< Netstat: Retrieve TCP, UDP Tables & Protocol Statistics | IP Helper Functions Main | ARP: Add, Delete & Send >
IP Helper Functions 13 Part 3
What do we have in this chapter 13 part 3?
-
Route
-
Getting the Routing Table
-
Adding a Route
-
Deleting a Route
|
|
Route
The ROUTE.EXE command allows you to print and modify the routing table. The routing table determines which IPv4 interface a connection request or a datagram occurs on. The IP Helper library offers several functions for manipulating the routing table. All of the functions related to routing are available in Windows 98, Windows Me, and Windows NT 4.0 (Service Pack 4 or later).
|
First, let's discuss the ROUTE.EXE command's capabilities. Its most basic function is to print the routing table. A route consists of a destination address, a netmask, a gateway, a local IP interface, and a metric. You also have the ability to add and delete a route. To add a route, you must specify all the parameters we just described. To delete a route, you must specify the destination address only. In this section, we'll look at the IP Helper functions that print the routing table. Then we'll discuss adding and deleting a route.
Getting the Routing Table
The most basic action that ROUTE.EXE performs is printing the table. This is accomplished with the GetIpForwardTable() function, which is defined as:
DWORD GetIpForwardTable (
PMIB_IPFORWARDTABLE pIpForwardTable,
PULONG pdwSize,
BOOL bOrder
);
The first parameter, pIpForwardTable, contains the routing table information upon return. When you call the function, this parameter should point to a buffer of sufficient size. If you call the function with pIpForwardTable equal to NULL (or if the buffer size is insufficient to begin with), the pdwSize parameter returns the length of the buffer needed for the call to complete successfully. The last parameter, bOrder, indicates whether the results should be sorted upon return. The default sorting order is:
- Destination address.
- Protocol that generated the route.
- Multipath routing policy.
- Next-hop address.
The routing information is returned in the form of the MIB_IPFORWARDTABLE structure, which is defined as:
typedef struct _MIB_IPFORWARDTABLE
{
DWORD dwNumEntries;
MIB_IPFORWARDROW table[ANY_SIZE];
} MIB_IPFORWARDTABLE, *PMIB_IPFORWARDTABLE;
This structure is a wrapper for an array of MIB_IPFORWARDROW structures. The dwNumEntries field indicates the number of these structures present in the array. The MIB_IPFORWARDROW structure is defined as:
typedef struct _MIB_IPFORWARDROW
{
DWORD dwForwardDest;
DWORD dwForwardMask;
DWORD dwForwardPolicy;
DWORD dwForwardNextHop;
DWORD dwForwardIfIndex;
DWORD dwForwardType;
DWORD dwForwardProto;
DWORD dwForwardAge;
DWORD dwForwardNextHopAS;
DWORD dwForwardMetric1;
DWORD dwForwardMetric2;
DWORD dwForwardMetric3;
DWORD dwForwardMetric4;
DWORD dwForwardMetric5;
} MIB_IPFORWARDROW, *PMIB_IPFORWARDROW;
The fields of this structure are defined as follows:
- dwForwardDest: Is the IPv4 address of the destination host.
- dwForwardMask: Is the subnet mask for the destination host.
- dwForwardPolicy: Specifies a set of conditions that would cause the selection of a multipath route. Usually these conditions are in the form of IP_TOS option. For more information about multipath routing, see RFC 1354.
- dwForwardNextHop: Is the IPv4 address for the next hop in the route.
- dwForwardIfIndex: Indicates the index of the interface for this route.
- dwForwardType: Indicates the route type as defined in RFC 1354. Table 16-10 lists the possible values and meanings for this field.
- dwForwardProto: Is the protocol that generated the route. Table 16-11 lists the possible values for this field. The values for IPX protocols are defined in ROUTPROT.H, and the IP entries are included in IPRTRMIB.H.
- dwForwardAge: Indicates the age of the route in seconds.
- dwForwardNextHopAS: Is the autonomous system number of the next hop.
- dwForwardMetric1: Is a routing protocol–specific metric value. For more information, see RFC 1354. The field contains the route metric value that you normally see when executing the ROUTE.EXE print command. For this and the following four fields, if the entry is unused, the value is MIB_IPROUTE_METRIC_UNUSED (-1).
- dwForwardMetric2: Is a routing protocol–specific metric value. For more information, see RFC 1354.
- dwForwardMetric3: Is a routing protocol–specific metric value. For more information, see RFC 1354.
- dwForwardMetric4: Is a routing protocol–specific metric value. For more information, see RFC 1354.
- dwForwardMetric5: Is a routing protocol–specific metric value. For more information, see RFC 1354.
|
Table 16-10 Possible Route Types for a Routing Table Entry
|
|
|
Forward Type |
Description |
|
MIB_IPROUTE_TYPE_INDIRECT |
Next hop is not the final destination (remote route) |
|
MIB_IPROUTE_TYPE_DIRECT |
Next hop is the final destination (local route) |
|
MIB_IPROUTE_TYPE_INVALID |
Route is invalid |
|
MIB_IPROUTE_TYPE_OTHER |
Other route |
|
Table 16-11 Forward Protocols
|
|
|
Protocol Identifier |
Description |
|
MIB_IPPROTO_OTHER |
Protocol not listed |
|
MIB_IPPROTO_LOCAL |
Route generated by the stack |
|
MIB_IPPROTO_NETMGMT |
Route added by ROUTE.EXE utility or SNMP |
|
MIB_IPPROTO_ICMP |
Route from ICMP redirects |
|
MIB_IPPROTO_EGP |
Exterior Gateway Protocol |
|
MIB_IPPROTO_GGP |
Gateway Gateway Protocol |
|
MIB_IPPROTO_HELLO |
HELLO routing protocol |
|
MIB_IPPROTO_RIP |
Routing Information Protocol |
|
MIB_IPPROTO_IS_IS |
IP Intermediate System to Intermediate System Protocol |
|
MIB_IPPROTO_ES_IS |
IP End System to Intermediate System Protocol |
|
MIB_IPPROTO_CISCO |
IP Cisco protocol |
|
MIB_IPPROTO_BBN |
BBN protocol |
|
MIB_IPPROTO_OSPF |
Open Shortest Path First routing protocol |
|
MIB_IPPROTO_BGP |
Border Gateway Protocol |
|
MIB_IPPROTO_NT_AUTOSTATIC |
Routes that were originally added by a routing protocol but are not static |
|
MIB_IPPROTO_NT_STATIC |
Routes added by the routing user interface or the ROUTEMON.EXE utility |
|
MIB_IPPROTO_STATIC_NON_DOD |
Identical to PROTO_IP_NT_STATIC except that these routes will not cause Dial on Demand (DOD) |
|
IPX_PROTOCOL_RIP |
Routing Information Protocol for IPX |
|
IPX_PROTOCOL_SAP |
Service Advertisement Protocol |
|
IPX_PROTOCOL_NLSP |
Netware Link Services Protocol |
Adding a Route
The next function of the route command is adding a route. Remember that to add a route, the destination IPv4 address, netmask, gateway, local IPv4 interface, and metric must be specified. When adding a route, you should verify that the given local IPv4 interface is valid. In addition, when adding a route you will need to refer to the local IPv4 interface on which the route is based by its internal index value. You can obtain this information by calling the GetIpAddrTable() function, which is defined as:
DWORD GetIpAddrTable (
PMIB_IPADDRTABLE pIpAddrTable,
PULONG pdwSize,
BOOL bOrder
);
The first parameter, pIpAddrTable, is a buffer of sufficient size that will return an MIB_IPADDRTABLE structure. The pdwSize parameter is the size of the buffer passed as the first parameter. The last parameter, bOrder, specifies whether to return the local IPv4 interfaces by ascending IP addresses. To find out the required buffer size, you can pass NULL for pIpAddrTable. Upon return, pdwSize will indicate the required buffer size. The MIB_IPADDRTABLE structure is defined as:
typedef struct _MIB_IPADDRTABLE
{
DWORD dwNumEntries
MIB_IPADDRROW table[ANY_SIZE];
} MIB_IPADDRTABLE, *PMIB_IPADDRTABLE;
This structure is a wrapper for an array of MIB_IPADDRROW structures. The dwNumEntries field indicates how many MIB_IPADDRROW entries are present in the table field array. The MIB_IPADDRROW structure is defined as:
typedef struct _MIB_IPADDRROW
{
DWORD dwAddr;
DWORD dwIndex;
DWORD dwMask;
DWORD dwBCastAddr;
DWORD dwReasmSize;
unsigned short unused1;
unsigned short unused2;
} MIB_IPADDRROW, *PMIB_IPADDRROW;
The fields of this structure are defined as follows:
- dwAddr: Is the IPv4 address for a given interface.
- dwIndex: Is the index of the interface associated with the IPv4 address.
- dwMask: Is the subnet mask for the IPv4 address.
- dwBCastAddr: Is the broadcast address.
- dwReasmSize: Is the maximum reassembly size for datagrams received.
- unused1 and unused2: Are not currently used.
Using GetIpAddrTable(), you can verify that the local IPv4 interface for the given route is valid. The function for adding the route to the routing table is SetIpForwardEntry, which is defined as:
DWORD SetIpForwardEntry(PMIB_IPFORWARDROW pRoute);
The only parameter is pRoute, which is a pointer to an MIB_IPFORWARDROW structure. This structure defines the elements needed to establish a new route. We have already discussed this structure and its member fields. To add a route, the values must be specified for the fields dwForwardIfIndex, dwForwardDest, dwForwardMask, dwForwardNextHop, and dwForwardPolicy.
Deleting a Route
The last action for the route utility is deleting a route, which is the easiest command to implement. When invoking the route command to delete a route, you must specify the destination address to delete. Then you can search for the MIB_IPFORWARDROW structure returned from GetIpForwardTable() that corresponds to the destination address. The MIB_IPFORWARDROW structure can then be passed to the DeleteIpForwardEntry() function to remove the given entry. This function is defined as:
DWORD DeleteIpForwardEntry (PMIB_IPFORWARDROW pRoute);
Alternatively, you can specify the fields of pRoute yourself. The fields that are required to remove a route are dwForwardIfIndex, dwForwardDest, dwForwardMask, dwForwardNextHop, and dwForwardPolicy.
< Netstat: Retrieve TCP, UDP Tables & Protocol Statistics | IP Helper Functions Main | ARP: Add, Delete & Send >