Previous | Contents | Index |
Static statements define the static routes used by GATED. A single static statement can specify any number of routes. The static statements occur after protocol statements and before control statements in the TCPIP$GATED.CONF file. Any number of static statements may be specified, each containing any number of static route definitions. These routes can be overridden by routes with better preference values.
There are two forms of static statements. One defines a static route through a gateway. The other is used to support multiple network addresses on a single interface.
To define a static route through a gateway, use the following syntax:
static { ( host host ) | default | ( network [ ( mask mask ) | ( masklen number ) ] ) gateway gateway_list [ interface interface_list ] [ preference preference ] [ retain ] [ reject ] [ blackhole ] [ noinstall ] ; ( network [ ( mask mask ) | ( masklen number ) ] ) interface interface [ preference preference ] [ retain ] [ reject ] [ blackhole ] [ noinstall ] ; } ; host host | default | network [ ( mask mask ) | (masklen number ) ] gateway gateway_list) |
This is the most general form of the static statement. It defines a static route through one or more gateways. Static routes are installed when one or more of the gateways listed are available on directly attached interfaces. If more than one eligible gateway is available, these are limited by the number of multipath destinations supported (this compile-time parameter is currently almost always one on UNIX).
To define a static for multiple network addresses on an interface, use the following syntax:
static { ( host host ) | default | ( network [ ( mask mask ) | ( masklen number ) ] ) gateway gateway_list [ interface interface_list ] [ preference preference ] [ retain ] [ reject ] [ blackhole ] [ noinstall ] ; ( network [ ( mask mask ) | ( masklen number ) ] ) interface interface [ preference preference ] [ retain ] [ reject ] [ blackhole ] [ noinstall ] ; } ; network [ ( mask mask ) | ( masklen number ) ] interface interface |
This sytax is used to define a static interface route which is used for primitive support of multiple network addresses on one interface.
The parameters for the static route statement are as follows:
The control statements are used to define:
Routes are filtered by specifying configuration language that will match a certain set of routes by destination, or by destination and mask. Among other places, route filters are used on martians, and in import and export statements.
The action taken when no match is found is dependent on the context, for instance import and export route filters assume an all reject ; at the end a list.
A route will match the most specific filter that applies. Specifying more than one filter with the same destination, mask and modifiers will generate an error.
Filtering syntax:
network [ exact | refines | between number and number ] network mask mask [ exact | refines | between number and number ] network masklen number [ exact | refines | between number and number ] all default host host |
These are all the possible formats for a route filter. Not all of these formats are available in all places, for instance the host and default formats are not valid for martians.
In most cases it is possible to specify additional parameters relevent to the context of the filter. For example, on a martian statement it is possible to specify the allow keyword, on an import statement you can specify a preference, and on an export you can specify a metric.
Each control statement is described in the following list:
exact | Specifies that the mask of the destination must match the supplied mask exactly. This is used to match a network, but no subnets or hosts of that network. |
refines | Specifies that the mask of the destination must be more specified (for example, longer) than the filter mask. This is used to match subnets or hosts of a network, but not the network. |
between lownumber and highnumber | |
Specifies that the mask of the destination must be as or more specific (for example, as long as or longer) than the lower limit ( lownumber) and no more specific (for example, as long as or shorter) than the upper limit ( highnumber). Note that exact and refines are both special cases of between . |
0.0.0.0 mask 0.0.0.0 |
0.0.0.0 mask 0.0.0.0 exact |
host mask 255.255.255 exact |
An AS path includes a list of autonomous systems that routing information has passed through to get to a specified router, and an indicator of the origin of this list. This routing information can be used to prefer one path to a destination network over another. The primary method for preferring a route with GATED is to specify a list of filters to be applied to AS paths when importing and exporting routes.
Each autonomous system that a route passed through prepends its AS number to the beginning of the AS path.
AS path regular expressions are defined in RFC 1164.
A.18.2.1 AS Path-Matching Syntax
An AS path is matched using the following syntax.
aspath aspath_regexp origin ( [ any ] ) | [ igp ] | [egp ] | [ incomplete ] ) aspath aspath_regexp |
aspath specifies that an AS matching the aspath_regexp with the specified origin is matched.
origin ( [ any ] | [ igp ] | [ egp ] | [ incomplete ] ) |
An
origin
of
igp
indicates the route was learned from an intradomain routing protocol
and is most likely complete. An origin of
egp
indicates the route was learned from an interdomain routing protocol
that does not support AS paths (EGP, for example), and the path is most
likely not complete. When the path information is definitely not
complete, an origin of
incomplete
is used. An origin of
any
can be used for any origin.
A.18.2.2 AS Path Regular Expressions
Technically, an AS path regular expression is a regular expression with
the alphabet being the set of AS numbers. An AS path regular expression
is composed of one or more AS paths expressions. An AS path expressions
is composed of AS path terms and AS path operators.
A.18.2.3 AS Path Terms
An AS path term is one of the following three objects:
An AS path operator is one of the following:
Importation of routes from routing protocols and installation of the
routes in GATED'S routing database is controlled by import statements.
The format of an import statement varies depending on the source
protocol.
A.18.3.1 Specifying Preferences
You can specify one of the following keywords to control how routes compete with other protocols:
restrict preference preference |
In these statements:
All the formats allow route filters described in this section. When no route filtering is specified (that is, when restrict is specified on the first line of a statement), all routes from the specified source will match that statement. If any filters are specified, only routes that match the specified filters will be imported. That is, if any filters are specified, a statement like all restrict ; is assumed at the end of the list.
network [ exact | refines | between number and number] network mask mask [exact | refines | between number and number ] network masklen number [ exact | refines | between number and number ] default host host |
Use the following syntax to define importing routes from BGP and EGP:
import proto bgp | egp autonomoussystem autonomous_system [ aspath-opt ] restrict ; import proto bgp | egp autonomoussystem autonomous_system [ aspath-opt ] [ preference preference ] { route_filter [ restrict | ( preference preference ) ] ; } ; import proto bgp aspath aspath_regexp origin any | ( [ igp ] [egp ] [ incomplete ] ) [ aspath-opt ] restrict ; import proto bgp aspath aspath_regexp origin any | ( [ igp ] [egp ] [ incomplete ] ) [ aspath-opt ] [ preference preference ] { route_filter [ restrict | ( preference preference ) ] ; } ; |
EGP importation may be controlled by autonomous system. BGP also supports controlling propagation by the use of an AS path regular expressions, which are documented in the section on Matching AS paths. Note that EGP and BGP versions 2 and 3 only support the propagation of natural networks, so the host and default route filters are meaningless. BGP version 4 supports the propagation of any destination along with a contiguous network mask.
The aspath-opt option allows the specification of import policy based on the path attributes found in the BGP update. (The option is not usable with EGP.) If multiple communities are specified in the aspath-opt option, only updates carrying all of the specified communities will be matched. If none is specified, only updates lacking the community attribute will be matched.
Note that it is quite possible for several BGP import clauses to match a given update. If more than one clause matches, the first matching clause will be used; all later matching clauses will be ignored. For this reason, it is generally desirable to order import clauses from most to least specific. An import clause without an aspath-opt option will match any update with any communities or none.
EGP and BGP both store any routes that were rejected implicitly by not
being metioned in a route filter, or explicitly with the restrict
keyword in the routing table with a negative preference. A negative
preference prevents a route from becoming active, which prevents it
from being installed in the forwarding table, or exported to other
protocols. This aleviates the need to break and re-establish a session
upon reconfiguration if importation policy is changed.
A.18.3.4 Importing Routes from RIP and Redirects
Use the following syntax to define importing routes from RIP and redirect routes:
import proto rip | hello | redirect [ ( interface interface_list ) | (gateway gateway_list ) ] restrict ; import proto rip | hello | redirect [ ( interface interface_list ) | (gateway gateway_list ) ] [ preference preference ] { route_filter [ restrict | ( preference preference ) ] ; } ; |
The importation of RIP and redirect routes may be controlled by any of protocol, source interface and source gateway. If more than one is specified, they are processed from most general (protocol) to most specific (gateway).
RIP does not support the use of
preference
to choose between routes of the same protocol. That is left to the
protocol metrics. These protocols do not save routes that were rejected
since they have short update intervals.
A.18.3.5 Importing Routes from OSPF
Use the following syntax to define importing routes from OSPF:
import proto ospfase [ tag ospf_tag ] restrict ; import proto ospfase [ tag ospf_tag ] [ preference preference ] { route_filter [ restrict | ( preference preference ) ] ; } ; |
Due to the nature of OSPF, only the importation of ASE routes may be controlled. OSPF intra- and inter-area routes are always imported into the GATED routing table with a preference of 10. If a tag is specified, the import clause will only apply to routes with the specified tag.
It is only possible to restrict the importation of OSPF ASE routes when functioning as an AS border router. This is accomplished by specifying an export ospfase clause. Specification of an empty export clause may be used to restrict importation of ASEs when no ASEs are being exported.
Like the other interior protocols, preference can not be used to choose
between OSPF ASE routes, that is done by the OSPF costs. Routes that
are rejected by policy are stored in the table with a negative
preference.
A.18.4 The Export Statement
The import statement controls which routes received from other systems are used by GATED; the export statement controls which routes are advertised by GATED to other systems. Like the import statement, the syntax of the export statement varies slightly per protocol. The syntax of the export statement is similar to the syntax of the import statement, and the meanings of many of the parameters are identical. The main difference between the two is that while route importation is just controlled by source information, route exportation is controlled by both destination and source.
The outer portion of a given export statement specifies the destination
of the routing information you are controlling. The middle portion
restricts the sources of importation that you wish to consider. And the
innermost portion is a route filter used to select individual routes.
A.18.4.1 Specifying Metrics
The most specific specification of a metric is the one applied to the route being exported. The values that may be specified for a metric depend on the destination protocol that is referenced by this export statement.
restrict metric metric |
In this syntax:
All the formats allow route filters as shown in the following example. See the section on route filters for a detailed explaination of how they work. When no route filtering is specified (that is, when restrict is specified on the first line of a statement), all routes from the specfied source will match that statement. If any filters are specified, only routes that match the specified filters will be exported. That is, if any filters are specified, a all restrict ; statement is assumed at the end of the list.
network [ exact | refines | between number and number ] network mask mask [exact | refines | between number and number ] ] network masklen number [ exact | refines | between number and number ] ] default host host |
Previous | Next | Contents | Index |