Lightweight policy-based routing
Philip Prindeville
philipp_subx at redfish-solutions.com
Fri Dec 4 15:52:22 EST 2020
But I’m trying:
config rule
option src '192.168.3.6'
option lookup 200
Per the cheatsheet and it’s resulting in:
root at OpenWrt2:~# ip rule ls
0: from all lookup local
1: from all lookup 200
32766: from all lookup main
32767: from all lookup default
i.e. the ’src’ is being ignored. Also trying:
config route
option target '151.101.0.0/16'
option interface ‘xfrm0'
option gateway '192.168.1.252'
option table 200
option proto ‘static'
But that works great.
> On Dec 4, 2020, at 1:00 PM, Jo-Philipp Wich <jo at mein.io> wrote:
>
> Hi Philip,
>
> ip rules are possible in uci, but not sure if all the bits you require are
> covered:
>
> https://openwrt.org/docs/guide-user/network/ucicheatsheet#ip_rules_for_both_rule_and_rule6
>
> `config route` sections allow specifying `option table` as well to stage the
> routes in the non-main rttable.
>
> Since the device options for uci rules and routes require logical networks and
> not Linux network device names, you might need to declare a dummy interface
> for xfrm0, like this:
>
> config interface vpn
> option proto static
> option ifname xfrm0
>
> It might be that netifd will clear out any IP addresses on the xfrm0
> interface, so you would need to encode those in uci as well:
>
> config interface vpn
> option proto static
> option ifname xfrm0
> option ipaddr 192.168.1.0/24
> option table 200 # will instruct netifd to put any related routes into
> table 200
>
>
> Netifd understands aliases set up in /etc/iproute2/rt_tables but there is no
> uci way to declare new symbolic aliases. So either you need to manage that
> file externally or you stick to numeric table IDs.
>
> ~ Jo
>
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
> https://lists.openwrt.org/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list