sbin/routed/routed.8

.\"   $Revision: 2.26 $
.\"
.\" Copyright (c) 1983, 1991, 1993
.\"	The Regents of the University of California.  All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\"    notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\"    notice, this list of conditions and the following disclaimer in the
.\"    documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of the University nor the names of its contributors
.\"    may be used to endorse or promote products derived from this software
.\"    without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.Dd June 27, 2022
.Dt ROUTED 8
.Os
.Sh NAME
.Nm routed ,
.Nm rdisc
.Nd network RIP and router discovery routing daemon
.Sh SYNOPSIS
.Nm
.Op Fl isqdghmpAtv
.Op Fl T Ar tracefile
.Oo
.Fl F
.Ar net Ns Op /mask Ns Op ,metric
.Oc
.Op Fl P Ar parms
.Sh DESCRIPTION
The
.Nm
utility is a daemon invoked at boot time to manage the network
routing tables.
It uses Routing Information Protocol, RIPv1 (RFC\ 1058),
RIPv2 (RFC\ 1723),
and Internet Router Discovery Protocol (RFC 1256)
to maintain the kernel routing table.
The RIPv1 protocol is based on the reference
.Bx 4.3
daemon.
.Pp
It listens on the
.Xr udp 4
socket for the
.Xr route 8
service (see
.Xr services 5 )
for Routing Information Protocol packets.
It also sends and receives multicast Router Discovery ICMP messages.
If the host is a router,
.Nm
periodically supplies copies
of its routing tables to any directly connected hosts and networks.
It also advertises or solicits default routes using Router Discovery
ICMP messages.
.Pp
When started (or when a network interface is later turned on),
.Nm
uses an AF_ROUTE address family facility to find those
directly connected interfaces configured into the
system and marked "up".
It adds necessary routes for the interfaces
to the kernel routing table.
Soon after being first started, and provided there is at least one
interface on which RIP has not been disabled,
.Nm
deletes all pre-existing
non-static routes in kernel table.
Static routes in the kernel table are preserved and
included in RIP responses if they have a valid RIP -hopcount
(see
.Xr route 8 ) .
.Pp
If more than one interface is present (not counting the loopback interface),
it is assumed that the host should forward packets among the
connected networks.
After transmitting a RIP
.Em request
and
Router Discovery Advertisements or Solicitations on a new interface,
the daemon enters a loop, listening for
RIP request and response and Router Discovery packets from other hosts.
.Pp
When a
.Em request
packet is received,
.Nm
formulates a reply based on the information maintained in its
internal tables.
The
.Em response
packet generated contains a list of known routes, each marked
with a "hop count" metric (a count of 16 or greater is
considered "infinite").
The advertised metric for a route reflects the metrics associated
with interfaces
(see
.Xr ifconfig 8 )
though which it is received and sent,
so setting the metric on an interface
is an effective way to steer traffic.
See also
.Cm adj_inmetric
and
.Cm adj_outmetric
parameters below.
.Pp
Responses do not include routes with a first hop on the requesting
network to implement in part
.Em split-horizon .
Requests from query programs
such as
.Xr rtquery 8
are answered with the complete table.
.Pp
The routing table maintained by the daemon
includes space for several gateways for each destination
to speed recovery from a failing router.
RIP
.Em response
packets received are used to update the routing tables provided they are
from one of the several currently recognized gateways or
advertise a better metric than at least one of the existing
gateways.
.Pp
When an update is applied,
.Nm
records the change in its own tables and updates the kernel routing table
if the best route to the destination changes.
The change in the kernel routing table is reflected in the next batch of
.Em response
packets sent.
If the next response is not scheduled for a while, a
.Em flash update
response containing only recently changed routes is sent.
.Pp
In addition to processing incoming packets,
.Nm
also periodically checks the routing table entries.
If an entry has not been updated for 3 minutes, the entry's metric
is set to infinity and marked for deletion.
Deletions are delayed until the route has been advertised with
an infinite metric to ensure the invalidation
is propagated throughout the local internet.
This is a form of
.Em poison reverse .
.Pp
Routes in the kernel table that are added or changed as a result
of ICMP Redirect messages are deleted after a while to minimize
.Em black-holes .
When a TCP connection suffers a timeout,
the kernel tells
.Nm ,
which deletes all redirected routes
through the gateway involved, advances the age of all RIP routes through
the gateway to allow an alternate to be chosen, and advances of the
age of any relevant Router Discovery Protocol default routes.
.Pp
Hosts acting as internetwork routers gratuitously supply their
routing tables every 30 seconds to all directly connected hosts
and networks.
These RIP responses are sent to the broadcast address on nets that support
broadcasting,
to the destination address on point-to-point links, and to the router's
own address on other networks.
If RIPv2 is enabled, multicast packets are sent on interfaces that
support multicasting.
.Pp
If no response is received on a remote interface, if there are errors
while sending responses,
or if there are more errors than input or output (see
.Xr netstat 1 ) ,
then the cable or some other part of the interface is assumed to be
disconnected or broken, and routes are adjusted appropriately.
.Pp
The
.Em Internet Router Discovery Protocol
is handled similarly.
When the daemon is supplying RIP routes, it also listens for
Router Discovery Solicitations and sends Advertisements.
When it is quiet and listening to other RIP routers, it
sends Solicitations and listens for Advertisements.
If it receives
a good Advertisement and it is not multi-homed,
it stops listening for broadcast or multicast RIP responses.
It tracks several advertising routers to speed recovery when the
currently chosen router dies.
If all discovered routers disappear,
the daemon resumes listening to RIP responses.
It continues listening to RIP while using Router Discovery
if multi-homed to ensure all interfaces are used.
.Pp
The Router Discovery standard requires that advertisements
have a default "lifetime" of 30 minutes.
That means should
something happen, a client can be without a good route for
30 minutes.
It is a good idea to reduce the default to 45
seconds using
.Fl P Cm rdisc_interval=45
on the command line or
.Cm rdisc_interval=45
in the
.Pa /etc/gateways
file.
.Pp
While using Router Discovery (which happens by default when
the system has a single network interface and a Router Discover Advertisement
is received), there is a single default route and a variable number of
redirected host routes in the kernel table.
On a host with more than one network interface,
this default route will be via only one of the interfaces.
Thus, multi-homed hosts running with
.Fl q
might need
.Cm no_rdisc
described below.
.Pp
See the
.Cm pm_rdisc
facility described below to support "legacy" systems
that can handle neither RIPv2 nor Router Discovery.
.Pp
By default, neither Router Discovery advertisements nor solicitations
are sent over point to point links (e.g.\& PPP).
The netmask associated with point-to-point links (such as SLIP
or PPP, with the IFF_POINTOPOINT flag) is used by
.Nm
to infer the netmask used by the remote system when RIPv1 is used.
.Pp
The following options are available:
.Bl -tag -width indent
.It Fl i
allow
.Nm
to accept a RIP request from non-router node.
When specified once,
.Nm
replies to a route information query from neighbor nodes.
When specified twice,
it replies to a query from remote nodes in addition.
.Xr rtquery 8
utility can be used to send a request.
.Pp
This feature is disabled by default because of a risk of reflection attack
though it is useful for debugging purpose.
.It Fl s
force
.Nm
to supply routing information.
This is the default if multiple network interfaces are present on which
RIP or Router Discovery have not been disabled, and if the kernel switch
ipforwarding=1.
.It Fl q
is the opposite of the
.Fl s
option.
This is the default when only one interface is present.
With this explicit option, the daemon is always in "quiet-mode" for RIP
and does not supply routing information to other computers.
.It Fl d
do not run in the background.
This option is meant for interactive use.
.It Fl g
used on internetwork routers to offer a route
to the "default" destination.
It is equivalent to
.Fl F
.Cm 0/0,1
and is present mostly for historical reasons.
A better choice is
.Fl P Cm pm_rdisc
on the command line or
.Cm pm_rdisc
in the
.Pa /etc/gateways
file,
since a larger metric
will be used, reducing the spread of the potentially dangerous
default route.
This is typically used on a gateway to the Internet,
or on a gateway that uses another routing protocol whose routes
are not reported to other local routers.
Notice that because a metric of 1 is used, this feature is
dangerous.
It is more commonly accidentally used to create chaos with a
routing loop than to solve problems.
.It Fl h
cause host or point-to-point routes to not be advertised,
provided there is a network route going the same direction.
That is a limited kind of aggregation.
This option is useful on gateways to Ethernets that have other gateway
machines connected with point-to-point links such as SLIP.
.It Fl m
cause the machine to advertise a host or point-to-point route to
its primary interface.
It is useful on multi-homed machines such as NFS servers.
This option should not be used except when the cost of
the host routes it generates is justified by the popularity of
the server.
It is effective only when the machine is supplying
routing information, because there is more than one interface.
The
.Fl m
option overrides the
.Fl q
option to the limited extent of advertising the host route.
.It Fl A
do not ignore RIPv2 authentication if we do not care about RIPv2
authentication.
This option is required for conformance with RFC 1723.
However, it makes no sense and breaks using RIP as a discovery protocol
to ignore all RIPv2 packets that carry authentication when this machine
does not care about authentication.
.It Fl t
increase the debugging level, which causes more information to be logged
on the tracefile specified with
.Fl T
or standard out.
The debugging level can be increased or decreased
with the
.Em SIGUSR1
or
.Em SIGUSR2
signals or with the
.Xr rtquery 8
command.
.It Fl T Ar tracefile
increases the debugging level to at least 1 and
causes debugging information to be appended to the trace file.
Note that because of security concerns, it is wisest to not run
.Nm
routinely with tracing directed to a file.
.It Fl v
display and logs the version of daemon.
.It Fl F Ar net[/mask][,metric]
minimize routes in transmissions via interfaces with addresses that match
.Em net/mask ,
and synthesizes a default route to this machine with the
.Em metric .
The intent is to reduce RIP traffic on slow, point-to-point links
such as PPP links by replacing many large UDP packets of RIP information
with a single, small packet containing a "fake" default route.
If
.Em metric
is absent, a value of 14 is assumed to limit
the spread of the "fake" default route.
This is a dangerous feature that when used carelessly can cause routing
loops.
Notice also that more than one interface can match the specified network
number and mask.
See also
.Fl g .
.It Fl P Ar parms
is equivalent to adding the parameter
line
.Em parms
to the
.Pa /etc/gateways
file.
.El
.Pp
Any other argument supplied is interpreted as the name
of a file in which the actions of
.Nm
should be logged.
It is better to use
.Fl T
instead of
appending the name of the trace file to the command.
.Pp
The
.Nm
utility also supports the notion of
"distant"
.Em passive
or
.Em active
gateways.
When
.Nm
is started, it reads the file
.Pa /etc/gateways
to find such distant gateways which may not be located using
only information from a routing socket, to discover if some
of the local gateways are
.Em passive ,
and to obtain other parameters.
Gateways specified in this manner should be marked passive
if they are not expected to exchange routing information,
while gateways marked active
should be willing to exchange RIP packets.
Routes through
.Em passive
gateways are installed in the
kernel's routing tables once upon startup and are not included in
transmitted RIP responses.
.Pp
Distant active gateways are treated like network interfaces.
RIP responses are sent
to the distant
.Em active
gateway.
If no responses are received, the associated route is deleted from
the kernel table and RIP responses advertised via other interfaces.
If the distant gateway resumes sending RIP responses, the associated
route is restored.
.Pp
Such gateways can be useful on media that do not support broadcasts
or multicasts but otherwise act like classic shared media like
Ethernets such as some ATM networks.
One can list all RIP routers reachable on the HIPPI or ATM network in
.Pa /etc/gateways
with a series of
"host" lines.
Note that it is usually desirable to use RIPv2 in such situations
to avoid generating lists of inferred host routes.
.Pp
Gateways marked
.Em external
are also passive, but are not placed in the kernel
routing table nor are they included in routing updates.
The function of external entries is to indicate
that another routing process
will install such a route if necessary,
and that other routes to that destination should not be installed
by
.Nm .
Such entries are only required when both routers may learn of routes
to the same destination.
.Pp
The
.Pa /etc/gateways
file is comprised of a series of lines, each in
one of the following two formats or consist of parameters described later.
Blank lines and lines starting with '#' are comments.
.Bd -ragged
.Cm net
.Ar Nname[/mask]
.Cm gateway
.Ar Gname
.Cm metric
.Ar value
.Pf < Cm passive No \&|
.Cm active No \&|
.Cm extern Ns >
.Ed
.Bd -ragged
.Cm host
.Ar Hname
.Cm gateway
.Ar Gname
.Cm metric
.Ar value
.Pf < Cm passive No \&|
.Cm active No \&|
.Cm extern Ns >
.Ed
.Pp
.Ar Nname
or
.Ar Hname
is the name of the destination network or host.
It may be a symbolic network name or an Internet address
specified in "dot" notation (see
.Xr inet 3 ) .
(If it is a name, then it must either be defined in
.Pa /etc/networks
or
.Pa /etc/hosts ,
or a method in
.Xr nsswitch.conf 5
must be able to resolve it.)
.Pp
.Ar Mask
is an optional number between 1 and 32 indicating the netmask associated
with
.Ar Nname .
.Pp
.Ar Gname
is the name or address of the gateway to which RIP responses should
be forwarded.
.Pp
.Ar Value
is the hop count to the destination host or network.
.Pp
.Cm Host Ar hname
is equivalent to
.Cm net Ar nname/32 .
.Pp
One of the keywords
.Cm passive ,
.Cm active
or
.Cm external
must be present to indicate whether the gateway should be treated as
.Cm passive
or
.Cm active
(as described above),
or whether the gateway is
.Cm external
to the scope of the RIP protocol.
.Pp
As can be seen when debugging is turned on with
.Fl t ,
such lines create pseudo-interfaces.
To set parameters for remote or external interfaces,
a line starting with
.Cm if=alias(Hname) ,
.Cm if=remote(Hname) ,
etc.\& should be used.
.Ss Parameters
Lines that start with neither "net" nor "host" must consist of one
or more of the following parameter settings, separated by commas or
blanks:
.Bl -tag -width indent
.It Cm if Ns = Ns Ar ifname
indicates that the other parameters on the line apply to the interface
name
.Ar ifname .
.It Cm subnet Ns = Ns Ar nname Ns Oo / Ns Ar mask Oc Ns Op , Ns Ar metric
advertises a route to network
.Ar nname
with mask
.Ar mask
and the supplied metric (default 1).
This is useful for filling "holes" in CIDR allocations.
This parameter must appear by itself on a line.
The network number must specify a full, 32-bit value, as in 192.0.2.0
instead of 192.0.2.
.Pp
Do not use this feature unless necessary.
It is dangerous.
.It Cm ripv1_mask Ns = Ns Ar nname Ns / Ns Ar mask1 , Ns Ar mask2
specifies that netmask of the network of which
.Ar nname Ns / Ns Ar mask1
is
a subnet should be
.Ar mask2 .
For example,
.Dq Li ripv1_mask=192.0.2.16/28,27
marks 192.0.2.16/28
as a subnet of 192.0.2.0/27 instead of 192.0.2.0/24.
It is better to turn on RIPv2 instead of using this facility, for example
with
.Cm ripv2_out .
.It Cm passwd Ns = Ns Ar XXX[|KeyID[start|stop]]
specifies a RIPv2 cleartext password that will be included on
all RIPv2 responses sent, and checked on all RIPv2 responses received.
Any blanks, tab characters, commas, or '#', '|', or NULL characters in the
password must be escaped with a backslash (\\).
The common escape sequences \\n, \\r, \\t, \\b, and \\xxx have their
usual meanings.
The
.Cm KeyID
must be unique but is ignored for cleartext passwords.
If present,
.Cm start
and
.Cm stop
are timestamps in the form year/month/day@hour:minute.
They specify when the password is valid.
The valid password with the most future is used on output packets, unless
all passwords have expired, in which case the password that expired most
recently is used, or unless no passwords are valid yet, in which case
no password is output.
Incoming packets can carry any password that is valid, will
be valid within the next 24 hours, or that was valid within the preceding
24 hours.
To protect the secrets, the passwd settings are valid only in the
.Pa /etc/gateways
file and only when that file is readable only by UID 0.
.It Cm md5_passwd Ns \&= Ns Ar XXX|KeyID[start|stop]
specifies a RIPv2 MD5 password.
Except that a
.Cm KeyID
is required, this keyword is similar to
.Cm passwd .
.It Cm no_ag
turns off aggregation of subnets in RIPv1 and RIPv2 responses.
.It Cm no_super_ag
turns off aggregation of networks into supernets in RIPv2 responses.
.It Cm passive
marks the interface to not be advertised in updates sent via other
interfaces, and turns off all RIP and router discovery through the interface.
.It Cm no_rip
disables all RIP processing on the specified interface.
If no interfaces are allowed to process RIP packets,
.Nm
acts purely as a router discovery daemon.
.Pp
Note that turning off RIP without explicitly turning on router
discovery advertisements with
.Cm rdisc_adv
or
.Fl s
causes
.Nm
to act as a client router discovery daemon, not advertising.
.It Cm no_rip_mcast
causes RIPv2 packets to be broadcast instead of multicast.
.It Cm no_rip_out
causes no RIP updates to be sent.
.It Cm no_ripv1_in
causes RIPv1 received responses to be ignored.
.It Cm no_ripv2_in
causes RIPv2 received responses to be ignored.
.It Cm ripv2_out
turns on RIPv2 output and causes RIPv2 advertisements to be
multicast when possible.
.It Cm ripv2
is equivalent to
.Cm no_ripv1_in
and
.Cm no_ripv1_out .
This enables RIPv2.
.It Cm no_rdisc
disables the Internet Router Discovery Protocol.
.It Cm no_solicit
disables the transmission of Router Discovery Solicitations.
.It Cm send_solicit
specifies that Router Discovery solicitations should be sent,
even on point-to-point links,
which by default only listen to Router Discovery messages.
.It Cm no_rdisc_adv
disables the transmission of Router Discovery Advertisements.
.It Cm rdisc_adv
specifies that Router Discovery Advertisements should be sent,
even on point-to-point links,
which by default only listen to Router Discovery messages.
.It Cm bcast_rdisc
specifies that Router Discovery packets should be broadcast instead of
multicast.
.It Cm rdisc_pref Ns \&= Ns Ar N
sets the preference in Router Discovery Advertisements to the optionally
signed integer
.Ar N .
The default preference is 0.
Default routes with smaller or more negative preferences are preferred by
clients.
.It Cm rdisc_interval Ns \&= Ns Ar N
sets the nominal interval with which Router Discovery Advertisements
are transmitted to N seconds and their lifetime to 3*N.
.It Cm fake_default Ns \&= Ns Ar metric
has an identical effect to
.Fl F Ar net[/mask][=metric]
with the network and mask coming from the specified interface.
.It Cm pm_rdisc
is similar to
.Cm fake_default .
When RIPv2 routes are multicast, so that RIPv1 listeners cannot
receive them, this feature causes a RIPv1 default route to be
broadcast to RIPv1 listeners.
Unless modified with
.Cm fake_default ,
the default route is broadcast with a metric of 14.
That serves as a "poor man's router discovery" protocol.
.It Cm adj_inmetric Ns \&= Ns Ar delta
adjusts the hop count or metric of received RIP routes by
.Ar delta .
The metric of every received RIP route is increased by the sum
of two values associated with the interface.
One is the adj_inmetric value and the other is the interface
metric set with
.Xr ifconfig 8 .
.It Cm adj_outmetric Ns \&= Ns Ar delta
adjusts the hop count or metric of advertised RIP routes by
.Ar delta .
The metric of every received RIP route is increased by the metric
associated with the interface by which it was received, or by 1 if
the interface does not have a non-zero metric.
The metric of the received route is then increased by the
adj_outmetric associated with the interface.
Every advertised route is increased by a total of four
values,
the metric set for the interface by which it was received with
.Xr ifconfig 8 ,
the
.Cm adj_inmetric Ar delta
of the receiving interface,
the metric set for the interface by which it is transmitted with
.Xr ifconfig 8 ,
and the
.Cm adj_outmetric Ar delta
of the transmitting interface.
.It Cm trust_gateway Ns \&= Ns Ar rname[|net1/mask1|net2/mask2|...]
causes RIP packets from router
.Ar rname
and other routers named in other
.Cm trust_gateway
keywords to be accepted, and packets from other routers to be ignored.
If networks are specified, then routes to other networks will be ignored
from that router.
.It Cm redirect_ok
allows the kernel to listen ICMP Redirect messages when the system is acting
as a router and forwarding packets.
Otherwise, ICMP Redirect messages are overridden and deleted when the
system is acting as a router.
.El
.Sh FILES
.Bl -tag -width /etc/gateways -compact
.It Pa /etc/gateways
for distant gateways
.El
.Sh SEE ALSO
.Xr icmp 4 ,
.Xr udp 4 ,
.Xr rtquery 8
.Rs
.%T Internet Transport Protocols
.%R XSIS 028112
.%Q Xerox System Integration Standard
.Re
.Sh HISTORY
The
.Nm
utility appeared in
.Bx 4.2 .
.\"  LocalWords:  loopback ICMP rtquery ifconfig multicasting Solicitations RIPv
.\"  LocalWords:  netstat rdisc
.Sh BUGS
It does not always detect unidirectional failures in network interfaces,
for example, when the output side fails.