Lightweight policy-based routing
Jo-Philipp Wich
jo at mein.io
Fri Dec 4 15:00:07 EST 2020
Hi Philip,
ip rules are possible in uci, but not sure if all the bits you require are
covered:
https://openwrt.org/docs/guide-user/network/ucicheatsheet#ip_rules_for_both_rule_and_rule6
`config route` sections allow specifying `option table` as well to stage the
routes in the non-main rttable.
Since the device options for uci rules and routes require logical networks and
not Linux network device names, you might need to declare a dummy interface
for xfrm0, like this:
config interface vpn
option proto static
option ifname xfrm0
It might be that netifd will clear out any IP addresses on the xfrm0
interface, so you would need to encode those in uci as well:
config interface vpn
option proto static
option ifname xfrm0
option ipaddr 192.168.1.0/24
option table 200 # will instruct netifd to put any related routes into
table 200
Netifd understands aliases set up in /etc/iproute2/rt_tables but there is no
uci way to declare new symbolic aliases. So either you need to manage that
file externally or you stick to numeric table IDs.
~ Jo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openwrt.org/pipermail/openwrt-devel/attachments/20201204/75dc62e9/attachment.sig>
More information about the openwrt-devel
mailing list