Summary: netstat -rn output changing automatically

From: sreenath sarikonda <sreeredhat_at_yahoo.com>
Date: Tue Jan 25 2005 - 14:30:34 EST
>Hell Gurus,
>           I was checking the routing table of my
>system and it was chaning automatically. I have
>/etc/notrouter. Could some one explain this to me? 

First of all thank you to Russell Page, Bruce
Kirkland, Ryan Krenzischek, Crist Clark,
Matthew Stier and jzhao.
My problem was solved by removing the
/etc/resolv.conf. I really don't know whether my
following theory is correct. The name server it was
pointing doesn't have any information regarding our
local systems and its not a local DNS server. I guess
the system was wasting time in DNS queries. We don't
have local dns server.As soon as I removed the file,
ftp connections stopped dropping.
Couple of points:
/etc/notrouter only disables ipforwarding.
It will still startup startup router discovery, if
/etc/defaultrouter 
is not set.
___________________________________
About parameter :ip_ignore_direct is set to zero
Then if you want to prevent those routes from coming
back, you need to set it to one. The "D" in the
"Flags"
column indicates these routes are from redirects.
Redirects are supposed to improve performance. You may
want to look into why they are being sent in the first
place. This may be an indication that your network is
misconfigured.

Very much appreciated Russell's summary. 
There are three different concepts to get in order to
understand 
routing.

1. Is this machine a router?
2. Where should this machine forward packets to?
3. How does this machine acquire the routing
information it needs in 
order 
to answer question 2?

1. An IP router is ANY system that is connected to
more than one IP 
network, 
that forwards traffic between the networks. A Solaris
system with more 
than 
one configured interface will automatically configure
itself as a 
router. 
This means that other machines can forward IP packets
to it to be 
forwarded 
to another network. The file you mention -
/etc/notrouter - suppresses 
this 
behaviour. For instance a busy database server may be
connected to two 
or 
three networks. If it starts acting as a router then
it will be 
sacrificing 
resources to the routing function. In fact if there is
a lot of traffic 
to 
route, it may end up spending more time routing IP
traffic than acting 
as a 
database server! By creating /etc/notrouter, we
prevent it from 
configuring 
itself as a router.

2. Where should this machine forward packets to?
All systems connected to a network can deliver IP
traffic directly to 
other 
systems on the same subnet. If the destination IP
address is on a 
remote 
network, the system will deliver the traffic to a
router. The system 
consults the routing table to determine which router
it should forward 
a 
particular IP datagram to. Routing tables typically
contain one or more 
of 
three types of entries.
A network route specifies which router to choose to
forward traffic 
directed 
to a particular IP network. A host route specifies a
router for traffic 
going to a particular host, and the (usual) default
route specifies a 
router 
for all traffic that is not specified by a net or host
route.

3. How does this machine acquire the routing
information it needs in 
order 
to answer question 2?
There are three sources a machine can use to acquire
routing 
information. 
The information can be entered into the routing table
by a system 
administrator or read from a file. A very common case
is of a system 
that is 
connected to a subnetwork with only one router on it.
Obviously all 
remote 
traffic must be sent to this router. If we create a
file called 
/etc/defaultrouter containing the local IP address of
the router, this 
file is read by the system at boot time, a default
route is added to the 
routing table, and it remains there until it is
manually removed or the system 
shuts down. No further, automatic updates to the
routing table occur.
A second way to learn where the default router is, is
for the system to 
broadcast a special request called a router
solicitation message when 
it boots. Many routers, and Solaris systems running as
routers respond to 
these messages. If the system receives a response it
updates it's routing 
table with a default route. This will remain in the
table as long as the 
router continues to provide the service. If the
default router "disappears" 
the host will broadcast a new solicitation message to
find a new router.
The third way for the system to learn about routers is
to monitor 
"Router Information Protocol" broadcasts. Essentially,
every 30 seconds or so 
routers dump their routing tables into a UDP packet
and broadcast it to 
all attached networks. Hosts that are listening for
these RIP broadcasts 
update their routing tables automatically as they
learn new information about 
the network.
My experience is that most Solaris administrators
either create an 
/etc/defaultrouter file or depend on the router
discovery protocol to 
configure a default route for them.
Your post suggests that your system, if it has more
than one interface, 
is not itself acting as a router  - you have an
/etc/notrouter file, which 
presumably was there last time the system booted - and
that it is 
listening to, and acting on RIP broadcasts to maintain
it's routing table.

Thank you,
Sree.


		
__________________________________ 
Do you Yahoo!? 
Yahoo! Mail - Find what you need with new enhanced search.
http://info.mail.yahoo.com/mail_250
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
Received on Tue Jan 25 14:31:04 2005

This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:43:42 EST