Register your product to gain access to bonus material or receive a coupon.
Traditional IPv4 routing is summarized as "All routing is a destination driven process". When a router looks at an IPv4 packet it cares only about the destination address in the header of the packet. It uses this destination address to make a decision on where to forward the packet. But what if you want to route packets differently depending not only on the destination addresses but also on other packet fields such as source address, IP protocol, transport protocol ports or even packet payload? This is Policy Routing and this book tells you how to do it.
Introduction.
Conventions Used in This Book.
I. THEORY, USAGE, AND UTILITIES.
1. Basic IPv4 Routing.Traditional IPv4 Routing. UNIX Configuration Commands.
ifconfig Utility. route Utility.
Cisco IOS Configuration Commands.
ip address. ip route.
IPv4 Dynamic Routing.
RIP/Distance Vector. OSPF/Link State. Dynamic Routing Tradition.
UNIX routed and Cisco RIP Configurations.
routed. Cisco IOS RIP Configuration.
Sample Linux Router Setup.
2. Policy Routing Theory.Defining “Policy” in Policy Routing Common IPv4 Routing Problems and Solutions.
The Quality of Service Explosion.
Policy Routing Structure.
Implementation Considerations for Policy Routing.
Summary.
3. Linux Policy Routing Structures.The Triad Elements-Address, Route, Rule.
Address. Route. Rule.
RPDB-The Linux Policy Routing Implementation. System Packet Paths-IPChains/NetFilter.
IPChains-Kernel 2.1/2.2. NetFilter-Kernel 2.3/2.4.
Summary.
4. IPROUTE2 Utility for Linux.Obtaining and Compiling IPROUTE2. General Command Structure.
IP Global Command Syntax. Error Conditions
ip link-Network Device Configuration.
ip link set-Change Device Attributes. ip link show-Look at Device Attributes.
ip address-Protocol Address Management.
Arguments. Primary/Secondary Addressing Versus Multiple Addresses Explained.
ip neighbour-neighbour/ARP Table Management.
Arguments.
ip route-Routing Table Management.
ip route {add/change/replace}.
ip rule-Routing Policy Database Management. ip tunnel-IP Tunnelling Configuration. ip monitor and rtmon-Route State Monitoring. Summary.
II. POLICY ROUTING IMPLEMENTATIONS.
5. Simple Network Examples.IP Addressing.
Fundamental IP Address Concept. Example 5.1: Multiple IP Addressing. IP Address Scoping. Example 5.2: Primary/Secondary IP Addressing.
IP Routes.
Example 5.3: Host Routing. Example 5.4: Basic Router Filters. Example 5.5: Multiple Routes to Same Destination. Example 5.6: Troubleshooting Unbalanced Multiple Loop Routes.
IP Rules.
Example 5.7: Basic Router Filters v2.0.
Multiple Route Tables.
Example 5.8: Basic Router Filters v3.0.
All Together Now. Summary.
6. Complex Network Examples.Local Service Segregation.
Example 6.1-The Art of Ping. Example 6.2-Loopback Dummy. Example 6.3-Reality Is Loopy.
Bounce Table Walking.
Example 6.4-Throw Routes.
Tag Routing with TOS and fwmark.
Example 6.5-Mark My Route. Linux DiffServ Architecture. Example 6.6-Class Wars.
Interactions with Packet Filters.
Example 6.7-Double Play Packet.
Summary.
7. Dynamic Routing Interactions.Realms and Information Bases.
rtacct-Route Realms and Policy Propagation.
gated and Zebra.
The gated Utility. The Zebra Routing Suite.
Rules and Dynamic Structure.
gated and Multiple Routing Tables. Zebra and Multiple Routing Tables. gated & zebra & rules = FUN.
Summary.
8. NAT Functions.Standard NAT Defined. Policy Routing NAT. NetFilter NAT. Interactions Between FastNAT and NetFilter. Summary.
9. IPv6.Theory and History.
IPv6 Addresses. IPv6 Routing and Neighbors. RADVD-Router Advertisement Daemon.
Policy Routing Usage. Summary.
10. Future Musings.Policy Routing Triad. The Protocols: IPv4, IPv6, and IPSec. Security and Commerce. Summary.
III. APPENDIXES.
Appendix A. Glossary of Terms.Kernel Configuration and Patches.
Kernel 2.2.12. Kernel 2.4. IPROUTE2.
NetFilter Patches. Software Versions. PakSecured Installation and Configuration.
Minimum System Requirements. Phase I-Initial Files Install. Phase II-Kernel Configuration. Final Phase-PakSecured Configuration.
Index.