A packet is sent from the computer to the router it's connected with only the destination address in it, right? So - what does "kernel routing table" mean?

The kernel route table is a router within you computer routing packets from applications to the externel ports.

The route table allows you to change the way packets are being routed. For example, if you have two ethernet interfaces you may want some packets going over one link and some going over the other. I have a second ethernet card connecting to a test bed. This allows me to be connected to two subnets and have mount points on both subnets. Unfortunately the test bed also has a (slow!) way of getting to the internet. If I don't change the route table the packets to the outside internet some times go on this slow link.

So - how do you specify which program uses which port?

OK, first I should not have used the term 'port' since that has a very specific meaning in this context. So I should say it decides which interface to use. Typically an ethernet NIC card or equivalent.

The routing table routes based on IP address. If you type route you see a listing of the route table. Here is the route table for my home computer, which has one ethernet card and a ppp link setup to connect to my work network.

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
143.161.144.139 192.168.1.1 255.255.255.255 UGH 0 0 0 eth0
192.168.2.0 * 255.255.255.0 U 0 0 0 ppp0
192.168.1.0 * 255.255.255.0 U 0 0 0 eth0
default 192.168.1.1 0.0.0.0 UG 0 0 0 eth0

Most traffic, browsing the web for example, will use the default entry and be routed to my NAT router via my eth0 port. This is the last line in the route table. The line above that is for traffic within my local network. If you look at the mask you can see that it requires a match for the first three numbers in the address. It is a filter that requires a match of the first three numbers 192.168.1 in this case. So addresses in the range 192.168.1.0-192.168.1.255 use this information, which just says to use eth0, which it would do anyway from the default, so it isn't very interesting. The line above that one is more interesting because it tells addresses in the range 192.168.2.0 - 192.168.2.255 to use a 'virtual' interface I have created within my eth0 stream for connecting to my work network. The top line says that packets to my work IP network should be routed out the eth0 interface.

See "man route" for how to change the table on you computer.

Is there something specific you are trying to do?

Yeah, I'm trying to understand how networks work

When you say "requires a match" up there, you mean it's ANDed 255.255.255.0 to 192.168.1.0 to get that right? I think I *still* dont understand netmasks - what are they used for, exactly?
When you say addresses in that range "use" that info, what do you mean?

Also I didn't get that stuff about a "virtual interface".

Also - what's the "Gateway" mean, exactly?

And what's "Flags Metric Ref and Use" for?

And also, I somehow got the impression, that you could somehow tell *each* program, such as netcat or Firefox, on a systemwide basis, which port to use, but I guess that's wrong. Or is it somehow possible?

1) "When you say "requires a match" up there, you mean it's ANDed 255.255.255.0 to 192.168.1.0 to get that right? " yes

2) "I think I *still* dont understand netmasks - what are they used for, exactly?"
They are used to define exactly which destination ip address use a particular route. Route 192.168.1.1 with netmask 255.255.255.254 means ONLY 192.168.1.1 uses the route. Route 192.168.1.1 with netmask 255.255.0.0 means any ip address that match 192.168 will use the route. So 192.168.0.0 - 192.168.255.255 will use the route.

3) "When you say addresses in that range "use" that info, what do you mean?" Packets with that destination address exit on that interface.

4) "Also I didn't get that stuff about a "virtual interface"." in this case it is an interface created by pppd to allow routing through the ppp link. I was using the term because there is no hardware associated with the link.

5) "Also - what's the "Gateway" mean, exactly?" usually a NAT router, but can be any intermediate node with access to other ip addresses

6) "And what's "Flags Metric Ref and Use" for? " This is status information printed out with the route command. man route will explain the specific on your system. This site has a nice description.http://linux.die.net/man/8/route

OK, for 2) (I'm much more clear now about the whole thing, but I think I still need to sit *down* on a LAN and poke around with the whole thing before I really get it), one question - can I put the SAME IP address with 2 different routes? What would happen in this case?

For 4) - So what exactly IS your PPP link then?

I'm saving 6) for tomorrow, when my brain will hopefully be a little clearer .

Oh and what about my question for each program above?

Yesterday I had two default gateway lines in my route table. So 192.168.2.1 and 192.168.3.1 were both listed as default gateways. The reason I know this is because I was trying to get to google to do a search and I could not get there even to ping. I deleted one of the default gateways and I was able to surf the web as usual. Having the same route listed twice in the route table is not a good idea.

ppp is point-to-point protocol and is described in detail in this reference from Cisco http://www.cisco.com/en/US/docs/inte...dbook/PPP.html. If you are trying to learn about networking you may want to look at other parts of this book as well. Mostly it is used to connect corporate networks to their remote users. If you are not part of a corporation or university with a large network you probably have no reason to use ppp.

with regards to each individual program, you can kind of, some of those programs have a bind address that you can set (mostly servers) and any other program you could use a wrapper on to make sure they send out a particular interface (this is what programs like tsocks and torify do). Mostly the interface they'll go out will depend on the destination and the routing tables and routing rules