December 2006
Intermediate to advanced
202 pages
8h 29m
English
Content preview from Linux Kernel in a NutshellBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Name
IP_ADVANCED_ROUTER — IP: advanced router
If you intend to run your Linux box mostly as a router, i.e. as a computer that forwards and redistributes network packets, say yes here. You will then be presented with several options that allow more precise control about the routing process.
The answer to this question won't directly affect the kernel: answering no will just cause the configurator to skip all the questions about advanced routing.
Note that your box can act as a router only if you enable IP
forwarding in your kernel; you can do that by saying yes to the
/proc file system support and
Sysctl support options and
executing the line:
echo "1" > /proc/sys/net/ipv4/ip_forward
at boot time after the /proc file system has been mounted.
If you turn on IP forwarding, you will also get the rp_filter, which automatically rejects incoming packets if the routing table entry for their source address doesn't match the network interface they're arriving on. This has security advantages because it prevents IP spoofing; however, it can pose problems if you use asymmetric routing (packets from you to a host take a different path from packets that go from that host to you) or if you operate a non-routing host that has several IP addresses on different interfaces. To turn rp_filter off, enter:
echo 0 > /proc/sys/net/ipv4/conf/device/rp_filteror
echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter