962 lines
22 KiB
HTML
962 lines
22 KiB
HTML
<HTML
|
|
><HEAD
|
|
><TITLE
|
|
>Kernel Configuration</TITLE
|
|
><META
|
|
NAME="GENERATOR"
|
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.57"><LINK
|
|
REL="HOME"
|
|
TITLE="Linux Network Administrators Guide"
|
|
HREF="index.html"><LINK
|
|
REL="UP"
|
|
TITLE="Configuringthe NetworkingHardware"
|
|
HREF="x-087-2-hardware.html"><LINK
|
|
REL="PREVIOUS"
|
|
TITLE="Configuringthe NetworkingHardware"
|
|
HREF="x-087-2-hardware.html"><LINK
|
|
REL="NEXT"
|
|
TITLE="A Tour of Linux Network Devices"
|
|
HREF="x-087-2-hwconfig.tour.html"></HEAD
|
|
><BODY
|
|
CLASS="SECT1"
|
|
BGCOLOR="#FFFFFF"
|
|
TEXT="#000000"
|
|
LINK="#0000FF"
|
|
VLINK="#840084"
|
|
ALINK="#0000FF"
|
|
><DIV
|
|
CLASS="NAVHEADER"
|
|
><TABLE
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TH
|
|
COLSPAN="3"
|
|
ALIGN="center"
|
|
>Linux Network Administrators Guide</TH
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="left"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="x-087-2-hardware.html"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="80%"
|
|
ALIGN="center"
|
|
VALIGN="bottom"
|
|
>Chapter 3. Configuringthe NetworkingHardware</TD
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="right"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="x-087-2-hwconfig.tour.html"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"></DIV
|
|
><DIV
|
|
CLASS="SECT1"
|
|
><H1
|
|
CLASS="SECT1"
|
|
><A
|
|
NAME="X-087-2-HARDWARE.KERNEL.CONFIG"
|
|
>3.1. Kernel Configuration</A
|
|
></H1
|
|
><P
|
|
>Most Linux distributions are supplied with boot disks that work for
|
|
all common types of PC hardware. Generally, the supplied kernel is
|
|
highly modularized and includes nearly every possible driver. This is
|
|
a great idea for boot disks, but is probably not what you'd want for
|
|
long-term use. There isn't much point in having drivers cluttering up
|
|
your disk that you will never use. Therefore, you will generally roll
|
|
your own kernel and include only those drivers you actually need or
|
|
want; that way you save a little disk space and reduce the time it
|
|
takes to compile a new kernel.</P
|
|
><P
|
|
>In any case, when running a Linux system, you should be familiar with
|
|
building a kernel. Think of it as a right of passage, an affirmation of
|
|
the one thing that makes free software as powerful as it is—you have
|
|
the source. It isn't a case of, “I have to compile a kernel,”
|
|
rather it's a case of, “I <I
|
|
CLASS="EMPHASIS"
|
|
>can</I
|
|
> compile a
|
|
kernel.” The basics of compiling a Linux kernel are explained in Matt
|
|
Welsh's book, <I
|
|
CLASS="EMPHASIS"
|
|
>Running Linux</I
|
|
> (O'Reilly). Therefore, we
|
|
will discuss only configuration options that affect networking in this
|
|
section.</P
|
|
><P
|
|
> One important point that does bear
|
|
repeating here is the way the kernel version numbering scheme
|
|
works. Linux kernels are numbered in the following format:
|
|
<TT
|
|
CLASS="LITERAL"
|
|
>2.2.14</TT
|
|
>. The first digit indicates the
|
|
<I
|
|
CLASS="EMPHASIS"
|
|
>major</I
|
|
> version number. This digit changes when
|
|
there are large and significant changes to the kernel design. For
|
|
example, the kernel changed from major 1 to 2 when the kernel obtained
|
|
support for machines other than Intel machines. The second number is
|
|
the <I
|
|
CLASS="EMPHASIS"
|
|
>minor</I
|
|
> version number. In many respects, this
|
|
number is the most important number to look at. The Linux development
|
|
community has adopted a standard at which <I
|
|
CLASS="EMPHASIS"
|
|
>even</I
|
|
> minor
|
|
version numbers indicate <I
|
|
CLASS="EMPHASIS"
|
|
>production</I
|
|
>, or
|
|
<I
|
|
CLASS="EMPHASIS"
|
|
>stable</I
|
|
>, kernels and <I
|
|
CLASS="EMPHASIS"
|
|
>odd</I
|
|
>
|
|
minor version numbers indicate <I
|
|
CLASS="EMPHASIS"
|
|
>development</I
|
|
>, or
|
|
<I
|
|
CLASS="EMPHASIS"
|
|
>unstable</I
|
|
>, kernels. The stable kernels are what
|
|
you should use on a machine that is important to you, as they have
|
|
been more thoroughly tested. The development kernels are what you
|
|
should use if you are interested in experimenting with the newest
|
|
features of Linux, but they may have problems that haven't yet been
|
|
found and fixed. The third number is simply incremented for each
|
|
release of a minor version.<A
|
|
NAME="X-087-2-FNHW02"
|
|
HREF="#FTN.X-087-2-FNHW02"
|
|
>[1]</A
|
|
></P
|
|
><P
|
|
>When running <B
|
|
CLASS="COMMAND"
|
|
>make menuconfig</B
|
|
>, you are presented with
|
|
a text-based menu that offers lists of configuration questions, such as
|
|
whether you want kernel math emulation. One of these queries asks you
|
|
whether you want TCP/IP networking support. You must answer this with
|
|
<TT
|
|
CLASS="LITERAL"
|
|
>y</TT
|
|
> to get a kernel capable of networking.</P
|
|
><DIV
|
|
CLASS="SECT2"
|
|
><H2
|
|
CLASS="SECT2"
|
|
><A
|
|
NAME="AEN2131"
|
|
>3.1.1. Kernel Options in Linux 2.0 and Higher</A
|
|
></H2
|
|
><P
|
|
> After the general option section is complete, the configuration will
|
|
go on to ask whether you want to include support for various features,
|
|
such as SCSI drivers or sound cards. The prompt will indicate what
|
|
options are available. You can press <TT
|
|
CLASS="PROMPT"
|
|
>?</TT
|
|
> to obtain a
|
|
description of what the option is actually offering. You'll always
|
|
have the option of yes (<TT
|
|
CLASS="PROMPT"
|
|
>y</TT
|
|
>) to statically include the
|
|
component in the kernel, or no (<TT
|
|
CLASS="PROMPT"
|
|
>n</TT
|
|
>) to exclude the
|
|
component completely. You'll also see the module (<TT
|
|
CLASS="PROMPT"
|
|
>m</TT
|
|
>)
|
|
option for those components that may be compiled as a run-time
|
|
loadable module. Modules need to be loaded before they can be used,
|
|
and are useful for drivers of components that you use infrequently.</P
|
|
><P
|
|
>The subsequent list of questions deal with networking support.
|
|
The exact set of configuration options is in constant flux due to ongoing
|
|
development. A typical list of options offered by most kernel versions
|
|
around 2.0 and 2.1 looks like this:
|
|
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
>*
|
|
* Network device support
|
|
*
|
|
Network device support (CONFIG_NETDEVICES) [Y/n/?] </PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
></P
|
|
><P
|
|
>You must answer this question with <TT
|
|
CLASS="LITERAL"
|
|
>y</TT
|
|
> if you want to
|
|
use <I
|
|
CLASS="EMPHASIS"
|
|
>any</I
|
|
> type of networking devices, whether
|
|
they are Ethernet, SLIP, PPP, or whatever. When you answer the
|
|
question with <TT
|
|
CLASS="LITERAL"
|
|
>y</TT
|
|
>, support for Ethernet-type devices
|
|
is enabled automatically. You must answer additional questions if
|
|
you want to enable support for other types of network drivers:</P
|
|
><P
|
|
><TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
>PLIP (parallel port) support (CONFIG_PLIP) [N/y/m/?] y
|
|
PPP (point-to-point) support (CONFIG_PPP) [N/y/m/?] y
|
|
*
|
|
* CCP compressors for PPP are only built as modules.
|
|
*
|
|
SLIP (serial line) support (CONFIG_SLIP) [N/y/m/?] m
|
|
CSLIP compressed headers (CONFIG_SLIP_COMPRESSED) [N/y/?] (NEW) y
|
|
Keepalive and linefill (CONFIG_SLIP_SMART) [N/y/?] (NEW) y
|
|
Six bit SLIP encapsulation (CONFIG_SLIP_MODE_SLIP6) [N/y/?] (NEW) y</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
></P
|
|
><P
|
|
>
|
|
These questions concern the various link layer protocols that Linux
|
|
supports. Both PPP and SLIP allow you to transport IP datagrams
|
|
across serial lines. PPP is actually a suite of protocols used to
|
|
send network traffic across serial lines. Some of the protocols that
|
|
form PPP manage the way that you authenticate yourself to the dial-in
|
|
server, while others manage the way certain protocols are carried
|
|
across the link—PPP is not limited to carrying TCP/IP datagrams;
|
|
it may also carry other protocol such as IPX.</P
|
|
><P
|
|
>If you answer <TT
|
|
CLASS="LITERAL"
|
|
>y</TT
|
|
> or <TT
|
|
CLASS="LITERAL"
|
|
>m</TT
|
|
> to SLIP
|
|
support, you will be prompted to answer the three questions that appear
|
|
below it. The compressed header option provides support for CSLIP, a
|
|
technique that compresses TCP/IP headers to as little as three bytes. Note
|
|
that this kernel option does not turn on CSLIP automatically; it merely
|
|
provides the necessary kernel functions for it. The <TT
|
|
CLASS="LITERAL"
|
|
>Keepalive and
|
|
linefill</TT
|
|
> option causes the SLIP support to periodically generate
|
|
activity on the SLIP line to avoid it being dropped by an inactivity timer. The
|
|
<TT
|
|
CLASS="LITERAL"
|
|
>Six bit SLIP encapsulation</TT
|
|
> option allows you to run
|
|
SLIP over lines and circuits that are not capable of transmitting the
|
|
whole 8-bit data set cleanly. This is similar to the uuencoding or binhex
|
|
technique used to send binary files by electronic mail.</P
|
|
><P
|
|
>PLIP provides a way to send IP datagrams across a parallel port connection.
|
|
It is mostly used to communicate with PCs running DOS. On typical PC hardware,
|
|
PLIP can be faster than PPP or SLIP, but it requires much more CPU overhead to
|
|
perform, so while the transfer rate might be good, other tasks on the machine
|
|
may be slow. </P
|
|
><P
|
|
>The following questions address network cards from various vendors.
|
|
As more drivers are being developed, you are likely to see questions added
|
|
to this section. If you want to build a kernel you can use on a number of
|
|
different machines, or if your machine has more than one type of network
|
|
card installed, you can enable more than one driver:</P
|
|
><P
|
|
><TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
> .
|
|
.
|
|
Ethernet (10 or 100Mbit) (CONFIG_NET_ETHERNET) [Y/n/?]
|
|
3COM cards (CONFIG_NET_VENDOR_3COM) [Y/n/?]
|
|
3c501 support (CONFIG_EL1) [N/y/m/?]
|
|
3c503 support (CONFIG_EL2) [N/y/m/?]
|
|
3c509/3c579 support (CONFIG_EL3) [Y/m/n/?]
|
|
3c590/3c900 series (592/595/597/900/905) "Vortex/Boomerang" support/
|
|
(CONFIG_VORTEX) [N/y/m/?]
|
|
AMD LANCE and PCnet (AT1500 and NE2100) support (CONFIG_LANCE) [N/y/?]
|
|
AMD PCInet32 (VLB and PCI) support (CONFIG_LANCE32) [N/y/?] (NEW)
|
|
Western Digital/SMC cards (CONFIG_NET_VENDOR_SMC) [N/y/?]
|
|
WD80*3 support (CONFIG_WD80x3) [N/y/m/?] (NEW)
|
|
SMC Ultra support (CONFIG_ULTRA) [N/y/m/?] (NEW)
|
|
SMC Ultra32 support (CONFIG_ULTRA32) [N/y/m/?] (NEW)
|
|
SMC 9194 support (CONFIG_SMC9194) [N/y/m/?] (NEW)
|
|
Other ISA cards (CONFIG_NET_ISA) [N/y/?]
|
|
Cabletron E21xx support (CONFIG_E2100) [N/y/m/?] (NEW)
|
|
DEPCA, DE10x, DE200, DE201, DE202, DE422 support (CONFIG_DEPCA) [N/y/m/?]/
|
|
(NEW)
|
|
EtherWORKS 3 (DE203, DE204, DE205) support (CONFIG_EWRK3) [N/y/m/?] (NEW)
|
|
EtherExpress 16 support (CONFIG_EEXPRESS) [N/y/m/?] (NEW)
|
|
HP PCLAN+ (27247B and 27252A) support (CONFIG_HPLAN_PLUS) [N/y/m/?] (NEW)
|
|
HP PCLAN (27245 and other 27xxx series) support (CONFIG_HPLAN) [N/y/m/?]/
|
|
(NEW)
|
|
HP 10/100VG PCLAN (ISA, EISA, PCI) support (CONFIG_HP100) [N/y/m/?] (NEW)
|
|
NE2000/NE1000 support (CONFIG_NE2000) [N/y/m/?] (NEW)
|
|
SK_G16 support (CONFIG_SK_G16) [N/y/?] (NEW)
|
|
EISA, VLB, PCI and on card controllers (CONFIG_NET_EISA) [N/y/?]
|
|
Apricot Xen-II on card ethernet (CONFIG_APRICOT) [N/y/m/?] (NEW)
|
|
Intel EtherExpress/Pro 100B support (CONFIG_EEXPRESS_PRO100B) [N/y/m/?]/
|
|
(NEW)
|
|
DE425, DE434, DE435, DE450, DE500 support (CONFIG_DE4X5) [N/y/m/?] (NEW)
|
|
DECchip Tulip (dc21x4x) PCI support (CONFIG_DEC_ELCP) [N/y/m/?] (NEW)
|
|
Digi Intl. RightSwitch SE-X support (CONFIG_DGRS) [N/y/m/?] (NEW)
|
|
Pocket and portable adaptors (CONFIG_NET_POCKET) [N/y/?]
|
|
AT-LAN-TEC/RealTek pocket adaptor support (CONFIG_ATP) [N/y/?] (NEW)
|
|
D-Link DE600 pocket adaptor support (CONFIG_DE600) [N/y/m/?] (NEW)
|
|
D-Link DE620 pocket adaptor support (CONFIG_DE620) [N/y/m/?] (NEW)
|
|
Token Ring driver support (CONFIG_TR) [N/y/?]
|
|
IBM Tropic chipset based adaptor support (CONFIG_IBMTR) [N/y/m/?] (NEW)
|
|
FDDI driver support (CONFIG_FDDI) [N/y/?]
|
|
Digital DEFEA and DEFPA adapter support (CONFIG_DEFXX) [N/y/?] (NEW)
|
|
ARCnet support (CONFIG_ARCNET) [N/y/m/?]
|
|
Enable arc0e (ARCnet "Ether-Encap" packet format) (CONFIG_ARCNET_ETH)/
|
|
[N/y/?] (NEW)
|
|
Enable arc0s (ARCnet RFC1051 packet format) (CONFIG_ARCNET_1051)/
|
|
[N/y/?] (NEW)
|
|
.
|
|
.</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
></P
|
|
><P
|
|
> Finally, in the file system section, the configuration script will ask you
|
|
whether you want support for NFS, the networking file system. NFS lets you
|
|
export file systems to several hosts, which makes the files appear as if they
|
|
were on an ordinary hard disk attached to the host:</P
|
|
><P
|
|
><TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
>NFS file system support (CONFIG_NFS_FS) [y]</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
|
|
We describe NFS in detail in <A
|
|
HREF="x-087-2-nfs.html"
|
|
>Chapter 14</A
|
|
>.</P
|
|
></DIV
|
|
><DIV
|
|
CLASS="SECT2"
|
|
><H2
|
|
CLASS="SECT2"
|
|
><A
|
|
NAME="AEN2187"
|
|
>3.1.2. Kernel Networking Options in Linux 2.0.0 and Higher</A
|
|
></H2
|
|
><P
|
|
>
|
|
Linux 2.0.0 marked a significant change in Linux Networking. Many
|
|
features were made a standard part of the Kernel, such as support
|
|
for IPX. A number of options were also added and made
|
|
configurable. Many of these options are used only in very special
|
|
circumstances and we won't cover them in detail. The Networking HOWTO
|
|
probably addresses what is not covered here. We'll list a number of
|
|
useful options in this section, and explain when you'd want to use
|
|
each one:</P
|
|
><P
|
|
></P
|
|
><DIV
|
|
CLASS="VARIABLELIST"
|
|
><DL
|
|
><DT
|
|
>Basics</DT
|
|
><DD
|
|
><P
|
|
> To use TCP/IP networking, you must answer this question with
|
|
<TT
|
|
CLASS="LITERAL"
|
|
>y</TT
|
|
>. If you answer with <TT
|
|
CLASS="LITERAL"
|
|
>n</TT
|
|
>, however, you
|
|
will still be able to compile the kernel with IPX support:</P
|
|
></DD
|
|
></DL
|
|
></DIV
|
|
><P
|
|
><TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
>Networking options --->
|
|
[*] TCP/IP networking</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
></P
|
|
><P
|
|
></P
|
|
><DIV
|
|
CLASS="VARIABLELIST"
|
|
><DL
|
|
><DT
|
|
>Gateways</DT
|
|
><DD
|
|
><P
|
|
> You
|
|
have to enable this option if your system acts as a gateway between
|
|
two networks or between a LAN and a SLIP link, etc. It
|
|
doesn't hurt to enable this by default, but you may want to disable it to
|
|
configure a host as a so-called
|
|
<I
|
|
CLASS="EMPHASIS"
|
|
>firewall</I
|
|
>. Firewalls are hosts that are connected
|
|
to two or more networks, but don't route traffic between them. They're
|
|
commonly used to provide users with Internet access at minimal
|
|
risk to the internal network. Users are allowed to log in to the
|
|
firewall and use Internet services, but the company's machines are
|
|
protected from outside attacks because incoming connections can't
|
|
cross the firewall (firewalls are covered in detail in
|
|
<A
|
|
HREF="x-087-2-firewall.html"
|
|
>Chapter 9</A
|
|
> ):</P
|
|
></DD
|
|
></DL
|
|
></DIV
|
|
><P
|
|
><TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
> [*] IP: forwarding/gatewaying</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
></P
|
|
><P
|
|
></P
|
|
><DIV
|
|
CLASS="VARIABLELIST"
|
|
><DL
|
|
><DT
|
|
>Virtual hosting</DT
|
|
><DD
|
|
><P
|
|
>
|
|
These options together allow to you
|
|
configure more than one IP address onto an interface. This is
|
|
sometimes useful if you want to do “virtual hosting,”
|
|
through which a single machine can be configured to look and act as
|
|
though it were actually many separate machines, each with its own
|
|
network personality. We'll talk more about IP aliasing in a moment:</P
|
|
></DD
|
|
></DL
|
|
></DIV
|
|
><P
|
|
><TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
> [*] Network aliasing
|
|
<*> IP: aliasing support</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
></P
|
|
><P
|
|
></P
|
|
><DIV
|
|
CLASS="VARIABLELIST"
|
|
><DL
|
|
><DT
|
|
>Accounting</DT
|
|
><DD
|
|
><P
|
|
> This option enables you to collect data on the volume of IP traffic leaving
|
|
and arriving at your machine (we cover this is detail in
|
|
<A
|
|
HREF="x-087-2-accounting.html"
|
|
>Chapter 10</A
|
|
> ):</P
|
|
></DD
|
|
></DL
|
|
></DIV
|
|
><P
|
|
><TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
> [*] IP: accounting</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
></P
|
|
><P
|
|
></P
|
|
><DIV
|
|
CLASS="VARIABLELIST"
|
|
><DL
|
|
><DT
|
|
>PC hug</DT
|
|
><DD
|
|
><P
|
|
> This option works around an incompatibility with some versions of PC/TCP, a
|
|
commercial TCP/IP implementation for DOS-based PCs. If you enable this option,
|
|
you will still be able to communicate with normal Unix machines, but
|
|
performance may be hurt over slow links:</P
|
|
></DD
|
|
></DL
|
|
></DIV
|
|
><P
|
|
><TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
> --- (it is safe to leave these untouched)
|
|
[*] IP: PC/TCP compatibility mode</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
></P
|
|
><P
|
|
></P
|
|
><DIV
|
|
CLASS="VARIABLELIST"
|
|
><DL
|
|
><DT
|
|
>Diskless booting</DT
|
|
><DD
|
|
><P
|
|
> This function enables <I
|
|
CLASS="EMPHASIS"
|
|
>Reverse Address Resolution
|
|
Protocol</I
|
|
> (RARP). RARP is used by diskless clients and X terminals to
|
|
request their IP address when booting. You should enable RARP if you plan to
|
|
serve this sort of client. A small program called <B
|
|
CLASS="COMMAND"
|
|
>rarp</B
|
|
>,
|
|
included with the standard networking utilities, is used to add entries
|
|
to the kernel RARP table:</P
|
|
></DD
|
|
></DL
|
|
></DIV
|
|
><P
|
|
><TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
> <*> IP: Reverse ARP</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
></P
|
|
><P
|
|
></P
|
|
><DIV
|
|
CLASS="VARIABLELIST"
|
|
><DL
|
|
><DT
|
|
>MTU</DT
|
|
><DD
|
|
><P
|
|
>
|
|
|
|
|
|
|
|
When sending data over TCP, the kernel has to break up the stream into blocks
|
|
of data to pass to IP. The size of the block is called the <I
|
|
CLASS="EMPHASIS"
|
|
>Maximum
|
|
Transmission Unit</I
|
|
>, or MTU. For hosts that can be reached over a
|
|
local network such as an
|
|
Ethernet, it is typical to use an MTU as large as the maximum length of an
|
|
Ethernet packet—1,500 bytes. When routing IP over a Wide Area Network
|
|
like the Internet, it is preferable to use smaller-sized datagrams to ensure
|
|
that they don't need to be further broken down along the route through a
|
|
process called <I
|
|
CLASS="EMPHASIS"
|
|
>IP fragmentation</I
|
|
>.<A
|
|
NAME="X-087-2-FNHW03"
|
|
HREF="#FTN.X-087-2-FNHW03"
|
|
>[2]</A
|
|
> The kernel is
|
|
able to automatically determine the smallest MTU of an IP route and to
|
|
automatically configure a TCP connection to use it. This behavior is on by
|
|
default. If you answer <TT
|
|
CLASS="LITERAL"
|
|
>y</TT
|
|
> to this option this feature
|
|
will be disabled.</P
|
|
><P
|
|
>If you do want to use smaller packet sizes for data sent to specific hosts
|
|
(because, for example, the data goes through a SLIP link), you can do so using
|
|
the <B
|
|
CLASS="COMMAND"
|
|
>mss</B
|
|
> option of the <B
|
|
CLASS="COMMAND"
|
|
>route</B
|
|
> command,
|
|
which is briefly discussed at the end of this chapter:</P
|
|
></DD
|
|
></DL
|
|
></DIV
|
|
><P
|
|
><TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
> [ ] IP: Disable Path MTU Discovery (normally enabled)</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
></P
|
|
><P
|
|
></P
|
|
><DIV
|
|
CLASS="VARIABLELIST"
|
|
><DL
|
|
><DT
|
|
>Security feature</DT
|
|
><DD
|
|
><P
|
|
>
|
|
|
|
|
|
|
|
|
|
|
|
The IP protocol supports a feature called <I
|
|
CLASS="EMPHASIS"
|
|
>Source
|
|
Routing</I
|
|
>. Source routing allows you to specify the route a
|
|
datagram should follow by coding the route into the datagram
|
|
itself. This was once probably useful before routing protocols such as
|
|
RIP and OSPF became commonplace. But today it's considered a security
|
|
threat because it can provide clever attackers with a way of
|
|
circumventing certain types of firewall protection by bypassing the
|
|
routing table of a router. You would normally want to filter out
|
|
source routed datagrams, so this option is normally enabled:</P
|
|
></DD
|
|
></DL
|
|
></DIV
|
|
><P
|
|
><TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
> [*] IP: Drop source routed frames</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
></P
|
|
><P
|
|
></P
|
|
><DIV
|
|
CLASS="VARIABLELIST"
|
|
><DL
|
|
><DT
|
|
>Novell support</DT
|
|
><DD
|
|
><P
|
|
>
|
|
|
|
This option enables support for IPX, the transport protocol Novell
|
|
Networking uses. Linux will function quite happily as an IPX router
|
|
and this support is useful in environments where you have Novell
|
|
fileservers. The NCP filesystem also requires IPX support enabled in
|
|
your kernel; if you wish to attach to and mount your Novell
|
|
filesystems you must have this option enabled (we'll dicuss IPX and
|
|
the NCP filesystem in <A
|
|
HREF="x-087-2-ipx.html"
|
|
>Chapter 15</A
|
|
>):</P
|
|
></DD
|
|
></DL
|
|
></DIV
|
|
><P
|
|
><TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
> <*> The IPX protocol</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
></P
|
|
><P
|
|
></P
|
|
><DIV
|
|
CLASS="VARIABLELIST"
|
|
><DL
|
|
><DT
|
|
>Amateur radio</DT
|
|
><DD
|
|
><P
|
|
>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
These three options select support for the three Amateur Radio protocols
|
|
supported by Linux: AX.25, NetRom and Rose (we don't describe them in this
|
|
book, but they are covered in detail in the AX25 HOWTO):
|
|
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="90%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
> <*> Amateur Radio AX.25 Level 2
|
|
<*> Amateur Radio NET/ROM
|
|
<*> Amateur Radio X.25 PLP (Rose)</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
></P
|
|
><P
|
|
> Linux supports another driver type: the dummy driver. The following
|
|
question appears toward the start of the device-driver section:
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="90%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
> <*> Dummy net driver support</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
></P
|
|
><P
|
|
>The dummy driver doesn't really do much, but it is quite useful on standalone
|
|
or PPP/SLIP hosts. It is basically a masqueraded loopback interface. On
|
|
hosts that offer PPP/SLIP but have no
|
|
other network interface, you want to have an interface that bears your IP
|
|
address all the time. This is discussed in a little more detail in
|
|
<A
|
|
HREF="x-087-2-iface.interface.html#X-087-2-IFACE.INTERFACE.DUMMY"
|
|
>Section 5.7.7</A
|
|
>" in
|
|
<A
|
|
HREF="x-087-2-iface.html"
|
|
>Chapter 5</A
|
|
>. Note that today you can achieve the same
|
|
result by using the IP alias feature and configuring your IP address as an
|
|
alias on the loopback interface.
|
|
</P
|
|
></DD
|
|
></DL
|
|
></DIV
|
|
></DIV
|
|
></DIV
|
|
><H3
|
|
CLASS="FOOTNOTES"
|
|
>Notes</H3
|
|
><TABLE
|
|
BORDER="0"
|
|
CLASS="FOOTNOTES"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
ALIGN="LEFT"
|
|
VALIGN="TOP"
|
|
WIDTH="5%"
|
|
><A
|
|
NAME="FTN.X-087-2-FNHW02"
|
|
HREF="x-087-2-hardware.kernel.config.html#X-087-2-FNHW02"
|
|
>[1]</A
|
|
></TD
|
|
><TD
|
|
ALIGN="LEFT"
|
|
VALIGN="TOP"
|
|
WIDTH="95%"
|
|
><P
|
|
>People should use development kernels and report bugs if they are
|
|
found; this is a very useful thing to do if you have a machine you can use
|
|
as a test machine. Instructions on how to report bugs are detailed in
|
|
<TT
|
|
CLASS="FILENAME"
|
|
>/usr/src/linux/REPORTING-BUGS</TT
|
|
> in the Linux kernel
|
|
source.</P
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
ALIGN="LEFT"
|
|
VALIGN="TOP"
|
|
WIDTH="5%"
|
|
><A
|
|
NAME="FTN.X-087-2-FNHW03"
|
|
HREF="x-087-2-hardware.kernel.config.html#X-087-2-FNHW03"
|
|
>[2]</A
|
|
></TD
|
|
><TD
|
|
ALIGN="LEFT"
|
|
VALIGN="TOP"
|
|
WIDTH="95%"
|
|
><P
|
|
>Remember, the IP protocol can be carried over many different types of
|
|
network, and not all network types will support packet sizes as large
|
|
as Ethernet.</P
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><DIV
|
|
CLASS="NAVFOOTER"
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"><TABLE
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="x-087-2-hardware.html"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="index.html"
|
|
>Home</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="x-087-2-hwconfig.tour.html"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
>Configuringthe NetworkingHardware</TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="x-087-2-hardware.html"
|
|
>Up</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
>A Tour of Linux Network Devices</TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
></BODY
|
|
></HTML
|
|
> |