Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

FS#2841 - Static routes don't work #7656

Closed
openwrt-bot opened this issue Feb 17, 2020 · 16 comments
Closed

FS#2841 - Static routes don't work #7656

openwrt-bot opened this issue Feb 17, 2020 · 16 comments
Labels
flyspray

Comments

@openwrt-bot
Copy link

xnoreq:

Device/versions: ath79, openwrt master, commit 5715b21

Steps to reproduce:

  • adding a static ipv4 route in luci

  • or adding a route to /etc/config/network like this:

    config route
    option netmask '255.255.255.0'
    option interface 'lan'
    option target '192.168.2.0'
    option gateway '0.0.0.0'
    option source '192.168.1.1'
    option onlink '1'

  • running:

    ip route

Expected result:
192.168.2.0/24 dev ...

But I only see the standard routes.
@openwrt-bot
Copy link
Author

por:

gateway 0.0.0.0, where would that go to ?

@openwrt-bot
Copy link
Author

xnoreq:

@paul Oranje: see the documentation for [[https://openwrt.org/docs/guide-user/network/routes_configuration|Static Routes]]

@openwrt-bot
Copy link
Author

por:

Okay, but it's not really obvious what you're trying to achieve.

If one of the interfaces has an address in the target subnet the net route will automatically be created, otherwise (no direct output on target subnet) a route with a gateway is needed to get packets on their way towards the target.
("that" in "where would that go to" means the packets). Also, if I understand correctly: onlink implies at least that a gateway is given.

Good luck.

@openwrt-bot
Copy link
Author

xnoreq:

I want to route packets to the target network (192.168.2.0/24) through the lan interface instead of using the default route (via wan) because the network is directly connected to lan.

The onlink is indeed not needed, but removing it doesn't change anything - it still won't create the route.

Effectively, I would expect the same result as if running this command:
ip route add 192.168.2.0/24 dev br-lan src 192.168.1.1

@openwrt-bot
Copy link
Author

jow-:

This is not a bug since your configuration is wrong to begin with.

The following block:

config route
option netmask '255.255.255.0'
option interface 'lan'
option target '192.168.2.0'
option gateway '0.0.0.0'
option source '192.168.1.1'
option onlink '1'

... is equivalent to the following iproute2 command:

ip route add 192.168.2.0/24 dev br-lan proto static src 192.168.1.1 onlink

... which is rejected by the kernel with netlink error NLE_INVAL (Invalid argument).

The problem is ''onlink'' (''option onlink '1''') and ''src 192.168.1.1'' (''option source '192.168.1.1''') which are rejected by the kernel:

root@jj:# # with src and onlink
root@jj:# ip route add 192.168.2.0/24 dev br-lan proto static src 192.168.1.1 onlink
RTNETLINK answers: Invalid argument
root@jj:# # with src only
root@jj:# ip route add 192.168.2.0/24 dev br-lan proto static src 192.168.1.1
RTNETLINK answers: Invalid argument
root@jj:# # with onlink only
root@jj:# ip route add 192.168.2.0/24 dev br-lan proto static onlink
RTNETLINK answers: Invalid argument
root@jj:# # without src and onlink
root@jj:# ip route add 192.168.2.0/24 dev br-lan proto static
root@jj:#
root@jj:# ip route list 192.168.2.0/24
192.168.2.0/24 dev br-lan proto static scope link
root@jj:~#

To achieve what you want, the configuration should be:

config route
  option netmask '255.255.255.0'
  option interface 'lan'
  option target '192.168.2.0'

... so basically leave out source and onlink.

I tested and confirmed that working on my system.

@openwrt-bot
Copy link
Author

xnoreq:

This works on my system:
# ip route add 192.168.2.0/24 dev br-lan proto static src 192.168.1.1

In your system, your br-lan probably doesn't have the src assigned as ip address, which is why you cannot use it as src.

Check with:
# ip addr show dev br-lan

Does your br-lan have 192.168.1.1 assigned? If not then change it in the commands above to what you have configured in your setup.

I see no reason why I shouldn't be allowed to specify a src address through openwrt's configuration.

So this is a bug. Please reopen.

@openwrt-bot
Copy link
Author

jow-:

Correct, my "br-lan" has 10.11.12.13/24 as source IP. Changing this accordingly in the config works for me:

root@jj:# uci show network.@route[-1]
network.cfg0dc8b4=route
network.cfg0dc8b4.netmask='255.255.255.0'
network.cfg0dc8b4.interface='lan'
network.cfg0dc8b4.target='192.168.2.0'
network.cfg0dc8b4.source='10.11.12.13'
root@jj:# ifup lan
root@jj:# ip r s 192.168.2.0/24
192.168.2.0/24 dev br-lan proto static scope link src 10.11.12.13
root@jj:#

@openwrt-bot
Copy link
Author

xnoreq:

Can you please try through /etc/config/network

config route
    option target '192.168.2.0'
    option netmask '255.255.255.0'
    option source '192.168.1.1'
    option interface 'lan'

ifup lan or even /etc/init.d/network restart doesn't do anything.

uci show network.@route[-1]

uci: Entry not found

@openwrt-bot
Copy link
Author

jow-:

I already tried (but with 10.11.12.13 as source IP since my lan doesn't use 192.168.1.0/24).

uci show network.@route[-1]

uci: Entry not found

That might hint at a syntax error in your network config somewhere before the route declaration. Check the output of uci show network >/dev/null for error messages.

@openwrt-bot
Copy link
Author

xnoreq:

No error messages. The "config route" block above wasn't even added by hand but through luci.

@openwrt-bot
Copy link
Author

jow-:

Double checked in an x86/64 19.07.1 VM:

BusyBox v1.30.1 () built-in shell (ash)

| |.-----.-----.-----.| | | |.----.| |_
| - || _ | -| || | | || || |
|_____|| |||||___||| |____|
|| W I R E L E S S F R E E D O M

OpenWrt 19.07.1, r10911-c155900f66

=== WARNING! =====================================
There is no root password defined on this device!
Use the "passwd" command to set up a new password
in order to prevent unauthorized SSH logins.

root@OpenWrt:/#
root@OpenWrt:/#
root@OpenWrt:/# ip r
192.168.1.0/24 dev br-lan scope link src 192.168.1.1
root@OpenWrt:/# cat /etc/config/network

config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'

config globals 'globals'
option ula_prefix 'fd71:677d:0fbb::/48'

config interface 'lan'
option type 'bridge'
option ifname 'eth0'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'

root@OpenWrt:/# vi /etc/config/network
root@OpenWrt:/# cat /etc/config/network

config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'

config globals 'globals'
option ula_prefix 'fd71:677d:0fbb::/48'

config interface 'lan'
option type 'bridge'
option ifname 'eth0'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'

config route
option target '192.168.2.0'
option netmask '255.255.255.0'
option source '192.168.1.1'
option interface 'lan'
root@OpenWrt:/# uci show network.@route[-1]
network.cfg04c8b4=route
network.cfg04c8b4.target='192.168.2.0'
network.cfg04c8b4.netmask='255.255.255.0'
network.cfg04c8b4.source='192.168.1.1'
network.cfg04c8b4.interface='lan'
root@OpenWrt:/# ip r
192.168.1.0/24 dev br-lan scope link src 192.168.1.1
root@OpenWrt:/# ifup lan
[ 93.057583] br-lan: port 1(eth0) entered disabled state
[ 93.112012] device eth0 left promiscuous mode
[ 93.114737] br-lan: port 1(eth0) entered disabled state
[ 93.223464] IPv6: ADDRCONF(NETDEV_UP): eth0: link is not ready
[ 93.327652] 8021q: adding VLAN 0 to HW filter on device eth0
[ 93.333747] br-lan: port 1(eth0) entered blocking state
[ 93.336023] br-lan: port 1(eth0) entered disabled state
[ 93.338811] device eth0 entered promiscuous mode
[ 93.352157] br-lan: port 1(eth0) entered blocking state
[ 93.354479] br-lan: port 1(eth0) entered forwarding state
[ 94.163159] br-lan: port 1(eth0) entered disabled state
[ 95.361467] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[ 95.368318] br-lan: port 1(eth0) entered blocking state
[ 95.370736] br-lan: port 1(eth0) entered forwarding state

root@OpenWrt:/#
root@OpenWrt:/# ip r
192.168.1.0/24 dev br-lan scope link src 192.168.1.1
192.168.2.0/24 dev br-lan scope link src 192.168.1.1
root@OpenWrt:/#

@openwrt-bot
Copy link
Author

jow-:

Another test with the malta target to rule out 64bit/32bit or big/little endian issues:

BusyBox v1.30.1 () built-in shell (ash)

| |.-----.-----.-----.| | | |.----.| |_
| - || _ | -| || | | || || |
|_____|| |||||___||| |____|
|| W I R E L E S S F R E E D O M

OpenWrt 19.07.1, r10911-c155900f66

=== WARNING! =====================================
There is no root password defined on this device!
Use the "passwd" command to set up a new password
in order to prevent unauthorized SSH logins.

root@OpenWrt:/#
root@OpenWrt:/#
root@OpenWrt:/# cat /proc/cpuinfo
system type : MIPS Malta
machine : mti,malta
processor : 0
cpu model : MIPS 24Kc V0.0 FPU V0.0
BogoMIPS : 2826.24
wait instruction : yes
microsecond timers : yes
tlb_entries : 16
extra interrupt vector : yes
hardware watchpoint : yes, count: 1, address/irw mask: [0x0ff8]
isa : mips1 mips2 mips32r1 mips32r2
ASEs implemented : mips16
Options implemented : tlb 4kex 4k_cache fpu 32fpr prefetch mcheck ejtag llsc perf_cntr_intr_bit nan_legacy
shadow register sets : 1
kscratch registers : 0
package : 0
core : 0
VCED exceptions : not available
VCEI exceptions : not available

root@OpenWrt:/# cat /etc/config/network

config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'

config globals 'globals'
option ula_prefix 'fdbb:9ce2:89a5::/48'

config interface 'wan'
option ifname 'eth0'
option proto 'dhcp'

config interface 'wan6'
option ifname 'eth0'
option proto 'dhcpv6'

root@OpenWrt:/# uci del network.wan
root@OpenWrt:/# uci del network.wan6
root@OpenWrt:/# uci set network.lan=interface
root@OpenWrt:/# uci set network.lan.proto=static
root@OpenWrt:/# uci set network.lan.ipaddr=192.168.1.1
root@OpenWrt:/# uci set network.lan.netmask=255.255.255.0
root@OpenWrt:/# uci set network.lan.ifname=eth0
root@OpenWrt:/# uci add network route
cfg06c8b4
root@OpenWrt:/# uci set network.@route[-1].target=192.168.2.0
root@OpenWrt:/# uci set network.@route[-1].netmask=255.255.255.0
root@OpenWrt:/# uci set network.@route[-1].source=192.168.1.1
root@OpenWrt:/# uci set network.@route[-1].interface=lan
root@OpenWrt:/# uci commit network
root@OpenWrt:/# cat /etc/config/network

config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'

config globals 'globals'
option ula_prefix 'fdbb:9ce2:89a5::/48'

config interface 'lan'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ifname 'eth0'

config route
option target '192.168.2.0'
option netmask '255.255.255.0'
option source '192.168.1.1'
option interface 'lan'

root@OpenWrt:/# ip r
root@OpenWrt:/# ifup lan
'radio0' is disabled
'radio0' is disabled
'radio1' is disabled
'radio1' is disabled
root@OpenWrt:/# ip r
192.168.1.0/24 dev eth0 scope link src 192.168.1.1
192.168.2.0/24 dev eth0 scope link src 192.168.1.1
root@OpenWrt:/#

@openwrt-bot
Copy link
Author

xnoreq:

BusyBox v1.31.1 () built-in shell (ash)

| |.-----.-----.-----.| | | |.----.| |_
| - || _ | -| || | | || || |
|_____|| |||||___||| |____|
|| W I R E L E S S F R E E D O M

OpenWrt SNAPSHOT, r12230+43-5715b21f80

root@router:# ip r s dev br-lan
192.168.1.0/24 dev br-lan scope link src 192.168.1.1
root@router:# cat /etc/config/network

config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'

config globals 'globals'
option ula_prefix 'fd1f:388e:b216::/48'

config interface 'lan'
option type 'bridge'
option ifname 'eth0.1'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
option igmp_snooping '1'
option ip6hint '0'

config interface 'wan'
option ifname 'eth0.2'
option proto 'dhcp'

config device 'wan_dev'
option name 'eth0.2'
option macaddr '57:dc:c4:16:28:33'

config interface 'wan6'
option ifname 'eth0.2'
option proto 'dhcpv6'

config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'

config switch_vlan
option device 'switch0'
option vlan '1'
option ports '2 3 4 5 0t'

config switch_vlan
option device 'switch0'
option vlan '2'
option ports '1 0t'

config route
option target '192.168.2.0'
option netmask '255.255.255.0'
option source '192.168.1.1'
option interface 'lan'

root@router:# uci show network.@route[-1]
uci: Entry not found
root@router:#
root@router:# ifup lan
root@router:# ip r s dev br-lan
192.168.1.0/24 dev br-lan scope link src 192.168.1.1

@openwrt-bot
Copy link
Author

jow-:

Anything reported by uci changes ?

@openwrt-bot
Copy link
Author

xnoreq:

Yes, indeed:

network.cfg0ac8b4='route'
network.cfg0ac8b4.source='192.168.1.1'
network.cfg0ac8b4.netmask='255.255.255.0'
network.cfg0ac8b4.target='192.168.2.0'
network.cfg0ac8b4.gateway='0.0.0.0'
network.cfg0ac8b4.interface='lan'
-network.cfg0ac8b4.gateway
-network.cfg0ac8b4

... which is very weird, because

  1. I didn't set anything through uci.
  2. I don't think there were pending changes in luci.
  3. If I manually try to reproduce this list of changes through uci set and uci del calls then this is all I get:
    network.cfg0ac8b4='route'
    -network.cfg0ac8b4.gateway
    -network.cfg0ac8b4

Anyway, it seems to have been these pending changes that lead to the unexpected behavior.
After uci commit and adding the config section again it works as expected through luci and also through editing the config files.

@openwrt-bot
Copy link
Author

xnoreq:

doesn't work through /etc/config/network

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
flyspray
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@openwrt-bot