Routing: Policy Based Routing
Sumber: http://www.policyrouting.org/PolicyRoutingBook/ONLINE/TOC.html
Policy Routing With Linux - Online Edition by Matthew G. Marsh
Table Of Contents
Section I - Theory, Usage, and Utilities Chapter 1. Basic IPv4 Routing
This initial chapter provides brief coverage of standard TCP/IP routing as practiced under IPv4. The uses of the traditional Unix and Cisco IOS commands and syntax for simple setups will be mentioned. We will also touch upon the methodologies behind route costing such as Hop count and Link State. Finally we will illustrate a simple Internet connected network along with the needed routing commands to connect using Linux.
Traditional IPv4 routing Theory Unix Configuration Commands Cisco IOS Configuration Commands IPv4 Dynamic Routing Protocols Unix Routing Daemons & Cisco IOS Configurations
Chapter 2. Policy Routing Theory
Here we will discuss the types of environments that led to the development of the concept of policy routing and the theory behind why you would want to use policy routing structures. We will only consider the policy structures themselves and how they solve these problems.
What do you mean by "Policy" Common IPv4Routing Problems PolicyRouting Structure
Chapter 3. Linux Policy Routing Structure
In this chapter we will now address how the Linux Policy Routing structure is implemented. We will cover how this structure interacts with the Packet Paths both native within the kernel and in conjunction with the packet filtering and network extensions.
Packet Paths through the Kernel IPFWADM/IPChains Packet Pathing NetFilter Packet Pathing Routing Policy DataBase (RPDB)
Chapter 4. IP Utility for Linux In this chapter we will cover the tool used in Linux for implementing policy routing. As there are few other sources of information this will be more of a reference on the command syntax and usages. We will also include several examples of usage and notations about interactions with other utilities within Linux.
Obtaining & Compiling IPROUTE2 General command structure
Section II - Real World Use
This entire section is mostly comprised of real world scenarios with detailed worked out solutions. In many cases there are multiple solutions to the same problem and we will attempt to cover all possibilities. This is drawn from our experience in implementing these systems and from the myriad questions we receive on this subject. In some cases we will show how the equivalent Cisco solution would work and where the interactions exist between various equipment.
Chapter 5. Simple Network Examples
In this chapter we will cover how to implement standard networks, much as we had seen in Chapter 1, using the policy routing tools. We will introduce the extensions for use with the policy routing structures and how even relatively simple network configurations can benefit from implementation using policy routing structures.
Chapter 1 Example Revisited Multiple IP Addressing Multiple Default Routes Loop Routing Multiple Routing Tables Rule and Table Interactions
Chapter 6. Complex Network Examples
In this chapter we will cover network configurations where the only complete solutions demand policy routing structures. We will cover multiple networks with disparate gateways, bandwidth and link state load balancing, and transparent routing structures. We will also mention several firewall type functions and interactions between the functions. In most cases we will illustrate several different solutions to solving the problems. This will show the flexibility and scope of the solution space for these functions.
Local Interfaces MultiHomed, MultiAddressed Transparent Routing Policy Firewalling Routing Load Balancing Phantom Forwarders
Chapter 7. Dynamic Routing Interactions
Here we will take up the interactions between policy routing structures and dynamic routing protocols. This is an especially sticky subject as most dynamic routing protocols only understand traditional routing. There are many different points of potential conflict as we had discussed in Chapters 1,2, and 4, between a traditional routing structure and a policy routing structure. Here we will bridge the gap and show you how to use both methods. We will also note where to obtain various policy routing aware routing daemons and what you will have to consider to implement them within the Linux environment.
Realms and Information Bases Gated and Zebra Rules and Dynamic Structure
Chapter 8. NAT Functions
The origination of NAT is related to the origination of policy routing. And in Linux the first implementation of true one-to-one NAT was done as a policy routing structure. Here we take up this method and also discuss the various other ways that these functions may also be implemented within a Linux system. Some of the discusison within this chapter will touch upon utilities and methods we will not be covering in this book (REF: PakSecured Policy Routing Firewall) but are noted here for reference.
Basic NAT FastNAT Pseudo NAT
Chapter 9. IPv6
In this chapter we touch upon the role of the policy routing structures and implementations within the Linux IPv6 network stack. We will assume some knowledge of IPv6 and will mainly be discussing the IPv6 usages of Policy Routing structures.
IPv6 Theory & History Policy Routing Usage
Chapter 10. Future Musings
Here we tie up the theory, reality, and coverage of policy routing and consider possible future directions for the policy routing structures. We especially note the changes that will come from the widespread adoption of the IPv6 routing structures and how that may change the landscape for all forms of routing.
Policy Routing Triad
The Protocols: IPv{4,6} & IPSec
Security & Commerce
Appendix
Covers the various locations on where to obtain the utilities and pointers to additional information on this and related subjects.