or a virtual interface, such as a tunnel entry, and the like. As described above, the routing information running on a router can be static, or may be dynamically generated.

The former is done by manual configuration, and the latter changes the routing table in the kernel based on the network state by running the routing routing protocol on the router. Below we carefully introduce some configurations of these two types of routers. Typically, a router has both static configuration portions, and a dynamically configured part, both combine. Multi-NIC Setting Static Router Configuration Linux The most commonly used specified routing rule under Linux is Route, of course, some graphical tools can be used, let's take a note below. The Route command uses the Route tool main function to manage the routing table in the Linux system kernel. Its biggest use is to set a static routing entry, usually after the system is configured with network interfaces (such as network cards, etc.) with IFConfig, and use it to set the host or a network segment to pass what interface transmission, etc. . Route tool has complex call parameters. The call format is as follows: route [-cfvnee] route [-v] [-host] Target [Netmask nm] [gw gw] [metric n] [MSS M] [WINDOW W] [IRTT I] [reject] [mod] [DYN] [reinstate] [[dev] if] route [-v] [-a family] del [-net | -host] target [gw gw] [netmask nm] [metric n ] [[Dev] if] route [-v] [--version] [-h] [--help] The main parameter is described below: -V uses redundant output mode. -A Family Specifies a specific address family (for example, "INET", "inet6"). -N uses a digital displayed address (for example, 202.38.75.75) instead of explaining domain names. -E uses the same output format as NetStat. The -ee parameter produces a long output, including almost all of the kernel routing tables. -NET Target is a network segment. -Host Target is a separate host. -F display kernel FIB routing table. The result may be changed by the -e and -ee parameter. -C Displays the kernel routing cache information. DEL deletes a routing entry. Add adds a routing entry. Target Configuration Destination Segment or Host. Can be IP, or a network or host name. Netmask NM is used to indicate the network mask of the routing entry to be added. GW GW Any IP packet for Target is passed through this gateway. Metric M Set the scale domain of this item in the routing table for M. MSS m Sets the maximum slice length (MSS) m bytes of TCP. The system default is 536. WINDOW W Set the size of the TCP Send window to w bytes. IRTT i sets the initialization loop time (IRTT) I milliseconds for TCP (1-12000). By default, it is 300ms according to RFC 1122. REJECT installs a blocking route, which may have a routing to find failed. MOD, DYN, REINSTATE Add or modify a dynamic routing entry. Mainly used to test and diagnose. DEV IF forcibly uses a particular output interface (IF) without the system to find an interface.

Examples of the following: Route Add -Net 192.56.76.0 Netmask 255.255.255.0 DEV ETH0 Add a routing entry, the network segment 192.56.76.x should walk from the interface "eth0". Route Add Default GW Mango-GW Add a default route (if there is no other matching route item, use this routing rule). "Mango-GW" is a host name, and the routing rules that lead to this host should be set in advance. Route Add IPX4 SL0 adds a routing rule to the host "IPX4" and uses the SLIP interface SL0. The format of the output result output of the route command has the following columns: Destination target network segment or host. Gateway gateway address, if not set, "*" is indicated. Genmask network mask. Flags Some possible marks are as follows: u (Route is active) h (target is a host) G (using gateway) R (GATEWAY) R (Gateway) R (entry generated by the Reinstate Route) D (Dynamical INSTALLED BY Daemon or Redirect) M (Modified from routing daemon or rederict)! (Reject Route) MetriC routing distance. REF route references. (No use in the Linux kernel) USE looks for the number of routing items. IFACE The output interface corresponding to the routing entry. MSS default TCP maximum slice size. Window defaults to the size of the TCP window. IRTT default TCP loop time. HH (Cached Only) ARP entrance number. ARP (Cached Only) This route corresponds to whether the physical address is expired. Here is the output of Route -n: TARN: ~ $ / SBIN / ROUTE-N KERN: ~ $ / SBIN / ROUTE-N KERNEL IP ROUTING TABLE DESTINATION GATEWAY GENMASK FLAGS Metric Ref Use 10.75.62 255.255.255.255 UGH 0 0 0 ETH0 202.38.75.75 0.0. 0.0 255.255.255.255 UH 0 0 0 Eth2 202.38.75.0 0.0.0.0 255.255.255.128 U 0 0 0 Eth0 192.168.0.0 0.0.0.0 255.255.0.0 U 0 0 0 Eth2 192.168.75.0 0.0.0 255.255.255.0 U 0 0 0 Eth1 159.226.0.0 202.38.75.62 255.255.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 LO 0.0.0.0 202.38.75.62 0.0.0.0 UG 1 0 0 Eth0 The above output We can see Out, the default gateway configured by the router is 202.38.75.62, which has 3 Ethernet interfaces (Eth0, Eth1, and Eth2).

The first and second routing rules are for a host, and others are for a network segment, which can recover. The basic principle of the dynamic router is introduced first, explains what is dynamic route. From the previous description we can see that the basic function of the router is to find the path to the destination address for the IP packet. Our previous section introduces the manual manual static configuration routing rules, which is the way to set up the way. But the Internet is a huge system, the above-running network structure is responsible, and the topology is also changed at any time, so our static configuration is not necessarily available in some complex ranges. And once the network structure changes, our manual static configuration is often not possible to change in time. In this context, the concept of dynamic routing configuration is generated, that is, the dynamic router. The routing entry on the dynamic router is exchanged between each other information between the interconnected routers, and then optimized according to certain algorithms, and these routing information is constantly updating in a certain time gap to accommodate changing networks, at any time. Get the optimal path finding effect. In order to realize the efficient path of IP packets, IETF has set a variety of pathfinding protocols. Among them, the autonomous system (AS: AutoMous System) internal gateway protocol has an open shortest path priority (OSPF: Open Shortest Path First) protocol and actions information protocol (RIP: Routing Information Protocol). The so-called autonomous system refers to a collection of hosts, routers and other network devices under the same entity (such as school, enterprise or ISP). There is also an external network routing protocol BGP-4, and the like between the autonomous domain system. Software running these routing protocols is the routing software we usually say, and the common routing software under Linux has Gated and Zebra. The former has both the release of the GPL version, and the surcharge; the latter is a fully GPL-efficient routing software developed by Japan. There is generally available in Linux's issuance, and we mainly introduce its configuration and use method below. The introduction of the route protocol We introduce the RIP protocol. RIP is the abbreviation of Routing Information Protocol, direct translation is "Routing Information Agreement". The RIP calculation routing uses the "distance vector" algorithm, so it is also referred to as "Distance Vector Routing Protocol. RIP features the overall knowledge of the router interchanged network. And only exchange this knowledge with adjacent routers. In other words, the router only shares network information with adjacent routers. Once new knowledge is acquired from adjacent routers, they append them into their own database, and will The information is passed to all adjacent routers. The adjacent routers do the same operation. After several passes, all routers in the autonomous system can get intact routing information. Rip packets are transmitted with UDP datagrams. For the difference In other UDP applications, specifying the recognized dedicated UDP port number of RIPNG to 521. The port of the active path for the path to update the packet is the RIPNG port, the response update packet is sent to the port of the request, should be noted, IPv4 The port number used in RIP is 520, which is different from RIPng. Timer love RIP has a more important role. Three different timers are used in RIP to support the path to support. The first is startup timing Timer for RIP update operations. This timer is typically set to 30 seconds. It is further restricted in the RIP standard. It requires the router to use the random number to update the send interval of the message, select the interval of the RIP update message. 25 seconds to 35 seconds.

转载请注明原文地址:https://www.9cbs.com/read-3505.html

New Post(0)