[NTLUG:Discuss] Default gateway -where set

[Bryan J. Smith]

Leroy Tennison <leroy_tennison at prodigy.net> wrote:
> Trouble or just asking?  Well, a little of both.  I
> initially had trouble when I first got DSL.  I fooled
> with it until I got it working but didn't put it in any
> files to make it persistent.  Then one day I when booted
> up, it worked "auto-magically" and the settings were 
> different.  This whole experience got my interest up.

Different distros have different mechanisms for setting
static routes (such as the default route aka default gateway)
either system-wide, or interface-specific.

The Linux kernel itself just does what it is told.  The
iproute2 (2.4+) portion of the kernel handles layer 3
(packet/IP) addressing.  Netfilter handles layer 2, 3 and 4
(frame/802, packet/IP, transport/UDP-TCP) filter.

There are different interfaces into each.

There are also userspace daemons to listen for more dynamic
routing updates, although that's typically only needed for
internal networks -- unless you work at an ISP, for a RBOC
(Regional Bell Operating Company), etc...

> In "real life" I do networking for a living (Microsoft,
> Novell, interoperability between WinTel and mainframe/UNIX
> environments, even some Macintosh a good while back).

By your description I assume you mean "system administration"
of network systems (including network authentication,
directory, naming and other services like file/print), but
not "network administration" whereby you are configuring
networking equipment, maintaining dynamic routing protocols,
etc...?  Or do you dabble in the latter too?

> It dawned on me that I knew exactly how to set up
> networking in the WinTel world but had very little
> knowledge when it came to Linux.

ifconfig and route is basically everything you need to know
for _any_ UNIX platform, possibly alongside netstat.  Other
than ifconfig (ipconfig on NT), they are the same on NT.

Different Linux distributions have different scripts that use
different files for boot-time configuration -- often using
those two commands, ifconfig and route.

If you really want to "get into it" -- look at the
/etc/inittab and all the "resource configuration" (rc)
scripts that are run.  Most eventually call an AT&T System V
Initialization (aka SysVinit) like series of scripts from
/etc/rc#.d which are symlinks to scripts in /etc/init.d
(where # = the run-level, the default is typically in
/etc/inittab).

On Red Hat systems through Fedora Core 3 (this has changed
somewhat for networking in Fedora Core 4, and Fedora Core 5
will change the entire init system further),
/etc/init.d/network is the script that configures the network
interfaces, routes, etc... at startup/shutdown.

> I had discovered some things but couldn't seem to easily
> find documentation on others which is why I asked (and am
> asking).

Learning the basics behind SysVinit is very helpful with most
modern commercial UNIX and any Linux flavors.
 
> Is what you said concerning Red Hat also true for SuSE only
> the scripts are in /etc/sysconfig/network instead of
> /etc/sysconfig/network-scripts?

SuSE uses a different location.
Debian does as well.
It all depends on the startup scripts.
Different UNIX versions will vary as well.

Again, nearly all UNIX platforms these days (sans many of the
BSD variants) use a SysVinit approach.  If you learn the
SysVinit of a particular flavor, you can learn exactly how it
does things on startup/shutdown.

> I've also been discovering how the firewall is implemented
> during startup.  It seems that, for Red Hat, it's simply 
> /etc/sysconfig/iptables which is an iptables-save/iptables-
> restore script (found that format on the Web).

Actually, the Netfilter stack is _always_on_ in the Linux
kernel (2.4+).  Microsoft has nothing like it in even the
latest NT5.1 (XP/2003) releases, which is why Checkpoint,
Network Associates, Symantec, etc... all based their
applicances on Linux.  It's very modular, including allowing
other objects to "plug-in."

The scripts use the most well-known portion of the Netfilter
stack, IPTables -- a set of standard, Stateful Packet
Inspection (SPI) functions.  The Red Hat scripts is rather
simplistic, but does the job.

> For SuSE I ***think*** it's 
> /etc/sysconfig/SuSEfirewall2 which is used by
> /sbin/SuSEfirewall2 which 
> in turn is run by the startup scripts for the run levels. 
> Can anyone confirm this?

Yes.  If you want to use SuSE's system configuration tools,
read up on "yast" (console) and "yast2" (GUI).

> Based on all this, is what I'm suspecting (at least about
> networking) true?: All distributions use pretty much the 
> same executables to accomplish their tasks,

Well, most things are actually in the kernel itself.
The user-space programs just let you configure the kernel's
subsystems like iproute2, Netfilter, etc...

> it's just where and how they decide to script 
> them which is different.

Exactomundo.

The Linux Standards Base (LSB) endeavor is trying to
standardize most of these things, but many things are
optional.

Again, learn the principles behind any SysVinit system and
you can learn just about any modern UNIX/Linux system by
poking around its startup scripts.

It typically all starts with "/etc/inittab" which the main
"init" program reads to find out what scripts to call.


-- 
Bryan J. Smith                | Sent from Yahoo Mail
mailto:b.j.smith at ieee.org     |  (please excuse any
http://thebs413.blogspot.com/ |   missing headers)