Re: [systemd-devel] Policy Routing on a machine using systemd-networkd
On 12/20/2015 01:52 PM, Marc Haber wrote: > *nudge* > > Is there really no option about this rather common issue? I too am interested in more info about this. -- Rudd-O http://rudd-o.com/ signature.asc Description: OpenPGP digital signature ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Policy Routing on a machine using systemd-networkd
- On 20 Dec, 2015, at 9:52 PM, Marc Haber mh+systemd-de...@zugschlus.de wrote: > *nudge* > > Is there really no option about this rather common issue? Maybe you can post your work around for policy routing? (if you have one) I would love to know as well. > > Greetings > Marc > > > On Tue, Dec 15, 2015 at 01:20:34PM +0100, Marc Haber wrote: >> I would like to do policy routing on a router with ~ 10 interfaces >> running Debian Linux and systemd. Networking is managed with ferm and >> systemd-networkd. >> >> I now need Policy Routing. What is the recommended way to handle the >> usual knot of iptables, ip rule and ip route statement in a clear and >> beautiful way in a systemd environment? >> >> As far as I know, systemd-network has not yet implemented policy >> routing, so the canonical way (for me, as a systemd newbie) to >> implement this would be a sysv init script containing the needed >> commands. >> >> What would be the "correct" way to do this in a systemd setup? >> >> Actually, I need something that does the following: >> >> o prevent a default route from being present in the main table (either >> by preventing it from being set in the first place or removing it >> idempotently) >> o Establish a number of iptables rules to set fwmarks >> o Establish a number of extra routing tables with a set of rules >> o Establish a number of ip rule rules regarding source IP ranges or >> fwmarks. >> >> How would I do that in systemd? Am I doing ok with a Type=oneshot >> service unit with a bunch of ExecStart Options? Or is there another >> recommended way? > > -- > - > Marc Haber | "I don't trust Computers. They | Mailadresse im Header > Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 > Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421 > ___ > systemd-devel mailing list > systemd-devel@lists.freedesktop.org > http://lists.freedesktop.org/mailman/listinfo/systemd-devel ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Policy Routing on a machine using systemd-networkd
*nudge* Is there really no option about this rather common issue? Greetings Marc On Tue, Dec 15, 2015 at 01:20:34PM +0100, Marc Haber wrote: > I would like to do policy routing on a router with ~ 10 interfaces > running Debian Linux and systemd. Networking is managed with ferm and > systemd-networkd. > > I now need Policy Routing. What is the recommended way to handle the > usual knot of iptables, ip rule and ip route statement in a clear and > beautiful way in a systemd environment? > > As far as I know, systemd-network has not yet implemented policy > routing, so the canonical way (for me, as a systemd newbie) to > implement this would be a sysv init script containing the needed > commands. > > What would be the "correct" way to do this in a systemd setup? > > Actually, I need something that does the following: > > o prevent a default route from being present in the main table (either > by preventing it from being set in the first place or removing it > idempotently) > o Establish a number of iptables rules to set fwmarks > o Establish a number of extra routing tables with a set of rules > o Establish a number of ip rule rules regarding source IP ranges or > fwmarks. > > How would I do that in systemd? Am I doing ok with a Type=oneshot > service unit with a bunch of ExecStart Options? Or is there another > recommended way? -- - Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] Policy Routing on a machine using systemd-networkd
Hi, I would like to do policy routing on a router with ~ 10 interfaces running Debian Linux and systemd. Networking is managed with ferm and systemd-networkd. I now need Policy Routing. What is the recommended way to handle the usual knot of iptables, ip rule and ip route statement in a clear and beautiful way in a systemd environment? As far as I know, systemd-network has not yet implemented policy routing, so the canonical way (for me, as a systemd newbie) to implement this would be a sysv init script containing the needed commands. What would be the "correct" way to do this in a systemd setup? Actually, I need something that does the following: o prevent a default route from being present in the main table (either by preventing it from being set in the first place or removing it idempotently) o Establish a number of iptables rules to set fwmarks o Establish a number of extra routing tables with a set of rules o Establish a number of ip rule rules regarding source IP ranges or fwmarks. How would I do that in systemd? Am I doing ok with a Type=oneshot service unit with a bunch of ExecStart Options? Or is there another recommended way? Greetings Marc -- - Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel