[OpenWrt-Devel] How to properly add an unreachable route?
Dave Taht
dave.taht at bufferbloat.net
Sat Jul 12 19:10:19 EDT 2014
I have been trying to simplify my babel setup. I have
8 /27s out of a single /24 that I would like not
to have to expose to the universe.
I have 172.21.2.0/27, 172.21.2.64/27 etc
on each of the 8 devices I have.
But there is no need to export each /27, as these
are out of a single /24.
The way to do that is to setup /etc/babel.conf to only
let /24s out...
redistribute ip 0.0.0.0/0 le 24 allow
redistribute local deny
(this can also easily be expressed in the /etc/config/babeld
file)
And at the moment, I add this to /etc/firewall.user
to add the covering route locally.
ip route add unreachable 172.21.2.0/24 proto static
Boom, I go from exporting 16 routes to 1.
Where I'm stuck is on how to express the above line
inside of uci and luci. Luci demands both a specific
interface name and a numeric destination, if you are
trying this via the route method.
If you try the otherwise promising uci newfangled "rule" method
by adding something like this to /etc/config/network
config rule
option dest '172.21.2.0/24'
option action 'unreachable'
You end up bricking the router's network setup.
http://wiki.openwrt.org/doc/uci/network#routing.actions
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list