/usr/src/man/man4/gateways.4

'\" te
.\" Copyright (c) 2009, Sun Microsystems, Inc. All Rights Reserved.
.\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License").  You may not use this file except in compliance with the License. You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing.
.\"  See the License for the specific language governing permissions and limitations under the License. When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE.  If applicable, add the following below this CDDL HEADER, with
.\" the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
.TH GATEWAYS 4 "May 20, 2009"
.SH NAME
gateways \- configuration file for /usr/sbin/in.routed IPv4 network routing
daemon
.SH SYNOPSIS
.LP
.nf
\fB/etc/gateways\fR
.fi

.SH DESCRIPTION
.sp
.LP
The \fB/etc/gateways\fR file is used by the routing daemon,
\fBin.routed\fR(1M). When the daemon starts, it reads \fB/etc/gateways\fR to
find such distant gateways that cannot be located using only information from a
routing socket, to discover if some of the local gateways are passive, and to
obtain other parameters.
.sp
.LP
The \fB/etc/gateways\fR file consists of a series of lines, each in one of the
two formats shown below or consisting of parameters described later. Blank
lines and lines starting with "\fB#\fR" are treated as comments.
.sp
.LP
One format specifies networks:
.sp
.in +2
.nf
net Nname[/mask] gateway Gname metric value <passive | active | external>
.fi
.in -2

.sp
.LP
The other format specifies hosts:
.sp
.in +2
.nf
host \fIHname\fR gateway \fIGname\fR metric \fIvalue\fR <passive | active | external>
.fi
.in -2

.sp
.LP
Host \fIhname\fR is equivalent to \fBnet \fInname\fR/32\fR.
.sp
.LP
The parameters in the lines shown above are described as follows:
.sp
.ne 2
.na
\fB\fINname\fR or \fIHname\fR\fR
.ad
.sp .6
.RS 4n
Name of the destination network or host. It can be a symbolic network name or
an Internet address specified in \fBdot\fR notation (see \fBinet\fR(3SOCKET)).
If it is a name, then it must either be defined in \fB/etc/networks\fR or
\fB/etc/hosts\fR, or a naming service must have been started before
\fBin.routed\fR(1M).
.RE

.sp
.ne 2
.na
\fB\fIMask\fR\fR
.ad
.sp .6
.RS 4n
An optional number between 1 and 32 indicating the netmask associated with
Nname.
.RE

.sp
.ne 2
.na
\fB\fIGname\fR\fR
.ad
.sp .6
.RS 4n
Name or address of the gateway to which RIP responses should be forwarded.
.RE

.sp
.ne 2
.na
\fB\fIValue\fR\fR
.ad
.sp .6
.RS 4n
The hop count to the destination host or network.
.RE

.sp
.ne 2
.na
\fB\fBpassive\fR | \fBactive\fR | \fBexternal\fR\fR
.ad
.sp .6
.RS 4n
One of these keywords must be present to indicate whether the gateway should be
treated as passive or active, or whether the gateway is external to the scope
of the RIP protocol. A passive gateway is not expected to exchange routing
information, while gateways marked active should be willing to exchange RIP
packets. See \fBin.routed\fR(1M) for further details.
.RE

.sp
.LP
After turning on debugging in \fBin.routed\fR with the \fB-t\fR option, you can
see that lines that follow the format described above create pseudo-interfaces.
To set parameters for remote or external interfaces, use a line starting with
\fBif=alias(\fIHname\fR)\fR, \fBif=remote(\fIHname\fR)\fR, and so forth.
.sp
.LP
For backward compatibility with the previous Solaris \fBin.routed\fR
implementation, three special keyword formats are accepted. If present, these
forms must each be on a separate line, and must not be combined on the same
line with any of the keywords listed elsewhere in this document. These three
forms are:
.sp
.ne 2
.na
\fB\fBnorip \fIifname\fR\fR\fR
.ad
.RS 19n
Disable all RIP processing on the specified interface.
.RE

.sp
.ne 2
.na
\fB\fBnoripin \fIifname\fR\fR\fR
.ad
.RS 19n
Disable the processing of received RIP responses on the specified interface.
.RE

.sp
.ne 2
.na
\fB\fBnoripout \fIifname\fR\fR\fR
.ad
.RS 19n
Disable RIP output on the specified interface.
.RE

.sp
.LP
Lines that start with neither \fBnet\fR nor \fBhost\fR must consist of one or
more of the following parameter settings, separated by commas or blanks:
.sp
.ne 2
.na
\fB\fB\fR\fBif=\fIifname\fR\fR\fR
.ad
.sp .6
.RS 4n
Indicates that the other parameters on the line apply only to the interface
name \fIifname\fR. If this parameter is not specified, then other parameters on
the line apply to all interfaces.
.RE

.sp
.ne 2
.na
\fB\fBsubnet=\fInname\fR[/\fImask\fR][,\fImetric\fR]\fR\fR
.ad
.sp .6
.RS 4n
Advertises a route to network nname with mask mask and the supplied metric
(default 1). This is useful for filling \fBholes\fR in CIDR allocations. This
parameter must appear by itself on a line. The network number must specify a
full, 32-bit value, as in \fB192.0.2.0\fR instead of \fB192.0.2\fR.
.RE

.sp
.ne 2
.na
\fB\fBripv1_mask=\fInname\fR/\fImask1\fR,\fImask2\fR\fR\fR
.ad
.sp .6
.RS 4n
Specifies that the netmask of the network of which \fInname\fR/\fImask1\fR is a
subnet should be \fImask2\fR. For example, \fBripv1_mask=192.0.2.16/28,27\fR
marks \fB192.0.2.16/28\fR as a subnet of \fB192.0.2.0/27\fR instead of
\fB192.0.2.0/24\fR. It is better to turn on RIPv2 instead of using this
facility. See the description of \fBripv2_out\fR, below.
.RE

.sp
.ne 2
.na
\fB\fBpasswd=\fIXXX\fR[|\fIKeyID\fR[\fIstart\fR|\fIstop\fR]]\fR\fR
.ad
.sp .6
.RS 4n
Specifies a RIPv2 cleartext password that will be included on all RIPv2
responses sent, and checked on all RIPv2 responses received. Any blanks, tab
characters, commas, or "\fB#\fR", "\fB|\fR", or NULL characters in the password
must be escaped with a backslash (\fB\e\fR). The common escape sequences
\fB\en\fR, \fB\er\fR, \fB\et\fR, \fB\eb\fR, and \fB\e\fIxxx\fR\fR have their
usual meanings. The \fIKeyID\fR must be unique but is ignored for cleartext
passwords. If present, \fIstart\fR and \fIstop\fR are timestamps in the form
year/month/day@hour:minute. They specify when the password is valid. The valid
password with the longest future is used on output packets, unless all
passwords have expired, in which case the password that expired most recently
is used. If no passwords are valid yet, no password is output. Incoming packets
can carry any password that is valid, will be valid within 24 hours, or that
was valid within 24 hours. To protect password secrecy, the passwd settings are
valid only in the \fB/etc/gateways\fR file and only when that file is readable
only by UID 0.
.RE

.sp
.ne 2
.na
\fB\fBmd5_passwd=\fR\fIXXX\fR|\fIKeyID\fR[\fIstart\fR|\fIstop\fR]\fR
.ad
.sp .6
.RS 4n
Specifies a RIPv2 MD5 password. Except that a KeyID is required, this keyword
is similar to \fBpasswd\fR (described above).
.RE

.sp
.ne 2
.na
\fB\fBno_ag\fR\fR
.ad
.sp .6
.RS 4n
Turns off aggregation of subnets in RIPv1 and RIPv2 responses.
.RE

.sp
.ne 2
.na
\fB\fBno_host\fR\fR
.ad
.sp .6
.RS 4n
Turns off acceptance of host routes.
.RE

.sp
.ne 2
.na
\fB\fBno_super_ag\fR\fR
.ad
.sp .6
.RS 4n
Turns off aggregation of networks into supernets in RIPv2 responses.
.RE

.sp
.ne 2
.na
\fB\fBpassive\fR\fR
.ad
.sp .6
.RS 4n
Marks the interface not to be advertised in updates sent over other interfaces,
and turns off all RIP and router discovery through the interface.
.RE

.sp
.ne 2
.na
\fB\fBno_rip\fR\fR
.ad
.sp .6
.RS 4n
Disables all RIP processing on the specified interface. If no interfaces are
allowed to process RIP packets, \fBin.routed\fR acts purely as a router
discovery daemon.
.sp
Note that turning off RIP without explicitly turning on router discovery
advertisements with \fBrdisc_adv\fR or \fB-s\fR causes \fBin.routed\fR to act
as a client router discovery daemon, which does not advertise.
.RE

.sp
.ne 2
.na
\fB\fBno_rip_mcast\fR\fR
.ad
.sp .6
.RS 4n
Causes RIPv2 packets to be broadcast instead of multicast.
.RE

.sp
.ne 2
.na
\fB\fBno_ripv1_in\fR\fR
.ad
.sp .6
.RS 4n
Causes RIPv1 received responses to be ignored.
.RE

.sp
.ne 2
.na
\fB\fBno_ripv2_in\fR\fR
.ad
.sp .6
.RS 4n
Causes RIPv2 received responses to be ignored.
.RE

.sp
.ne 2
.na
\fB\fBripv2_out\fR\fR
.ad
.sp .6
.RS 4n
Turns on RIPv2 output and causes RIPv2 advertisements to be multicast when
possible.
.RE

.sp
.ne 2
.na
\fB\fBripv2\fR\fR
.ad
.sp .6
.RS 4n
Equivalent to \fBno_ripv1_in\fR and \fBripv2_out\fR. This enables RIPv2 and
disables RIPv1.
.RE

.sp
.ne 2
.na
\fB\fBno_rdisc\fR\fR
.ad
.sp .6
.RS 4n
Disables the Internet Router Discovery Protocol.
.RE

.sp
.ne 2
.na
\fB\fBno_solicit\fR\fR
.ad
.sp .6
.RS 4n
Disables the transmission of Router Discovery Solicitations.
.RE

.sp
.ne 2
.na
\fB\fBsend_solicit\fR\fR
.ad
.sp .6
.RS 4n
Specifies that Router Discovery solicitations should be sent, even on
point-to-point links, which, by default, only listen to Router Discovery
messages.
.RE

.sp
.ne 2
.na
\fB\fBno_rdisc_adv\fR\fR
.ad
.sp .6
.RS 4n
Disables the transmission of Router Discovery Advertisements.
.RE

.sp
.ne 2
.na
\fB\fBrdisc_adv\fR\fR
.ad
.sp .6
.RS 4n
Specifies that Router Discovery Advertisements should be sent, even on
point-to-point links, which by default only listen to Router Discovery
messages.
.RE

.sp
.ne 2
.na
\fB\fBbcast_rdisc\fR\fR
.ad
.sp .6
.RS 4n
Specifies that Router Discovery packets should be broadcast instead of
multicast.
.RE

.sp
.ne 2
.na
\fB\fBrdisc_pref=\fIN\fR\fR\fR
.ad
.sp .6
.RS 4n
Sets the preference in Router Discovery Advertisements to the optionally signed
integer \fIN\fR. The default preference is 0. Default routes with higher or
less negative preferences are preferred by clients.
.RE

.sp
.ne 2
.na
\fB\fBrdisc_interval=\fIN\fR\fR\fR
.ad
.sp .6
.RS 4n
Sets the nominal interval with which Router Discovery Advertisements are
transmitted to \fIN\fR seconds and their lifetime to 3*\fIN\fR.
.RE

.sp
.ne 2
.na
\fB\fBfake_default=\fImetric\fR\fR\fR
.ad
.sp .6
.RS 4n
Has an identical effect to \fB-F\fR \fBnet\fR[/\fImask\fR][=\fImetric\fR] with
the network number and netmask coming from the specified interface.
.RE

.sp
.ne 2
.na
\fB\fBpm_rdisc\fR\fR
.ad
.sp .6
.RS 4n
Similar to \fBfake_default\fR. To prevent RIPv1 listeners from receiving RIPv2
routes when those routes are multicast, this feature causes a RIPv1 default
route to be broadcast to RIPv1 listeners. Unless modified with
\fBfake_default\fR, the default route is broadcast with a metric of 14. That
serves as a \fBpoor man's router discovery\fR protocol.
.RE

.sp
.ne 2
.na
\fB\fBtrust_gateway=\fIrtr_name\fR[|\fInet1\fR/\fImask1\fR|\fInet2\fR/\fImask2\
fR|...]\fR\fR
.ad
.sp .6
.RS 4n
Causes RIP packets from that router and other routers named in other
\fBtrust_gateway\fR keywords to be accepted, and packets from other routers to
be ignored. If networks are specified, then routes to other networks will be
ignored from that router.
.RE

.sp
.ne 2
.na
\fB\fBredirect_ok\fR\fR
.ad
.sp .6
.RS 4n
Causes RIP to allow ICMP Redirect messages when the system is acting as a
router and forwarding packets. Otherwise, ICMP Redirect messages are
overridden.
.RE

.sp
.ne 2
.na
\fB\fBrip_neighbor=\fIx.x.x.x\fR\fR\fR
.ad
.sp .6
.RS 4n
By default, RIPv1 advertisements over point-to-point links are sent to the
peer's address (255.255.255.255, if none is available), and RIPv2
advertisements are sent to either the RIP multicast address or the peer's
address if \fBno_rip_mcast\fR is set. This option overrides those defaults and
configures a specific address to use on the indicated interface. This can be
used to set a broadcast type advertisement on a point-to-point link.
.RE

.SH SEE ALSO
.sp
.LP
\fBin.routed\fR(1M), \fBroute\fR(1M), \fBrtquery\fR(1M), \fBinet\fR(3SOCKET),
.sp
.LP
\fIInternet Transport Protocols, XSIS 028112, Xerox System Integration
Standard\fR