TCP/IP Network Administration

TCP/IP Network AdministrationSearch this book
Previous: B.5 Options StatementsAppendix B
A gated Reference		Next: B.7 Definition Statements
 

B.6 Interface Statements

An interface statement defines configuration options for the network interfaces. The interface_list identifies the interfaces affected by the configuration options. The interfaces in the list are identified by interface name (e.g., le0), by hostname, by IP address, or by the keyword all. The keyword all refers to every interface on the system. The interface name can refer to a single interface or a group of interfaces. For example, an interface name of eth0 refers to the interface eth0, whereas the name le refers to all installed interfaces that start with the letters le (which might include le0, le1, and le2). A hostname can be used if it resolves to only one address.

Most system administrators prefer to use the IP address to identify an interface. After all, IP addresses are inherently a part of TCP/IP, and it's TCP/IP routing that this file configures.

Additionally, remote systems know this interface by its IP address, not its interface name. Finally, DNS may provide more than one address for a hostname, and future UNIX operating systems may allow more than one address per interface. IP addresses are safest.

gated supports four types of interfaces: loopback, broadcast, point-to-point, and non-broadcast multi-access (NBMA). All of these are discussed in the text of this book except for NBMA. It is a multi-access interface, but the underlying network is not capable of broadcast. Examples are frame relay and X.25.

gated ignores any interface in the list that has an invalid local, remote, or broadcast address, or an invalid subnet mask. gated also ignores a point-to-point interface that has the same local and remote addresses. gated assumes that interfaces that are not marked UP by the kernel do not exist.

The syntax of the interfaces statement is:

interfaces {
options
[strictinterfaces]
[scaninterval time] ;
interface interface_list
[preference preference]
[down preference preference]
[passive]
[simplex]
[reject]
[blackhole] ;
define address
[broadcast address] | [pointtopoint address]
[netmask mask]
[multicast] ;
} ;

The configuration options defined before the interface list are global options. The global options are:

strictinterfaces

Generates a fatal error if an interface is referenced in the configuration file that is not found when gated scans the kernel at startup and is not listed in a define statement. (See the define option later in this section.) Normally a warning message is issued and gated continues running.

scaninterval time

Specifies how often gated scans the kernel interface list for changes. The default is every 15 seconds on most systems, and 60 seconds on systems that pass interface status changes through the routing socket, e.g., BSD 4.4. Note that gated also scans the interface list on receipt of a SIGUSR2.

The interface command defines the interface_list and all of the options that affect the specified interfaces. Options available on this statement are:

preference preference

Sets the preference for this interface. The value preference is a number between 0 and 255. gated prefers routes through interfaces with low preference numbers. The default preference for all directly attached network interfaces is 0.

down preference preference

Sets the preference used when gated believes an interface is not functioning properly. The default is 120.

passive

Prevents gated from downgrading the preference of the interface when it is not functioning properly. gated assumes that an interface is down when it stops receiving routing information through that interface. gated only performs this check if the interface is actively participating in a routing protocol.

simplex

Specifies that gated should not use packets generated by this system as an indication that the interface is functioning properly. Only packets from remote systems are used to indicate that the interface is operating.

reject | blackhole

Either of these keywords identifies the interface as the "blackhole interface" used to install rejected routes in the kernel. (See the control statements for more about rejected routes.) This is available only on BSD systems that have installed a reject/blackhole pseudo-interface.

The define address command lists interfaces that might not be present when gated scans the kernel interface list at startup. It overrides the strictinterfaces option for the interface defined by address. Possible options for the define command are:

broadcast address

Defines the broadcast address.

pointopoint address

Defines the local address for a point-to-point interface. (See Chapter 6, Configuring the Interface for a discussion of point-to-point interfaces.) When this option is used, the address on the define statement specifies the address of the remote host, and the address specified after the pointopoint keyword defines the local address. Don't use both broadcast and pointopoint in the same define.

netmask mask

Defines the subnet mask.

multicast

Specifies that the interface supports multicasting.

Previous: B.5 Options StatementsTCP/IP Network AdministrationNext: B.7 Definition Statements
B.5 Options StatementsBook IndexB.7 Definition Statements

[ Library Home | DNS & BIND | TCP/IP | sendmail | sendmail Reference | Firewalls | Practical Security ]