每一个linux系统都包含一个路由器,因此每一个linux系统中有一个路由表格。这个表格掌管着每一个ip数据包的流动方向。在linux系统中通常可以用route或者ip route命令查看这个表格。其实更确切的说,应该是这些表格。因为linux系统不仅仅包含一个路由表格。
参考文献这里:
The routing table is used in order of most specific to least specific.
However on linux it's a bit more complicated than you might expect. Firstly there is more than one routing table, and when which routing table is used is dependent on a number of rules.
To get the full picture:
$ ip rule show
0: from all lookup local
32766: from all lookup main
32767: from all lookup default$ ip route show table local
broadcast 127.0.0.0 dev lo proto kernel scope link src 127.0.0.1
local 127.0.0.0/8 dev lo proto kernel scope host src 127.0.0.1
local 127.0.0.1 dev lo proto kernel scope host src 127.0.0.1
broadcast 127.255.255.255 dev lo proto kernel scope link src 127.0.0.1
broadcast 192.168.0.0 dev eth0 proto kernel scope link src 192.168.1.27
local 192.168.1.27 dev eth0 proto kernel scope host src 192.168.1.27
broadcast 192.168.1.255 dev eth0 proto kernel scope link src 192.168.1.27$ ip route show table main
default via 192.168.1.254 dev eth0
192.168.0.0/23 dev eth0 proto kernel scope link src 192.168.1.27$ ip route show table default
$
The local table is the special routing table containing high priority control routes for local and broadcast addresses.The main table is the normal routing table containing all non-policy routes. This is also the table you get to see if you simply execute ip route show (or ip ro for short). I recommend not using the old route command anymore, as it only shows the main table and its output format is somewhat archaic.
The table default is empty and reserved for post-processing if previous default rules did not select the packet.
本文第一个要探讨的问题是,判断ip数据包由路由器中的哪一行数据决定它的去向。简单的ip route show命令输出示例如下:
default dev ppp0 proto static scope link metric 50
default via 192.168.3.1 dev enp0s31f6 proto dhcp metric 100
10.0.0.1 dev ppp0 proto kernel scope link src 10.0.0.100 metric 50
47.104.27.239 via 192.168.3.1 dev enp0s31f6 src 192.168.3.4
47.104.27.239 via 192.168.3.1 dev enp0s31f6 proto static metric 100
172.16.207.0/24 dev vmnet8 proto kernel scope link src 172.16.207.1
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown
172.18.0.0/16 dev docker_gwbridge proto kernel scope link src 172.18.0.1
172.19.0.0/16 dev br-b2c2e76a9910 proto kernel scope link src 172.19.0.1 linkdown
172.22.0.0/16 dev br-669aebd3aa2f proto kernel scope link src 172.22.0.1
192.168.3.0/24 dev enp0s31f6 proto kernel scope link src 192.168.3.4 metric 100
192.168.3.1 dev enp0s31f6 proto static scope link metric 100
192.168.93.0/24 dev vmnet1 proto kernel scope link src 192.168.93.1
192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown
我们假设有一个ip数据包的目标地址为172.17.4.10,如果单独看目标地址的话如下3行都满足它的去处:
default dev ppp0 proto static scope link metric 50
default via 192.168.3.1 dev enp0s31f6 proto dhcp metric 100
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown
这里有一个首要原则,那就是ip数据包会发往route table中最具体的那个目的地。以上3行,中的1,2行的目标ip非常不具体,它满足所有ip地址。而第3行满足172.17.0.0 ~ 172.17.255.255这之间的所有ip,范围更狭窄。因此,系统判断第3行的规则更加具体。linux中的路由器将会采用第3行的记录来发送该ip数据包。
接下来我们讨论更复杂的问题,如果ip数据包的目标地址为182.0.9.1。此时在路由表格中满足此目标ip地址的有如下两行:
default dev ppp0 proto static scope link metric 50
default via 192.168.3.1 dev enp0s31f6 proto dhcp metric 100
在这种情况下,系统将遵守metric越小越优先的原则。metric越小表示更容易到达目的地。因此在这种情况下,系统会按照第一条信息投送ip数据包。
此处参考这里:
what if you have two interfaces on the same IP space? – MikeSchem Jul 26 '18 at 20:25
@MikeSchem: Then the 'metric' parameter of both routes is used. (The OS will usually refuse to add two routes with identical prefix, identical prefixlen, and identical metric, or possibly merge them into an ECMP load-balanced route.) – user1686 Jul 26 '18 at 20:34
《linux route table优先级解析》有一个想法