Thanks to all who responded namely:
Ross Alexander <rwa_at_cs.athabascau.ca>
David Halyk <halyk_at_chrs.com>
Gyula Szokoly <szgyula_at_skysrv.Pha.Jhu.EDU>
Danny J. Mitzel <dmitzel_at_everest.hitc.com>
Henk Mos <mos_at_fys.ruu.nl>
My original question:
>Seems that when I execute netstat -rn, am prompted by a long list, most
>of which are subnets or ip addresses that are not under my domain. How
>will I "clean" such routing tables so that only the subnets/ip addresses
>posted there are those only from my domain?
Disabled the routed daemon using netsetup. Established a static route to
a default gateway and assigned the corresponding IP addresses, which for
my case was the router IP address. That did the trick!
Ross Alexander sez:
-------------------
Disconnect your domain from all other networks. This will eliminate
the routes and the routing daemon will remove them from the table
automatically.
Of course, that's probably not what you want. Why do you feel having
routes to networks outside your domain is a problem?
> Actually what I was having in mind was that it seems that subnets of
> other networks are having routing tables on our host, while checking on
> some sites, they only have those entries of hosts under their domain.
> Somewhat messy to see, and by the way, correct me if am wrong, but
> wouldn't it add load to the host and demand resources?
I wouldn't worry about the load/resources issue unless there were
literally thousands of them. OSF/1 uses the 4.3BSDnr2 routing tree
code internally and route lookup is very quick (O(ln x) for x
routes).
Have you considered running gated rather than routed? Gated is
cleverer about detecting redundant routes.
(The simplest solution, of course, is to install the routing tables
statically via "route add" and to use no routing daemons at all. If
your domain has a single gateway and the topology is stable, this is a
perfectly reasonable approach. It prevents certain forms of network
attack as a bonus.)
David Halyk suggested:
---------------------
Logged in as root issue the following command:
route flush
This removes any inactive routes from the routing tables. I am curious
however as to why you see your problem as a problem? By the way this will
only remove the routing table entries up to the point in time you issued
the command. As programs access remote sites your routing list will grow
again.
Gyula Szokoly commented:
-----------------------
I guess you have to disable 'routed' (run netsetup).
Danny J. Mitzel's comments:
--------------------------
if you're running a routing daemon [routed, gated] then you're probably
picking up all those routes advertised by the local routers(s).
if you have a single router connected to your local net for access to
the rest of the world then turn off the routing daemon and install a
single default route pointing to the local gateway.
if you've got multiple local routers leading to different places then
you will have to:
1) install net routes pointing to the appropriate gateway
for each network you want to reach [plus you can still have a default
route for all networks not specifically mentioned]
-- OR --
2) it's probably possible via gated config file to only peer [and exchange
dynamic routes] with those routers leading to your internal nets, and
again you can have a default route pointing to the outside world.
in general if you have multiple local gateways it's probably easiest to
leave things as is and continue running the routing daemon to
automatically populate the routing tables. a medium sized routing table
[several hundred route table entries] should not be that great of a burden
on most systems.
Henk Mos has this to share:
---------------------------
The IP adresses you see are the direct connected domains which you can
reach through the direct connected routers. These are collected by the routed
daemon. So that's allright. If there's only one router which connects you
to the outside world you could consider to replace the use of the routed
daemon with a default route (netsetup/Add Static Routes).
Bonn
:)
Received on Wed Jul 26 1995 - 16:45:38 NZST