Basic Linux Route Commands You Should Know(2)

CCNA 200-301

CCNA 200-301

CCNP Enterprise

CCNP Enterprise

CCNP Security

CCNP Security

CCIE Enterprise Lab

CCIE Enterprise Lab

CCIE Security Lab

CCIE Security Lab

CCNP Service Provider

CCNP Service Provider

CCNP Data Center

CCNP Data Center

CCNP Collaboration

CCNP Collaboration

CCIE DC Lab

CCIE DC Lab

ic_r
ic_l
Basic Linux Route Commands You Should Know(2)
images
2019-03-13

Want to know the first part of Basic Linux Route Commands You Should Know(1)?

Linux Certifications are important to grow the career in the Linux world. Get a RedHat Linux certification will help to boost your career in IT engineers.

Multicast, a special type used for multicast routing. It does not exist in the normal routing table.

Routing Table: Linux-2.x can package routes into multiple routing tables with numeric IDs ranging from 1 to 255, or according to the name of the file /etc/iucte 2/rt_tables. By default, all common routes are Insert the primary table (ID 254) and the kernel only uses this table when calculating routes. In fact, another table always exists, which is invisible, but more importantly. It is a local table (ID 255). This table consists of routes for local and broadcast addresses. The kernel automatically maintains this table, and administrators usually don't need to modify it or even view it. When using policy routing, multiple routing tables enter the game.

1) ip route add, add route

2) ip route change, modify the route

3) ip route replace, change or add route

toTYPEPREFIX(default), the target prefix of the route. If the type is omitted, the IP uses type unicast. Other types of values are listed above. The prefix is an IP or IPv6 address followed by a slash and a prefix length. If the length of the prefix is lost, the IP will use full-length host routing. There is also a special prefix default value - equivalent to "IP 0/0" or "to IPv6 ::/0".

tosTOS, dsfieldTOS, service type (TOS) key. The key has no associated mask, and the longest match is understood as: First, compare the TOS of the route and the packet. If they are not equal, the packet can still match the route to zero TOS. TOS is either an 8-digit hexadecimal number or an identifier in "/etc/iproute2/rt_dsfield".

metricNUMBER, preferenceNUMBER, the preferred value for the route. NUMBER is any 32 digits.

tableTABLEID, the table to which this route is to be added. The TABLEID may be a number or string in the file "/etc/iproute2/rt_tables". If this parameter is omitted, the IP assumes the primary table, except for local routes, broadcast routes, and NAT routes, which are placed into the local table by default.

devNAME, the output device name.

viaADDRESS, the address of the next router. In fact, the meaning of this field depends on the type of route. For normal unicast routing, it is either a true next hop router or a direct route installed in BSD compatibility mode, which can be the local address of the interface. For NAT routing, it is the first address of the translated IP destination block.

srcADDRESS, the preferred source address to send to the destination covered by the route prefix.

realmREALMID, specifies the domain of this route. The REALMID may be a number or string in the file "/etc/iproute2/rt_realms".

mtuMTU, mtulockMTU, the MTU along the path to the destination. If a modifier lock is not used, the kernel may update the MTU due to path MTU discovery. If a modifier lock is used, path MTU discovery will not be attempted, and all packets will be sent without the DF bit in the case of IPv4 or fragmented to the MTU in IPv6.

WindowNUMBER, the maximum window in which TCP advertises to these destinations, in bytes. It limits the maximum data burst that a TCP peer is allowed to send to us.

rttTIME, the initial RTT ('round trip time') estimate. If no suffix is specified, the cell is passed directly to the original value of the routing code to maintain compatibility with previous versions. Otherwise, if you specify seconds using the s, sec, or secs suffix, specify milliseconds using ms, msec, or msecs.

rttvarTIME (2.3.15+ only), initial RTT variance estimate. The value is the same as the value specified by the above RTT.

rto_minTIME(2.6.23+ only), the minimum TCP retransmission timeout to use when communicating with this target. The value is the same as the value specified by the above RTT.

SsthreshNUMBER(2.3.15+ only), an estimate of the initial slow start threshold.

CwndNUMBER (2.3.15+ only), the clip that blocks the window. If you don't use the lock flag, ignore it

InitcwndNUMBER, the maximum initial congestion window (CWND) size in the MSS of the TCP connection.

InitrwndNUMBER(2.6.33+ only), the initial receive window size to connect to this target. The actual window size is this value multiplied by the connected MSS. The default value is zero, which means that a slow start value is used.

AdvmssNUMBER (2.3.15+ only), MSS ("Maximum Segment Size") advertises to these destinations when establishing a TCP connection. If not given, Linux will use the default value calculated from the first hop device MTU. (If the path to these destinations is asymmetrical, this guess may be wrong.)

ReorderingNUMBER(2.3.15+ only), the maximum reordering on the path to this destination. If not given, Linux will use the value selected by the sysctl variable "net/ipv4/tcp_reordering".

nexthopNEXTHOP, the next one of the multipath paths. NEXTHOP is a complex value whose syntax is similar to the top-level parameter list:

I) viaADDRESS, the next router.

II) devNAME, output device

III) weightNUMBER, which is the weight of this element of the multipath route that reflects its relative bandwidth or quality.

scopeSCOPE_VAL, the range of destinations covered by the route prefix. SCOPE_VAL can be a number or string in the file "/etc/iproute2/rt_scopes". If this parameter is omitted, the IP assumes a scope global for all gateway unicast routes, a range link for direct unicast and broadcast routes, and a range host for local routes.

protocolRTPROTO, the routing protocol identifier for this route. RTPROTO can be a number or string in the file "/etc/iproute2/rt_protos". If the routing protocol ID is not given, the IP assumes that the protocol is started (ie, the route is assumed to be added by someone who does not understand what they are doing). Some protocol values have a fixed explanation:

I) redirect, the route is installed due to icmp redirection.

II) Kernel, this route is installed by the kernel during automatic configuration.

III) boot, the route is installed during the boot process. If the routing daemon starts, it will clear all of these daemons.

IV) static, the administrator installed the route to override dynamic routing. The routing daemon will respect them and may even advertise to their peers.

V)ra, the route is installed by the router discovery protocol.

Onlink, pretending that Nextthop is directly connected to this link, even if it does not match any interface prefix.

Equalize allows randomization on a multipath route. Without this modifier, the route will be frozen to a selected next one, so load splitting will only occur on each stream base. Equalization works only when the kernel is patched.

4) ip route delete, delete the route

"ip route del" has the same parameters as "ip route add", but their semantics are slightly different. The key values (to, tos, preferences, and tables) select the route to delete. If there are optional attributes, the IP verifies that they are consistent with the attributes of the route to be deleted. "ip route del" will fail if a route with the given key and attribute is not found

5) ip route show, showing the route

toSELECTOR(default), which only selects routes from a given destination range. SELECTOR consists of an optional modifier (root, match, exact) and a prefix. Root selects a route with a prefix no smaller than PREFIX. For example, "root 0/0" selects the entire routing table. Match selects a route whose prefix length does not exceed PREFIX. For example, "match 10.0/16" selects 10.0/16, 10/8, and 0/0, but does not select 10.1/16 and 10.0.0/24. Exact (or just a prefix) selects a route with this prefix. If neither of these options appear, the IP is assumed to be root 0/0, ie it lists the entire table.

tosTOS, only select routes with a given tos.

tableTABLEID, showing the route in this table. The default setting is to display tablemain. The TABLEID can be the ID of the real table or one of the special values:

I) all, lists all the tables.

II) cache, backup route cache.

Cloned, cached, lists cloned routes, that is, routes that are dynamically forked from other routes due to certain routing attributes (F.E). (MTU) has been updated. In fact, it is equivalent to "table cache".

fromSELECTOR, the syntax is the same as to, but it binds the source address range instead of the destination. Note that the FROM option is only available for clone routing.

protocolRTPROTO, which only lists the protocols for this route.

scopeSCOPE_VAL, only lists routes with this range

typeTYPE, which only lists routes of this type.

devNAME, only lists routes that pass through this device

viaPREFIX, only lists the route of the next router selected by the prefix

srcPREFIX, which only lists the routes of the preferred source address selected by the prefix.

realmREALMID, realmsFROMREALM/TOREALM, only lists routes for these fields.

6) ip route flush, refresh the routing table

This command refreshes the route selected by some criteria. The parameters have the same syntax and semantics as the "ip route show" parameter, but the routing table is not listed but is cleared. The only difference is the default action: Display dumps all IP master routing tables, but refreshes the Print Assistant page.

With the "-statistics" option, the command becomes detailed. It prints out the number of deleted routes and the number of rounds to refresh the routing table. If this option is given twice, the IP route refresh will also dump all deleted routes in the format described in the previous section.

7) ip route get, get a separate route

This command gets a route to the destination and prints its contents as the kernel sees it.

toADDRESS (default), the target address.

fromADDRESS, source address.

tosTOS, dsfieldTOS, service type.

iifNAME, the device that is expected to arrive from the package.

oifNAME, the output device that forces this packet to be routed.

Connected, if no source address is provided (option from), re-discover the route that was received from the first lookup and set the source to the preferred address. If you use policy routing, it may be a different route.

Please note that this operation is not equivalent to "ip route show". Show shows the existing route. If necessary, get solve them and create new clones.

8, ip rule---routing strategy database management

The rule rules control the routing algorithm in the routing policy database. The classic routing algorithm used in the Internet only makes routing decisions based on the destination address of the packet (theoretically, not the actual TOS field). In some cases, we want to route packets in different ways, depending not only on the destination address, but also on other packet fields: source address, IP protocol, transport protocol port, and even packet payload. This task is called "policy routing." To solve this problem, traditional target-based routing tables are sorted by the longest matching rule and replaced with a Routing Policy Database (RPDB), which selects routes by executing a set of rules.

Each policy routing rule consists of a selector and an action predicate. The RPDB scans in order of increasing priority. The selector for each rule applies to {source address, destination address, incoming interface, tos, fwmark}, and if the selector matches the packet, the operation is performed. Action predicates may return successfully. In this case, it will give a route or fault indication and terminate the RPDB lookup. Otherwise, the RPDB program will continue to execute the next rule.

Semantically, the natural action is to choose the next and output device. At startup, the kernel configures the default rpdb consisting of three rules:

I) Priority: 0. Selector: Matches any content, Action: Find the local routing table (ID 255). A local table is a special routing table that contains high-priority control routes for local and broadcast addresses.

II) Priority: 32766. Selector: Matches any content, Action: Find the routing table master (ID 254). The primary table is a generic routing table that contains all non-policy routes. The administrator can delete and/or override this rule with other rules.

III) Priority: 32767. Selector: Matches any content, Action: Find the default value of the routing table (ID 253). The default table is empty. If there is no previous default rule to select a packet, it is reserved for some post processing. This rule can also be deleted.

The RPDB may contain the following types of rules:

I) unicast, which specifies that the route found in the routing table referenced by the rule is returned.

II) blackhole, this rule stipulates that packets should be dropped silently.

III) unreachable, which specifies a "network unreachable" error.

IV) prohibit, the rule provides for the "administrative prohibition of communication" error.

V) nat, this rule specifies that the source address of an ip packet is converted to another value.

1) ip rule add, add rules.

2) ip rule delete, delete the rule.

typeTYPE(default), the type of this rule

fromPREFIX, select the source prefix to match

toPREFIX, select the target prefix to match

iifNAME, select the incoming device to match. If the interface is loopback, the rule only matches packets from this host. This means you can create separate routing tables for forwarding packets and local packets to completely isolate them.

tosTOS, dsfieldTOS, select the TOS value to match.

fwmarkMARK, select the fwmark value to match.

priorityPREFERENCE, the priority of this rule. Each rule should have a unique priority value that is explicitly set. Options, preferences, and order are synonymous with priority.

tableTABLEID, if the rule selector matches, look up the routing table identifier. You can also use a lookup instead of a table.

realmsFROM/TO, the area to be selected when the rule match and routing table look for success. Use the realm to be used only if the route does not select any realm.

natADDRESS, the base of the IP address block to be translated (for the source address). The address can be the beginning of a NAT address block (routed by NAT) or a local host address (or even zero). In the last case, the router does not translate the packets, but disguise them as this address. Using map-to instead of nat means the same thing.

3) ip rule flush, refresh the rules, and dump all deleted rules.

There are no parameters.

4) ip rule show, display rules

There are no parameters.

9, ip maddress---multicast address management

1) ip maddress show, showing the multicast address

DevNAME(default), device name

2) ip maddress add, increase the multicast address

3) ip maddress delete, delete the multicast address

These commands append/separate a static link layer multicast address to listen on the interface. Note that it is not possible to statically join a protocol multicast group. This command only manages the link layer address

addressLLADDRESS (default), link layer multicast address.

devNAME, a device that joins/deletes a multicast address

10, ip mroute---multicast routing cache management

The mroute object is a multicast route cache entry created by the user-level mrouting daemon. Due to the limitations of the current interface of the multicast routing engine, you cannot manage changes to multicast routing objects, so only objects can be displayed.

Ip mroute show, listing mroute cache entries

toPREFIX(default), select the prefix of the target multicast address to be listed.

iifNAME, the interface that receives multicast packets.

fromPREFIX, select the prefix of the IP source address of the multicast route

11, ip tunnel---channel configuration

The tunnel object is a tunnel that encapsulates the packet in an IP packet and then sends it over the IP infrastructure. The encrypted (or external) address family is specified by the "-f" option. The default is ipv4.

1) ip tunnel add, add a new tunnel

2) ip tunnel change, modify an existing tunnel

3) ip tunnel delete, delete the tunnel

nameNAME (default), the name of the tunnel device.

modeMODE, set the tunnel mode. The available modes depend on the package address family. Available modes for IPv4 encapsulation: ipip, SIT, isatap, and grep; IPv6 encapsulation modes: ip6ip6, ipip6, and any.

remoteADDRESS, set the remote endpoint of the tunnel

localADDRESS, which sets the fixed local address of the tunnel packet. It must be an address on another interface of this host.

ttlN, set a fixed TTL N on the tunneled packet. N is a number in the range 1-255. 0 is a special value, meaning that the packet inherits the TTL value. The default value for IPv4 tunneling is: Inherence. The default value for an IPv6 tunnel is: 64.

tosT, dsfieldT, tclassT, set a fixed TOS (or traffic class in IPv6) T on the tunnel packet. The default value is: inherit.

SPOTO Ebooks
Blog Categories