gateways(4) File Formats gateways(4)
gateways - configuration file for /usr/sbin/in.routed IPv4 network
The /etc/gateways file is used by the routing daemon, in.routed(1M).
When the daemon starts, it reads /etc/gateways to find such distant
gateways that cannot be located using only information from a routing
socket, to discover if some of the local gateways are passive, and to
obtain other parameters.
The /etc/gateways file consists of a series of lines, each in one of
the two formats shown below or consisting of parameters described
later. Blank lines and lines starting with "#" are treated as comments.
One format specifies networks:
net Nname[/mask] gateway Gname metric value <passive | active | extern>
The other format specifies hosts:
host Hname gateway Gname metric value <passive | active | extern>
Host hname is equivalent to net nname/32.
The parameters in the lines shown above are described as follows:
Nname or Hname
Name of the destination network or host. It can be a symbolic net-
work name or an Internet address specified in "dot" notation (see
inet(3SOCKET)). If it is a name, then it must either be defined in
/etc/networks or /etc/hosts, or a naming service must have been
started before in.routed(1M).
An optional number between 1 and 32 indicating the netmask associ-
ated with Nname.
Name or address of the gateway to which RIP responses should be
The hop count to the destination host or network.
passive | active | extern
One of these keywords must be present to indicate whether the gate-
way should be treated as passive or active, or whether the gateway
is external to the scope of the RIP protocol. A passive gateway is
not expected to exchange routing information, while gateways marked
active should be willing to exchange RIP packets. See in.routed(1M)
for further details.
After turning on debugging in in.routed with the -t option, you can see
that lines that follow the format described above create pseudo-inter-
faces. To set parameters for remote or external interfaces, use a line
starting with if=alias(Hname), if=remote(Hname), and so forth.
For backward compatibility with the previous Solaris in.routed imple-
mentation, three special keyword formats are accepted. If present,
these forms must each be on a separate line, and must not be combined
on the same line with any of the keywords listed elsewhere in this doc-
ument. These three forms are:
norip ifname Disable all RIP processing on the specified
noripin ifname Disable the processing of received RIP
responses on the specified interface.
noripout ifname Disable RIP output on the specified interface.
Note that, in each of the preceding three keywords, the ifname argument
is optional. If it is not present, the keyword applies to all inter-
Lines that start with neither "net" nor "host" must consist of one or
more of the following parameter settings, separated by commas or
Indicates that the other parameters on the line apply only to the
interface name ifname. If this parameter is not specified, then
other parameters on the line apply to all interfaces.
Advertises a route to network nname with mask mask and the supplied
metric (default 1). This is useful for filling "holes" in CIDR
allocations. This parameter must appear by itself on a line. The
network number must specify a full, 32-bit value, as in 192.0.2.0
instead of 192.0.2.
Specifies that the netmask of the network of which nname/mask1 is a
subnet should be mask2. For example, ripv1_mask=192.0.2.16/28,27
marks 192.0.2.16/28 as a subnet of 192.0.2.0/27 instead of
192.0.2.0/24. It is better to turn on RIPv2 instead of using this
facility. See the description of ripv2_out, below.
Specifies a RIPv2 cleartext password that will be included on all
RIPv2 responses sent, and checked on all RIPv2 responses received.
Any blanks, tab characters, commas, or "#", "|", or NULL characters
in the password must be escaped with a backslash (\). The common
escape sequences \n, \r, \t, \b, and \xxx have their usual mean-
ings. The KeyID must be unique but is ignored for cleartext pass-
words. If present, start and stop are timestamps in the form
year/month/day@hour:minute. They specify when the password is
valid. The valid password with the longest future is used on output
packets, unless all passwords have expired, in which case the pass-
word that expired most recently is used. If no passwords are valid
yet, no password is output. Incoming packets can carry any password
that is valid, will be valid within 24 hours, or that was valid
within 24 hours. To protect password secrecy, the passwd settings
are valid only in the /etc/gateways file and only when that file is
readable only by UID 0.
Specifies a RIPv2 MD5 password. Except that a KeyID is required,
this keyword is similar to passwd (described above).
Turns off aggregation of subnets in RIPv1 and RIPv2 responses.
Turns off acceptance of host routes.
Turns off aggregation of networks into supernets in RIPv2
Marks the interface not to be advertised in updates sent over other
interfaces, and turns off all RIP and router discovery through the
Disables all RIP processing on the specified interface. If no
interfaces are allowed to process RIP packets, in.routed acts
purely as a router discovery daemon.
Note that turning off RIP without explicitly turning on router dis-
covery advertisements with rdisc_adv or -s causes in.routed to act
as a client router discovery daemon, which does not advertise.
Causes RIPv2 packets to be broadcast instead of multicast.
Causes RIPv1 received responses to be ignored.
Causes RIPv2 received responses to be ignored.
Turns on RIPv2 output and causes RIPv2 advertisements to be multi-
cast when possible.
Equivalent to no_ripv1_in and ripv2_out. This enables RIPv2 and
Disables the Internet Router Discovery Protocol.
Disables the transmission of Router Discovery Solicitations.
Specifies that Router Discovery solicitations should be sent, even
on point-to-point links, which, by default, only listen to Router
Disables the transmission of Router Discovery Advertisements.
Specifies that Router Discovery Advertisements should be sent, even
on point-to-point links, which by default only listen to Router
Specifies that Router Discovery packets should be broadcast instead
Sets the preference in Router Discovery Advertisements to the
optionally signed integer N. The default preference is 0. Default
routes with higher or less negative preferences are preferred by
Sets the nominal interval with which Router Discovery Advertise-
ments are transmitted to N seconds and their lifetime to 3*N.
Has an identical effect to -F net[/mask][=metric] with the network
number and netmask coming from the specified interface.
Similar to fake_default. To prevent RIPv1 listeners from receiving
RIPv2 routes when those routes are multicast, this feature causes a
RIPv1 default route to be broadcast to RIPv1 listeners. Unless mod-
ified with fake_default, the default route is broadcast with a met-
ric of 14. That serves as a "poor man's router discovery" protocol.
Causes RIP packets from that router and other routers named in
other trust_gateway keywords to be accepted, and packets from other
routers to be ignored. If networks are specified, then routes to
other networks will be ignored from that router.
Causes RIP to allow ICMP Redirect messages when the system is act-
ing as a router and forwarding packets. Otherwise, ICMP Redirect
messages are overridden.
By default, RIPv1 advertisements over point-to-point links are sent
to the peer's address (255.255.255.255, if none is available), and
RIPv2 advertisements are sent to either the RIP multicast address
or the peer's address if no_rip_mcast is set. This option overrides
those defaults and configures a specific address to use on the
indicated interface. This can be used to set a "broadcast" type
advertisement on a point-to-point link.
in.routed(1M), route(1M), rtquery(1M), inet(3SOCKET),
Internet Transport Protocols, XSIS 028112, Xerox System Integration
SunOS 5.10 19 Aug 2004 gateways(4)