6.1.7
Interfaces Statement
6.1.7.1 Interface Syntax
interfaces {
options
[ strictinterfaces ]
[ scaninterval time ]
;
interface interface_list
[ preference preference ]
[ down preference preference ]
[ passive ]
[ simplex ]
[ reject ]
[ blackhole ]
[ AS autonomoussystem ]
;
define address
[ broadcast address ] | [ pointtopoint address ]
[ netmask mask ]
[ multicast ]
;
New define available on "new Gated library" (version 5.x,
4.2.x, 6.x)
define (subnet|p2p) local address [options];
where options are any of:
[broadcast address]
[remote address]
[tunnel encapsulation_protocol]
[netmask address]
[no]multicast]
[no]unicast]
An interface is the connection between a router and one of its attached
networks. A physical interface may be specified by interface name, by IP
address, or by domain name, (unless the network is an unnumbered point-to-point
network). Multiple levels of reference in the configuration language allow
identification of interfaces using wildcard, interface type name, or delete
word address. Be careful with the use of interface names as future Unix
operating systems may allow more than one address per interface. The interface_list
is a list of one or more interface names, including wildcard names (names
without a number) and names which may specify more than one interface or
address, or the token all for all interfaces.
- options
- Allows configuration of some global options related to interfaces.
These are:
- strictinterfaces
- Indicates that it is a fatal error to reference an interface in the
configuration file that is not present when GateD is started and not listed
in a define statement. Without this option, a warning message
will be issued but GateD will continue
- scaninterval time
- Specifies how often GateD scans the kernel interface list for changes.
The default is every 15 seconds on most systems, and 60 seconds on systems
that pass interface status changes through the routing socket e.g. BSD
4.4). Note that GateD will also scan the interface list on receipt of a
SIGUSR2.
- interface interface_list
- Sets interface options on the specified interfaces. An interface list
is all or a list of interface names (see warning about
interface names), domain names, or numeric addresses. Options available
on this statement are:
- preference preference
- Sets the preference for routes to this interface when it is up and
appears to be functioning properly. The default preference is 0.
- down preference preference
- Sets the preference for routes to this interface when GateD does not
believe it to be functioning properly, but the kernel does not indicate
it is down. The default value is 120.
- passive
- Prevents GateD from changing the preference of the route to this interface
if it is not believed to be functioning properly due to lack of received
routing information. GateD will only perform this check if the interface
is actively participating in a routing protocol.
- simplex
- Defines an interface as unable to hear its own broadcast packets. Some
systems define an interface as simplex with the IFF_SIMPLEX flag. On others
it needs to be specified in the configuration file. On simplex interfaces,
packets from myself are assumed to have been looped back in software and
are not used as an indication that the interface is functioning properly.
- reject
- Specifies that the address of the interface which matches these criteria
will be used as the local address when installing reject routes
in the kernel. Should only be used with systems based on BSD 4.3 Tahoe
or earlier which have installed a reject/blackhole pseudo interface.
- blackhole
- Specifies that the address of the interface which matches these criteria
will be used as the local address when installing reject routes
in the kernel. Should only be used with systems based on BSD 4.3 Tahoe
or earlier which have installed a reject/blackhole pseudo interface.
- AS autonomoussystem
- Specifies that the AS that will be used to create an AS path associated
with the route created from the definition of this interface.
- define (subnet|p2p) local address
[options];
(GateD versions 4.2/5.x/6.x: only)
- broadcast address
- defines broadcast address for a broadcast-capable subnet
- remote address
- defines remote address of a logical p2p link
- tunnel encapsulation_protocol
- defines encapsulation protocol to use for a p2p tunnel. Currently only
IPIP encapsulation [RFC2003]
is recognized (which is what the multicast tunnels supported by kernels
use)
- netmask address
- defines netmask of a logical subnet
- [no]multicast
- explicitly enables/disables multicast on the interface
- [no]unicast
- explicitly enables/disables unicast routing on the interface. By default,
IPIP tunnels are multicast, nounicast interfaces.
- define address
- Defines interfaces that might not be present when GateD is started
so they may be referenced in the configuration file when strictinterfaces
is defined. Possible define keywords are:
- broadcast address
- Defines the interface as broadcast capable (e.g. Ethernet or Token
Ring) and specifies the broadcast address.
- pointtopoint address
- Defines the interface as a point-to-point interface (e.g. SLIP or PPP)
and specifies the address on the local side. The first address on
the definestatement references the address of the host on the
remote end of the interface, the address specified after
this pointtopoint keyword defines the address on the local
side of the interface.
An interface not defined as broadcast or pointtopoint is assumed to
be non-broadcast multi-access (NBMA), such as an X.25 network.
- netmask mask
- Specifies the subnetmask to be used on this interface. This is ignored
on pointtopoint interfaces.
- multicast
- Specifies that the interface is multicast capable.
6.1.7.2 Interface Lists
An interface list is a list of references to interfaces or groups of
interfaces. There are four methods available for referring to interfaces.
They are listed here from most general to most specific.
- all
- This refers to all available interfaces.
- Interface name wildcard
- This refers to all the interfaces of the same type. Unix interfaces
consist of the name of the device driver, like ie, and a unit
number, like 0, 5 or 22. Reference to the name
contain only alphabetic characters and match any interfaces that have the
same alphabetic part.
- For example, ie on a Sun would refer to all Interlan Ethernet
interfaces, le would refer to all Lance Ethernet interfaces. But
ie would not match iel0.
- Interface name
- This refers to a specific interface, usually one physical interface.
These are specified as an alphabetic part followed by a numeric part. This
will match one specific interface. But be aware that on many systems, there
can be more than one protocol (i.e. IP) address on a given physical
interface. For example, ef1 will match an interface named ef1,
but not an interface named ef10.
- Interface address
- This matches one specific interface. The reference can be by protocol
address (i.e. 10.0.0.51), or by symbolic hostname (i.e. nic.ddn.mil).
Note that a symbolic hostname reference is only valid when it resolves
to only one address. Use of symbolic hostnames is not recommended.
If many interface lists are present in the config file with more than
one parameter, these parameters are collected at run-time to create the
specific parameter list for a given interface. If the same parameter is
specified on more than one list, the parameters with the most specific
interface is used.
For example, consider a system with three interfaces, le0,
le1 and du0.
rip yes {
interface all noripin noripout ;
interface le ripin ;
interface le1 ripout ;
} ;
RIP packets would only be accepted from interfaces le0 and
le1, but not from du0. RIP packets would only be sent
on interface le1.
6.1.7.3 Example of New Define Statement for GateD 4.2/5.0/6.0
interfaces {
define p2p local 198.108.60.89 remote 141.213.10.41 multicast nounicast
tunnel ipip;
define subnet local 192.168.12.114 netmask 255.255.255.0;
define p2p local 192.168.13.114 remote 192.168.13.116;
};
The first define configures a multicast-only IP-in-IP tunnel usable
by routing protocols for the multicast RIB. Note
that the keywords "multicast nounicast" here are redundant with
the defaults for "tunnel ipip". In fact, the standard multicast
kernel cannot support any other combination.
The second define tells gated to treat the interface with the local
address 192.168.12.114 as a subnet (192.168.12/24), even if it's actually
a p2p link. (This does, however, require that the actual remote p2p address
fall within the configured subnet prefix.)
The third define tells gated to treat the interface with the local address
192.168.13.114 as a point-to-point link to 192.168.13.116, even if it's
not actually a p2p link. (If it's actuall a subnet, this requires that
the configured remote p2p address fall within the actual subnet prefix.)
6.1.7.4 IP Interface Addresses and Routes
The BSD 4.3 and later networking implementations allow four types
of interfaces. Some implementations allow multiple protocol addresses per
physical interface. These are mostly based on BSD 4.3 Reno or later.
- loopback
- This interface must have the address of 127.0.0.1. Packets sent
to this interface are sent back to the originator. This interface is also
used as a catch all interface for implementing other features, such as
reject and blackhole routes. Although a netmask is reported
on this interface, it is ignored. It is useful to assign an additional
address to this interface that is the same as the OSPF or BGP router
id; this allows routing to a system based on the router id which
will work if some interfaces are down.
- broadcast
- This is a multi-access interface capable of a physical level broadcast,
such as Ethernet, Token Ring and FDDI. This interface
has an associated subnet mask and broadcast address. The interface route
to an broadcast network will be a route to the complete subnet.
- point-to-point
- This is a tunnel to another host, usually on some sort of serial
link. This interface has a local address, and a remote address.
Although it may be possible to specify multiple addresses for a point-to-point
interface, there does not seem to be a useful reason for doing so.
- The remote address must be unique among all the interface addresses
on a given router. The local address may be shared among many point-to-point
and up to one non-point-to-point interface. This is technically
a form of the router id method for addressless links. This technique
conserves subnets as none are required when using this technique.
- If a subnet mask is specified on a point-to-point interface,
it is only used by RIP version 1 and HELLO to determine which subnets may
be propagated to the router on the other side of this interface.
- non-broadcast multi-access or nbma
- This type of interface is multi-access, but not capable of broadcast.
An example of this would be frame relay and X.25. This type
of interface has a local address and a subnet mask.
GateD insures that there is a route available to each IP interface which
is configured and up. Normally this is done by the ifconfig command
that configures the interface. GateD does it to insure consistency.
For point-to-point interfaces, GateD installs some special routes.
If the local address on one or more point-to-point interfaces
is not shared with a non-point-to-point interface, GateD installs
a route to the local address pointing at the loopback interface
with a preference of 110. This insures that packets originating on this
host destined for this local address are handled locally. OSPF prefers
to route packets for the local interface across the point-to-point
link where they will be returned by the router on the remote end. This
is used to verify operation of the link. Since OSPF installs routes with
a preference of 10, these routes will override the route installed with
a preference of 110.
If the local address of one or more point-to-point interfaces
is shared with a non-point-to-pointinterface, GateD installs a route
to the local with a preference of 0 that will not be installed in
the forwarding table. This is to prevent protocols like OSPF from routing
packets to this address across a serial interface when this system could
be functioning as a host.
When the status of an interface changes, GateD notifies all the protocols,
which take the appropriate action. GateD assumes that interfaces which
are not marked UP do not exist. While this might not be the most
correct action, it is the way things currently work.
GateD ignores any interfaces that have invalid data for the local,
remote or broadcast addresses, or the subnet mask.
Invalid data includes zeros in any field. GateD will also ignore any point-to-point
interface that has the same local and remote addresses. It assumes that
it is in some sort of loopback test mode.
Last updated November 30, 1997
gated@gated.merit.edu