gated.conf(4)
NAME
gated.config − gated configuration file syntax
SYNOPSIS
/etc/gated.conf
DESCRIPTION
The gated config file consists of a sequence of statements terminated by a semi-colon (;). Statements are composed of tokens separated by white space, which can be any combination of blanks, tabs and newlines.
Comments may be specified in either of two forms:
• Starting with a # and runs to the end of the line.
• "C" style, which starts with a /* and continues until it reaches */.
Statement Classes
There are eight classes of statements. The first two classes may be specified in the configuration file in any order:
• Directive: These statements are immediately acted upon by the parser. They are used to specify included files and the directory in which they reside. Unlike other statements which terminate a semi-colon (;), directive statements terminate with a newline.
• Trace: These statements control tracing options.
The six remaining classes must be specified in order.
• Options: These statements allow specification of some global options.
• Interface: These statements specify interface options.
• Definition: These statements specify options, the autonomous system, and martian networks.
• Protocol: These statements enable or disable protocols and set protocol options.
• Route: Static routes are defined by route statements.
• Control: Control statements define routes that are imported from routing peers and routes that are exported to these peers.
Each of these statement classes are described in details below.
Statement Primitives
The following primitives are used in statement definitions:
host Any host. A host may be specified by its IP address or by a domain name. If a domain name is specified that has multiple IP addresses it is considered an error. The host bits in the IP address must be non-zero.
network Any network. A network may be specified by its IP address or a network name. The host bits in a network specification must be zero. default can also be used to specify the default network (0.0.0.0).
destination Any host or network.
dest_mask Any host or network with an optional mask:
all
network
network mask mask
network mask-length bits
host host
autonomous_system
A number between 1 and 65534 assigned by the Internet Assigned Numbers Authority to represent an autonomous system.
A mask is a dotted quad specifying which bits of the destination are significant. all may be used to specify any IP address may be matched. The number of contiguous bits may be used instead an explicit mask.
gateway A gateway must be a host on an attached network.
interface An interface may be specified by IP address, domain name, or interface name. Be careful with the use of interface names as future UNIX operating systems may allow more than one address per interface.
gateway_list A gateway list is a list of one or more gateways.
interface_list An interface list is a list of one or more interface names, wildcard names (names without a number) or addresses, or the token all, which refers to all interfaces.
preference A preference is used to determine the order of routes to the same destination in routing table. gated allows one route to a destination per protocol/per autonomous system. In the case of multiple routes, the route to use is chosen by preference, which is a number between 0 and 255, with 0 being the most preferred and 255 being the least preferred.
In case of a preference tie, if the two routes are from the same protocol and from the same autonomous system, gated will chose the route with the lowest metric. Otherwise gated will choose the route with the lowest numeric next-hop gateway address.
metric Is a valid metric for the specified protocol.
Directive Statements
%directory "path_name"
Sets the current directory to path_name. This is the directory where gated looks for included files that do not begin with /.
Note that this statement does not actually change the current directory; it just specifies the prefix applied to included file names.
%include "filename"
Causes the specified file to be parsed completely before resuming with this file. Nesting up to 10 levels is supported. The maximum nesting level may be increased by changing the definition of FI_MAX in parse.h.
Trace Statements
tracefile ["filename" [replace]] [size size [k|m] files files ] ;
Specifies the file to contain tracing output. If a filename is specified, trace information is appended to this file unless replace is specified.
If specified, size and files cause the trace file to be limited to size, with files kept (including the active file). The backup file names are created by appending a period and a number to the trace file name, starting with .0. The minimum size that can be specified is 10k, the minimum number of files that can be specified is 2. The default is not to rotate log files.
traceoptions traceoption [traceoption [...]] [except traceoption [traceoption [...]]] ;
Changes the tracing options to those specified. If none is the only option specified, tracing is turned off. If the except keyword is specified, flags listed before it are turned on and flags listed after it are turned off. This is a simple method to turn on all but a few flags. Trace flags are:
all Turn on all of the tracing options below except nostamp.
general Turn on internal, external, and route.
internal Internal errors and informational messages.
external External errors.
nostamp Do not timestamp all messages in the trace file.
mark Output a message to the trace log every 10 minutes to insure gated is still running.
task Task scheduling, signal handling and packet reception.
timer Timer scheduling.
parse Tokens the parser recognizes in the config file.
route Changes to the gated routing table.
kernel Changes to the kernel’s routing table.
bgp BGP packets sent and received. May be modified by update and protocol.
egp EGP packets sent and received. May be modified by update and protocol.
rip RIP packets sent and received. May be modified by update.
hello HELLO packets sent and received. May be modified by update.
icmp ICMP redirect packets sent and received. May be modified by update.
Note that redirects processed are traced under the route option.
snmp SNMP packets sent and received. May be modified by update.
protocol Provide messages about protocol state machine transitions when used with EGP, BGP, or OSPF.
update Trace the contents of protocol packets.
Options Statements
options option_list ;
Sets gated options:
noinstall Do not change kernel’s routing table. Useful for verifying configuration files.
gendefault [preference preference ] [gateway gateway ]
BGP and EGP neighbors should cause the internal generation of a default route when up. By default, this route will not be installed in the kernel’s routing table, but may be announced by other protocols. If a gateway is specified, the route is installed in the kernel pointing to that gateway. Announcement is controlled by referencing the special protocol default.
nosend Do not send any packets. This allows running gated on a live network to test protocol interactions without actually participating in the routing protocols. The packet traces in the gated log can be examined to verify that gated is functioning properly. This is most useful for RIP and HELLO and possibly the SMUX SNMP interface. This does not yet apply to BGP packets.
noresolv Do not try to resolve symbolic names into IP addresses by using the host/network tables or Domain Name System. This is intended for systems where a lack of routing information could cause a DNS lookup to hang.
syslog [upto log_level ] log_level
Controls the amount of data gated logs via syslog on systems where setlogmask() is supported. The log_level and other terminology are as defined in the setlogmask(3C) manual page. The default is equivalent to syslog upto info.
Interface Statements
interfaces {
options [strictintfs] [scaninterval time ] ;
interface interface_list interface_options;
define address [broadcast broadaddr | pointopoint lcladdr]
[netmask netmask] [multicast];
} ;
The interface keywords are:
options Sets some global options related to interfaces.
strictintfs
Indicates that it is a fatal error to reference an interface in the configuration file that is not listed in a define statement or not present when gated is started. Without this option a warning message will be issued and gated will continue.
scaninterval time
Specifies how often gated scans the kernel interface list for changes. The default is every 15 seconds on most systems, 60 seconds on systems that pass interface status changes through the routing socket (i.e. BSD 4.4). Note that gated will also scan the interface list on receipt of a SIGUSR2.
interface Sets interface options on the specified interfaces. An interface list is all or a list of interface names (see warning about interface names), domain names, or numeric addresses.
The interface options are:
preference pref
Sets the preference for routes to this interface when it is up; defaults to 0.
down preference pref
Sets the preference for routes to this interface when gated believes it to be down due to lack of received routing information; defaults to 120.
passive
Prevents gated from changing the preference of the route to this interface if it is believed to be down due to lack of received routing information.
simplex Defines an interface as unable to hear it’s own broadcast packets. Currently defining an interface as simplex is functionally equivalent to defining it as passive.
reject Specifies that the address loopback interfaces which match these criteria will be used as the local address when installing reject routes in the kernel. Should only be used with systems based on BSD 4.3 Tahoe or earlier which have installed a reject/blackhole pseudo interface.
blackhole Specifies that the address loopback interfaces which match these criteria will be used as the local address when installing blackhole routes in the kernel. Should only used with systems based on BSD 4.3 Tahoe or earlier which have installed a reject/blackhole pseudo interface.
define Defines interfaces that may not be present when gated is started. gated considers it an error to reference a non-existent interface in the config file. This clause allows specification of that interface so it can be referenced in the config file.
Definition keywords are:
broadcast broad_addr
Defines the interface as broadcast capable (i.e. Ethernet and Token Ring) and specifies the broadcast address.
pointopoint local_addr
Defines the interface as a point to point interface (i.e. SLIP and PPP) and specifies the address on the local side. For this type of interface the interface_addr specifies the address of the remote host.
An interface not defined as broadcast or pointopoint is assumed to be non-broadcast multiaccess (NBMA), such as an X.25 network.
netmask subnetmask
Specifies the non-standard subnet mask to be used on this interface. Note that this currently ignored on pointopoint interfaces.
multicast Specifies the interface is multicast capable.
Definition Statements
autonomoussystem autonomous_system;
Sets the autonomous system of this router to be autonomous_system. This option is required if BGP or EGP are in use.
routerid host;
Sets the router identifier for use by the BGP and OSPF protocols. The default is the address of the first interface encountered by gated. The address of a non-POINTOPOINT interface is preferred over the local address of a POINTOPOINT interface and an address on a loopback interface that is not the loopback address (127.0.0.1) is most perferred.
martians {
martian_list
} ; Defines a list of martian addresses about which all routing information is ignored. The martian_list is a semi-colon separated list of symbolic or numeric hosts with optional masks. See dest_mask. Also, the allow parameter may be specified to explicitly allow a subset of a range that was disallowed.
Protocol Statements
Enables or disables use of a protocol and controls protocol options. These may be specified in any order.
For all protocols, preference controls the choice of routes learned via this protocol or from this autonomous system in relation to routes learned from other protocols/autonomous systems. The default metric used when propagating routes learned from other protocols is specified with defaultmetric which itself defaults to the highest valid metric for this protocol, for many protocols this signifies a lack of reachability.
For distance vector IGPs with no explicit connections or authentication (RIP and HELLO) and redirects (ICMP), the trustedgateways clause supplies a list of gateways providing valid routing information; routing packets from other gateways are ignored. This defaults to all gateways on the attached networks.
Routing packets may be sent not only to the remote end of point-to-point links and the broadcast address of broadcast-capable interfaces, but also to specific gateways if they are listed in a sourcegateways clause and yes or on is specified. If nobroadcast is specified, routing updates will be sent only to gateways listed in the sourcegateways clause, and not at all to the broadcast address.
Disabling the transmission and reception of routing packets for a particular protocol may be specified with the interface clause. An interface clause which disables sending or receiving protocol packets may be overridden for specific peers using the trustedgateways and sourcegateways clauses.
For exterior protocols (BGP, EGP), the autonomous system advertised to the peer is specified by the global autonomoussystem clause unless overridden by the asout parameter. The incoming autonomous system number is not verified unless peeras is specified. Specifying metricout fixes the outgoing metric for all routes propagated to this peer.
If the peer does not share a network, interface can be used to specify which interface address to use when communicating with this peer and gateway can be used to specify the next hop to use for all routes learned from this peer. An internal default is generated when routing information is learned from a peer unless the nogendefault parameter is specified.
Any protocol can have a traceoptions clause, which enables tracing for a particular protocol, group or peer. The allowable protocol-specific options are: all, general, internal, external, route, update, task, timer, protocol, or kernel.
Routing Information Protocol (RIP):
rip yes|no|on| off [ {
broadcast;
nobroadcast;
nocheckzero;
preference preference;
defaultmetric metric;
interface interface_list [noripin] [noripout]
[metricin metric] [metricout metric]
[version 1] | [version 2 [multicast|broadcast]]
[authentication [none | password]] ;
...
trustedgateways gateway_list;
sourcegateways gateway_list;
traceoptions traceoptions;
} ] ;
If the rip clause is not specified the default is rip on. nobroadcast specifies that RIP packets will only be sent to gateways listed in the sourcegateways clause, if there are any. If yes or on is specified, RIP will assume nobroadcast if there is only one interface and broadcast if there is more than one. broadcast specifies that RIP packets will always be generated. nocheckzero specifies that RIP should not make sure that the reserved fields in RIP packets are zero.
Note that using broadcast with only one interface is useful only when propagating static routes or routes learned from another protocol. This will cause data packets to travel across the same network twice, which may be tolerable in certain configurations.
The default metricout is zero, the default metricin is the kernel interface metric plus 1 (the default RIP hop count).
The default authentication type is NONE (this only applies to RIP-2 packets, and is ignored for RIP-1 packets). If a password is specified, the authentication type used will be SIMPLE. The password should be a quoted string, between zero and 16 characters.
If the version is specified as 1 or defaults to 1, RIP version 2 packets will never be sent except in response to a v2 POLL packet. If the version is specified as 2, RIP version 2 packets will be sent to the RIP multicast address if possible, or to the broadcast address, unless the method is explicitly specified.
The default metric is 16; the default preference is 100.
HELLO Protocol:
hello yes|no|on| off [ {
broadcast ;
nobroadcast ;
preference preference;
defaultmetric metric;
interface interface_list [nohelloin] [nohelloout]
[metricin metric] [metricout metric] ;
...
trustedgateways gateway_list;
sourcegateways gateway_list;
traceoptions traceoptions;
} ] ;
If yes or on is specified, HELLO will assume nobroadcast if there is only one interface, and broadcast if there is more than one. If the HELLO clause is not specified, the default is hello off.
broadcast specifies that HELLO packets will be generated. nobroadcast specifies that HELLO packets will only be sent to gateways listed in the sourcegateways clause, if there are any.
Note that using broadcast with only one interface is useful only when propagating static routes or routes learned from another protocol. This will cause data packets to travel across the same network twice, which may be tolerable in certain configurations.
The default metricout is zero, the default metricin is a translation of the kernel interface metric into a hello metric plus 100 (the default HELLO hop count).
The default metric is 30000; the default preference is 90.
OSPF Protocol:
ospf yes|no|on| [ {
[defaults {
preference preference ;
cost cost1 ;
tag [tag| as[as_tag]] ;
type 1|2 ;
} ] ;
[exportlimit routes ;]
[exportinterval time ;]
[traceoptions traceoptions ;]
[monitorauthenticationkey authkey ;]
[area area {
authtype 0|1| none|simple ;
stub [cost cost] ;
networks {
network [ mask mask] ;
} ;
stubhosts {
host cost cost ;
} ;
interface interface [cost cost] {
[enable|disable] ;
retransmitinterval time ;
transitdelay time ;
priority priority ;
hellointerval time ;
routerdeadinterval time ;
authkey auth_key ;
} ;
interface interface nonbroadcast[cost cost] {
pollinterval time ;
routers {
gateway [eligible] ;
} ;
[enable|disable] ;
retransmitinterval time ;
transitdelay time ;
priority priority ;
hellointerval time ;
routerdeadinterval time ;
authkey auth_key ;
} ;
} ; ]
[backbone {
authtype 0|1| none|simple ;
networks {
network [mask mask] ;
} ;
subhosts {
host cost cost ;
} ;
interface interface [cost cost] {
[enable|disable] ;
retransmitinterval time ;
transitdelay time ;
priority priority ;
hellointerval time ;
routerdeadinterval time ;
authkey auth_key ;
} ;
interface interface nonbroadcast [cost cost] {
pollinterval time ;
routers {
gateway [eligible] ;
} ;
[enable|disable] ;
retransmitinterval time ;
transitdelay time ;
priority priority ;
hellointerval time ;
routerdeadinterval time ;
authkey auth_key ;
} ;
virtuallink neighborid host transitarea area {
[enable|disable] ;
retransmitinterval time ;
transitdelay time ;
priority priority ;
hellointerval time ;
routerdeadinterval time ;
authkey auth_key ;
} ;
} ; ]
} ] ;
interface An interface is specified with an address, a name, a wildcard name (name without any number), or all. Multiple interface clauses may be specified with different parameters, the parameters used are accumulated from the interface clauses. If a parameter is specified more than once the instance with the most specific interface reference is used. The order of precedence is address, name, wildcard name, all.
cost1 A number between 0 and 16777215 specifying an OSPF external (ASE) cost.
tag The OSPF tag (an unsigned 31-bit number) to be placed on all routes exported by gated into OSPF.
as_tag The OSPF-BGP tag (an unsigned 12-bit number) to be placed on all routes export by gated into OSPF. When " tag as [as_tag] " is used, tag fields are automatically generated and the as_tag field is assigned if specified.
cost A number between 0 and 65535 specifying an OSPF internal cost.
area A dotted quad or a number between 1 and 4294967295. Area 0 is always referred to as the backbone.
auth_key One to eight decimal digits separated by periods, a one to eight byte hexadecimal string preceded by "0x", or a one to eight character string in double quotes.
priority A number between 0 and 255 specifying the priority of becoming the designated router on this interface.
OSPF inter and intra area are always imported into the gated routing table with a preference of 10. It would be a violation of the protocol to do otherwise so it is not possible to override this. OSPF Autonomous System External (ASE) routes are imported with a preference of 150. This default may be changed with the preference keyword in the defaults section. ASE routes are imported at a rate of 100 ASEs every 1 second, these parameters can be tuned with the exportlimit and exportinterval parameters.
gated routes are exported to OSPF as ASEs with a default cost of 0 and a type of 1. By default, the tag is calculated from the AS path of the route being exported (tag as). These may all be changed in the defaults section.
OSPF areas may be specified in any order, but the backbone area must be specified last.
Exterior Gateway Protocol (EGP):
egp yes|no|on| off [ {
[preference preference ;]
[defaultmetric metric ;]
[packetsize maxpacketsize ;]
[traceoptions traceoptions ;]
[group [peeras autonomous_system]
[localas autonomous_system]
[maxup number]
[preference preference]
{
neighbor host
[metricout metric]
[nogendefault]
[importdefault]
[exportdefault]
[gateway gateway]
[lcladdr local_address]
[sourcenet network]
[minhello min_hello]
[minpoll min_poll]
[traceoptions traceoptions]
;
...
} ;
... ]
} ] ;
packetsize specifies the size, in bytes, of the largest EGP packet that will be accepted or sent. A group lists a group of EGP peers in one autonomous system. maxup specifies the maximum number of peers that will be maintained in the Up state. importdefault and exportdefault tell gated to import or export the default route (0.0.0.0) in updates exchanged with an EGP neighbor. If not specified, the the default network is ignored when exchanging EGP updates.
sourcenet specifies the network to query in EGP Poll packets, this is normally the shared network.
The minimum EGP hello and poll intervals acceptable may be specified with the minhello and minpoll arguments, respectively. These are both specified as a time in seconds, minutes:seconds or hours:minutes:seconds.
Any number of group clauses may be specified containing any number of neighbor clauses. Any parameters from the neighbor clause may be specified on the group clause to provide defaults for the group.
The local_address is used to set the local address to be used when there is a choice of interfaces. If not specified it defaults to whichever interface is shared with the neighbor. If a network is not shared with the neighbor, gateway may be used to specify the next-hop gateway to use when installing routes learned from this neighbor. In this case the default interface is the one shared with the specified gateway.
The default metric is 255; the default preference is 200.
Border Gateway Protocol (BGP):
bgp yes|no|on|
[preference preference ;]
[defaultmetric metric ;]
[traceoptions traceoptions ;]
[group type external|internal |igp|test peeras peeras
[metricout metric]
[localas localas]
[nogendefault]
[gateway gateway]
[preference preference]
[lcladdr local_address]
[holdtime time]
[traceoptions traceoptions]
[version version]
[passive]
[importdefault]
[exportdefault]
[sendbuffer bufsize]
[recvbuffer bufsize]
[spoolbuffer bufsize]
[keepall]
{
[allow { dest_mask ... } ; ]
[peer host
[metricout metric]
[localas localas]
[nogendefault]
[gateway gateway]
[preference preference]
[lcladdr local_address]
[holdtime time]
[traceoptions traceoptions]
[version version]
[passive]
[importdefault]
[exportdefault]
[sendbuffer bufsize]
[recvbuffer bufsize]
[spoolbuffer bufsize]
[keepall]
; ]
...
} ;
... ]
} ] ;
BGP peers are assigned to groups based on type and peeras. It is not possible to have two groups with the same type and peeras. Peer specifies the address of each BGP peer. Group options provide the defaults for all peers within that group.
peeras is the autonomous system expected from a peer. metricout is the default metric to use when sending to this peer. localas specifies the autonomous system advertised to this peer; the default is that which has been set globally. nogendefault specifies that this peer should not cause the automatic default to be generated.
The local_address specifies the address to be used on the local end of the TCP connection with the peer. For external peers the local address must be on an interface which is shared with the peer (or for a non-local peer’s configured next-hop gateway when the gateway option is used to specify this) and a session with the peer will be opened only when an interface with the appropriate local address through which the peer (gateway) address is directly reachable is operating. For other types of peers a peer session will be maintained when any interface with the specified local address is operating. In either case incoming connections will only be recognized as matching a configured peer if they are addressed to the configured local address.
holdtime specifies the BGP holdtime to use with this peer. Traceoptions specify tracing options for this peer (and are not yet implemented).
version specifies the version of the BGP protocol to use with this peer. If not specified, the highest supported version is used first and version negotiation is attempted.
passive specifies that active opens to this peer should not be attempted. importdefault and exportdefault control whether the default network (0.0.0.0) can be exchanged with this peer. keepall is used to retain routes learned from a peer that contain one of our autonomous system numbers in their path.
sendbuffer and recvbuffer control the amount of buffering asked of the kernel; the default is to configure the maximum supported, up to 65535 bytes. spoolbuffer is used to indicate that BGP should buffer data for peers when the kernel queues are full; the default is to break the connection. These options are normally not needed on properly functioning systems.
If a metric is not specified, the default is not to send a metric. The default preference is 170, the default holdtime is 180 and the default version is 3.
Redirect (ICMP):
redirect yes|no|on| off [ {
preference preference;
interface interface_list [noredirects] ;
trustedgateways gateway_list;
traceoptions traceoptions;
} ] ;
Controls whether gated makes routing table changes based on ICMP redirects when not functioning as a router. When functioning as a router (i.e. any interior routing protocols (RIP, HELLO, OSPF) are participating in routing on any interface, ICMP redirects are disabled. When ICMP redirects are disabled, gated must actively remove the effects of redirects from the kernel as the kernel always processes ICMP redirects.
The default preference is 30.
SNMP Protocol:
snmp yes|no|on| off [ {
preference preference;
traceoptions traceoptions;
port port;
} ] ;
Controls whether gated tries to contact the SMUX SNMP daemon to register supported variables. The default is on. The default preference is 50. The default port is 199 (SMUX).
Static Statements
Static routes are specified with static clauses.
static {
dest_mask gateway gateway [gateway2 [gateway3 [...]]]
[interface interface_list]
[preference preference]
[retain] [reject] [blackhole] [noinstall] ;
...
dest_mask interface interface [preference preference]
[retain] [reject] [blackhole] [noinstall] ;
...
} ;
Any number of static statements may be specified, each containing any number of static route definitions. The first form defines a static route through one or more gateways. If multiple gateways are specified, they are limited by the number of multipath destinations supported (on UNIX this is almost always one). Only gateways on interfaces that are configured and up are used.
The second defines a static interface route which is used for primitive support of multiple networks on one interface.
The interface list on the first form restricts static routes to a specific set of interfaces.
retain causes the route to be retained in the kernel after gated is shut down. reject causes all packets to this route to be rejected. blackhole causes all packets to this route to be silently discarded. reject and blackhole are not supported by all systems. noinstall is used to prevent this route from being installed in the kernel
The preference for static routes defaults to 60.
Control Statements
Importation of routes from routing protocol peers and exportation of routes to routing protocol peers are controlled by import and export clauses.
Import Clauses:
import proto bgp|egp as autonomous system restrict ;
import proto bgp|egp as autonomous system
[preference preference] {
import_list
} ;
import proto bgp aspath aspath_spec restrict ;
import proto bgp aspath aspath_spec
[preference preference] {
import_list
} ;
import proto rip|hello|redirect restrict ;
import proto rip|hello|redirect
[preference preference] {
import_list
} ;
import proto rip|hello| redirect interface interface_list restrict ;
import proto rip|hello|redirect interface interface_list
[preference preference] {
import_list
} ;
import proto rip|hello|redirect gateway gateway_list restrict ;
import proto rip|hello|redirect gateway gateway_list
[preference preference] {
import_list
} ;
import proto ospfase [ tag ospf_tag ] restrict ;
import proto ospfase [tag ospf_tag]
[preference preference] [ {
import_list
} ] ;
If an OSPF type is specified, only routes of that type will be considered for import, otherwise either type will be considered. If an ospf_tag specification is given, only routes matching that tag specification will be considered, otherwise any tag will be considered. An OSPF tag specification may is a decimal, hexidecimal or dotted quad number.
If more than one import statement relevant to a protocol is specified, they are processed most specific to least specific (i.e. for RIP and HELLO, gateway, interface and protocol), then in the order specified in the config file.
An import_list consists of zero or more destinations (with optional mask). One of two parameters may be specified: restrict to prevent a set of destinations from being imported, or a specific preference for this set of destinations.
Import_list
dest_mask [[ restrict] | [preference preference]] ;
Note that the contents of an import_list are sorted internally so that entries with the most specific masks are examined first. The order in which dest_mask entries are specified does not matter.
If no import list is specified, all routes will be accepted. If an import list is specified, the import list is scanned for a match. If no match is found, the route is discarded. Rephrased, an all restrict entry is assumed in an import list.
Export Clauses:
export proto bgp|egp as autonomous_system restrict;
export proto bgp|egp as autonomous_system
[metric metric] {
export_list
} ;
export proto rip|hello restrict;
export proto rip|hello [metric metric] {
export_list
} ;
export proto rip|hello interface interface_list restrict;
export proto rip|hello interface interface_list
[metric metric] {
export_list
} ;
export proto rip|hello gateway gateway_list restrict;
export proto rip|hello gateway gateway_list
[metric metric] {
export_list
} ;
export proto ospfase [type 1|2] [tag ospf_tag] restrict;
export proto ospfase [type 1|2] [tag ospf_tag]
[cost ospf_cost] {
export_list
} ;
export_list: The export_list specifies exportation based on the origin of a route to a destination:
proto bgp|egp as autonomous_system
[restrict] | [metric metric] [ {
announce_list
} ] ;
proto rip|hello|direct| static|default
[restrict] | [metric metric] [ {
announce_list
} ] ;
proto rip|hello|direct| static|default interface interface_list
[restrict] | [metric metric] [ {
announce_list
} ] ;
proto rip|hello gateway gateway_list
[restrict] | [metric metric] [ {
announce_list
} ] ;
proto ospf [restrict] | [metric metric] [ {
announce_list
} ] ;
proto ospfase [restrict | metric metric] [ {
announce_list
} ] ;
proto proto aspath aspath_spec
[restrict] | [metric metric] [ {
announce_list
} ] ;
proto proto tag tag
[restrict] | [metric metric] [ {
announce_list
} ] ;
If a tag is specified, only routes with that tag will be considered, otherwise any tag will be considered. An OSPF tag on an export statement may be a decimal, hexidecimal, or AS to generate a tag based on the AS path of route being announced. An OSPF tag on an export list is just an 31 bit number that is matched against the tag present (if any) on that route.
If more than one export statement relevant to a protocol is specified, they are processed most specific to least specific (i.e. for RIP and HELLO, gateway, interface and protocol), then in the order specified in the config file.
By default, interface routes are exported to all protocols. RIP and HELLO also export their own routes. An export specification with just a restrict will prevent these defaults from being exported. Note that it is not possible to change the metric RIP and HELLO use for their own routes; any attempt to override it will be silently ignored.
Any protocol may be specified for import lists refering to aspaths and tags. AS paths are most meaningful with BGP and OSPF ASE routes, but are generated for all routes. Tags are currently only meaningful for OSPF ASE routes.
An announce_list consists of zero or more destinations (with optional mask). One of two parameters may be specified: restrict to prevent a set of destinations from being exported, or a specific metric for this set of destinations.
announce_list
dest_mask [[ restrict] | [metric metric]] ;
Note that the contents of an announce_list are sorted internally so that entries with the most specific masks are examined first. The order in which dest_mask entries are specified does not matter.
If no announce_list is specified, all destinations are announced. If an announce list is specified, an all restict is assumed. Therefore, an empty announce list is the equivalent of all restrict.
Note that to announce routes which specify a next hop of the loopback interface (i.e. static and internally generated default routes) via RIP or HELLO it is necessary to specify the metric at some level in the propagate clause. Just setting a default metric for RIP or HELLO is not sufficient.
An AS path specification is used to match one or more AS paths ( aspath_spec).
aspath regexp origin [igp|egp| incomplete|any]
where regexp is a regular expression over the set of AS numbers as defined in RFC-1164 section 4.2.
FILES
/etc/gated.conf The gated configuration file.
WARNINGS
gated contains provisions for BGP protocol, but it is not officially supported by HP at the present time. Some features specified in RFC1388 (RIP version 2) are not currently supported: route aggregation, MIB, route tag and authentication. Also, features specified in RFC1247 (OSPF version 2) not supported are: variable length subnet mask, TOS (type of service) based routing, equal cost multipath and MIB support (RFC1253).
AUTHORS
See gated(1m).
SEE ALSO
arp(1m), gated(1m), gdc(1m), ifconfig(1m), netstat(1m) ripquery(1m) syslog(1m).
RFC 891DCN Local-Network Protocols (HELLO)
RFC 904Exterior Gateway Protocol Formal Specification
RFC 911EGP Gateway under Berkeley UNIX 4.2
RFC 1058Routing Information Protocol
RFC 1163A Border Gateway Protocol (BGP)
RFC 1164Application of the Border Gateway Protocol in the Internet
RFC 1247OSPF Specification, Version 2
RFC 1227SNMP MUX Protocol and MIB.
Hewlett-Packard Company — HP-UX Release 10.20: July 1996