How To
Summary
Setup Policy Based Routing with NetworkManager
Objective
Traffic must route back out the interface it is received on -- No asymmetric routing.
Traffic in Traffic out
bond1 -> bond1
bond0 -> bond0
bond1 -> bond1
bond0 -> bond0
Steps
# nmcli con add type ethernet con-name <IFACE> ifname <IFACE>
# nmcli con add type ethernet con-name <IFACE> ifname <IFACE>
# nmcli con mod <IFACE> ip4 <ip-addresss/prefix> gw4 <ip-addresss>
# nmcli con mod <IFACE> ip4 <ip-addresss/prefix> gw4 <ip-addresss>
# nmcli con mod <IFACE> ipv4.route-table <N>
# nmcli con mod <IFACE> ipv4.routing-rules 'priority <N> iif <IFACE> table <N>'
# nmcli con mod <IFACE> ipv4.routing-rules 'priority <N> from <ip-addresss> table <N>'
# nmcli device reapply <IFACE>
# nmcli con add type ethernet con-name <IFACE> ifname <IFACE>
# nmcli con mod <IFACE> ip4 <ip-addresss/prefix> gw4 <ip-addresss>
# nmcli con mod <IFACE> ip4 <ip-addresss/prefix> gw4 <ip-addresss>
# nmcli con mod <IFACE> ipv4.route-table <N>
# nmcli con mod <IFACE> ipv4.routing-rules 'priority <N> iif <IFACE> table <N>'
# nmcli con mod <IFACE> ipv4.routing-rules 'priority <N> from <ip-addresss> table <N>'
# nmcli device reapply <IFACE>
/// ***** Example ***** ///
(From a console or logged in via bond0 IP)
# nmcli con add type ethernet con-name bond0 ifname bond0
# nmcli con add type ethernet con-name bond1 ifname bond1
# nmcli con mod bond0 ip4 192.168.2.180/24 gw4 192.168.2.1
# nmcli con mod bond1 ip4 192.168.1.180/24 gw4 192.168.1.1
# nmcli con mod bond1 ipv4.route-table 10
# nmcli con mod bond1 ipv4.routing-rules "priority 10 iif bond1 table 10"
# nmcli con mod bond1 +ipv4.routing-rules "priority 10 from 192.168.1.180 table 10"
# nmcli device reapply bond1
# nmcli con add type ethernet con-name bond1 ifname bond1
# nmcli con mod bond0 ip4 192.168.2.180/24 gw4 192.168.2.1
# nmcli con mod bond1 ip4 192.168.1.180/24 gw4 192.168.1.1
# nmcli con mod bond1 ipv4.route-table 10
# nmcli con mod bond1 ipv4.routing-rules "priority 10 iif bond1 table 10"
# nmcli con mod bond1 +ipv4.routing-rules "priority 10 from 192.168.1.180 table 10"
# nmcli device reapply bond1
/// ***** verify routing table ***** ///
# ip route show table main
default via <ip-addresss> dev <IFACE> proto static metric 100
<NETWORK/PREFIX> dev <IFACE> proto kernel scope link src <ip-addresss> metric 100
# ip route show table 10
default via <ip-addresss> dev <IFACE> proto static metric 101
<NETWORK/PREFIX> dev <IFACE> proto kernel scope link src <ip-addresss> metric 101
# ip route show table main
default via <ip-addresss> dev <IFACE> proto static metric 100
<NETWORK/PREFIX> dev <IFACE> proto kernel scope link src <ip-addresss> metric 100
# ip route show table 10
default via <ip-addresss> dev <IFACE> proto static metric 101
<NETWORK/PREFIX> dev <IFACE> proto kernel scope link src <ip-addresss> metric 101
Document Location
Worldwide
[{"Type":"MASTER","Line of Business":{"code":"LOB61","label":"IBM Technology Lifecycle Services"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSSCEH","label":"SUSE LINUX ENTERPRISE SERVER"},"ARM Category":[{"code":"a8m0z0000001g1iAAA","label":"Red Hat Enterprise Linux->NetworkManager"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]
Was this topic helpful?
Document Information
More support for:
SUSE LINUX ENTERPRISE SERVER
Component:
Red Hat Enterprise Linux->NetworkManager
Software version:
All Versions
Document number:
6599935
Modified date:
05 July 2022
UID
ibm16599935
Manage My Notification Subscriptions