Routing based on source, destination and other parameters

From Notes_Wiki

Home > CentOS > CentOS 6.x > Network configuration > IP routing 2 configuration > Routing based on source, destination and other parameters

With advanced IP routing II features of Linux we can route based on source, destination and various other parameters. To configure IP routing II features for routing the basic steps are:

  1. Create routing tables
  2. Add routes to routing tables
  3. Add rules for kernel IP routing


Creating routing tables

To create routing table we have to edit file '/etc/iproute2/rt_tables'. In this file we have to add lines like at end 

200 dmztolocal
210 intranettolocal
220 publictolocal
230 localtopublic

Here 200, 210, etc. are routing table numbers. The gap of 10 is just example we can use 200, 201 or 200, 300 any sort of numbers. 'dmztolocal', 'intranettolocal' etc. are names of routing tables. This is one time thing and this information would persist after rebooting.



Adding routes to routing tables

We can add routes to routing tables with command 'ip route add table <table_name> via <gateway>'. We can also specify gateway specific to destinations as we do in normal routing with syntax 'ip route add table <table_name> <destination> via <gateway>. Here, table_name is name of routing table that we specify in file '/etc/iproute2/rt_tables', destination can be entered IP address/mask format to specify both single host or network, gateway can be any IP reachable by directly connected interfaces.

Using this approach we can populate all routing tables that we have created. The routing within routing table is done with longest prefix match the way it is done in normal routing tables.

Note that routes added to routing table do not persist after rebooting. Hence permanent configuration of routing should be done by adding route lines in script and calling that script in some start-up file like /etc/rc.d/rc.local or from /etc/init.d/network, etc.


Seeing routes of particular table

We can use command 'ip route list table <table_name>' to see routing entries of particular table.



Seeing default rules

We can see existing routing rules by 'ip rule list' command. The default rule list looks like 

0:      from all lookup 255 
32766:  from all lookup main 
32767:  from all lookup default

Here 255, main and default are name of tables and 0, 32766, 32767 etc. are priorities. We can list the rules stored in tables 255, main or default too. 255 table generally has rules related to broadcast or directly connected interfaces. Table main has routing table that we typically see with 'route -n' command. 'default' table is usually empty.

Note: It is possible to delete rules for table main and default but there is no need to do it. We can always add routes with higher priority without disturbing existing tables.



Adding rules which specify which routing table to use

After creating and populating various routing tables we can add rules which based on source, destination and other selection parameters determine which routing table should be used. To add rule we can use syntax 'ip rule add [from <source_network_or_host>] [to <destination_network_or_host>] [pref <pref_number>] table <table_name>'.

Note:

  • Except table name most parameters from, to, pref number etc. are optional.
  • Rules added via above approach are not persistent same as routes added to routing tables are not persistent. Hence even these lines should be added to some script for permanent configuration.



Removing rules from rules table

We can remove rules from rules table by using syntax 'ip rule del pref <pref_number>'. Here preference number is same that we specify while adding rule or listed when we use 'ip rule list'. We can specify more constraints in case multiple rules with same preference exist in rule table.


Do not use route command

After using IP routing II the output of normal route command cannot be trusted as it will just list rules stored in main table which may not have higher priority than rules that we added in custom table. Hence 'route' command should not be used at all while using IP routing II.


Home > CentOS > CentOS 6.x > Network configuration > IP routing 2 configuration > Routing based on source, destination and other parameters

Retrieved from "http://www.sbarjatiya.com/notes_wiki/index.php?title=Routing_based_on_source,_destination_and_other_parameters&oldid=6531"