[lug] Ubuntu 18.04 Route Metric
D. Stimits
stimits at comcast.net
Fri May 21 10:58:32 MDT 2021
> On 05/21/2021 10:41 AM Bear Giles <bgiles at coyotesong.com> wrote:
>
>
> Netplan - I don't know. One of the reasons I got the dual-NIC cards is so I can experiment with advanced network configurations. They aren't quite there yet since I need a newer kernel for the 2.5 Gbps NICs and only one 10 Gbps switch.
>
I only use gigabit, but the motherboard actually has dual 10Gbit ports (I didn't buy it, this was a free motherboard, I wasn't going to refuse it!). My reason for two networks is related to wanting a separate network for (A) a network printer, and (B) experimenting with a lot of embedded devices in a DMZ not subject to the outside world.
>
> (Switches - augh. There's virtually no 2.5 Gbps switches and 10 Gbps are pretty expensive. Plus you have to deal with the mix between SFP and RJ-45 connectors. I found one switch with a bunch of RJ-45 2.5 Gbps ports and two SFP 10 Gbps ports - and it's managed so you can use a VLAN! - but it costs $400. My 5-port 10 Gbps switch cost $150+ and I had to get the pay more for the SFP connectors. But I can now proudly announce that one of the links is over fiber optics cable.)
>
> Routing - Could you have a cron job that simply changes the priority of the routes?
>
I wish I could get an inexpensive router without any kind of WiFi. They don't seem to exist. Cron would be an interesting idea if it had a trigger to run on boot (e.g., systemd multi-user.target trigger). Makes me wonder if I could make a udev trigger based on the private LAN NIC starting which would delete any default route for it. I'm not sure how I could use cron to do this right at boot.
> On Fri, May 21, 2021 at 10:30 AM John Hernandez < jph at jph.net mailto:jph at jph.net > wrote:
>
> > > In this case, I agree with Zan that the "right way" to fix this is to make the DHCP server on the private network stop providing a default route. If that DHCP server doesn't have the proper knobs to accomplish that, I would be inclined to turn that DHCP off altogether and deploy a better DHCP server on the private LAN.
> >
> > >
Yes, I agree, but I don't think my router can do this :(, and I can't afford to get a better router at the moment. I might consider ignoring DHCP on this interface and setting it statically...the router has that MAC address tied to an exact IP address, and I hate the idea of "cheating" like that, but I might do it if I can't get the router to stop sending a default route.
>
> > > On Fri, May 21, 2021 at 10:24 AM D. Stimits < stimits at comcast.net mailto:stimits at comcast.net > wrote:
> >
> > > > >
> > >
> > > > > > > On 05/20/2021 7:01 PM Bear Giles < bgiles at coyotesong.com mailto:bgiles at coyotesong.com > wrote:
> > > >
> > > >
> > > > I don't recall if netplan was supported in 18.04. It's taken a bit of time to get the hang of it(*) but the basics aren't too bad - it sounds like you want to set static values so it should be pretty straightforward.
> > > >
> > > > > > > I want the metric to be custom at low priority (higher metric), or else to not have a default route at all on the private network (this is preferable). I just don't know how to do this while keeping DHCP.
> > >
> > > The private net router is mine, but it seems useless in setting metric. I've changed "priority" in "nm-connection-editor", but this is ignored (apparently I can set to use DHCP or many other things from nm-connection-editor, but priority is summarily ignored). Can netplan be used to allow all DHCP, except to intercept metric or default route on one interface to either remove default route or force a low priority metric? This might be the right way.
> > >
> > >
> > > > > > > Part of one of my files is:
> > > >
> > > > # Let NetworkManager manage all devices on this system
> > > > network:
> > > > version: 2
> > > > renderer: NetworkManager
> > > > ethernets:
> > > > # onboard-NIC
> > > > enp0s31f6:
> > > > dhcp4: false
> > > > addresses:
> > > > -http://192.168.1.3/24
> > > > -http://10.0.10.3/24
> > > > -http://10.0.20.3/24
> > > > -http://10.0.90.3/24
> > > > # gateway4: 192.168.1.1
> > > > nameservers:
> > > > search:
> > > > - lan
> > > > addresses:
> > > > - 10.0.20.15
> > > > - 10.0.10.10
> > > > - 8.8.8.8
> > > > routes:
> > > > - to:http://0.0.0.0/0
> > > > via: 192.168.1.1
> > > > metric: 100
> > > > # home GW to work VPN
> > > > - to:http://172.27.0.0/16
> > > > via: 192.168.1.200
> > > > metric: 10
> > > >
> > > > It has additional stanzas for the 10 Gbps(!) NICs. A system with wifi connectivity has
> > > >
> > > > # Let NetworkManager manage all devices on this system
> > > > network:
> > > > version: 2
> > > > renderer: NetworkManager
> > > >
> > > > wifis:
> > > > # all-wlans:
> > > >
> > > > wlp3s0:
> > > > match: {}
> > > > access-points:
> > > > homewifi:
> > > > password: 'password'
> > > > dhcp4: false
> > > > addresses:
> > > > -http://192.168.1.9/24
> > > > -http://10.0.10.9/24
> > > > gateway4: 192.168.1.1
> > > > nameservers:
> > > > search:
> > > > - lan
> > > > addresses:
> > > > - 10.0.10.15
> > > > - 10.0.10.10
> > > >
> > > >
> > > > FWIW I've tried to match on MAC address - it would be nice because I could have one configuration file that I could deploy to all systems instead of needing to customize them, but I haven't been able to get them to work. Here's one attempt:
> > > >
> > > > wifis:
> > > > wlx9cefd5fcd82b:
> > > > match:
> > > > name: wlx9cefd5fcd82b
> > > > macaddress: "9c:ef:d5:fc:d8:2b"
> > > >
> > > > but I don't recall what had as the name . (That's the system's device name based on the MAC address.) Hmm... maybe I should have tried 'all-wans'.
> > > >
> > > > Bear
> > > >
> > > > On Thu, May 20, 2021 at 9:54 AM Zan Lynx < zlynx at acm.org mailto:zlynx at acm.org > wrote:
> > > >
> > > > > > > > > On 5/20/21 8:34 AM, D. Stimits wrote:
> > > > > > Does anyone here know how to force my Ubuntu 18.04 to completely
> > > > > > leave out a default route for my private router? Or to permanently
> > > > > > set that route to a low priority, or to permanently set my public
> > > > > > interface to metric of 1?
> > > > >
> > > > > You must be using DHCP or this would not apply.
> > > > >
> > > > > Change your DHCP on your private network so that it does not apply any
> > > > > default route. Then each DHCP client will only have routes to the
> > > > > networks controlled by the private router.
> > > > >
> > > > > --
> > > > > Knowledge is Power -- Power Corrupts
> > > > > Study Hard -- Be Evil
> > > > >
> > > > > _______________________________________________
> > > > > Web Page: http://lug.boulder.co.us
> > > > > Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> > > > > Join us on IRC:http://irc.hackingsociety.org port=6667 channel=#hackingsociety
> > > > >
> > > > > > > > > _______________________________________________
> > > > Web Page: http://lug.boulder.co.us
> > > > Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> > > > Join us on IRC:http://irc.hackingsociety.org port=6667 channel=#hackingsociety
> > > >
> > > > > > > _______________________________________________
> > > Web Page: http://lug.boulder.co.us
> > > Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> > > Join us on IRC:http://irc.hackingsociety.org port=6667 channel=#hackingsociety
> > >
> > > > > _______________________________________________
> > Web Page: http://lug.boulder.co.us
> > Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> > Join us on IRC:http://irc.hackingsociety.org port=6667 channel=#hackingsociety
> >
> > > _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20210521/efa172f0/attachment-0001.html>
More information about the LUG
mailing list