diff options
author | Michael Shalayeff <mickey@cvs.openbsd.org> | 1997-07-30 22:24:49 +0000 |
---|---|---|
committer | Michael Shalayeff <mickey@cvs.openbsd.org> | 1997-07-30 22:24:49 +0000 |
commit | 8f8968006824e23ac888c36b119b28a019d1faa2 (patch) | |
tree | 2457b0ca7255d4f80fea253921eec882a56bee34 /sbin/routed/routed.8 | |
parent | 41488b8b4aff0afcea12013f2220c254191a4060 (diff) |
update to sgi-02apr97
still have problems w/ defaults from pppd
Diffstat (limited to 'sbin/routed/routed.8')
-rw-r--r-- | sbin/routed/routed.8 | 92 |
1 files changed, 67 insertions, 25 deletions
diff --git a/sbin/routed/routed.8 b/sbin/routed/routed.8 index bfd1d3348a9..cf7f61f9f16 100644 --- a/sbin/routed/routed.8 +++ b/sbin/routed/routed.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: routed.8,v 1.9 1997/06/26 21:53:05 deraadt Exp $ +.\" $OpenBSD: routed.8,v 1.10 1997/07/30 22:24:45 mickey Exp $ .\" .\" Copyright (c) 1983, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -98,7 +98,7 @@ After transmitting a RIP and Router Discovery Advertisements or Solicitations on a new interface, the daemon enters a loop, listening for -RIP request and response and Router Discover packets from other hosts. +RIP request and response and Router Discovery packets from other hosts. .Pp When a .Em request @@ -200,12 +200,7 @@ currently chosen router dies. If all discovered routers disappear, the daemon resumes listening to RIP responses. .Pp -While using Router Discovery (which happens by default when -the system has a single network interface and a Router Discover Advertisement -is received), there is a single default route and a variable number of -redirected host routes in the kernel table. -.Pp -The Router Discover standard requires that advertisements +The Router Discovery standard requires that advertisements have a default "lifetime" of 30 minutes. That means should something happen, a client can be without a good route for 30 minutes. It is a good idea to reduce the default to 45 @@ -216,14 +211,23 @@ on the command line or in the .Pa /etc/gateways file. +On a host with more than one network interface, +this default route will be via only one of the interfaces. +Thus, multi-homed hosts running with \f3\-q\f1 might need +.Cm no_rdisc +described below. .Pp See the .Cm pm_rdisc facility described below to support "legacy" systems that can handle neither RIPv2 nor Router Discovery. .Pp -By default, neither Router Discovery advertisements nor solicications +By default, neither Router Discovery advertisements nor solicitations are sent over point to point links (e.g. PPP). +The netmask associated with point-to-point links (such as SLIP +or PPP, with the IFF_POINTOPOINT flag) is used by +.Nm routed +to infer the netmask used by the remote system when RIPv1 is used. .Pp Options supported by @@ -240,6 +244,7 @@ ipforwarding=1. is the opposite of the .Fl s option. +This is the default when only one interface is present. .It Fl d Do not run in the background. This option is meant for interactive use. @@ -263,7 +268,7 @@ This is typically used on a gateway to the Internet, or on a gateway that uses another routing protocol whose routes are not reported to other local routers. Notice that because a metric of 1 is used, this feature is -dangerous. It is more commonly accidently used to create chaos with routing +dangerous. It is more commonly accidentally used to create chaos with routing loop than to solve problems. .It Fl h This causes host or point-to-point routes to not be advertised, @@ -398,7 +403,7 @@ are also passive, but are not placed in the kernel routing table nor are they included in routing updates. The function of external entries is to indicate that another routing process -will install such a route if ncessary, +will install such a route if necessary, and that alternate routes to that destination should not be installed by .Nm routed . @@ -501,21 +506,49 @@ specifies a RIPv2 password that will be included on all RIPv2 responses sent and checked on all RIPv2 responses received. The password must not contain any blanks, tab characters, commas or '#' characters. +.It Cm passwd Ns \&= Ns Ar XXX1[|KeyID[start|stop]] +specifies a RIPv2 cleartext password that will be included on +all RIPv2 responses sent, and checked on all RIPv2 responses received. +Any blanks, tab characters, commas, or '#', '|', or NULL characters in the +password must be escaped with a backslash (\\). +The common escape sequences \\n, \\r, \\t, \\b, and \\xxx have their +usual meanings. +The +.Cm KeyID +must be unique but is ignored for cleartext passwords. +If present, +.Cm start +and +.Cm stop +are timestamps in the form year/month/day@hour:minute. +They specify when the password is valid. +The valid password with the most future is used on output packets, unless +all passwords have expired, in which case the password that expired most +recently is used, or unless no passwords are valid yet, in which case +no password is output. +Incoming packets can carry any password that is valid, will +be valid within 24 hours, or that was valid within 24 hours. +To protect the secrets, the passwd settings are valid only in the +.Em /etc/gateways +file and only when that file is readable only by UID 0. +.It Cm md5_passwd Ns \&= Ns Ar XXX1|KeyID[start|stop] +specifes a RIPv2 MD5 password. +Except that a +.Cm KeyID +is required, this keyword is similar to +.Cm passwd . .It Cm no_ag turns off aggregation of subnets in RIPv1 and RIPv2 responses. .It Cm no_super_ag turns off aggregation of networks into supernets in RIPv2 responses. .It Cm passive -is equivalent -.Cm no_rip Cm no_rdisc . +marks the interface to not be advertised in updates sent via other +interfaces, and turns off all RIP and router discovery through the interface. .It Cm no_rip disables all RIP processing on the specified interface. If no interfaces are allowed to process RIP packets, .Nm acts purely as a router discovery daemon. -.Cm No_rip -is equivalent to -.Cm no_ripv1_in no_ripv2_in no_ripv1_out no_ripv2_out . Note that turning off RIP without explicitly turning on router discovery advertisements with @@ -524,7 +557,7 @@ or .Fl s causes .Nm routed -to act as a client router discovery daemon, not adveritising. +to act as a client router discovery daemon, not advertising. .It Cm no_ripv1_in causes RIPv1 received responses to be ignored. .It Cm no_ripv2_in @@ -532,10 +565,15 @@ causes RIPv2 received responses to be ignored. .It Cm ripv2_out turns off RIPv1 output and causes RIPv2 advertisements to be multicast when possible. +.It Cm ripv2 +is equivalent to +.Cm no_ripv1_in +and +.Cm no_ripv1_out . .It Cm no_rdisc disables the Internet Router Discovery Protocol. .It Cm no_solicit -disables the tranmission of Router Discovery Solicitations. +disables the transmission of Router Discovery Solicitations. .It Cm send_solicit specifies that Router Discovery solicitations should be sent, even on point-to-point links, @@ -543,7 +581,7 @@ which by default only listen to Router Discovery messages. .It Cm no_rdisc_adv disables the transmission of Router Discovery Advertisements .It Cm rdisc_adv -specifies that Router Discovery advertisements should be sent, +specifies that Router Discovery Advertisements should be sent, even on point-to-point links, which by default only listen to Router Discovery messages .It Cm bcast_rdisc @@ -557,7 +595,7 @@ sets the nominal interval with which Router Discovery Advertisements are transmitted to N seconds and their lifetime to 3*N. .It Cm fake_default Ns \&= Ns Ar metric has an identical effect to -.Fl F Ar net[/mask][,metric] +.Fl F Ar net[/mask][=metric] with the network and mask coming from the sepcified interface. .It Cm pm_rdisc is similar to @@ -569,13 +607,17 @@ Unless modified with .Cm fake_default , the default route is broadcast with a metric of 14. That serves as a "poor man's router discovery" protocol. +.It Cm trust_gateway Ns \&= Ns Ar rname +causes RIP packets from that router and other routers named in +other +.Cm trust_gateway +keywords to be accept, and packets from other routers to be ignored. +.It Cm redirect_ok +causes RIP to allow ICMP Redirect messages when the system is acting +as a router and forwarding packets. +Otherwise, ICMP Redirect messages are overridden. .El .Pp -Note that the netmask associated with point-to-point links (such as SLIP -or PPP, with the IFF_POINTOPOINT flag) is used by -.Nm routed -to infer the netmask used by the remote system when RIPv1 is used. -.Pp .Sh FILES .Bl -tag -width /etc/gateways -compact .It Pa /etc/gateways |