These classnotes are depreciated. As of 2005, I no longer teach the classes. Notes will remain online for legacy purposes

UNIX02/Iproute And Iproute2

Classnotes | UNIX02 | RecentChanges | Preferences

The 2.2 and above Linux kernels include a completely redesigned network subsystem. This new networking code brings Linux performance and a feature set with little competition in the general OS arena. In fact, the new routing, filtering, and classifying code is more featureful than the one provided by many dedicated routers and firewalls and traffic shaping products.

As new networking concepts have been invented, people have found ways to plaster them on top of the existing framework in existing OSes. This constant layering of cruft has lead to networking code that is filled with strange behaviour, much like most human languages. In the past, Linux emulated SunOS?'s handling of many of these things, which was not ideal.

This new framework makes it possible to clearly express features previously beyond Linux's reach.

iproute

iproute is the new, "professional" routing table maintenance utility for the Linux kernel. It has many substantial benefits over the traditional routed and gated. Some which include the following:
  • Traffic control : With this suite of tools you can limit bandwidth and set up favored connections.
  • GRE/PtP? Tunnelling : GRE/PtP? tunnelling is an integral part of routing these days. Traditionaly tools such as arp, ifconfig, and route have had difficulties dealing with these tunnels.
  • Packet filtering/prioritizing : We will look a these in more depth in UNIX03.

iproute is the default routing utility for most Linux distributions. It is the default choice for both Red Hat and Debian, which we will be looking at in this class.

Exploring your current configuration

This may come as a surprise, but iproute2 is already configured! The current commands ifconfig and route are already using the advanced syscalls, but mostly with very default (ie. boring) settings.

The ip tool is central, and we'll ask it to display our interfaces for us.

ip shows us our links

 [ahu@home ahu]$ ip link list
 1: lo: <LOOPBACK,UP> mtu 3924 qdisc noqueue 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
 2: dummy: <BROADCAST,NOARP> mtu 1500 qdisc noop 
    link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
 3: eth0: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1400 qdisc
                      pfifo_fast qlen 100
    link/ether 48:54:e8:2a:47:16 brd ff:ff:ff:ff:ff:ff
 4: eth1: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qdisc
                      pfifo_fast qlen 100
    link/ether 00:e0:4c:39:24:78 brd ff:ff:ff:ff:ff:ff
 3764: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP> mtu 1492 qdisc
                      pfifo_fast qlen 10
    link/ppp 

Your mileage may vary, but this is what it shows on my NAT router at home. I'll only explain part of the output as not everything is directly relevant.

We first see the loopback interface. The MTU size (Maximum Transfer Unit) is 3924 octets, and it is not supposed to queue. Which makes sense because the loopback interface is a figment of your kernel's imagination.

I'll skip the dummy interface for now, and it may not be present on your computer. Then there are my two physical network interfaces, one at the side of my cable modem, the other one serves my home ethernet segment. Furthermore, we see a ppp0 interface.

Note the absence of IP addresses. iproute disconnects the concept of 'links' and 'IP addresses'. With IP aliasing, the concept of 'the' IP address had become quite irrelevant anyhow.

It does show us the MAC addresses though, the hardware identifier of our ethernet interfaces.

ip shows us our IP addresses

 [ahu@home ahu]$ ip address show        
 1: lo: <LOOPBACK,UP> mtu 3924 qdisc noqueue 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
 2: dummy: <BROADCAST,NOARP> mtu 1500 qdisc noop 
    link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
 3: eth0: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1400 qdisc
                       pfifo_fast qlen 100
    link/ether 48:54:e8:2a:47:16 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.1/8 brd 10.255.255.255 scope global eth0
 4: eth1: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qdisc
                       pfifo_fast qlen 100
    link/ether 00:e0:4c:39:24:78 brd ff:ff:ff:ff:ff:ff
 3764: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP> mtu 1492 qdisc
                       pfifo_fast qlen 10
    link/ppp 
    inet 212.64.94.251 peer 212.64.94.1/32 scope global ppp0

This contains more information. It shows all our addresses, and to which cards they belong. 'inet' stands for Internet (IPv4). There are lots of other address families, but these don't concern us right now.

Let's examine eth0 somewhat closer. It says that it is related to the inet address '10.0.0.1/8'. What does this mean? The /8 stands for the number of bits that are in the Network Address. There are 32 bits, so we have 24 bits left that are part of our network. The first 8 bits of 10.0.0.1 correspond to 10.0.0.0, our Network Address, and our netmask is 255.0.0.0.

The other bits are connected to this interface, so 10.250.3.13 is directly available on eth0, as is 10.0.0.1 for example.

With ppp0, the same concept goes, though the numbers are different. Its address is 212.64.94.251, without a subnet mask. This means that we have a point-to-point connection and that every address, with the exception of 212.64.94.251, is remote. There is more information, however. It tells us that on the other side of the link there is, yet again, only one address, 212.64.94.1. The /32 tells us that there are no 'network bits'.

You may also note 'qdisc', which stands for Queueing Discipline. This will become vital later on in UNIX03.

ip shows us our routes

Well, we now know how to find 10.x.y.z addresses, and we are able to reach 212.64.94.1. This is not enough however, so we need instructions on how to reach the world. The Internet is available via our ppp connection, and it appears that 212.64.94.1 is willing to spread our packets around the world, and deliver results back to us.

 [ahu@home ahu]$ ip route show
 212.64.94.1 dev ppp0  proto kernel  scope link  src 212.64.94.251 
 10.0.0.0/8 dev eth0  proto kernel  scope link  src 10.0.0.1 
 127.0.0.0/8 dev lo  scope link 
 default via 212.64.94.1 dev ppp0 

This is pretty much self explanatory. The first 4 lines of output explicitly state what was already implied by ip address show, the last line tells us that the rest of the world can be found via 212.64.94.1, our default gateway. We can see that it is a gateway because of the word via, which tells us that we need to send packets to 212.64.94.1, and that it will take care of things.

For reference, this is what the old route utility shows us:

 [ahu@home ahu]$ route -n
 Kernel IP routing table
 Destination   Gateway     Genmask        Flags Metric Ref    Use
Iface
 212.64.94.1   0.0.0.0     255.255.255.255 UH    0      0        0 ppp0
 10.0.0.0      0.0.0.0     255.0.0.0       U     0      0        0 eth0
 127.0.0.0     0.0.0.0     255.0.0.0       U     0      0        0 lo
 0.0.0.0       212.64.94.1 0.0.0.0         UG    0      0        0 ppp0

For more information, please consult the [Linux Advanced Routing & Traffic Control HOWTO].


Classnotes | UNIX02 | RecentChanges | Preferences
This page is read-only | View other revisions
Last edited August 15, 2003 11:54 pm (diff)
Search:
(C) Copyright 2003 Samuel Hart
Creative Commons License
This work is licensed under a Creative Commons License.