home  wiki

RoutingHowTo

Introduction

So, you have this radio network thing and after playing with it for a while you come to realize that you don't really want to bridge your home network to the rest of the Melbourne Wireless community. You need to set up a router. The router will do two things for you, it gives you the control to expose the right amount of your network and it allows you to establish a firewall between yourself and the general Melbourne Wireless network. This is exactly the same as you would have for your Internet connection.

The router may be an embedded device, a combination device (router/wireless access point), a dedicated Linux machine (old PC) or an existing machine you make dual homed by adding an additional NIC.

Regardless of the device you are using it needs to have more than one network interface, should be able to forward packets between the interfaces and should allow you to run firewall software and a routing daemon or two. It's probably a good idea to have a dedicated machine between you own stuff and the rest of the world, usual disclaimer here.

Configuring IP forwarding

Most PC based operating systems support ip forwarding but it is usually not turned on. When you have a PC that has more than one network interface and you want to enable routing, you may need to make some simple configuration changes to get the machine forwarding packets between interfaces.

Often you have the funny situation where the machine you want to act as a router can see other machines on both subnets but machines on one subnet cannot see machines on the other - you need to enable IP forwarding.

Linux

Most standard distributions support IP forwarding. you turn IP forwarding on by setting a flag in /proc. This can be done using the sysctl command or by simply echoing 1 to the file.
 echo "1" > /proc/net/ipv4/ip_forward

Alternatively use sysctl
 
 /sbin/sysctl -a  will display all configured settings
 
 /sbin/sysctl net.ipv4.ip_forward
   net.ipv4.ip_forward = 0
 
 /sbin/sysctl -w net.ipv4.ip_forward="1"

BSD variants (including MAC OSX)

Similar to Linux, use sysctl to set the ip forwarding flag. In this case the flag is net.inet.ip.forwarding.
 
 /sbin/sysctl -w net.inet.ip.forwarding="1"

Windows

In windows routing is possible through a change to a registry parameter. Open regedit and go to the entry:
 
 HKEY_LOCAL_MACHINE \SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
 

Find the entry IPEnableRouter and set to 1 (default is 0). Reboot and you should be forwarding packets.

Looking at the routing table

The routing table can be inspected using the route command.
 
 [dna@koen dna]$ /sbin/route
 Kernel IP routing table
 Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
 192.168.1.3     *               255.255.255.255 UH    0      0        0 eth0
 wailea          *               255.255.255.255 UH    0      0        0 eth0
 192.168.2.0     192.168.1.3     255.255.255.0   UG    0      0        0 eth0
 192.168.2.0     wailea          255.255.255.0   UG    0      0        0 eth0
 192.168.1.0     *               255.255.255.0   U     0      0        0 eth0
 127.0.0.0       *               255.0.0.0       U     0      0        0 lo
 default         bgenki2         0.0.0.0         UG    0      0        0 eth0

You can see different types of routing entries. Some are for machines and others are for subnets. The machine entries are fully qualified addresses or a machine name (192.168.1.3 or wailea) while the subnets (in this case) are those that end in zero (192.168.2.0). Routes to subnets include the IP Address of the gateway that is used to send packets to the subnet. Typically you need to add a route to the gateway first, then add the route to the subnet using the previously defined gateway. There are exceptions to this, MAC OS X will add the gateway automatically and has a different command syntax.
Alternative commands can access the same information but most likely formatted differently. The raw routing data is maintained by the kernel and is accessed by these commands from /proc/net/route.
 /sbin/ip route (or /sbin/ip r)
 /bin/netstat -r

Default route

The default route is the route used for all packets that do not match an explicitly defined route. Each device can have only one default route. Each OS will have a slightly different command syntax for creating a route. The same command usually allows you to look at the routing table as well as set routes. This needs to be done as root or a user with the appropriate permissions.
 Linux  route add -net default 192.168.1.1 netmask 255.255.255.0 
 BSD    route add -net default 192.168.1.1 255.255.255.0 

Links


Good description of External linkrouting concepts by Damian James at External linkBrismesh


Version 5 (current) modified Tue, 03 Jul 2007 23:12:20 +1000 by graybeard
[EditText] [Spelling] [Current] [Raw] [Code] [Diff] [Subscribe] [VersionHistory] [Revert] [Delete] [RecentChanges]
> home> about> events> files> members> maps> wiki board   > home   > categories   > search   > changes   > formatting   > extras> site map

Username
Password

 Remember me.
>

> forgotten password?
> register?
currently 0 users online
Node Statistics
building122
gathering192
interested464
operational248
testing201