xref: /titanic_44/usr/src/man/man1m/routeadm.1m (revision 5aeb94743e3be0c51e86f73096334611ae3a058e)
te
Copyright (c) 2006, Sun Microsystems, Inc. All Rights Reserved
The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License.
You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License.
When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
routeadm 1M "18 Jul 2007" "SunOS 5.11" "System Administration Commands"
NAME
routeadm - IP forwarding and routing configuration
SYNOPSIS

routeadm [-p [option]]

routeadm [-R root-dir] [-e option ...] [-d option...]
 [-r option...] [-s var=value]

routeadm [-l fmri]

routeadm [-m fmri key=value [key=value]...]

routeadm [-u]
DESCRIPTION

The routeadm command is used to administer system-wide configuration for IP forwarding and routing. IP forwarding is the passing of IP packets from one network to another; IP routing is the use of a routing protocol to determine routes.

IP forwarding and routing functions are also represented as services within the service management facility (SMF), and can be administered by means of svcadm(1M) also, using the following fault management resource identifiers (FMRIs):

svc:/network/ipv4-forwarding:default
svc:/network/ipv6-forwarding:default
svc:/network/routing/route:default
svc:/network/routing/ripng:default

See EXAMPLES for relevant examples.

In addition to enabling and disabling routing and forwarding, routeadm is used to interact with SMF-based routing daemon services. Routing daemon services are identified by the presence of a routeadm application property group, which routeadm uses in administering the given service. Routing daemon services can also specify properties relating to their operation in the routing application property group; these can be modified by means of routeadm -m. If an FMRI for a service without such a property group is specified, an error is issued and the operation is not carried out. If a routing daemon has not been converted to SMF, the ipv4[or 6]-routing-daemon, ipv4[or 6]-routing-daemon-args, and ipv4[or 6]-routing-stop-cmd variables can be used to specify the appropriate daemon for IPv4 or IPv6 routing. routeadm will then run that daemon using the svc:/network/routing/legacy-routing:ipv4[or 6] service as appropriate. This conversion process occurs when you issue an enable (-e), disable (-d) or an update (-u) command.

The first usage, in the SYNOPSIS above, reports the current configuration.

OPTIONS

The following command-line options are supported:

-p [option]

Print the configuration in parseable format. If option is specified, only the configuration for the specified option or variable is displayed.

-R root-dir

Specify an alternate root directory where routeadm applies changes. This can be useful from within JumpStart scripts, where the root directory of the system being modified is mounted elsewhere.

Note -

The root file system of any non-global zones must not be referenced with the -R option. Doing so might damage the global zone's file system, might compromise the security of the global zone, and might damage the non-global zone's file system. See zones(5).

-e option...

Enable the specified option. The effect is to prepare the associated services (svc:/network/ipv4-forwarding:default in the case of ipv4-forwarding) for enabling. By means of the routing-svcs variable, the routing daemons are specified to be enabled on subsequent boot or when routeadm -u is run.

-d option...

Disable the specified option. The effect is to prepare the associated services (svc:/network/ipv4-forwarding:default in the case of ipv4-forwarding) for enabling. By means of the routing-svcs variable, the routing daemons are specified to be disabled on subsequent boot or when routeadm -u is run.

-l fmri

List all properties in the routing application property group for the SMF routing daemon service.

-m fmri key=value

Change property value of property key to value in routing application property group for the SMF routing daemon service. For multi-valued properties, the property name can be used multiple times in the modify operation, and each associated value will be added.

-r option...

Revert the specified option to the system default. The system defaults are specified in the description of each option.

-u

Apply the currently configured options to the running system. These options might include enabling or disabling IP forwarding and launching or killing routing daemons, if any are specified. It does not alter the state of the system for those settings that have been set to default. This option is meant to be used by administrators who do not want to reboot to apply their changes. In addition, this option upgrades non-SMF configurations from the invocations of daemon stop commands, which might include a set of arguments, to a simple enabling of the appropriate service.

-s key=value

Specify string values for specific variables in a comma-separated list with no intervening spaces. If invalid options are specified, a warning message is displayed and the program exits. The following variables can be specified:

routing-svcs=fmrilist

Specifies the routing daemon services to be enabled. Routing daemon services are determined to be IPv4 or IPv6 (and so enabled or disabled when routeadm -e/-d ipv4(6)-routing is run) on the basis of property values in the routeadm application property group. Default: route:default ripng:default

ipv4-routing-daemon=<full_path_to_routing_daemon>

Specifies the routing daemon to be started when ipv4-routing is enabled. The routing daemon specified must be an executable binary or shell-script. If the specified program maps to an SMF service, the service will be used, and daemon arguments to the program will be transferred to the properties of the service at enable time. Default: ""

ipv4-routing-daemon-args=<args>

Specifies the startup arguments to be passed to the ipv4-routing-daemon when ipv4-routing is enabled. Default: no arguments

ipv4-routing-stop-cmd=<command>

Specifies the command to be executed to stop the routing daemon when ipv4-routing is disabled. <command> can be an executable binary or shell-script, or a string that can be parsed by system(3C). Default: ""

ipv6-routing-daemon=<full_path_to_routing_daemon>

Specifies the routing daemon to be started when ipv6-routing is enabled. The routing daemon specified must be an executable binary or shell-script. If the specified program maps to an SMF service, the service will be used, and daemon arguments to the program will be transferred to the properties of the service at enable time. Default: ""

ipv6-routing-daemon-args=<args>

Specifies the startup arguments to be passed to the ipv6-routing-daemon when ipv6-routing is enabled. Default: ""

ipv6-routing-stop-cmd=<command>

Specifies the command to be executed to stop the routing daemon when ipv6-routing is disabled. <command> can be an executable binary or shell-script, or a string that can be parsed by system(3C). Default: ""

Multiple -e, -d, and -r options can be specified on the command line. Changes made by -e, -d, and -r are persistent, but are not applied to the running system unless routeadm is called later with the -u option.

Use the following options as arguments to the -e, -d, and -r options (shown above as option...).

ipv4-forwarding

Controls the global forwarding configuration for all IPv4 interfaces. The system default is disabled. If enabled, IP will forward IPv4 packets to and from interfaces when appropriate. If disabled, IP will not forward IPv4 packets to and from interfaces when appropriate. The SMF service associated with this configuration variable is svc:/network/routing/ipv4-forwarding. This service will be enabled or disabled as appropriate when routeadm is called with the u option. As an alternative, you can use svcadm(1M). Services that require ipv4-forwarding to be enabled should specify a dependency on this service.

ipv4-routing

Determines whether an IPv4 routing daemon is run. The system default is enabled unless the /etc/defaultrouter file exists (see defaultrouter(4)), in which case the default is disabled. The value of this option reflects the state of all IPv4 routing services, such that if any IPv4 routing service is enabled, ipv4-routing is enabled. This allows users to interact with routing services using svcadm(1M), as well as through routeadm. IPv4 routing services, specified by means of the routing-svcs variable, will be prepared for enable on next boot when the user explicitly enables ipv4-routing. The SMF routing daemon service for in.routed (svc:/network/routing/route:default) is specified by default.

ipv6-forwarding

Controls the global forwarding configuration for all IPv6 interfaces. The system default is disabled. If enabled, IP will forward IPv6 packets to and from interfaces when appropriate. If disabled, IP will not forward IPv6 packets to and from interfaces when appropriate. The SMF service associated with this configuration variable is svc:/network/routing/ipv6-forwarding. This service will be enabled or disabled as appropriate when routeadm is called with the -u option, or svcadm(1M) is used. Services that require ipv6-forwarding to be enabled should specify a dependency on this service.

ipv6-routing

Determines whether an IPv6 routing daemon is run. The system default is disabled. The value of this option reflects the state of all IPv6 routing services, such that, if any IPv6 routing service is enabled, ipv6-routing is enabled. This allows users to interact with routing services via svcadm(1M) as well as through routeadm. IPv6 routing services, specified by means of the routing-svcs variable, will be prepared for enable on next boot when the user explicitly enables ipv6-routing. The SMF routing daemon service for in.ripngd (svc:/network/routing/ripng:default) is specified by default.

The forwarding and routing settings are related but not mutually dependent. For example, a router typically forwards IP packets and uses a routing protocol, but nothing would prevent an administrator from configuring a router that forwards packets and does not use a routing protocol. In that case, the administrator would enable forwarding, disable routing, and populate the router's routing table with static routes.

The forwarding settings are global settings. Each interface also has an IFF_ROUTER forwarding flag that determines whether packets can be forwarded to or from a particular interface. That flag can be independently controlled by means of ifconfig(1M)'s router option. When the global forwarding setting is changed (that is, -u is issued to change the value from enabled to disabled or vice-versa), all interface flags in the system are changed simultaneously to reflect the new global policy. Interfaces configured by means of DHCP automatically have their interface-specific IFF_ROUTER flag cleared.

When a new interface is plumbed by means of ifconfig, the value of the interface-specific forwarding flag is set according to the current global forwarding value. Thus, the forwarding value forms the "default" for all new interfaces.

EXAMPLES

Example 1 Enabling IPv4 Forwarding

IPv4 forwarding is disabled by default. The following command enables IPv4 forwarding:

example# routeadm -e ipv4-forwarding

Example 2 Apply Configured Settings to the Running System

In the previous example, a system setting was changed, but will not take effect until the next reboot unless a command such as the following is used:

example# routeadm -u

An alternative to the above two steps is to simply enable the equivalent SMF service:

example# svcadm enable svc:/network/ipv4-forwarding

...or, using the abbreviated FMRI:

example# svcadm enable ipv4-forwarding

Example 3 Making a Setting Revert to its Default

To make the setting changed in the first example revert to its default, enter the following:

example# routeadm -r ipv4-forwarding
example# routeadm -u

Example 4 Starting in.routed with the -q Flag

Setting the -q flag is represented in the SMF service by setting the quiet_mode property to true. The following sequence of commands starts in.routed with the -q flag:

example# routeadm -m route:default quiet_mode=true
example# routeadm -e ipv4-routing -u

See in.routed(1M) for details of property names and how they relate to daemon behavior.

EXIT STATUS

The following exit values are returned:

0

Successful completion.

!=0

An error occurred while obtaining or modifying the system configuration.

FILES

/etc/inet/routing.conf

Parameters for IP forwarding and routing. (Not to be edited.)

ATTRIBUTES

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPEATTRIBUTE VALUE
Interface StabilityStable
SEE ALSO

ifconfig(1M), in.routed(1M), svcadm(1M), gateways(4), attributes(5), smf(5)