Policy Routing Using Linux: Introduction
Any discussion of how Policy Routing works must draw upon the essential nature of the original Unix TCP/IP networking. Basic IPv4 routing refers to the process of getting a data packet from one TCP/IP network to another. This always involves a machine of some type that is connected to both networks. This machine is referred to as a router whenever it is the mechanism by which a packet is passed from one network to another.
In the book there are several assumptions made about the level of knowledge you possess. These assumptions are spelled out for you now along with some references for more information. This book is not concerned with the actual software or operating system source code needed to perform the routing functions. This book speaks from a network administration standpoint as opposed to a network programmer's viewpoint. In short, you should have working knowledge of the following:
-
ISO/OSI 7 Layer Model
-
TCP/IP IPv4 Specifications:
-
Addressing
-
Protocols
-
Ports
-
CIDRClassless InterDomain Routing notation
-
Configuring IPv4 networking on some platform
-
Configuring Basic IPv4 routing on some platform
-
Security structures, such as ACLs, Packet Filters, and so on
For the first three items you can refer to TCP/IP Illustrated Volume 1, by W. Richard Stevens. For the configuring issues I recommend you refer to the manual configuration such as you would perform on a Cisco router or on most Unix platforms or even as on a Novell NetWare 3.x system. Keep in mind the stress on performing the manual configuration. GUI configuration systems leave you with little or no knowledge of what actual steps and actions are taken with respect to the implementation within the parameters of the operating system. For the security parts I recommend a good network security reference that includes the Cisco and IBM IP security books.
You must be comfortable with the command line as a basic necessity. All of the examples and most of the references herein will assume that you are typing the commands either into the command line or into some text-based configuration file. Knowledge of an editor is recommended but not required as the examples are primarily designed to be entered interactively.
Accompanying this book is a CD-ROM containing a copy of the PakSecured Linux distribution. This distribution is the platform that all of the examples and scripts were developed upon. See Appendix B, "Source Code Listings and Locations," for details on installing it if you want to use it for the examples.
Enjoy the power!
Conventions Used in This Book
The following typographic conventions are used in this book:
-
Code lines, commands, parameters, and any text you would see onscreen appear in a computer typeface.
-
Any text you need to type appears in bold computer typeface.
-
Placeholders in syntax descriptions appear in an italic computer typeface. Replace the placeholder with the actual filename, parameter, or whatever element it represents.