Tuning Route Cache

[Jon Radel]

On 1/20/17 7:49 AM, Dean E. Weimer wrote:
> On 2017-01-19 9:04 pm, Jon Radel wrote:
>> See
>>
>> man 8 routed
>>
>> for more on some of that, including reducing the 30 minutes.
>>

<snip>

>> Even if you want routes learned
>> from an ICMP Redirect to be cleaned up automatically, you'll need routed
>> to do it for you.  See the above referenced man page.

My earlier response reduced to the pertinent parts.  You have now read
the man page where it describes the mechanism that leads routed to clean
up routes learned via ICMP Redirect when they stop working, right?  You
are running routed, right?


> The default gateway along with the other routers are in the same subnet,
> so the router responds with a route redirection, then the FreeBSD server
> caches that they show up if you do a netstat -rnf inet listing the
> remote devices and the next hop. These are staying there at least 11
> hours that I can confirm. I guess maybe a solution would be to set the
> server up with a routing protocol and let it talk to the router to get
> the updates rather than just receive the re directions. But that seems
> overly complex.

RIP isn't *that* much more complicated than this chain of
correspondence, but of course you'll need the Cicso router admin to play
along.

> 
> Perhaps the change needs to occur on the Cisco router so that it sends
> an expiration along with the redirect.
> 
> 

Configuring the router to accurately forecast the future, so it knows
when the network admin plans to change the topology, and then inserting
that time into a packet that has no field for such data, now that's
complicated.  You'll need to redo a whole bunch of RFCs.  And invent an
accurate mechanism for forecasting the future, after which your server
will be the very least of your worries.  :-)

See http://www.networksorcery.com/enp/protocol/icmp/msg5.htm for the
details on that; there really isn't a mechanism built into redirects for
expiring them.

On FreeBSD, the only mechanisms I know about (and on this I'd love it if
somebody can tell me about others) for clearing routes learned from a an
ICMP Redirect are to manually remove the route or to allow the kernel
and routed to interact to start pulling routes when TCP handshakes start
timing out.  Or you could just reboot your server on a regular basis,
but that seems a bit crude.

I suppose the closest thing to your original request would be to write a
script and drop it into cron that removed all routes with the D (and M?)
flags periodically.


-- 
--Jon Radel
jon at radel.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3890 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20170120/f09caeb8/attachment.bin>