1

I have 2 VLANs over a bonded connection I can't get to work with policy-based-routing. Actually I can make them work manually, but I'm unable to persist the configuration in order to survive reboots. I've read a dozen of articles, tutorials, how-tos and official docs. I'm listing just the relevant entries from the connection list here:

# nmcli con
NAME                        UUID                                  TYPE      DEVICE
bond0 slave 1               ...-91ef-...                          ethernet  eno1
bond0 slave 2               ...-242e-...                          ethernet  eno2
Bond connection bond0       ...-0fbe-...                          bond      bond0
VLAN connection bond0.3410  ...-3ebd-...                          vlan      bond0.3410
VLAN connection bond0.3411  ...-91a9-...                          vlan      bond0.3411

The new tables have been added to the rt_tables list.

# cat /etc/iproute2/rt_tables
#
# reserved values
#
255     local
254     main
253     default
0       unspec
1       3410
2       3411

Then I've created custom rules for both VLAN interfaces:

# cat /etc/sysconfig/network-scripts/rule-bond0.3410
iif bond0.3410 table 3410
from 10.129.240.0/23 table 3410
# cat /etc/sysconfig/network-scripts/rule-bond0.3411
iif bond0.3411 table 3411
from 10.129.242.0/24 table 3411

And defined the wished routing rules.

# cat /etc/sysconfig/network-scripts/route-bond0.3410
10.129.240.0/23 dev bond0.3410 scope link table 3410
default via 10.129.241.254 dev bond0.3410 table 3410
# cat /etc/sysconfig/network-scripts/route-bond0.3411
10.129.242.0/24 dev bond0.3411 scope link table 3411
default via 10.129.242.254 dev bond0.3411 table 3411

What bothers me is that none of the rules and routes get picked up. I've tried restarting the networking service systemctl restart network, rebooting the node, bringing up the connections via nmcli con up <con_name>.

All these modifications brought no change:

# ip route list
10.129.240.0/23 dev bond0.3410 proto kernel scope link src 10.129.240.1 metric 400
10.129.242.0/24 dev bond0.3411 proto kernel scope link src 10.129.242.1 metric 401

# ip rule list
0:      from all lookup local
32766:  from all lookup main
32767:  from all lookup default

The only thing I'm sure of is that the custom routing tables 3410 and 3411 exist (as no error is thrown when listing routes by the table, e.g. ip route list table 3411).

I should also say that when I'm running the entries manually (e.g. ip route add default <ip> dev <dev> table <table>) then the entries take effect.

Bernard Halas
  • 135
  • 1
  • 9

1 Answers1

2

If you are using NetworkManager for your network management (as opposite to /etc/init.d/network) then you need NetworkManager-dispatcher-routing-rules package.

Tomek
  • 3,390
  • 1
  • 16
  • 10
  • Amazing, thank you! I indeed read about it, but I forgot to ensure that this was in place after I rebuilt my environment the last time. – Bernard Halas Apr 07 '19 at 18:05