TCP/IP Network Administration

TCP/IP Network AdministrationSearch this book
Previous: B.7 Definition StatementsAppendix B
A gated Reference
Next: B.9 static Statements
 

B.8 Protocol Statements

Protocol statements enable or disable protocols and set protocol options. The protocol statements occur after the definition statements and before the static statements. There are many protocol statements and more may be added at any time. There are statements for the various interior and exterior routing protocols, and for other things that are not really routing protocols.

In this section we begin with the interior protocols, move on to the exterior protocols, and finish with the special "protocols."

B.8.1 The ospf Statement

ospf yes | no | on | off [{
defaults {
preference
preference ;
cost
cost ;
tag
[as] tag ;
type 1
| 2 ; } ;
exportlimit
routes ;
exportinterval
time ;
traceoptions
trace_options ;
monitorauthkey
password ;
backbone
| area number {
authtype 0
| 1 | none | simple ;
stub
[cost cost] ;
networks {

address [mask mask |masklen number] [restrict] ;
host
address [restrict] ; } ;
stubhosts {

address cost cost ; } ;
interface
interface_list [nonbroadcast] [cost cost] {
pollinterval
time ;
routers {

address [eligible] ; } ;
interface_parameters } ;
virtuallink neighborid
router_id transitarea area {
interface_parameters } ;
} ;
}
] ;

The ospf statement enables or disables the Open Shortest Path First (OSPF) routing protocol. By default, OSPF is disabled. It is enabled by specifying yes or on (it doesn't matter which you use) and it is disabled with no or off.

NOTE: For the sake of brevity, this text explains only the first occurrence of any gated.conf parameter if it is used the same way in subsequent commands. Only differences between commands are explained. For example, yes | no | on | off is not explained again, because it is always used in the same way to enable or disable a protocol.

The ospf statement has many configuration parameters:

defaults

Defines the defaults used when importing OSPF routes from an external autonomous system and announcing those routes to other OSPF routers. The link-state advertisement (LSA) used to announce these routes is called an ASE (autonomous system external) because it contains routes from external autnomous systems. See the description of OSFP in Chapter 7.

preference preference

Defines the preference of OSPF ASE routes. The default is 150.

cost cost

Defines the cost used when advertising a non-OSPF route in an ASE. The default is 1.

tag [as] tag

Defines the OSPF ASE tag value. The tag is not used by the OSPF protocol, but may be used by an export policy to filter routes. (See the export statement later in this appendix.) When the as keyword is specified, the tag field may contain AS path information.

type 1 | 2

Defines the type of ASE used. The default is type 1. Type 1 contains routes learned from an external protocol that provides a metric directly comparable to the OSPF metric. The metric is added to the cost of reaching the border router when routes are advertised. A type 2 ASE contains routes learned from an exterior gateway protocol that does not provide a routing metric comparable to the OSPF metric. These routes are advertised with the cost of reaching the border router. See Chapter 7.

exportlimit routes

Defines the maximum number of ASE LSAs that will be flooded at one time. The default is 100.

exportinterval time

Defines how frequently ASE link-state advertisements are flooded to the network. The default is once per second.

traceoptions trace_options

Defines the tracing used to debug OSPF. In addition to the standard trace flags, OSPF supports:

lsabuild

Traces construction of link-state advertisements (LSA).

spf

Traces the Shortest Path First (SPF) calculations.

hello

Traces the OSPF HELLO packets.

dd

Traces the OSPF Database Description packets.

request

Traces the OSPF Link-State Request packets.

lsu

Traces the OSPF Link-State Update packets.

ack

Traces OSPF Link-State Ack packets.

monitorauthkey password

Defines the password used for ospf_monitor queries. By default these queries are not authenticated. If monitorauthkey is specified, incoming queries must contain the specified password.

backbone | area number

Defines the OSPF area of which this router is a member. Every router must belong to an area. If more than one area is configured, at least one must be the backbone. The backbone is defined using the backbone keyword. All other areas are defined by the area keyword and the number of the area, e.g., area 1. See Chapter 7 for a discussion of OSPF areas. Several configuration parameters are associated with each area:

authtype 0 | 1 | none | simple

Specifies the authentication scheme used in this area. The authentication schemes can be defined by none or 0 for no authentication, or simple or 1 for password authentication. Each system in an area must use this same authentication scheme.

stub [cost cost]

Specifies that this is a stub area. A stub area is one in which there are no ASE routes. If a cost is specified, it is used to advertise a default route into the stub area.

networks

Defines the range of networks contained within this area. The specified ranges are advertised into other areas as summary network LSAs and not as inter-area routes. If restrict is specified, the summary network LSAs are not advertised. The entries in the networks list are either specified as host addresses by using the host keyword before the address, or as a network address by simply specifying the address. An address mask can be defined for a network address. The mask can be defined in dotted decimal notation using the mask keyword or as a numeric prefix length using the masklen keyword. The address masks mask 255.255.0.0 and masklen 16 are equivalent. If no address mask is specified, the natural mask is used. This option can reduce the amount of routing information propagated between areas.

stubhosts

Lists the directly attached hosts, and their costs, that should be advertised as reachable from this router. List point-to-point interfaces here.

interface interface_list [nobroadcast] [cost cost]

Defines the interfaces used by OSPF. If the keyword nobroadcast is specified, the interface connects to a non-broadcast multi-access (NBMA) network. If nobroadcast is not used, the interface connects to a broadcast or a point-to-point network. Specify the cost of the interface with the cost keyword, e.g., cost 5. The default cost is 1. Two options are specific to NBMA interfaces:

pollinterval time

Defines the time interval at which OSPF HELLO packets are sent to neighbors.

routers

Lists all neighbors by address. The eligible keyword indicates if the neighbor can become a designated router.

Point-to-point interfaces have one additional parameter:

nomulticast

Forces gated to unicast OSPF packets over this interface. By default, OSPF packets to neighbors on point-to-point interfaces are sent via the IP multicast mechanism. Use this option if the remote neighbor does not support multicasting.

All interfaces - NBMA, point-to-point, and broadcast - can use these parameters:

enable | disable ;

Enables or disables the interface.

retransmitinterval time ;

Defines the number of seconds between link-state advertisement retransmissions.

transitdelay time ;

Defines the estimated number of seconds required to transmit a link-state update over this interface. It must be greater than 0.

priority priority ;

Defines this system's priority for the designated router election. priority is a number from 0 to 255. The router with the highest priority becomes the designated router. A router whose priority is 0 is ineligible to become the designated router. See Chapter 7 for a discussion of desginated routers.

hellointerval time ;

Defines the number of seconds between transmissions of HELLO packets.

routerdeadinterval time ;

Defines the timeout before a neighbor is declared down. time is the maximum number of seconds this router will wait for a neighbor's Hello packet.

authkey key ;

Defines a key used to authenticate OSPF packets. The key is specified as one to eight decimal digits separated by periods, a one- to eight-byte hexadecimal string preceded by 0x, or a one- to eight-character string in double quotes.

virtuallink neighborid router_id transitarea area

Defines a virtual link for the backbone area. The router_id is the router identifier of the remote router at the other end of the virtual link. The transit area must be one of the other areas configured on this system. All standard interface parameters defined above may be specified on a virtual link.

B.8.2 The rip Statement

rip yes | no | on | off [ {
broadcast ;
nobroadcast ;
nocheckzero ;
preference
preference ;
defaultmetric
metric ;
query authentication
[none | [simple | md5 password]] ;
interface
interface_list
[noripin] | [ripin]
[noripout] | [ripout]
[metricin metric]
[metricout metric]
[version 1 | 2 [multicast | broadcast]]
[[secondary] authentication [none | [simple | md5 password]] ;
trustedgateways
gateway_list ;
sourcegateways
gateway_list ;
traceoptions
trace_options ;
}
] ;

The rip statement enables or disables RIP. By default RIP is enabled. The rip statement options are:

broadcast

Forces gated to broadcast RIP update packets even if the system has only one network interface. By default, RIP updates are not broadcast if the system has only one network interface and are broadcast if it has more than one network interface; i.e., hosts do not broadcast updates and routers do. Forces gated to not broadcast RIP update packets even if the system has more than one network interface. If a sourcegateways clause is present, routes are still unicast directly to that gateway. See sourcegateways later in this section. Specifies that gated should not reject incoming version 1 RIP packets where the reserved fields are 0. Rejecting those packets is standard practice.

preference preference ;

Sets the gated preference for routes learned from RIP. The default preference for these routes is 100.

defaultmetric metric ;

Defines the metric used when advertising routes via RIP that were learned from other protocols. The default metric is 16, which to RIP indicates an unusable route. This means that by default, routes learned from other protocols are not advertised as valid routes by RIP. Set a lower value only if you want all routes learned from other protocols advertised at that metric.

query authentication [none | [simple | md5 key]] ;

Specifies the authentication used for non-router query packets. The default is none. If simple is specified, the key is a 16-byte password. If md5 is specified, the key is a 16-byte value used with the packet contents to generate a Message Digest 5 cryptographic checksum.

interface interface_list

Identifies the interfaces over which RIP runs and defines the configuration parameters of those interfaces. The interface_list can contain interface names, hostnames, IP addresses, or the keyword all. Possible parameters are:

noripin

Tells system to ignore RIP packets received on this interface. The default is to listen to RIP packets on all non-loopback interfaces.

ripin

Tells system to listen to RIP packets received on this interface. This is the default.

noripout

Tells system not to send RIP packets out this interface. The default is to send RIP on all broadcast and non-broadcast interfaces when in broadcast mode. See the nobroadcast option defined earlier in this list.

ripout

Tells system to send RIP packets out this interface. This is the default.

metricin metric

Specifies the RIP metric used for routes received on this interface. The default is the kernel interface metric plus 1, which is the default RIP hop count. If this metric is specified it is used as the absolute value, and is not added to the kernel metric.

metricout

Specifies the RIP metric added to routes sent out this interface. The default is 0. This option can only increase the metric.

version 1 | 2 [multicast | broadcast]

Identifies the version of RIP used for updates sent out this interface. Available versions are RIP 1 and RIP 2. RIP 1 is the default. If RIP 2 is specified and IP multicast is supported, full version 2 packets are sent via multicast. If multicast is not available, version 1-compatible version 2 packets are sent via broadcast. The keyword multicast, the default, specifies this behavior. The keyword broadcast specifies that RIP version 1-compatible version 2 packets should be broadcast on this interface, even if IP multicast is available. Neither keyword is used with version 1.

[secondary] authentication [none | simple | md5 key]

Defines the RIP version 2 authentication used on this interface. The default authentication type is none. If simple is specified, the key is a 16-byte password. If md5 is specified, the key is a 16-byte value used with the packet contents to generate a Message Digest 5 cryptographic checksum. If secondary is specified, this defines the secondary authentication. Packets are always sent using the primary authentication technique. The secondary authentication type is defined only for incoming packets. Inbound packets are checked against both the primary and secondary authentication method before being discarded as invalid.

trustedgateways gateway_list ;

Defines the list of gateways from which RIP accepts updates. The gateway_list is simply a list of hostnames or IP addresses. By default, all gateways on the shared network are trusted to supply routing information. But if the trustedgateways statement is used, only updates from the gateways in the list are accepted.

sourcegateways gateway_list ;

Defines a list of gateways to which RIP sends packets directly. By default, RIP packets are broadcast or multicast to several systems on the shared network - but if this statement is used, RIP unicasts packets directly to the listed gateways.

traceoptions trace_options

Defines tracing for RIP. RIP supports most of the standard tracing options and these packet-tracing options:

packets

Traces all RIP packets.

request

Traces the RIP information request packets, such as REQUEST, POLL, and POLLENTRY.

response

Traces all RIP RESPONSE packets.

other

Traces any other type of RIP packet.

B.8.3 The hello Statement

hello yes | no | on | off [ {
broadcast ;
nobroadcast ;
preference
preference ;
defaultmetric
metric ;
interface
interface_list
[nohelloin] | [helloin]
[nohelloout] | [helloout]
[metricin metric]
[metricout metric] ;
trustedgateways
gateway_list ;
sourcegateways
gateway_list ;
traceoptions
trace_options ;
}
] ;

This statement enables or disables Hello. By default, Hello is disabled. The default metric is 30000 (30 seconds is the highest possible Hello metric) and the default preference is 90. Unless the preference values are altered, routes learned from Hello are preferred over those learned from RIP.

The hello statement has basically the same options as the rip statement. The only command differences are the keywords nohelloin and nohelloout, but they perform the same function for Hello as noripin and noripout do for RIP.

The hello statement supports most of the standard trace options. In addition, the option packets can be specified to trace all HELLO packets.

B.8.4 The isis Statement

isis yes | no | dual | ip | iso {
level 1
| 2 ;
traceoptions
isis_traceoptions ;
systemid
6_digit_hexstring ;
area
hexstring ;
set
isis_parm value ; ... circuit string metric level 1 | 2 metric priority level 1 | 2 priority ;
} ;

The isis statement enables the IS-IS protocol. By default, it is disabled. The dual keyword enables IS-IS for both ISO and IP addressing. The ip keyword enables it for IP addressing and iso enables it for ISO addressing. The options that may appear in the isis statement are:

level

Indicates whether the router, called an intermediate system (IS) in OSI terminology, is a Level 1 (intra-area) or Level 2 (inter-area) IS. Default is Level 1.

traceoptions

Defines the IS-IS trace options. These are different from other gated trace options. The isis_traceoptions are:

all

Traces everything.

iih

Traces ISIS HELLO packets.

lanadj

Traces LAN adjacency updates.

p2padj

Traces point-to-point adjacency updates.

lspdb

Traces signatures in the LSP database.

lspcontent

Traces contents of the LSP database.

lspinput

Traces input processing of the LSPs.

flooding

Traces flooding of the LSPs.

buildlsp

Traces creation of the LSPs.

csnp

Traces processing of the CSNPs.

psnp

Traces processing of the PSNPs.

route

Traces route changes.

update

Traces routing updates.

paths

Traces paths calculated by the Shortest Path First (SPF) algorithm.

spf

Traces the operation of the Shortest Path First (SPF) algorithm.

events

Traces protocol events.

systemid

Defines the IS-IS system ID. If no system identifier is specified, the system ID portion of the first circuit's NSAP address is used.

area

Adds area addresses to those configured automatically from the circuits. IS-IS area addresses are automatically configured based on the real circuits over which IS-IS runs.

circuit

Defines the circuits used by IS-IS. Circuits normally are UNIX interfaces, and string is an interface name. The circuit options are:

metric

Defines the Level 1 and Level 2 metrics for each circuit. metric is a numeric value in the range 1 to 63. The default value is 63.

priority

Defines the value used by IS-IS when electing a designated router. Routers with high priority values are preferred for the designated router. priority is a numeric value between 0 and 127. If no priority is specified, a random value is selected.

See A Guide to Gated Integrated IS-IS, by Steve Heimlich, for information on IS-IS configuration. The document is included in the gated distribution.

B.8.5 The bgp Statement

bgp yes | no | on | off [ {
preference
preference ;
defaultmetric
metric ;
traceoptions
trace_options ;
group type external peeras
as_number
| internal peeras as_number
| igp peeras as_number proto proto
| routing peeras as_number proto proto interface interface_list
| test peeras as_number {
allow {

address mask mask | masklen number
all
host
address } ;
peer
address
[metricout metric]
[localas as_number]
[nogendefault]
[gateway address]
[preference preference]
[preference2 preference]
[lcladdr address]
[holdtime time]
[version number]
[passive]
[sendbuffer number]
[recvbuffer number]
[indelay time]
[outdelay time]
[keep all | none]
[analretentive]
[noauthcheck]
[noaggregatorid]
[keepalivesalways]
[v3asloopokay]
[nov4asloop]
[logupdown]
[ttl ttl]
[traceoptions trace_options] ; } ;
}
] ;

This statement enables or disables BGP. By default, BGP is disabled. The default preference is 170. By default, BGP does not advertise a metric. Unlike the RIP metric, the BGP metric does not play a primary role in determining the best route. The BGP metric is simply an arbitrary 16-bit value that can be used as one criterion for choosing a route. The defaultmetric statement can be used to define a metric that BGP will use when advertising routes.

Trace options can be specified for all of BGP or for individual BGP peers. BGP supports most of the standard trace options as well as the following:

packets

Traces all BGP packets. Traces BGP OPEN packets. Traces BGP UPDATE packets. Traces BGP KEEPALIVE packets.

BGP peers must be members of a group. The group statement declares the group, defines which peers are members of the group, and defines the group "type." Multiple group statements may be specified, but each must have a unique combination of type and autonomous system number. There are four possible group types:

group type external peeras as_number

Specifies that BGP will run as a classic exterior gateway protocol. The peers listed in this group are members of an external autonomous system. Full policy checking is applied to all incoming and outgoing routes.

group type internal peeras as_number

Specifies that BGP will be used to distribute routes to an internal group that has no traditional interior gateway protocol. Routes received from external BGP peers are readvertised to this group with the received metric.

group type igp peeras as_number proto proto

Specifies that BGP will be used to distribute path attributes to an internal group that runs an interior gateway protocol. BGP advertises the AS path, path origin, and transitive optional attributes if the path attributes are provided by the IGP's tag mechanism. proto is the name of the interior gateway protocol, e.g., proto ospf.

group type routing peeras as_number proto proto interface interface_list

Specifies that BGP will be used internally to carry external routes, while an interior gateway protocol is used to carry only internal routes. Normally the routes learned by BGP from external autonomous systems are written in the routing table, where they are picked up and distributed by an interior protocol to the local autonomous sytem. For this type of group, BGP distributes the external routes itself and the interior protocol is limited to distributing only those routes that are interior to the local autonomous system. proto is the name of the interior protocol.

group type test peeras as_number

Specifies that the members of this group are test peers. All routing information exchanged by test peers is discarded.

A group clause contains peer subclauses. Any number of peer subclauses may belong to a group. Peers are specified explicitly with a peer statement, or implicitly with the allow statement.

allow

Any peer whose address is contained in the specified address range is a member of the group. The keyword all matches all possible addresses. The keyword host precedes an individual host address. The address and mask pairs define a range of addresses. Network masks can be defined with the keyword mask and an address mask written in dotted decimal notation or with the keyword masklen and the prefix length written as a decimal number. All parameters for these peers must be defined in the group clause.

peer address

The peer identified by address is a member of the group.

The BGP peer subclause allows the following parameters, which can also be specified on the group clause. If placed on the group clause, the parameters affect all peers in the group. The available options are:

metricout metric

Defines the primary metric for routes sent to the peer, which overrides the default metric, a metric specified on the group and any metric specified by export policy.

localas as_number

Defines the local system's autonomous system number (asn). The default is to use the asn defined in the autonomoussystem statement.

nogendefault

Prevents gated from generating a default route when BGP peers with this neighbor, even if gendefault is set in the options directive statement.

gateway address

Identifies the next-hop gateway through which packets for this peer are routed. Use this only if the neighbor does not share a network with the local system. This option is rarely needed.

preference preference

Defines the preference used for routes learned from this peer, which permits gated to prefer routes from one peer, or group of peers, over another.

preference2 preference

Defines the "second" preference. In the case of a preference tie, the second preference is used to break the tie. The default value is 0.

lcladdr address

Defines the address of the local interface used to communicate with this neighbor.

holdtime time

Defines the number of seconds the peer should wait for a keepalive, update, or notification message before closing the connection. The value is sent to the peer in the Hold Time field of the BGP Open message. The value must be either 0 (no keepalives will be sent) or at least 3.

version version

Identifies the version of the BGP protocol to use with this peer. By default, the version is negotiated when the connection is opened. Currently supported versions are 2, 3, and 4.

passive

Specifies that gated should wait for the peer to issue an OPEN. By default, gated periodically sends OPEN messages until the peer responds.

sendbuffer buffer_size

recvbuffer buffer_size

Defines the size of the send and receive buffers. The default is 65535 bytes, which is the maximum. These parameters are not used on normally functioning systems.

indelay time

outdelay time

Implements "route dampening." indelay defines the number of seconds a route must be stable before it is accepted. outdelay is the number of seconds a route must be present in the gated routing database before it is exported to this peer. The default value for each is 0, meaning that these features are disabled. Use this only if the routing table is fluctuating so rapidly it is unstable.

keep all

Tells system to retain routes learned from this peer even if the routes' AS paths contain our local AS number. Normally routes that contain the local AS number are discarded as potential routing loops.

analretentive

Tells system to issue warning messages for events, such as duplicate routes, that are normally "silently ignored."

noauthcheck

Instructs system not to verify that incoming packets have an authentication field of all 1s. Use this to interoperate with an implementation that uses the authentication field.

noaggregatorid

Sets the routerid in the aggregator attribute to 0. By default, it is set to the router identifier. Use this to prevent this router from creating aggregate routes with AS paths that differ from other routers in the AS.

keepalivesalways

Instructs system to send a keepalive even when an update could have correctly substituted for one. Used for interoperability with some routers.

v3asloopokay

Allows advertisement of a route with a loop in the AS path, i.e., with an AS appearing more than once in the path, to version 3 external peers.

nov4asloop

Prevents a route with a loop in the AS path from being advertised to version 4 external peers. Used to avoid passing such routes to a peer that incorrectly forwards them to version 3 neighbors.

logupdown

Logs every time a BGP peer enters or leaves the ESTABLISHED state.

ttl ttl

Defines the IP ttl for local neighbors. By default it is set to 1. Use this option if the local neighbor discards packets sent with a ttl of 1. Not all UNIX kernels allow the ttl to be specified for TCP connections.

The BGP trace options are covered previously.

B.8.6 The egp Statement

egp yes | no | on | off [ {
preference
preference ;
defaultmetric
metric ;
packetsize
maxpacketsize ;
traceoptions
trace_options ;
group
[peeras as_number] [localas as_number] [maxup number] {
neighbor
address
[metricout metric]
[preference preference]
[preference2 preference]
[ttl ttl]
[nogendefault]
[importdefault]
[exportdefault]
[gateway address]
[lcladdr address]
[sourcenet network]
[minhello | p1 interval]
[minpoll | p2 interval]
[traceoptions trace_options] ; } ;
}] ;

This statement enables or disables EGP. By default, EGP is disabled. The default metric for announcing routes via EGP is 255, and the default preference for routes learned from EGP is 200.

The packetsize argument defines the size of the largest EGP packet that will be sent or accepted. maxpacketsize is the size in bytes. The default is 8192 bytes. If gated receives a packet larger than maxpacketsize it is discarded, but maxpacketsize is increased to the size of the larger packet so that future packets won't have to be discarded.

The traceoptions statement defines the tracing for EGP. Tracing can be specified for the EGP protocol or for an individual EGP neighbor. The EGP trace options are:

packets

Traces all EGP packets.

hello

Traces EGP HELLO/I-HEARD-U packets.

acquire

Traces EGP ACQUIRE/CEASE packets.

update

Traces EGP POLL/UPDATE packets.

The egp statement has two clauses: the group clause and the neighbor clause. EGP neighbors must be part of a group, and all of the neighbors in a group must be members of the same autonomous system. Use the group clause to define parameters for a group of EGP neighbors. Values set in a group clause apply to all neighbor clauses in the group. There can be multiple group clauses. The following parameters are set by the group clause:

peeras

Identifies the autonomous system number of the autonomous system to which the members of the group belong. If not specified, this number is learned from the neighbors.

localas

Defines the local system's autonomous system number. The default is to use the asn defined in the autonomoussystem statement.

maxup

Defines the number of EGP neighbors gated is to acquire. The default is to acquire all listed neighbors.

The neighbor clause defines one EGP neighbor. The only part of the clause that is required is the address argument, which is the host name or IP address of the neighbor. All other parameters are optional. All of these optional parameters can also be specified in the group clause if you want to apply the parameter to all neighbors. The neighbor clause parameters are:

metricout metric

Used for all routes sent to this neighbor. This value overrides the defaultmetric value set in the egp statement, but only for this specific neighbor.

preference preference

Defines the preference used for routes learned from this neighbor, which permits gated to prefer routes from one neighbor, or group of neighbors, over another.

preference2 preference

Defines the "second" preference. In the case of a preference tie, the second preference is used to break the tie. The default value is 0.

ttl ttl

Defines the IP ttl for local neighbors. By default, it is set to 1. Use this option if the local neighbor discards packets sent with a ttl of 1.

nogendefault

Prevents gated from generating a default route when EGP peers with this neighbor, even if gendefault is set in the options directive statement.

importdefault

Tells system to accept the default route if it is included in this neighbor's EGP update. By default, it is ignored.

exportdefault

Tells system to send the default route in EGP updates to this EGP neighbor. Normally a default route is not included in an EGP update.

gateway address

Identifies the next-hop gateway through which packets for this neighbor are routed. Use this only if the neighbor does not share a network with the local system. This option is rarely needed.

lcladdr address

Defines the address of the local interface used to communicate with the neighbor.

sourcenet network

Changes the network queried in EGP POLL packets. By default, this is the shared network. However, if the neighbor does not share a network with your system, the neighbor's network address should be specified here. This parameter is normally not needed. Do not use it if you share a network with the EGP neighbor.

minhello | p1 time

Sets the interval between the transmission of EGP HELLO packets. [1] The default Hello interval is 30 seconds. If the neighbor fails to respond to three HELLO packets, the system stops trying to acquire the neighbor. Setting a larger interval gives the neighbor a better chance to respond. The interval can be defined as seconds, minutes:seconds, or hours:minutes:seconds. For example, a 3-minute interval could be specified as 180 (seconds), 3:00 (minutes), or 0:3:00 (no hours and 3 minutes). The keyword p1 can be used instead of the keyword minhello.

[1] Don't confuse this with the Hello protocol. Refer to the discussion of HELLO and I-H-U packets in Chapter 7.

minpoll | p2 time

Sets the time interval between sending polls to the neighbor. The default is 120 seconds. If three polls are sent without a response, the neighbor is declared "down" and all routes learned from that neighbor are removed from the routing table. This can cause the routing table to be very unstable if a neighbor becomes congested and can't respond to rapid polls. A longer polling interval provides a more stable, but less responsive, routing table. Again the interval is defined as seconds, minutes:seconds, or hours:minutes:seconds.

B.8.7 The snmp Statement

snmp yes | no | on | off [ {
port
port ;
debug ;
traceoptions
trace_options ;
} ] ;

This command controls whether gated informs the SNMP management software of its status. SNMP is not a routing protocol and is not started by this command. You must run SNMP software independently. This statement only controls whether gated keeps the management software apprised of its status. The default is on, so gated does inform SNMP of its status.

The snmp statement supports three options:

port port

This option changes the SNMP port used by gated. By default, the SNMP daemon listens to port 199.

debug

Enables debugging of gated's SNMP code. By default, it is disabled. This option is used by code developers.

traceoptions trace_options

Traces the interactions between gated and the SNMP daemon. The detail, send, and recv options are not supported. Instead, the snmp statement uses these options:

receive

Traces all requests received from the SNMP daemon.

register

Traces SNMP requests to register variables.

resolve

Traces SNMP requests to resolve variable names.

trap

Traces SNMP trap requests.

B.8.8 The redirect Statement

redirect yes | no | on | off [ {
preference
preference ;
interface
interface_list [noredirects | redirects] ;
trustedgateways
gateway_list ;
traceoptions
trace_options ;
}
] ;

This statement controls whether ICMP redirects are allowed to modify the kernel routing table. It does not prevent a system from sending redirects, only from listening to them. If no or off is specified, gated attempts to remove the effects of ICMP redirects from the kernel routing table whenever the redirects are detected. Remember that ICMP is part of IP; therefore, the redirects may be installed in the kernel table before they are seen by gated. If you disable redirects, gated actively removes the redirected routes from the routing table. By default, ICMP redirects are enabled on hosts that quietly listen to interior routing protocols and disabled on gateways that actively participate in interior routing protocols.

The default preference of a route learned from a redirect is 30, which can be changed with the preference option. The interface statement controls how redirects are handled on an interface-by-interface basis. Redirects are ignored if noredirects is specified and are permitted if redirects, which is the default, is specified. The trustedgateways statement enables redirects on a gateway-by-gateway basis. By default, redirects are accepted from all routers on the local network. If the trustedgateways statement is used, only redirects received from a gateway listed in the gateway_list are accepted. The gateway_list is simply a list of hostnames or addresses. The trace_options defined on the traceoptions statement are the standard gated trace options.

B.8.9 The icmp Statement

icmp {
traceoptions
trace_options ;
}

On some systems, gated listens to all ICMP messages but only processes the ICMP redirect packets. That processing is controlled by the redirect statement. In the future, more functionality may be added. At present the icmp statement is used only to enable tracing of ICMP messages. The tracing options supported by the icmp statement are:

packets

Traces all ICMP packets.

redirect

Traces ICMP REDIRECT packets.

routerdiscovery

Traces ICMP ROUTER DISCOVERY packets.

info

Traces ICMP informational packets.

error

Traces ICMP error packets.

B.8.10 The routerdiscovery Statement

The Router Discovery Protocol informs hosts of the routers that are available on the network. It provides an alternative to static routes, routing protocols, and ICMP redirects for hosts that simply need to know the address of their default router. The Router Discovery Protocol is implemented as a server running on the router and a client running on the host. Both the server (router) software and the client (host) software are provided by gated.

First let's look at the server configuration statement:

routerdiscovery server yes | no | on | off [ {
traceoptions
trace_options ;
interface
interface_list
[minadvinterval time]
[maxadvinterval time]
[lifetime time] ;
address
interface_list
[advertise | ignore]
[broadcast | multicast]
[ineligible | preference preference] ;
}
] ;

The routerdiscovery statement for both the client and server support tracing. The state trace flag can be used to trace finite state machine transitions. Router discovery packet tracing, however, is not done here. It is enabled via the ICMP statement.

The interface clause defines the physical interfaces and the parameters that apply to them. Only physical interfaces can be defined in the interface clause. Addresses are specified in the address clauses shown below. The interface parameters are:

maxadvinterval time

Defines the maximum time interval between sending router advertisements. It must be more than 4 seconds and less than 30:00 minutes. The default is 10:00 minutes (600 seconds).

minadvinterval time

Defines the minimum time interval between sending router advertisements. It must be no less than 3 seconds and no greater than maxadvinterval. The default is 0.75 × maxadvinterval.

lifetime time

Defines how long clients should consider the addresses in a router advertisement valid. It must be greater than maxadvinterval and no more than 2:30:00 (two hours, thirty minutes). The default is 3 × maxadvinterval.

The address clause defines the IP addresses used and the parameters that apply to them. The address clause parameters are:

advertise | ignore

advertise specifies that the address should be included in router advertisements, which is the default. ignore specifies that the address should not be included in router advertisements.

broadcast | multicast

broadcast specifies that the address should be included in a broadcast router advertisement because some systems on the network do not support multicasting. This is the default if the router does not support multicasting.

multicast specifies that the address should only be included in a multicast router advertisement. If the system does not support multicasting, the address is not advertised.

ineligible | preference preference

Defines the preference of the address as a default router. preference is a 32-bit signed integer. The higher values mean the address is more preferable. Note that this is not gated preference. This is a value transmitted as part of the Router Discovery Protocol.

The keyword ineligible assigns a preference of hex 80000000 that means the address is not eligible to be the default router. Hosts use ineligible addresses to verify ICMP redirects.

For routerdiscovery to work, the hosts must have the routerdiscovery client software. It is part of gated and is configured by the routerdiscovery client statement.

B.8.10.1 The routerdiscovery client statement

routerdiscovery client yes | no | on | off [ {
traceoptions
trace_options ;
preference
preference ;
interface
interface_list
[enable | disable]
[broadcast | multicast]
[quiet | solicit] ;
}
] ;

The client uses the same trace options as the server. Other options are different, however. The full list of client options is:

preference preference ;

Defines the preference of default routes learned from routerdiscovery. The default is 55. Unlike the server statement, this is gated preference.

interface interface_list

Defines the interfaces used by routerdiscovery.

enable | disable

Enables or disables routerdiscovery on the interface. enable is the default.

broadcast | multicast

Specifies whether router solicitations should be broadcast or multicast on the interface. By default, router solicitations are multicast if it is supported; otherwise, router solicitations are broadcast. If the multicast keyword is specified and multicast is not available, the router solicitations are not sent. Generally, if these options are not specified, gated will do the right thing.

quiet | solicit

Specifies whether router solicitations are sent on this interface. solicit, which is the default, sends router solicitations. quiet listens to Router Advertisements but does not send router solicitations.

B.8.11 The kernel Statement

kernel { options [nochange] [noflushatexit] [remnantholdtime time] ; routes number ; flash [limit number] [type interface | interior | all] ; background [limit number] [priority flash | higher | lower] ; traceoptions trace_options ; } ;

The kernel statement defines the interactions between gated and the kernel.

options

Defines three possible configuration options. These are:

nochange

Limits gated to deletes and adds. Use on early versions of the routing socket code that have a malfunctioning change operation.

noflushatexit

Prevents route deletions at shutdown. Normally shutdown processing deletes routes that do not have a "retain" indication. Use to speed startup on systems with thousands of routes.

remnantholddimte time

Defines the length of time routes read from the kernel forwarding table at startup are retained. The default is 3 minutes or as soon as they are overridden. time can be a value between 0 and 15 minutes. A 0 value causes the routes to be deleted immediately.

routes number

Defines the maximum number of routes gated will install in the kernel. By default there is no limit to the number of routes in the kernel forwarding table.

flash

Tunes the parameters used for flash updates. When routes change, the process of notifying the kernel is called a "flash update."

limit number

Sets the maximum number of routes processed during one flash update. The default is 20. A value of -1 causes all route changes to be processed. Large updates can slow the processing of "time critical" protocols. 20 is a good default.

type interface | interior | all

Specifies the type of routes processed during a flash update. By default, only interface routes are installed during a flash update. interior specifies that interior routes are also installed, and all specifies that interior and exterior routes should be processed. Specifying flash limit -1 all causes all routes to be installed during the flash update, which mimics the behavior of previous versions of gated.

background

Tunes the parameters used for background processing. Since only interface routes are normally installed during a flash update, most routes are processed in batches in the background.

limit number

Sets the number of routes processed in one batch. The default is 120.

priority flash | higher | lower

Sets the priority for processing batch updates. The default is lower, which means that batch updates are processed at a lower priority than flash updates. To process kernel updates at the same priority as flash updates, specify flash.

Many tracing options work for the kernel interface because, in many cases, it is handled as a routing protocol. The command-line trace, symbols and iflist, provide information about the kernel. The kernel statement trace options are:

remnants

Traces routes read from the kernel when gated starts.

request

Traces gated kernel Add/Delete/Change operations.

The remaining trace options only apply to systems that use the routing socket to exchange routing information with the kernel.

info

Traces informational messages received from the routing socket.

routes

Traces routes exchanged with the kernel.

redirect

Traces redirect messages received from the kernel.

interface

Traces interface status messages received from the kernel.

other

Traces any other messages received from the kernel.


Previous: B.7 Definition StatementsTCP/IP Network AdministrationNext: B.9 static Statements
B.7 Definition StatementsBook IndexB.9 static Statements