Routing and the Linux Kernel
This discussion will go behind the scenes of the routing engine in the Linux kernel. We will explore how routing decisions are made, how the routing table is modified, as well as other useful hacks.
The referenced kernel is version 3.17.1. With that being said, the well known traditional ‘routing cache’ has been removed (>= 3.6 kernel) in favor of the FIB TRIE database.
What is routing
Routing occurs when a machine wants to talk outside it’s local network or broadcast domain. Routing is traditionally performed on destination IP addresses. A simple way to think about routing is imagine a machine, 192.168.1.0/24 wanting to talk to a remote host, 22.214.171.124. The machine will ask the following:
- Is the destination, 126.96.36.199, inside my subnet? No. Continue.
- Do I have a specific route to 188.8.131.52? Essentially the machine is saying “I don’t know about 184.108.40.206, but does anything else know about it?” This can either be a route to 220.127.116.11/32 or 18.104.22.168/24, or 22.214.171.124/8. If not, continue.
- Do I have a default gateway? The default gateway is also known as the gateway of last resort. The machine says “I don’t know about 126.96.36.199 so I’ll send it to this machine that knows how to get to all other hosts”.