gateways(4) File Formats gateways(4)
gateways - configuration file for /usr/sbin/in.routed IPv4 network routing daemon
The /etc/gateways file is used by the routing daemon, in.routed(1M). When the daemon
starts, it reads /etc/gateways to find such distant gateways that cannot be located using
only information from a routing socket, to discover if some of the local gateways are pas-
sive, and to obtain other parameters.
The /etc/gateways file consists of a series of lines, each in one of the two formats shown
below or consisting of parameters described later. Blank lines and lines starting with "#"
are treated as comments.
One format specifies networks:
net Nname[/mask] gateway Gname metric value <passive | active | extern>
The other format specifies hosts:
host Hname gateway Gname metric value <passive | active | extern>
Host hname is equivalent to net nname/32.
The parameters in the lines shown above are described as follows:
Nname or Hname Name of the destination network or host. It can be a symbolic
network name or an Internet address specified in "dot" nota-
tion (see inet(3SOCKET)). If it is a name, then it must
either be defined in /etc/networks or /etc/hosts, or a naming
service must have been started before in.routed(1M).
Mask An optional number between 1 and 32 indicating the netmask
associated with Nname.
Gname Name or address of the gateway to which RIP responses should
Value The hop count to the destination host or network.
passive | active | extern One of these keywords must be present to indicate whether the
gateway should be treated as passive or active, or whether
the gateway is external to the scope of the RIP protocol. A
passive gateway is not expected to exchange routing informa-
tion, while gateways marked active should be willing to
exchange RIP packets. See in.routed(1M) for further details.
After turning on debugging in in.routed with the -t option, you can see that lines that
follow the format described above create pseudo-interfaces. To set parameters for remote
or external interfaces, use a line starting with if=alias(Hname), if=remote(Hname), and so
For backward compatibility with the previous Solaris in.routed implementation, three spe-
cial keyword formats are accepted. If present, these forms must each be on a separate
line, and must not be combined on the same line with any of the keywords listed elsewhere
in this document. These three forms are:
norip ifname Disable all RIP processing on the specified interface.
noripin ifname Disable the processing of received RIP responses on the specified
noripout ifname Disable RIP output on the specified interface.
Lines that start with neither "net" nor "host" must consist of one or more of the follow-
ing parameter settings, separated by commas or blanks:
Indicates that the other parameters on the line apply only to the interface name
ifname. If this parameter is not specified, then other parameters on the line apply to
Advertises a route to network nname with mask mask and the supplied metric (default
1). This is useful for filling "holes" in CIDR allocations. This parameter must appear
by itself on a line. The network number must specify a full, 32-bit value, as in
192.0.2.0 instead of 192.0.2.
Specifies that the netmask of the network of which nname/mask1 is a subnet should be
mask2. For example, ripv1_mask=192.0.2.16/28,27 marks 192.0.2.16/28 as a subnet of
192.0.2.0/27 instead of 192.0.2.0/24. It is better to turn on RIPv2 instead of using
this facility. See the description of ripv2_out, below.
Specifies a RIPv2 cleartext password that will be included on all RIPv2 responses
sent, and checked on all RIPv2 responses received. Any blanks, tab characters, commas,
or "#", "|", or NULL characters in the password must be escaped with a backslash (\).
The common escape sequences \n, \r, \t, \b, and \xxx have their usual meanings. The
KeyID must be unique but is ignored for cleartext passwords. If present, start and
stop are timestamps in the form year/month/day@hour:minute. They specify when the
password is valid. The valid password with the longest future is used on output pack-
ets, unless all passwords have expired, in which case the password that expired most
recently is used. If no passwords are valid yet, no password is output. Incoming pack-
ets can carry any password that is valid, will be valid within 24 hours, or that was
valid within 24 hours. To protect password secrecy, the passwd settings are valid only
in the /etc/gateways file and only when that file is readable only by UID 0.
Specifies a RIPv2 MD5 password. Except that a KeyID is required, this keyword is simi-
lar to passwd (described above).
Turns off aggregation of subnets in RIPv1 and RIPv2 responses.
Turns off acceptance of host routes.
Turns off aggregation of networks into supernets in RIPv2 responses.
Marks the interface not to be advertised in updates sent over other interfaces, and
turns off all RIP and router discovery through the interface.
Disables all RIP processing on the specified interface. If no interfaces are allowed
to process RIP packets, in.routed acts purely as a router discovery daemon.
Note that turning off RIP without explicitly turning on router discovery advertise-
ments with rdisc_adv or -s causes in.routed to act as a client router discovery dae-
mon, which does not advertise.
Causes RIPv2 packets to be broadcast instead of multicast.
Causes RIPv1 received responses to be ignored.
Causes RIPv2 received responses to be ignored.
Turns on RIPv2 output and causes RIPv2 advertisements to be multicast when possible.
Equivalent to no_ripv1_in and ripv2_out. This enables RIPv2 and disables RIPv1.
Disables the Internet Router Discovery Protocol.
Disables the transmission of Router Discovery Solicitations.
Specifies that Router Discovery solicitations should be sent, even on point-to-point
links, which, by default, only listen to Router Discovery messages.
Disables the transmission of Router Discovery Advertisements.
Specifies that Router Discovery Advertisements should be sent, even on point-to-point
links, which by default only listen to Router Discovery messages.
Specifies that Router Discovery packets should be broadcast instead of multicast.
Sets the preference in Router Discovery Advertisements to the optionally signed inte-
ger N. The default preference is 0. Default routes with higher or less negative pref-
erences are preferred by clients.
Sets the nominal interval with which Router Discovery Advertisements are transmitted
to N seconds and their lifetime to 3*N.
Has an identical effect to -F net[/mask][=metric] with the network number and netmask
coming from the specified interface.
Similar to fake_default. To prevent RIPv1 listeners from receiving RIPv2 routes when
those routes are multicast, this feature causes a RIPv1 default route to be broadcast
to RIPv1 listeners. Unless modified with fake_default, the default route is broadcast
with a metric of 14. That serves as a "poor man's router discovery" protocol.
Causes RIP packets from that router and other routers named in other trust_gateway
keywords to be accepted, and packets from other routers to be ignored. If networks are
specified, then routes to other networks will be ignored from that router.
Causes RIP to allow ICMP Redirect messages when the system is acting as a router and
forwarding packets. Otherwise, ICMP Redirect messages are overridden.
By default, RIPv1 advertisements over point-to-point links are sent to the peer's
address (255.255.255.255, if none is available), and RIPv2 advertisements are sent to
either the RIP multicast address or the peer's address if no_rip_mcast is set. This
option overrides those defaults and configures a specific address to use on the indi-
cated interface. This can be used to set a "broadcast" type advertisement on a point-
in.routed(1M), route(1M), rtquery(1M), inet(3SOCKET),
Internet Transport Protocols, XSIS 028112, Xerox System Integration Standard
SunOS 5.11 1 Mar 2005 gateways(4)