[lug] Ubuntu 18.04 Route Metric
D. Stimits
stimits at comcast.net
Fri May 21 11:08:04 MDT 2021
> On 05/21/2021 11:04 AM John Hernandez <jph at jph.net> wrote:
>
>
> That sounds like a good plan. Oh, and just to toss in one more bad idea - you could also try to configure your DHCP client not to request a default route for that interface:
> https://blog.dachary.org/2014/05/06/enable-secondary-network-interface-and-ignore-the-default-route/
>
As far as bad ideas go, that might not be so bad. I'll give that a try this weekend!
>
>
> On Fri, May 21, 2021 at 11:01 AM D. Stimits < stimits at comcast.net mailto:stimits at comcast.net > wrote:
>
> > >
> >
> > > > > On 05/21/2021 10:56 AM John Hernandez < jph at jph.net mailto:jph at jph.net > wrote:
> > >
> > >
> > > It occurs to me that you could also switch from DHCP-client to a static configuration for the LAN interface on your Ubuntu server, whilst leaving the public interface configured as DHCP-client. If you want to be thorough about it, you could also remove your statically assigned IP address from the Private LAN DHCP server's address pool.
> > >
> > > > > The DHCP router is just an appliance. I don't have an Ubuntu server. A lot of small embedded devices depend on DHCP, but I am probably going to have to go with static assignment on the private LAN. I am thinking that since a static address won't send a DHCP request, and since the address is reserved for that MAC address, then I could just go static and not muck with the router. I do really wish though that the router had more options for default route.
> >
> > > > > On Fri, May 21, 2021 at 10:51 AM D. Stimits < stimits at comcast.net mailto:stimits at comcast.net > wrote:
> > >
> > > > > > >
> > > >
> > > > > > > > > On 05/21/2021 10:29 AM John Hernandez < jph at jph.net mailto:jph at jph.net > wrote:
> > > > >
> > > > >
> > > > > In this case, I agree with Zan that the "right way" to fix this is to make the DHCP server on the private network stop providing a default route. If that DHCP server doesn't have the proper knobs to accomplish that, I would be inclined to turn that DHCP off altogether and deploy a better DHCP server on the private LAN.
> > > > >
> > > > > > > > > I wish I could :(
> > > >
> > > > I will look closer at the router and see if there is any way to disable that.
> > > >
> > > > > > > > > On Fri, May 21, 2021 at 10:24 AM D. Stimits < stimits at comcast.net mailto:stimits at comcast.net > wrote:
> > > > >
> > > > > > > > > > >
> > > > > >
> > > > > > > > > > > > > On 05/20/2021 7:01 PM Bear Giles < bgiles at coyotesong.com mailto:bgiles at coyotesong.com > wrote:
> > > > > > >
> > > > > > >
> > > > > > > I don't recall if netplan was supported in 18.04. It's taken a bit of time to get the hang of it(*) but the basics aren't too bad - it sounds like you want to set static values so it should be pretty straightforward.
> > > > > > >
> > > > > > > > > > > > > I want the metric to be custom at low priority (higher metric), or else to not have a default route at all on the private network (this is preferable). I just don't know how to do this while keeping DHCP.
> > > > > >
> > > > > > The private net router is mine, but it seems useless in setting metric. I've changed "priority" in "nm-connection-editor", but this is ignored (apparently I can set to use DHCP or many other things from nm-connection-editor, but priority is summarily ignored). Can netplan be used to allow all DHCP, except to intercept metric or default route on one interface to either remove default route or force a low priority metric? This might be the right way.
> > > > > >
> > > > > >
> > > > > > > > > > > > > Part of one of my files is:
> > > > > > >
> > > > > > > # Let NetworkManager manage all devices on this system
> > > > > > > network:
> > > > > > > version: 2
> > > > > > > renderer: NetworkManager
> > > > > > > ethernets:
> > > > > > > # onboard-NIC
> > > > > > > enp0s31f6:
> > > > > > > dhcp4: false
> > > > > > > addresses:
> > > > > > > -http://192.168.1.3/24
> > > > > > > -http://10.0.10.3/24
> > > > > > > -http://10.0.20.3/24
> > > > > > > -http://10.0.90.3/24
> > > > > > > # gateway4: 192.168.1.1
> > > > > > > nameservers:
> > > > > > > search:
> > > > > > > - lan
> > > > > > > addresses:
> > > > > > > - 10.0.20.15
> > > > > > > - 10.0.10.10
> > > > > > > - 8.8.8.8
> > > > > > > routes:
> > > > > > > - to:http://0.0.0.0/0
> > > > > > > via: 192.168.1.1
> > > > > > > metric: 100
> > > > > > > # home GW to work VPN
> > > > > > > - to:http://172.27.0.0/16
> > > > > > > via: 192.168.1.200
> > > > > > > metric: 10
> > > > > > >
> > > > > > > It has additional stanzas for the 10 Gbps(!) NICs. A system with wifi connectivity has
> > > > > > >
> > > > > > > # Let NetworkManager manage all devices on this system
> > > > > > > network:
> > > > > > > version: 2
> > > > > > > renderer: NetworkManager
> > > > > > >
> > > > > > > wifis:
> > > > > > > # all-wlans:
> > > > > > >
> > > > > > > wlp3s0:
> > > > > > > match: {}
> > > > > > > access-points:
> > > > > > > homewifi:
> > > > > > > password: 'password'
> > > > > > > dhcp4: false
> > > > > > > addresses:
> > > > > > > -http://192.168.1.9/24
> > > > > > > -http://10.0.10.9/24
> > > > > > > gateway4: 192.168.1.1
> > > > > > > nameservers:
> > > > > > > search:
> > > > > > > - lan
> > > > > > > addresses:
> > > > > > > - 10.0.10.15
> > > > > > > - 10.0.10.10
> > > > > > >
> > > > > > >
> > > > > > > FWIW I've tried to match on MAC address - it would be nice because I could have one configuration file that I could deploy to all systems instead of needing to customize them, but I haven't been able to get them to work. Here's one attempt:
> > > > > > >
> > > > > > > wifis:
> > > > > > > wlx9cefd5fcd82b:
> > > > > > > match:
> > > > > > > name: wlx9cefd5fcd82b
> > > > > > > macaddress: "9c:ef:d5:fc:d8:2b"
> > > > > > >
> > > > > > > but I don't recall what had as the name . (That's the system's device name based on the MAC address.) Hmm... maybe I should have tried 'all-wans'.
> > > > > > >
> > > > > > > Bear
> > > > > > >
> > > > > > > On Thu, May 20, 2021 at 9:54 AM Zan Lynx < zlynx at acm.org mailto:zlynx at acm.org > wrote:
> > > > > > >
> > > > > > > > > > > > > > > On 5/20/21 8:34 AM, D. Stimits wrote:
> > > > > > > > > Does anyone here know how to force my Ubuntu 18.04 to completely
> > > > > > > > > leave out a default route for my private router? Or to permanently
> > > > > > > > > set that route to a low priority, or to permanently set my public
> > > > > > > > > interface to metric of 1?
> > > > > > > >
> > > > > > > > You must be using DHCP or this would not apply.
> > > > > > > >
> > > > > > > > Change your DHCP on your private network so that it does not apply any
> > > > > > > > default route. Then each DHCP client will only have routes to the
> > > > > > > > networks controlled by the private router.
> > > > > > > >
> > > > > > > > --
> > > > > > > > Knowledge is Power -- Power Corrupts
> > > > > > > > Study Hard -- Be Evil
> > > > > > > >
> > > > > > > > _______________________________________________
> > > > > > > > Web Page: http://lug.boulder.co.us
> > > > > > > > Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> > > > > > > > Join us on IRC:http://irc.hackingsociety.org port=6667 channel=#hackingsociety
> > > > > > > >
> > > > > > > > > > > > > > > _______________________________________________
> > > > > > > Web Page: http://lug.boulder.co.us
> > > > > > > Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> > > > > > > Join us on IRC:http://irc.hackingsociety.org port=6667 channel=#hackingsociety
> > > > > > >
> > > > > > > > > > > > > _______________________________________________
> > > > > > Web Page: http://lug.boulder.co.us
> > > > > > Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> > > > > > Join us on IRC:http://irc.hackingsociety.org port=6667 channel=#hackingsociety
> > > > > >
> > > > > > > > > > > _______________________________________________
> > > > > Web Page: http://lug.boulder.co.us
> > > > > Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> > > > > Join us on IRC:http://irc.hackingsociety.org port=6667 channel=#hackingsociety
> > > > >
> > > > > > > > > _______________________________________________
> > > > Web Page: http://lug.boulder.co.us
> > > > Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> > > > Join us on IRC:http://irc.hackingsociety.org port=6667 channel=#hackingsociety
> > > >
> > > > > > > _______________________________________________
> > > Web Page: http://lug.boulder.co.us
> > > Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> > > Join us on IRC:http://irc.hackingsociety.org port=6667 channel=#hackingsociety
> > >
> > > > > _______________________________________________
> > Web Page: http://lug.boulder.co.us
> > Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> > Join us on IRC:http://irc.hackingsociety.org port=6667 channel=#hackingsociety
> >
> > > _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20210521/9f40c72f/attachment-0001.html>
More information about the LUG
mailing list