Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

Destination IP based routing
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
musv
Advocate
Advocate


Joined: 01 Dec 2002
Posts: 3374
Location: de
PostPosted: Fri Apr 28, 2017 9:47 am    Post subject: Destination IP based routing Reply with quote
Hello,

I'm trying to understand the Linux routing, but until now I feel quite like a newbie. I'm quite confused about the rules, routes and routing tables. In several tutorials I found a lot about Source IP assignment to tables and devices and connection marking, which I didn't fully understand.

What's the situation
2 network devices:
  • eth0: IP 10.170.53.113/24, GW: 10.170.53.254
  • wlan0: IP 10.180.11.232/30, GW: 10.180.11.234


What do I want
Outgoing traffic for certain IP ranges should use wlan0, everything else eth0. More exactly:
  • Destination IPs: 66.0.0.0/8, 192.168.0.0/16, 87.0.0.0/16 should be routed via wlan0
  • all the other Destination IPs: eth0

How can I realize this?
Back to top
View user's profile Send private message
devilheart
l33t
l33t


Joined: 17 Mar 2005
Posts: 848
Location: Villach, Austria
PostPosted: Fri Apr 28, 2017 10:11 am    Post subject: Reply with quote
I believe this is enough

Code:

route add 66.0.0.0/8 gw 10.180.11.234
route add 192.168.0.0/16 gw 10.180.11.234
route add 87.0.0.0/16 gw 10.180.11.234
route add default gw 10.170.53.254
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 55202
Location: 56N 3W
PostPosted: Fri Apr 28, 2017 10:20 am    Post subject: Reply with quote
musv,

Set static routes in your net file for 66.0.0.0/8
192.168.0.0/16
87.0.0.0/16
using 10.180.11.234 as a gateway.

Heres an example from my net file ... currently commented out
Code:
#routes_eth0="default via 62.x.y.z"
#             192.168.10.0/24 via 192.168.100.1"

For a single static route.

If wlan0 is started some other way, you need to tell your network control tool to add the routes at startup and take them down at shutdown.
Then the traffic (if any) will be sent to your default gateway when wlan0 is down.
If that's not acceptable, you need a route to send it somewhere useless when wlan0 is down.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
Maitreya
Guru
Guru


Joined: 11 Jan 2006
Posts: 445
PostPosted: Fri Apr 28, 2017 10:31 am    Post subject: Reply with quote
/etc/conf.d/net:
Code:

routes_wlan0="66.0.0.0/8 via 10.180.11.234
                      192.168.0.0/16 via 10.180.11.234
                      87.0.0.0/16 via 10.180.11.234"
routes_eth0="default via 10.170.53.254"
Back to top
View user's profile Send private message
musv
Advocate
Advocate


Joined: 01 Dec 2002
Posts: 3374
Location: de
PostPosted: Sat Apr 29, 2017 8:54 am    Post subject: Reply with quote
Thanks a lot. Got it basically working.

I'm using Systemd with networkd. But there are similar options. And with iproute2 it's working via:
Code:
ip route add 192.168.0.0/8 via 10.180.11.234


There was another small caveat. If proxy is specified in the browser settings, de facto it disables the routing rules. :)
Back to top
View user's profile Send private message
musv
Advocate
Advocate


Joined: 01 Dec 2002
Posts: 3374
Location: de
PostPosted: Wed May 03, 2017 11:34 am    Post subject: Reply with quote
Just to add some new ideas. Maybe someone else can use it.

While searching about this topic I stumbled into Network Namespaces. This solution has some advantages. You can realize disjunct networks, that don't see each other. And with this solution it's also easy to bind an application to a specific device.

Example: We have 2 devices: eth0 and wlan0.
ip a:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000

3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000


Now we want to separate wlan0 from the common network and create therefore a Network Namespace "wifins":
Code:
ip netns add wifins
ip link set wlan0 netns wifins
ip netns exec wifins /etc/init.d/wpa_supplicant start
ip netns exec wifins dhclient wlan0


As a result we have:
ip a:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000


And inside the wifi-Namespace:
ip netns exec wifins ip a:

1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN group default qlen 1000

3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000


To use this context we start a shell within this namespace:
Code:
ip netns exec wifins su - myuser -c xterm
firefox


Every command inside the started xterm (e.g. Firefox) runs inside this Network Namespace bound to wlan0.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy