除了 subnetting ,關於 IP 協定的令一個關鍵概念就是:IP 路由(routing)。那什麼是路由呢﹖簡單而言﹐就是當一個封包從發送端被傳送到接收端所經過的路徑。
Apart from subnetting & #xff0c; a key concept of IP protocol is & #xff1a; IP route(s). What is the route? Simply put, when a package is sent from the sender to the receiver.
IP 路由原理
若您重看上一章所介紹的 IP 封包格式﹐您會發現第 4 和第 5 行﹐分別用來記錄來源 IP 位址和目的地 IP 位址。必須注意﹐除非封包由特定程式修改過﹐在正常的傳遞中﹐這兩個欄位的位址是永遠不變動。IP 路由的依據主要是看目的地位址﹕如果目的地位址屬於處理封包之設備目前所在的網路範圍之內(這就是 subnetting 的重要性所在了)﹐那麼就直接從 ARP 表格中尋找目的地位址的 IP 所對應的實體位址﹐如果沒有的話就用 ARP 協定來查詢。但是﹐如果目的位址在其他網路的話﹐那麼就在 ARP 表格中尋找 路由器 的實體位址﹐如果沒有則用 ARP 協定來查詢。 If you review the IP package format presented in the previous chapter, rows 4 and 5 will be found to record the IP address and destination IP address separately. Note that unless the package has been modified by a specific program, the location of these two columns will never change in the normal transmission. The IP route is based on the location of the destination: if the destination address is within the network area where the package is being processed (that is, where the importance of subnetting is), then the location of the location of the location of the destination is found directly from the ARP form, and if it is not available, the location of the location of the location of the location of the destination will never change. 您或許會問﹕這個路由器是怎麼跑出來的﹐機器怎麼會有路由器的 IP 呢﹖答案很簡單﹕在設定網路環境時指定﹐這個可以手工的設定﹐也可以由其他協定如 DHCP 來指定。總之﹐如果您的網路將會和其他網路連接﹐那麼您就一定要為每一台主機指定路由器 IP 位址﹔除非﹐您想讓該主機﹐除了本地網路之外﹐任何地方都連不上。 You may ask: How does this router come out, and how does the machine have an IP? The answer is simple: when setting the network environment, this can be assigned manually, or by other protocols such as DHCP. In any case, if your network will be connected to other networks, you must specify an IP address for each host; unless you want the host to be unconnected anywhere but the local network. 要判斷一個封包是否要經過路由器﹐前面一段已經講過了﹕要看目的地位址是否在同一個網路上﹐如果不是﹐就一定要經過路由器來傳遞封包。那麼﹐做為路由器本身也不例外(當然,實際的設定是有例外的,比方說 PPP 或 Static/Prox ARP 等情形)、也就是說必需與發送端在同一個網路裡面。通常路由器都有最少兩個界面以連接兩個網路(多個界面連接多個網路)﹐假如路由器本身的界面位址和封包目的地位址不在同的網路﹐那麼路由器必須要將封包交給下一個它認為最合適的路由器﹐繼續傳送這個封包。情形就像接力游戲一樣﹕一站傳一站﹐直到最後一個路由器發現目的地位址和它其中一個界面在同一個網路﹐然後才透過 ARP 獲得對方的實體位址﹐最後交有下層協定完成最後一段的傳送任務。假設所經路由均在 Ethernet 上﹐那麼,路由器與路由器之間的傳送﹐每兩站之間也是同樣要經過 ARP 來獲得實體位址才能將封包傳給對方。 To determine whether a package is to pass by a router, the previous paragraph has already said: it depends on whether the destination address is on the same network, or if it is not, it must pass through the router. So if the router itself is not in the same network (#xff0c of course; the actual setup is xff0c; for example, PPP or Static/Prox ARP, etc.), it is necessary to be in the same network. The router usually has a minimum of two interfaces to connect two networks (multiple interfaces), and if the router itself is not in the same network, then the router has to hand over the package to a vehicle that it considers the most appropriate, and continues to deliver the package, just as it is: a station to be in the same network as the sender. 封包的路由選擇
我們已經知道一隻程式要和遠端主機的程式溝通﹐它所送下來到資料﹐往往會被拆成許多個封包在網路中傳遞。事實上﹐每一個封包所經過的路徑都可能不同。在前面所描述的個路由接力過程中﹐封包從一個實體網路傳到另一個實體網路﹐每一個傳遞都是獨立的﹐與其他封包之間並非存在著必然關係。也就是說﹐從一個來源到一個目的地﹐可以選擇的路徑往往不止一條﹐而且﹐請求封包和回應封包所經過過的路徑也不盡相同。這情形在 Internet 的環境中尤顯突出。 We already know that a program communicates with a remote host, and the data it sends is often broken down into many packages that can be transmitted online. In fact, every package can pass through a different path. In the process described earlier, the package is passed from one entity to another, and each transmission is independent and not necessarily linked to the other. That is, from one source to another, more than one path can be chosen, and the path through which the package is requested and the package returned is not the same. This is particularly striking in the context of the Internet. 影響每一個封包當前路徑的因素很多﹐都由當時所經過的路由器(包括連線兩端的主機在內)所使用的路由表格來決定。而路由表格的維護大致上分為兩種形式: Many of the factors affecting the path of each package at the moment are determined by the route forms used by the router (including the host on both ends of the connection) that were passed at the time. 事實上﹐路由協定是非常多樣的﹐同時也不斷的演變著。早器的網際網路路由器分為兩類﹕ In fact, the route is very varied and constantly evolving. The Internet routers for early instruments are two types: 在這樣的架構下﹐所有網路都經由一個核心路由系統而達成連接﹐各自的網路會有一筆關於核心系統的預設路由設定。我們可以從下圖看到核心路由系統的架構模式﹕ In this structure, all networks are connected by a core route system, with each network having a default route configuration on the core system. We can see the structure of the core route system in the following graph: 核心路由架構 然而﹐隨著網際網路的迅速成長﹐這樣的單一管理核心架構已經難以為繼了。首先﹐中央管理骨幹的路由將變得越來越複雜﹐核心路由器的一致性也變得異常重要及難以管理。其次﹐並非每一個網點都能連接到核心路由器﹐這就需要新增路由結構和協定。最後﹐基於核心資料一致性的要求﹐所有核心路由器都必須相互交換資料﹐那麼核心結構將不能過於龐大。 However, with the rapid growth of the Internet, such a single management core structure is difficult to assume. First, the path of central management backbones will become more complex, and the consistency of core routers will become unusual and difficult to manage. Second, not every point of the network will be connected to the core routers, which will require additional structure and protocols. Finally, based on the requirement of core data consistency, all core routers will have to exchange data with one another, so that the core structure will not be too big. 有鑒於上述原因﹐網際網路的路由結構已經從核心模式轉向為對等骨幹模式﹐如下圖﹕ For these reasons, the route structure of the Internet has shifted from a core to a peer-to-peer model, as follows: 對等骨幹路由架構 對大部份對等式骨幹組態而言﹐路徑的取向依照相連主機之間的幾何傳輸路徑選取最短短路徑。這樣的敘述看起來很簡單﹐但事實上要實現起來是非常困難的。首先﹐雖然標準的 IP 路由演算法是使用 IP 位址中的網路部份來選擇路徑﹐然而在對等骨幹架構中的最近路徑則需要對單個主機進行單獨的路徑選擇。其次﹐兩個骨幹的管理者必須在所有路由器之間達成路徑的一致性﹐以避免路徑迴圈的出現。 For most of the equivalent backbone configurations, the path is taken by selecting the shortest path according to the geometric transfer path between the links. The description looks simple, but in fact it is difficult to make it happen. First, although the standard IP route algorithm uses the network part of the IP address to select the path, the most recent path in the crossbone structure requires a single path for the single host. Second, the managers of the two skeletons have to reconcile the path across all routers in order to avoid the path loop. 以現今的網際網路架構來說﹐路由器的界定並非如早期的界定那麼明顯﹐而網路與網路之間的路由也變得非常複雜多樣﹐路徑的選擇往往是多重的。我們可以從下圖看看簡化了的網際網路路由環境﹕ In today's Internet architecture, routers are not defined as clearly as they were defined earlier, and the route between the network and the network has become very complex and complex, often with multiple choices. We can look at the simplified web route environment from the following graph: 網際網路路由簡略結構圖 應用在大型骨幹之間的路由協定非常複雜﹐而且種類繁多﹐例如有﹕Gateway-Gateway Protocol (GGP)﹑BGP(Border Bateway Protocol) 等等。這些都屬於 外部閘道協定(Exterior Gateway Protocol) 路由協定﹐在本教材中不打算詳論了﹐同學們可以自行參考 RFC-1102﹑和 RFC-1104 等文件。 The routes used between large bones are complex and varied, such as: Gateway-Gateway Protocol (GGP), BGP (Border Bateway Protocol) and so on. These belong to the External Route Agreement of , which is not intended to be exhaustive in the course of this course, and they can refer to documents such as RFC-1102 and RFC-1104. 本地網路的路由選擇
從上面我們已經了解到網際網路的核心路由結構﹐我們需要知道它是為了幫助我們認識網路與網路之間的路由關係。然而﹐對一般的網路管理人員來說﹐恐怕也難有機會接觸和管理那樣的路由器﹐反而最通常接觸的﹐應該是企業內部的較小型的網路之間的路由。相對而言,內部閘道協定的規模較小、所耗的路由資源也較少。常見的內部路由協定有:RIP(Routing Information Protocol)、OSPF(Open Shortest Path First)、及 EIGRP(Enhanced Interior Gateway Protocol)、等等。內部路由協定的最大缺點是無法應付大型網路的需求。 From above, we have learned about the core structure of the Internet, and we need to know that it is designed to help us understand the links between the Internet and the Internet. However, it is difficult for ordinary Internet administrators to access and manage such routers, but most commonly between smaller networks within the enterprise. In contrast, xff0c; the smaller scale of internal route agreements and the less resources used. The biggest gaps in internal route agreements are xff1a; Rip (Routing Information Process), OSPF (Open Shortest Path Field), and EGRPP (Enhanced Interator Gateway Protocol), and so on. 不管我們管理的網路體積如何﹐只要您的網路是與其它網路相連的﹐路由設定就不能避免。下面先讓我們看看兩個網路之間的路由設定是怎樣的﹕ Regardless of the number of networks we manage, as long as your network is connected to other networks, the route settings cannot be avoided. Let us look at the route settings between the two networks: 兩個本地網路之間的路由 由上圖我們可以看到 192.168.0.0 這個網路的所有機器﹐其閘道(gateway) 都指向 192.168.0.254 這個 IP﹐也就是路由器與該網路所連接的界面。同樣﹐192.168.1.0 這個網路﹐其閘道則是 192.168.1.254。 From the above, we can see 192.168.0.0 for all the machines of this network, the entourage (gateway) pointing to 192.168.0.254 for this IP, the interface between the router and the network. Similarly, 192.168.1.0 for this network, the entourage is 192.168.1.254. 通常﹐一個路由器可以同時連接好幾個網路﹐只要界面設定好就沒問題。作為路由器﹐必須有最少兩個界面以上﹐來連接不同的網路。同時﹐許多網路也有超過一個路由器和其它的網路連接﹐那麼各主機的路由表格就要一一設定好通往各網路的閘道。 Usually, a router can connect several networks at the same time, as long as the interface is set. As a router, there must be at least two interfaces to connect to different networks. At the same time, many networks also have more than one router to connect to other networks, so that each host's route forms are set to access the networks. 當我們再結合之前學過的 ARP 協定,我們對於封包的路由將有更具體的認知﹕ The ARP agreement we learned before merging #xff0c; we will have a more specific understanding of the route of the package: 不同實體網路之間的路由 由上圖我們可以看到﹕當有一個封包從網路 A 經過網路 B 送到網路 C 的時候﹐其 Software Address (即IP位址)永遠不變﹐但 Hardware Address (即實體位址)卻隨著所經的應體網路而有所不同。這是因為﹕不管封包經過多少個網路﹐在傳輸中歸根結底要靠實體網路達成﹐而實體網路的傳送依據是實體位址﹐只要 ARP 能夠找出路由器的實體位址﹐就能順利將封包傳給它﹔然而﹐ IP 協定的傳送則依據 IP 位址來定﹐路由器會根據目的位址而決定下一站路由的 IP (在這一層級來說,所依據的是 IP 位址而非硬體位址) ﹐當封包交由下層協定處理的時侯,運用 ARP 協定就可解決位址的對應問題(請參考 ARP 協定之章節內容)。然而,再提醒您一遍:在整個過程中﹐封包的目的位址是不會改變的﹐除非﹐路由器本身啟動了修改封包位址的功能(如﹕NAT --- Network Address Translation)。 From the above, we can see that when a package is sent to the Internet C via network A via network B, its SoftwareAddress (i.e. IP address) will never change, but Hardware Address (i.e. physical address) will follow the network. This is because, no matter how many webs have passed, the package will ultimately be delivered by an actual network, and the actual network will be sent by an actual address, as long as the ARP is able to locate the physical location of the router; however, the IP Transfer will be based on the IP address, and the route will be determined by the device based on the location of the destination. This is because, at this level, it will be based on an actual network, which will be based on the physical location of the router. 要維護這樣一個網路數目不多的環境﹐各路由器上面的路由資料不會很複雜﹐這樣的情況之下﹐我們可以使用靜態路由﹐以手動方式為每台機器設定事先計算好的路由。靜態路由的主要好處是它的可預測性﹐而且對路由器或網路做成的負擔不多﹐所佔頻寬較少。 In order to maintain an environment where the number of networks is low, and where the router's route information is not complicated, we can use a static route by setting up a pre-counted route for each machine manually. The main advantage of a static route is that it is predictable and that the burden on the router or the network is low and the frequency is less extensive. 靜態路由選擇
為了更好的理解靜態路由﹐我們不妨從單一的主機路由開始研究一下路由表格。事實上,在每一台機器上面﹐都必需存在一分各自獨立的路由表格 (Routing Table)﹐記錄著本機的路由資訊。我們可以在 Linux 主機上面用 route 這個命令來查看當前的路由狀況﹕ In order to better understand the path of serenity, let's start with a single host route. In fact & #xff0c; on each machine, there must be a separate route form (Routingtable) documenting the route information. We can use the route command on the Linux mainframe to look at the current route: 第一列是目的“目的地位址”﹐可以是一個網路﹐也可以是一台主機﹔然後“閘道位址”(假如輸入 -n 參數﹐則以 IP 位址顯示,‘*’表示無需使用閘道﹐例如本地網路位址或本機位址)﹔接下來是目的地使用的 Netmask (這非常重要﹐我們已在前面介紹子網路時說明過了)﹔然後是“旗標”﹐這裡的 U 是“Up”的意思﹐也就是目前已啟用﹑H 表示目的為一個“Host”﹑ G 表示使用“Gateway”的意思﹔接下來的 Metric 和 Ref 是供路由系統參考的﹔最後是使用的網路界面。 The first column is intended as a “purpose status address”, which can be either a network or a host; then a “channel address” (if entered -n parameters, & #xff0c is shown as an IP address; `*' means no access to a channel, such as a local network address or home address); then a destination, Netmask (this is very important, as we explained in the introduction of the sub-network); then a “flag” means a “Up”, which means a “Host” for which H is currently used, and a “Gateway” means a “Gateway” for which Metric and Ref are used; and finally, the web interface used. 最後有一個路徑要特別提醒一下﹐目的地位址為 0.0.0.0 代表那是一個預設路由。也就是說﹐在路由表上找不到關於目的地的路由資訊﹐則嘗試把封包傳給預設路由所指的路由器處理。 Finally, there is a special reminder that the destination status is 0.0.0.0, which means that it is a default route. In other words, no information about the destination can be found on the route list, and try to send the package to the router to which the default route is based. 使用這個 route 命令﹐我們還可以修改﹑增加﹑和刪除系統的路由表格設定﹐它可以用來告訴機器通往某一個網路或主機使用哪一個閘道﹑matrix﹑以及使用哪一個界面等等。下面我們將會示範一下如何使用這個命令。 Using this route command, we can also modify, add, and delete the system's router settings, which can be used to tell the machine which tunnel, matrix, and which interface to use to access a network or host, and so on. Here we will show how to use this command. 在此例子中﹐首先要先將原已出現在路由表格的設定移除掉(否則待會會出現複設定)﹕ In this example, the first step is to remove the settings that had already appeared in the route tables (or to repeat them later): 這時再輸入一次 /sbin/route 就可以確定有關 203.168.168.0 這網路的路由設定已經給移除掉了。 好了﹐我現在可以用 route 將剛才移除的路由設定加進系統的路由表格去﹕ Once more /sbin/route will be able to confirm that the route settings for the network have been removed. Okay, I can now add the route settings that have just been removed to the system's route forms by roote: 相信您現在不難看出﹕增加和移除路由設定﹐分別是使用‘add’和‘del’來做命令選項。 這時候再用 route 命令就可以看到路由設定又回到路由表格中去了。然而,這裡要特別提醒的是:如果要兩個網路能夠成功的達成路由﹐對方網路也必須有相應的路由設定指向本地網路才行。 It is not hard for you to see now: to add and remove route settings is to use `add’ and `del’ as the command option. At this point, you can see that route settings go back to the route form. & #xff0c; however & #xff1a; this is a special reminder; if 剛才我們用 route 這個命令來設定某些網路 (net ID) ﹐但有時候如果我們使用 ifconfig 手工的增加了一個界面﹐嚴格來說﹐我們還應該為界面增加一個‘H’記錄的﹕ We just used this route command to configure some network (net ID), but sometimes if we use ifconfig manual additions to an interface, we should add a `H' log to the interface: 事實上﹐使用 -host 選項﹐我們也可以指定通往某一主機的靜態路由﹐尤其在多重可選路徑出現的時候。 In fact, using the -host option, we can also specify a static route to a host, especially when multiple optional paths appear. 上面只是一個非常簡單的路由表格而已﹐機器所連的網路越多﹑安裝的界面越多﹐路由表格也越複雜。如果您的機器有撥接連線( MODEM )﹐當您成功連上 ISP 之後﹐您再跑一次 route ﹐你就會發現多了通往 ISP 網路的路由設定了﹐而且﹐Default Gateway也使用了 ISP 那邊的 IP。原因是使用撥接連線﹐內定是會使用 Remote Default Gateway 的設定。除非您網路本身連得上 internet﹐否則您就無法和外面的世界溝通。然而,若是您要是使用 ADSL 播接( PPPoE )的話,只要您的路由表格已出線 Default Gateway 的話,pppoe 程式似乎並不會修改這個設定。如果您發現撥接後預設的路由設定並沒有改變為 ISP 那端的話﹐那就利用前面所教的命令手工修改路由表格了。 It's just a very simple routing table. The more network the machine connects, the more interfaces it installs, the more complicated it is. If your machine has a dialling connection (MODEM), you can run the route again after you have successfully connected to the ISP. However, xff0c; if you want to use ADSL to connect to the ISP xffoc; if you use the ISP, you use the ISP, the ISP's ISP's ISP's ISP's configuration is not changed; if you use the dial connection, you're supposed to use the ISP's layout, xff0c; the ppppoe program doesn't seem to modify it. 動態路由選擇 (RIP 協定) 所謂動態路由選擇﹐就是指路由協定了。這裡,我們不會討論在 Internet 上面負責大型網路之間的 Exterior 協定﹐相對的﹐在比較少的網路之間﹐使用的會是 Interior 協定﹐其中最古老和最簡單的應是 RIP 協定了。下面我們就以 RIP 為例子,嘗試了解動態路由的運作原理﹕ The so-called kinetic path selection refers to the route agreement. Here & #xff0c; we will not discuss the Extraior protocol on the Internet, which is responsible for the large network between the Internet, or the less Internet, where the use is the Interior protocol, the oldest and simplest of which is the RIP agreement. Here we will use RIP as an example & #xff0c; try to understand the operating principles of the dynamic path: 在 Linux系統裡面有一隻程式叫 routed﹐它就是 RIP 的實現程式。routed 是由美國柏克萊大學設計出來的﹐不過它不並是設計給大型網路使用的。基礎的 RIP 協定是一種區域網路的向量距離路由的直接實現。它把參與者分為兩種類型﹕主動與被動。主動路由器對其它機器廣告自己的路由資訊﹐它的廣播週期預設為 30 秒﹔被動的路由器則收聽別的機器的廣播以改變路由資訊﹐但本身並不參與廣播。 In the Linux system, there is a program called Ruted, which is RIP's implementation. It was designed by the University of Berkeley in the United States, although it is not designed for use by large networks. The basic RIP protocol is a direct routing of a regional network. It divides participants into two types: ownership and action. The main router advertises his own route information to other machines, and his radio week is set at 30 seconds; the mobile router listens to different machines in order to change route information, but does not participate in the broadcast itself. RIP 協定的信息包含有多對的資訊﹐每對資訊包含一個 IP 網路位址和通往另一網路的整數距離。RIP 採用的的計數制是以路由值為依據﹐稱為 Metric ﹐用來測量目的地的距離,因此被歸類為 距離向量(Distance-Vector) 路由協定。最簡單的 Metric 值是以從起始端到目的地之間的跳站數目為以據(Hop Count),代表了路由過程中所要穿越的路由器多寡,其中 Metic 越低的路逕就被視為最佳路逕。然而﹐跳站數目低並不一定就是最佳的路徑﹐因為﹐跳站資訊中並沒有把路網路負載﹑頻寬﹑延遲﹑等影響路由質數的資訊。很明顯﹐通過兩個慢速網路的跳站﹐並不見得會比通過三個高速網路的跳站要快。所以﹐大多數 RIP 程式都允許管理員以手工的方式來調整 Metric 參數(例如﹐把慢速網路的 Metric 提高)。RIP 在交換路由資訊的時候﹐會把從別的路由器“學”來跳站值從原有數值上加 1 ﹔當這個數值達到“無窮”值的時候(通常會被設定為 16 )﹐就表示這條路徑為“unreachable”﹐同時也會將之從路由表中刪除。 RIP’s agreed information contains a great deal of information, each of which contains an IP web address and an integer distance to another network. RIP’s calculation is based on route values, known as Metric, which are used to measure distance from the destination & #xff0c; therefore, it is classed as 下面讓我們以一個小型路由網路的例子來更好的看看 RIP 是怎樣進行路由表格更新的﹐(我強烈建議您將這圖畫出來﹐以備後面討論時參考所需)﹕ Let us look at how RIP has been updated by a small routing web example. (I strongly recommend that you draw this image in order to be able to refer to what is needed for subsequent discussion): 小型網路之間的 RIP 應用 當路由器剛設定好並連接上網路的時候﹐各自都有一個“初始路由表”﹐裡面只包含與其直接相連的網路的路由信息﹕ When routers are just set up and connected to the Internet, each has a “initial route table” containing only information on the route of the network that is directly connected to it: 上表中﹐NetID 就是 router 所知道如何到達的網路﹐而“M”值我們暫時將之看成 metric 數值﹐“G”指的是通往該網路的下一個要經的 router 名字(記住:所謂的路由事實上就是決定下一站是哪各 router )。這時﹐各 router 看到如此資訊﹕M 都為 1﹐而 G 都指向自己。 In the table above, NetID is the network that we know how to reach, and the value "M" is what we now view as a metric value, and "G" refers to the next important name that leads to the network (remember #xff1a; the so-called route is actually to decide which station is next). At this point, each rooter sees this information: M is 1 and G is pointing to itself. 然後﹐router 與 router 之間經過第一輪資料交換﹐並將從相鄰 router“學”來的路由加入到自己的路由表格中﹐其 metric 值也相應的增加“1”。這時﹐我們看到各 router 的路由表將會變成這樣﹕ Then, following the first round of data exchange between router and router, the route from the neighbor router “learning” is added to its own route table, where the metric value is added to the path table. This is what we see when we see the route sheets of router: 或許,您在剛開始比較這兩個表的時候﹐會無所適從﹐但其實也不是很難的:我們先找到相鄰的 router 之路由表﹐然後比較本身的路由表﹐看看有沒有新的 NetID ﹐有則加到自己的路由表中﹐並且“M”增加“1”﹐而“G”則修改為所“學”的 router 之名字。如果有相同的 NetID ﹐則相加 metric 值﹐如果得出來的值比自己還低﹐則抄過來﹐M 也加 1﹔如果比自己的值高﹐則保留自己的。 Maybe xff0c; when you start comparing these tables, you'll be out of order, but it's not really hard xff1a; if you have the same Netid, then we'll find the next-door route chart, then we'll compare it to our own route table, see if there's a new NetID, and then add a "M" to your route table, and "M" to add a "1" and "G" to change the name to "learning". If you have the same NetID, add a metric value and copy it if the value is lower than yourself, M plus 1; if you have a higher value, keep your own. 我們以 router1 為例子﹕與之相鄰的 router 分別是﹕router2 和 router4。它們的路由表分別是﹕ We take the example of router1: the next-door router is distinguished by: router2 and router4. Their route chart is distinguished by: 而 router1自己的路由表則是這樣的﹕ And Router 1's own route chart is like this: 和 router2 比較﹕可以發現 NetID 2 和 4 是新的﹐那麼 router1 將之抄過來﹐M 加 1 成為 2 ﹐然後 G 指向 router2 成了 2。其中 NetID1相同﹐將 router2 的 metric 值加 1 ﹐等於 2 ﹐比自己的高﹐保留自己的。 和 router4 比較﹕可以發現 NetID 7 新的﹐那麼 router1 將之抄過來﹐M 加 1 成為 2﹐然後 G 指向 router4 成為 4。其中 NetID3 相同﹐將 router4 的 metric 值加 1 ﹐比自己的高﹐保留自己的好了。 那麼經過整理之後﹐就得出﹕ So, after cleaning up, it turns out: 好了﹐到了自己動手練習的時候了﹐看看您能不能為每一個 router 算一算﹐會否最終得出下面的路由表﹖ All right, it's time for your own practice, see if you can figure out the route below for each rooter. 如果您第一次未能算出正確的答案也不要緊﹐慢慢算總會得出正確答案的。如果您夠細心的話﹐或許能夠看出如下規律﹕G 下面的名字﹐永遠只有相鄰的 router ﹐而 M 下面的數值﹐則取決於所“學”的次數。如果有超過一條路徑到達同一個目的地﹐而且 metric 值也一樣﹐在實際應用中﹐router 只會聽取最先獲得的路由信息。 If you fail to calculate the right answer for the first time, it is easy to come up with the right answer. If you are careful, you may be able to see the following rule: The name below G will always be a neighbor's rooter, and the value below M will depend on the number of times you learn. If there is a more than one path to reach the same destination, and the metric value is the same, and in practice, rooter will only listen to the first source of information. RIP 的最大缺點是無法適應大型網路﹐因此﹐除 RIP 路由協定之外﹐還有許多其它路由協定使用在同同的環境中。不過﹐在非 RIP 協定中﹐它們也有各自的規矩﹐每種協定都有其優缺點,這裡不再詳細討論了。有興趣的朋友大可自己多找些資料回來研究。 The biggest drawback of RIP is its inability to adapt to large networks, so there are many other paths that are used in the same environment, in addition to RIP route agreements. However, in non-RIP agreements, they have their own rules, each with its own strengths & #xff0c; this is no longer discussed in detail. Interested friends can come back with more data. RIP 封包訊息格式 若要更好的了解 RIP 協定﹐我們不妨參考一下 RIP 封包的格式﹕ For a better understanding of the RIP protocol, we might wish to refer to the format of the RIP package: 0 8 16 31 命令 (1-5) 版本 必須為 0 1 號網路家族 必須為 0 1 號網路的 IP 位址 必須為 0 必須為 0 到 1 號網路的距離 2 號網路家族 必須為 0 2 號網路的 IP 位址 必須為 0 必須為 0 到 2 號網路的距離 ... RIP 封包格式 RIP 的訊息可以被廣泛分為兩類型﹕路由資訊訊息﹑資訊請求訊息。兩者都是使用固定的標頭﹐後接一個可選的網路及距離配對資訊列。RIP 信息中的命令一共有 5 個﹐命令內容如下﹕ RIP messages can be broadly divided into two types: route information messages, information requests for information. Both use a fixed header, followed by an optional network and distance pair. There are five orders in the RIP message, which are as follows: 路由器可以通過發送請求信息來詢問其它路由器的路由資訊﹐受詢方會使用回答命令來回應請求﹐進而達到路由資訊的交換。然而﹐在大部份的情形下﹐路由器都會週期性的廣播非請求性的路由資訊。 Routers can ask other routers about their route information by sending requests for information, and the respondent will answer the request using a response order and enter into the exchange of route information. In most cases, however, routers will broadcast weekly, non-requested route router information. 路由器的運作規則 我們已經知道路由器是如何以靜態的方式建立路由表格﹐或以動態方式來更新路由資訊﹐但是當路由器接到一個封包的時候﹐是如何判定路由選擇的呢﹖讓我們先看看router是怎麼工作的﹕ We already know how routers build router forms in a static way or update router information in a dynamic way, but when routers receive a package, how do they determine router selection? Let's see how rooter works: 咋看起來﹐不分層級的路由比分層級的路由簡單得多( IP 的層級我們已在前一章詳細介紹過了)。而事實上卻是相反的﹐這需 router 具備更複雜的運算能力。不過﹐現在的路由器都支援不分層級的路由協定,且運算能力都很強,因此不需要擔心。 It seems, however, that the routes of all layers are much simpler than those of all layers (the levels of IP have been described in detail in the previous chapter). In fact, the opposite is true, which requires a more complicated operation of rooter. Now, however, the routers support all lines of all levels of & #xff0c; they are very efficient & #xff0c; therefore, there is no need to worry. 理解路由器的運作規則是很重要的﹐尤其管理一台連接多網路的路由器﹐或是在一個有多個路由器的網路。在這裡﹐我還必須指出一點﹐在 Linux 的路由表上面﹐路由的選擇是以 first-match 為原則的﹐如果在路由表上面發現同時有超過一筆路由指向同一個目的地﹐則會以排在表格前面的設定為優先。要是了解這點﹐我們可以避免一個網路初學者常易犯的錯誤﹕就是在同一機器上把多個界面設定為同一個子網路之內。下面是我在 Linux 新聞組上的一篇討論文章﹐這對於我們了解此問題的子網和路由﹐相信是有所幫助的﹕ It is important to understand the rules of how routers operate, especially by managing a multi-network router, or a multi-routine network. Here, I must also point out that, on Linux's route list, the router's choice is based on the first-match principle, and if it is found on the route list that there is an over-direction to the same destination at the same time, it would be better placed in front of the form. To understand this, we can avoid the frequent error of a network beginner: it is to set multiple interfaces on the same machine as the same sub-network. Next is a discussion paper on Linux News, which will help us understand the sub-network and the path: IP 的設定規則 Okay,到這裡,不妨讓我們總結從前面所學,以掌握當我們在作 IP 規劃的時侯需注意一些規則: Okay & #xff0c; here #xff0c; let's get to the bottom of what we've learned #xff0c; to get some rules when we're doing IP planning & #xff1a; 此外﹐原本一些有效的 IP 位址﹐在 sub-net 之後﹐因為 Host ID 變成了全部 0 或 1 ﹐也就不能再分配給主機使用了﹐例如﹕139.175.63.255﹑139.175.64.0 等等。 (如果您不明白為什麼﹖將之換成二進位﹐然後找出經過子網切割後屬於 Host ID部份的數字就清楚了)。 In addition, some valid IP addresses, after sub-net, can no longer be assigned to the host, for example: 139.175.63.255, 139.175.64.0. (if you do not understand why? Change them to binary, then find out the number belonging to the Host ID after cutting through the hysteria net.) 由此可見﹐當我們在一開始設計網路的時候﹐就要具備應有的責任和遠見﹐及早就將子網路劃分好。否則﹐等所有機器都設定好﹐並且運作了一段時期之後﹐才決定劃分子網路﹐其情形將會變得異常複雜。如果要重新分配 IP﹐其所做的規劃﹐以及遇到的可見問題和隱藏問題﹐都要比從零開始難上百倍﹐越大的網路越是如此﹗ So, it can be seen that when we start designing the Internet, we have to have the responsibility and vision to divide the sub-network early on. Otherwise, when all the machines are set up and run for some time, the decision to create a molecular network will become unusual and complicated. If IP is to be redistributed, the plans it makes, and the problems it encounters in terms of visibility and concealment, it will be hundreds of times more difficult than from scratch, and the bigger network will be so. 參考資料﹕ References: IP 路由和 RIP 協定的 RFC 文件可以參考﹕RFC-1716﹑RFC-1104﹑RFC-1102﹑RFC-1058﹑RFC-891﹑RFC-1583。 IP Routes and RFP-agreed RFC documents can be consulted: RFC-1716, RFC-1104, RFC-1102, RFC-1058, RFC-891, RFC-1583.
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.17 * 255.255.255.255 UH 0 0 0 eth1
203.30.35.134 * 255.255.255.255 UH 0 0 0 eth0
203.30.35.128 * 255.255.255.224 U 0 0 0 eth0
192.168.0.0 * 255.255.255.0 U 0 0 0 eth1
192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
203.168.168.0 rhroute 255.255.255.0 UG 0 0 0 eth1
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
0.0.0.0 rhgw 0.0.0.0 U 0 0 0 lo
/sbin/route del -net 203.168.168.0 netmask 255.255.255.0 dev eth1
/sbin/route add -net 203.168.168.0 gw 192.168.0.4 netmask 255.255.255.0 dev eth1
/sbin/route add -host 192.168.0.25 dev eth0:0
Router 1 ? Router 2 ? Router 3 ? Router 4 ? Router 5 ? Router 6 Net ID M,G Net ID M,G Net ID M,G Net ID M,G Net ID M,G Net ID M,G 1
31,1
1,11
2
41,2
1,2
1,22
5
61,3
1,3
1,33
71,4
1,44
5
7
81,5
1,5
1,5
1,56
81,6
1,6Router 1 ? Router 2 ? Router 3 ? Router 4 ? Router 5 ? Router 6 Net ID M,G Net ID M,G Net ID M,G Net ID M,G Net ID M,G Net ID M,G 1
2
3
4
71,1
2,2
1,1
2,2
2,41
2
3
4
5
6
7
81,2
1,2
2,1
1,2
2,3
2,3
2,5
2,51
2
4
5
6
7
82,2
1,3
2,2
1,3
1,3
2,5
2,51
3
4
5
7
82,1
1,4
2,5
2,5
1,4
2,51
2
3
4
5
6
7
82,2
2,2
2,4
1,5
1,5
2,3
1,5
1,52
4
5
6
7
82,3
2,5
2,3
1,6
2,5
1,6Router 2 ? Router 4 Net ID M,G Net ID M,G 1
2
41,2
1,2
1,23
71,4
1,4Router 1 Net ID M,G 1
31,1
1,1Router 1 Net ID M,G 1
2
3
4
71,1
2,2
1,1
2,2
2,4Router 1 ? Router 2 ? Router 3 ? Router 4 ? Router 5 ? Router 6 Net ID M,G Net ID M,G Net ID M,G Net ID M,G Net ID M,G Net ID M,G 1
2
3
4
5
6
7
81,1
2,2
1,1
2,2
3,2
3,2
2,4
3,21
2
3
4
5
6
7
81,2
1,2
2,1
1,2
2,3
2,3
2,5
2,51
2
3
4
5
6
7
82,2
1,3
3,2
2,2
1,3
1,3
2,5
2,51
2
3
4
5
6
7
82,1
3,1
1,4
2,5
2,5
3,5
1,4
2,51
2
3
4
5
6
7
82,2
2,2
2,4
1,5
1,5
2,3
1,5
1,51
2
3
4
5
6
7
83,3
2,3
3,5
2,5
2,3
1,6
2,5
1,6
1 要求部份或全部路由資訊 2 包含來自傳送端路由表達網路距離的要求 3 啟動追蹤模式 (已過時) 4 關閉追蹤模式 (已過時) 5 保留給 Sun Microsystem 內部使用
分層級 IP 的路由﹕
if 我有這個目的地的路由
將封包傳給下一站
決定目的地網路號碼
if 我有這個網路的界面
將封包傳給下一站
將封包傳給下一站
在路由表格中尋找與此位址相符的最長 mask 預定值
從路由表格中取得下一站的位址
將封包傳給下一站
if 對比不成功
網中人 wrote in message news:8ov0r0$jb7@netnews.hinet.net...
>
> 雪龍~ wrote in message
> news:3cGeLg$5iV@bbs.cynix.com.tw...
> > ※ 引述《netmanforever@yahoo.com (網中人)》之銘言:
> > > 小州 wrote in message
> > > news:3cG1US$5W6@bbs.cynix.com.tw...
> > > > 有這種規定嗎?分別是 192.168.1.1 與 192.168.1.2 並沒有相衝突的地方。
> > > 弟以為這是原理而非規定的問題。
> > > 因為當一個封包被接收進來之後(來自 loopback device 的也一樣)﹐首先要做的是檢
> > > 查 route table 進行和目的地位址的比對。不過 route table 的特性之一是 first
> > > match 的﹐也就是當找到第一筆符合條件的紀錄﹐就不再往下找了。換句話說﹐如果兩
> > > 張卡都在同一個 subnet 之內﹐那就會有兩筆關於同一個 subnet 的紀錄存在﹐這時候
> > > 要看第一個句子指定的是哪一個界面了。如果不是手工去修改﹐通常會是第一張﹐所以
> > > 他會以為第二張不工作了。
> >
> > 應該不能說是找到第一筆符合的紀錄就不再往下找, 就我所知道的好像是
> > 最詳細的那一筆記錄喔. 比如說呢 192.168.1.10 的這個 ip 的位址可以
> > 說是屬於 192.0.0.0 這個網路, 也可以是說屬於 192.168.0.0 的這個網
> > 路, 當然也屬於 192.168.1.0 的網路, 端看你是用那一個等級的網路去看
> > 待 192.168.1.10 的這個 ip , 就這個部分來說只要是對 TCP/IP 網路有
> > 基本概念的人應該知道. 只不過在 route table 會針對所設定或是學習到
> > 的路由資訊按照 Net IP 與 Mask 的狀況先做好排列, 所以會如你所說的找
> > 到的第一筆, 就是為了增進網路效率. 不知道我這樣的說明有沒有錯誤的地
> > 方, 真有的話要告訴我喔..... ^_^
> >
>
> 多謝指教﹗
>
> 不過我覺得在同一個 router 上面(我想的目前討論都只講同一個 linux router 吧
> ﹖)﹐很少有人同時用 8bit﹑16bit﹑24bit (以及其它變動遮罩)同時描述一段
> 192.168.1.x 的網路吧﹖
>
> 就算有這樣的情形﹐讓我們敲 route -n 看看﹐所有 route add -host 的記錄會被排
> 在前面(用 32bit mask 顯示)﹐然後到 route add -net 的記錄(也是依 mask 的 bit
> 數大小排列)﹐最後是 route add default 的記錄(也可以多個﹐不過卻是越遲寫的越
> 前面﹐請留意這個現象)。
>
> 好了﹐如果您有一張網路界面使用 192.168.1.17 ﹐不指定 mask 的話﹐將會使用預設
> 的 24bit (自然遮罩值)﹐否則按指定的寫入。這裡我們假設用預設好了。您或許會下
> 這樣的命令來完成這張界面的設定(不同的系統或許不同)﹕
> ifconfig eth1 192.168.1.17 up
> route add -host 192.168.1.17 dev eth1
> route add -net 192.168.1.0 netmask 255.255.255.0 dev eth1
> #註﹕route add -net 的 netmask 不能省﹐因為正如閣下所指出﹐不同等 mask 會指
> 定不同的 network﹐不過用 redhat 的 ifconfig 或許已經幫您設定好 route
> add -net 了。
>
> 然後輸入 ifconfig 您會看到 eth1 會使用預設的 24bit mask。請留意﹕這非常重
> 要﹐因為這會求出界面所在的 net_ID (用 AND 的邏輯運算)。
> 再輸入 route -n 您會發現 192.168.1.17 這筆記錄是用 32bit 的 mask﹐會和其它
> 32bit mask 的記錄排在前端。同時您還會發現 192.168.1.0 這個 24 bit mask 的網
> 路之 device 會使用 eth1 。
>
> 好了﹐到這裡我們就可以進一步嘗試閣下所假設的環境﹐我們分別用 8bit 和 16bit
> 來增加 network 的記錄﹕
> route add -net 192.168.0.0 netmask 255.255.0.0 dev eth0
> route add -net 192.0.0.0 netmask 255.0.0.0 dev eth2
> #注﹕我先故意使用 eth0 和 eth2 來設定這兩個 network﹐以確定路由不會經過
> 192.168.1.17 所在的 eth1 界面。
>
> 這時候的路由依據是什麼呢﹖(嗯~~﹐詳細的我不想重複了﹐有興趣可以參考前不久和
> song 兄討論的文章﹐是關於 NAT 的)
> 假如我有一筆路由要傳遞給 192.168.1.18 ﹐會先檢查有沒有關於它的 32bit 的路由
> 記錄﹐沒有﹐那看看有沒有 netmask 指定﹖
> 這裡又帶出兩個情形﹕
> 1﹐沒有 mask﹐那好﹐套用自然遮罩會使用 24bit﹐然後求出 net_ID﹐發現是
> 192.168.1.0 這個 network ﹐剛好路由表有關於這個 network 的記錄﹐界面為
> eth1﹐那麼將封包交由 eth1 傳遞。(之後的動作這裡不再討論了﹐請參考 arp 協定)
> 2﹐假如有 mask﹐那好﹐看 mask 的值﹐這裡假設用 16bit 吧﹐然後求出的 net_ID
> 是 192.168.0.0 ﹐再於路由表中發現這個 network 記錄﹐它的界面是 eth0﹐那麼將
> 封包交由 eth0 傳送。(假如 netmask 是 8 bit 也則會交由 eth2)
>
> 看這樣的過程﹐應該不會困擾吧﹖那就讓我們搞亂一下吧﹐再下這樣的命令﹕
> route add -net 192.168.0.0 netmask 255.255.0.0 dev eth1
> route add -net 192.0.0.0 netmask 255.0.0.0 dev eth1
>
> 哈﹐我們會同時有兩筆記錄分別是關於 192.168.0.0 和 192.0.0.0 的。這或許已經符
> 合這個討論的要求了吧﹖
> 這時﹐您就會發現越晚加入的設定會越排在前面。這也就是弟所指出的 first match
> 原則了。
>
> 而其後的測試(別忘了路由要雙向同時設定才有用哦)﹐還是交由您自己玩了。例如﹐您
> 確定 192.168.1.18 是經由 eth2 傳到 192.0.0.0 這個網路的﹐可以下這樣的命令﹕
> route add -host 192.168.1.18 dev eth2
> #註﹕如果還要經過另外一台 gateway﹐則要指定 gw 參數。
> (這就是弟在前面文章中所說的靜態記錄了﹐應該是可行的﹐因為無需再往下比對了。)
>
> p.s. 閣下所給出的例子﹐其實並沒運用到 first match 原則﹐因為在 route table
> 並沒有相同的記錄。(可用 route -n |awk '{print $1}' 來看看)
>
注册有任何问题请添加 微信:MVIP619 拉你进入群
打开微信扫一扫
添加客服
进入交流群
发表评论