How add ip route to boot?


#1

Hi, I added

ip route add table wgtunnel default via 10.192.122.5 priority 1000
ip rule add from 10.192.122.5 table wgtunnel

in rc.local file. But after restart router command ip rule not executed. How to autostart this command ?


#2

Are you sure this is the right place to put such command? ip rule probably failed because the network is not yet available when executed.

You may have a look in LuCi static routes tab or through the /etc/config/network file.


#3

Today I had a similar problem. Didn’t find any good answers around. So I thought I would share my solution.

Problem

I wanted to add custom routing table for traffic going from one of my LANs to go through a pptp tunnel (provided by my ISP to give me a static IP).

Naive solution:

My initial solution was to add ip route and ip rule commands into /etc/rc.local. That worked (after router reboot) but had tendency to break after a day or two. I realized that the problem is that my pptp tunnel is not stable. When it goes down (for whatever reason) something goes through all routing tables and deletes all rules mentioning this interface. When pptp tunnel reconnects, there is nobody to setup those deleted routes again. Note that /etc/rc.local is launched only once after reboot.

Robust solution:

I looked at some openvpn related scripts and got this inspiration. There is /etc/hotplug.d/iface where are scripts reacting on network interface changes. I created a new executable script 99-statictun with following content:

#!/bin/sh

logger -t debug "statictun hotplug triggered by $ACTION of $INTERFACE ($DEVICE)"

if [ $INTERFACE = "statictun" ]; then

  case "${ACTION:-ifup}" in
      ifup)
          logger -t statictun "Adding routing for statictun due to $ACTION of $INTERFACE ($DEVICE)"
          /etc/ppp/statictun-up.sh
      ;;
      ifdown)
          logger -t statictun "Nothing to do for statictun due to $ACTION of $INTERFACE ($DEVICE)"
          # the table gets cleaned automatically
      ;;
  esac

  ip route flush cache
fi

Note that /etc/ppp/statictun-up.sh contains actual setup for routes in statictun routing table.

Additionally I have also instructed /etc/config/network to always keep one ip rule forcing traffic to my special routing table:

config rule
	option src '192.168.100.0/24'
	option lookup 'statictun'
	option priority '9'

This is what I wanted. I wanted LAN to be disconnected when tunnel goes down. If I wanted to add ip rule only when the tunnel is up and use normal routing otherwise, I would have to handle it in ifup/ifdown accordingly by adding ip rule add ... and ip rule delete ....


#4

Hello,
thank you for inspiration. I have a simmilar problem, I have Turris as PPTP server because of the tunnel to some my old device… When the tunnel is connected I see the tunnel in ifconfig:

ppp0      Link encap:Point-to-Point Protocol
          inet addr:192.168.200.1  P-t-P:192.168.200.20  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1482  Metric:1
          RX packets:10 errors:0 dropped:0 overruns:0 frame:0
          TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3
          RX bytes:130 (130.0 B)  TX bytes:100 (100.0 B)

But to reach subnet behind this tunnel i have to add static route by command:
route add -net 192.168.6.0 netmask 255.255.255.0 dev ppp0

When the tunnel is disconnected interface ppp0 disappearing and route disappearing with the interface.

I seach same solution as you have. But
when i replaced your statictun inteface definition with my ppp0

I´ve got errr message:
sh: ppp0: unknown operand

What i should modify to get it working ?

I gues that $INTERFACE take the data from: ubus list network.interface.*… Where is ppp missing …

There are only those:
root@Turris:# ubus list network.interface.*
network.interface.DMZv6
network.interface.lan
network.interface.loopback
network.interface.vpn_turris
network.interface.wan
network.interface.wan6
network.interface.wan6in4


#5

You should be able to observe the interface name in log messages in cat /var/log/messages | grep hotplug, you can also trigger your actions based on $DEV instead $INTERFACE.


#6

There is same result:
root@Turris:~# cat /var/log/messages | grep hotplug

2019-05-11 10:49:27 notice debug[]: pptp hotplug triggered by ifup of lan (br-lan)
2019-05-11 10:49:33 notice debug[]: pptp hotplug triggered by ifup of DMZv6 (eth0.3)
2019-05-11 10:49:36 notice debug[]: pptp hotplug triggered by ifup of loopback (lo)
2019-05-11 10:49:41 notice debug[]: pptp hotplug triggered by ifup of wan (eth1)
2019-05-11 10:49:47 notice debug[]: pptp hotplug triggered by ifup of wan6in4 (6in4-wan6in4)
2019-05-11 10:49:52 notice debug[]: pptp hotplug triggered by ifup of vpn_turris (tun_turris)

Only one log which i found is :
root@Turris:~# cat /var/log/messages.1 | grep ppp0
.
.
.
2019-05-11 11:07:36 notice pppd[19650]: local IP address 192.168.200.1
2019-05-11 11:07:36 notice pppd[19650]: remote IP address 192.168.200.20
2019-05-11 11:07:36 notice netifd[]: Network device ‘ppp0’ link is up


#7

I’m sorry I don’t know. I would try to put another logging script into /etc/hotplug.d/net maybe it will be visible there…

I never set up pptp server, but with pptp client you can specify some management scripts via ppp configs: https://openwrt.org/docs/guide-user/services/vpn/pptp/client#etcpppip-up_andetcpppip-down

Not sure if something like that can be configured for pptpd (server).