1

I have a problem in configuring the forwarding table in Linux.
We call IP tables for routing table in layer 3, MAC tables for forwarding table in layer 2.
Now I want to add an entry in forwarding table. I know the tool route command can be used to add routing entry in routing table like:

#[root]# route add -net 192.168.10.0 netmask 255.255.255.0 dev eth0

So, is there a tool like 'route' can let me add entry in forwarding table like:

#[root]# 'command name' add 01:02:03:04:05:06 dev eth1

All I required is how to bind the destination MAC address to a fixed network interface?!

Thanks for replying, all of you. Now it seems that I didn't introduce my goal clearly, so most of you were wondering my requirement. We are now working on a data center network experiment that mainly focusing on the forwarding tables size of the switches. In this scenario it is a fat tree topology and another research team have developed a new addressing and routing method that can guarantee two properties: multi-path and small forwarding table size. Here we called the layer 2 table a forwarding table since it is the same calling by Cisco. There is a controller in this network so all the forwarding tables can be obtained by this controller's work. The experiment now is bothering how to write the forwarding table from controller to the switches. That means, how to write the entries like MAC_ADDR--->OUTPUT INTERFACE. Please note that this network is like a big 'LAN' that no need to do the IP routing.

user9517
  • 115,471
  • 20
  • 215
  • 297

4 Answers4

2

You should be able to do this using the 'arp' utility.

arp -i eth0 -s

chris
  • 121
  • 3
1

On Linux you should always use the ip command to change network configuration. The route command is there, but doesn't give you access to all the Linux routing features. Now, MAC forwarding is usually referred to as bridging, for which you can use the brctl tool. But it's not clear from the question how you are using MAC addresses.

Keith
  • 331
  • 1
  • 6
  • My real problem is how to bind the MAC address to an interface. For example, I want to indicate all the traffic which destination mac address is 01:02:03:04:05:06 to go out from an fixed network interface like eth0 or eth1. 'brctl' can be used like: brctl addif brname eth1, but how can I add an entry in the table which 'brctl showmacs brname' lists? –  Jul 25 '11 at 08:08
  • This depends on the distribution. Many distributions have not incorporated the `iproute2` package as a core package yet. Gentoo is one, and several systems in the RPM family are others. – Michael Trausch Jul 25 '11 at 08:08
  • Sounds like [ebtables](http://ebtables.sourceforge.net/) is what you are looking for, but I haven't tried it. – Keith Jul 25 '11 at 09:06
  • @michael iproute2 has been preferred, and net-tools [obsoleted](http://www.linuxfoundation.org/collaborate/workgroups/networking/net-tools) for many years. If any distro doesn't have it then they are really broken with regards to networking. – Keith Jul 25 '11 at 09:08
  • #ebtables can not be used to redirect the flow to the fixed output port, it can only be used to filter the flow. I just want to write an entry like: #The flow has this destination MAC address should go out from that interface. –  Jul 25 '11 at 09:19
  • @victor So the flow is part of an TCP/IP session? And there's no destination IP that you might just use a static arp entry for? – Keith Jul 25 '11 at 09:26
  • @Keith We are going to design a testbed in data center network like PortLand(SIGCOMM 2009), it likes a big 'LAN' that all the switching nodes(Multi-NICs Linux PC) are layer 2 switches. We want to write some forwarding entries into this nodes, so I am wondering if there are a tool that can be used to configure the forwarding entry like: MAC address ---> output interface –  Jul 25 '11 at 09:43
  • @Michael, you're wrong, Gentoo has full support of iproute2 in its networking system. It just is not default. –  Jul 25 '11 at 09:58
  • @victor Interesting. Well that sounds a lot to me like regular bridging. The bridge will learn the MAC addresses on attached ports. I would be wary of adding static entries in large complex systems as these can lead to problems that are hard to track down later. If it were me, I would also take a hard look at why I think I need to do this, and there wasn't a way to just let normal learing behaviour and spanning tree do its thing. – Keith Jul 25 '11 at 10:11
  • @unkulunkulu I had Gentoo running on my system about 1½ months ago, and it was not available in the default installation; I had to install it myself. I'm not sure what your definition of “core package” is, but mine is one that comes out-of-the-box on the system. – Michael Trausch Jul 25 '11 at 17:51
  • @michael There is no "box" in Gentoo. ;-) YOU decide what is core and what is not. If you install iproute2 the openrc "core" will automatically use it. – Keith Jul 25 '11 at 20:37
  • The stage 3 system is what I could consider "core" in Gentoo. From the looks of the installation directions, so does the installation handbook/manual. :-) – Michael Trausch Jul 25 '11 at 20:47
  • @Keith I'm victor. I have no idea whether you are familiar with OpenFlow, an open source project operated by Stanford University. It can 'add flow' to the flow table by indicate the output port. I'm going to check the source code of OpenFlow to find out how it implement this functionality. I think it just call some netfilter hooks in the kernel. What do u think? – victor Jul 25 '11 at 14:16
0

First, a few remarks. Routing is the process of finding direction(s). Forwarding TCP/IP packet through is called forwarding. That's why there're sysctl called net.ipv4.ip_forward and netfilter's chain called FORWARD. There're dynamic and static routing, should I add. And what swithes do is called (surprise) switching.

OSI's 2nd level switches use MAC_Dest-PortNum correspondence table just because those port's are 2nd level — that's enough to switch Ethernet frame to specific port (or broadcast it in absence of specific table entry).

Linux' network interfaces are not just switching ports, they're interfaces. Forwarding of TCP/IP packet (datagram) involves looking up (inside routing table cache) corresponding output interface. And I never heard anything regarding Linux' support of switching.

Conclusion: in case you're to make the packet find its way through Linux system, you have to use routing table. You can use arptables/ebtables/iptables to do some trickery on those packets though, but since you haven't described why do you need it, its rather unclear whether your goal can be achieved and how.

poige
  • 9,448
  • 2
  • 25
  • 52
0

As best as I can tell, you want to tell the kernel that Ethernet frames destined for a particular MAC should be delivered to a particular interface. However, that should be done automatically; as long as your two interfaces are bridged together, Ethernet frames will cross the bridge and find their destinations just fine. Of course, you must observe certain guidelines, including not having too many switches between multiple points on your network.

If you already are operating your system as a bridge, and your Ethernet frames are not reaching the correct places, you may have an error in your network; you'll want to double-check to be sure that you do not have any loops in your network wiring and so forth.

If you have a larger network, then IP subnets are going to be the way to go; that way you have the ability to run full-fledged routers that can move layer 3 packets in whatever manner they need to be moved. Generally, you'll want to prefer IP subnetting over clever tricks at layer 2. You shouldn't need to work with MAC addresses unless you're using them as keys for logging. You certainly do not want to base any security on them, as MAC addresses can easily be spoofed/cloned.

Michael Trausch
  • 289
  • 1
  • 7