Hi Thomas, think of this system as a VPN Access Concentrator. "unreachable" routes are used to avoid "ping-pong-storms" between this system and the gateway for networks that currently aren't connected. That's a simpler solution than to use a dynamic routing protocol.
I think we'll go with "network-script", again for simplicity. Thank you for your feedback. Best, Robert On Mon, Feb 22, 2021 at 05:42:15PM +0100, Thomas Haller via networkmanager-list wrote: > On Thu, 2021-02-18 at 12:28 +0100, Robert Vogelgesang wrote: > > Hello @all, > > > > currently I'm trying to update an old server running CentOS 6, which > > doesn't use NetworkManager, to a system with Networkmanager 1.26.0. > > I'm strugging to find the correct syntax to define "unreachable" > > routes. > > > > In CentOS 6 this could be done by creating a file, e. g. > > /etc/sysconfig/network-scripts/route-eth0, with the content: > > > > unreachable 192.0.2.0/24 metric 3 > > > > If I read > > > > https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/nm-1-26/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c > > correctly, NM 1.26.0 should still support this syntax, but when I try > > it, reading the interface configration fails, without any error > > message. > > > > The nmcli man page doesn't mention "unreachable" or "blackhole" > > routes. > > nmcli does not accept this syntax when I try to set the ipv4.routes > > property of a connection. > > > > Any hints? > > Hi, > > Currenlty, NetworkManager only supports "type=unicast" and "type=local" > routes. It would be nice to add support for other route types. > > Anyway, as it is, the options are: > > (1) not use NetworkManager but a script/tool of your choice that works > for you (like "network-script" from "initscripts" package). > > (2) use a dispatcher script, that would call `ip route add`. See `man > NetworkManager`. > > (3) use "NetworkManager-dispatcher-routing-rules". That is basically a > dispatcher script ([1]) which does what "network-scripts" do. You would > configure the routes and rules in /etc/sysconfig/network- > scripts/{rule,route}. I don't think this is the best solution. If you > go with the dispatcher script way, then (2) is simple enough without > requiring you to configure routes in ifcfg format. > > > I would get inspired by (3) (see the script at [1]) and write a simple > dispatcher script that works for you (2). > > [1] > https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/e3a7f29e2af2acd6b03b313115396bb6872e3cd0/examples/dispatcher/10-ifcfg-rh-routes.sh > > > Can you elaborate why you use "unreachable" routes? It's the first time > I encounter somebody actually using this. Seems you hav specific > requirements, and while NetworkManager should support them, I think it > may be warranted that for now you roll your own special solution (that > is, a script). > > > best, > Thomas > _______________________________________________ > networkmanager-list mailing list > networkmanager-list@gnome.org > https://mail.gnome.org/mailman/listinfo/networkmanager-list _______________________________________________ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
