[CentOS] iproute create policy routes after reboot
Robin Mordasiewicz
robin at bullseye.tv
Sun Oct 30 03:55:23 UTC 2005
On Fri, 28 Oct 2005, Robin Mordasiewicz wrote:
> Which files do I need to edit in order to initialize a route after a reboot.
>
> I have a 802.1q tagged VLAN interface which I need to create a rule, and a
> route for.
>
> I see on my CentOs 4.2 box that in /etc/iproute2 there are the following
> files. I realize that I can add my tables to /etc/iproute2/rt_tables, but
> when I want to create a rule I am not sure where to put the information for
> the next reboot.
>
I wrote the following /sbin/ifup-local script. Mebbe someone has something
to say...
<snip /sbin/ifup-local>
#!/bin/bash
#
# Robin Mordasiewicz <robin at bullseye.tv>
# The following script is copied and pasted together from the existing
# network startup scripts found on RedHat-AS/CentOS
# This custom script is run last. This is called by the ifup-post script
# on a RedHat/CentOS based system.
#
# This script will add a routing table and a rule for each VLAN interface
# so that when responding to traffic from a box with multiple tagged VLAN
# interfaces the proper VLAN tags are added.
# The problem is that Linux repsonds to traffic based on the routing
# table, which means that packets which are sent out the device which the
# default gateway is configured will be tagged with the wrong VLAN
# The only devices that this script should act on are tagged VLAN
# interfaces Tagged VLAN interfaces will be in the form bond0.xxx, or
# eth0.xxx. Other regular devices such as lo, eth0, or bond0 should not
# require this script to run
# This requires that you have a "GATEWAY=x.x.x.x", "TABLE=???", and
# optionally a "PRIORITY=xx" configured in the interface config,
# ie. /etc/sysconfig/network-scripts/ifcfg-bondx.xxx,
# or /etc/sysconfig/network-scripts/ifcfg-ethx.xxx
# It is also required that your tables are properly listed in
# /etc/iproute2/rt_tables
# For more information read the following websites.
# http://www.linuxjournal.com/article/7291
# http://lartc.org/howto/lartc.rpdb.html
if echo ${1} | LANG=C egrep -v '(:)' | LANG=C egrep -q \
'(eth|bond)[0-9][0-9]*\.[0-9][0-9]?[0-9]?[0-9]?'; then
. /etc/init.d/functions
cd /etc/sysconfig/network-scripts
. network-functions
[ -f ../network ] && . ../network
CONFIG=${1}
[ -z "${CONFIG}" ] && {
echo $"Usage: ifup <device name>" >&2
exit 1
}
need_config ${CONFIG}
[ -f "${CONFIG}" ] || {
echo $"$0: configuration for ${1} not found." >&2
echo $"Usage: ifup-local <device name>" >&2
exit 1
}
source_config
if [ -z "$TABLE" -o -z "$GATEWAY" ]; then
exit 0
fi
VID="`echo ${DEVICE} | \
LANG=C egrep '(eth|bond)[0-9]+\.[0-9][0-9]?[0-9]?[0-9]?$' | \
LANG=C sed 's/^[a-z0-9]*\.//g;s/^0*//'`"
PHYSDEV="`echo ${DEVICE} | \
LANG=C egrep '(eth|bond)[0-9]+\.[0-9][0-9]?[0-9]?[0-9]?$' | \
LANG=C sed 's/\.[a-z0-9]*$//g'`"
if [ -z ${PRIORITY} ]; then
PRIORITY=${VID}
fi
action $"Setting default route ${GATEWAY} for table: ${TABLE}" \
/sbin/ip route replace default via ${GATEWAY} dev ${DEVICE} \
table ${TABLE}
while `ip rule list | LANG=C egrep -q \
"from ${IPADDR} lookup ${TABLE}"`; do
/sbin/ip rule delete from ${IPADDR} lookup ${TABLE}
done
action $"Setting Source ${IPADDR} to use routing table: ${TABLE}" \
/sbin/ip rule add from ${IPADDR} table ${TABLE} \
priority ${PRIORITY}
fi
More information about the CentOS
mailing list