Page MenuHomeVyOS Platform
Create Task
Maniphest T175

Add source route option to VTI interfaces
Closed, ResolvedPublicFEATURE REQUEST
Actions

Description

I am missing a CLI option to attach a source route to a vti interface like it is possible for other interfaces.

Ethernet:

hsychla@srt01# set interfaces ethernet eth1 policy route 
Possible completions:
   <text>       IPv4 policy route ruleset for interface

VTI:

hsychla@srt01# set interfaces vti vti1 
Possible completions:
+  address      IP address
   description  Description
   disable      Disable interface
 > firewall     Firewall options
 > ip           IPv4 routing parameters
 > ipv6         IPv6 routing parameters
   mtu          Maximum Transmission Unit (MTU)
   redirect     Incoming packet redirection destination
 > traffic-policy
                Traffic-policy for interface

According to @dmbaturin this might be an oversight rather than intentional.

Can somebody confirm?

And is there a possible workaround like adding manual iptables rules? ==> yes, add what you need to /config/scripts/vyatta-postconfig-bootup.script

Details

Difficulty level
Hard (possibly days)
Version
-
Is it a breaking change?
Perfectly compatible
Issue type
Improvement (missing useful functionality)

Event Timeline

hsychla created this task.Oct 20 2016, 7:28 PM
hsychla updated the task description. (Show Details)
hsychla added a comment.Oct 21 2016, 8:25 AM

Just in case somebody finds this through google...

A workaround is to create the source route policy as always and attach it to the interface using iptables directly

Create policy:

set policy route source_route rule 10 set table '10'
set policy route source_route rule 10 source address '10.10.10.0/24'
set protocols static table 10 route 0.0.0.0/0 next-hop '10.10.20.1'

Attach to vti inteface:
in /config/scripts/vyatta-postconfig-bootup.script:

iptables -t mangle -A VYATTA_FW_IN_HOOK -i vti0 -j source_route
syncer triaged this task as Normal priority.Aug 1 2017, 5:08 AM
syncer changed the edit policy from "Task Author" to "Custom Policy".
syncer added a project: VyOS 1.2 Crux.
syncer set Version to -.
syncer changed Difficulty level from Easy (less than an hour) to Hard (possibly days).
syncer edited subscribers, added: Maintainers, Community, Active contributors; removed: dmbaturin.
syncer added a subscriber: UnicronNL.

@UnicronNL i think we need review this and move it to backlog if all clear

syncer reassigned this task from syncer to UnicronNL.Nov 3 2017, 12:34 PM
syncer moved this task from Need Triage to Backlog on the VyOS 1.2 Crux board.
syncer added a subscriber: syncer.

@UnicronNL think we need to implement this

dmbaturin edited projects, added VyOS 1.3 Equuleus; removed VyOS 1.2 Crux.Sep 2 2018, 9:40 PM
dmbaturin added a subscriber: dmbaturin.
syncer changed the subtype of this task from "Task" to "Feature Request".Oct 18 2018, 5:47 AM
pasik added a subscriber: pasik.Mar 12 2019, 6:14 PM
Viacheslav added a subscriber: Viacheslav.Jul 28 2020, 12:40 PM

PBR present for vti, VyOS 1.3-rolling-202007270117

vyos@r1-roll# set interfaces vti vti1 policy route 
Possible completions:
   <text>       IPv4 policy route ruleset for interface
   PBR

We can close it.

Viacheslav closed this task as Resolved.Mar 14 2021, 2:52 PM
erkin set Is it a breaking change? to Unspecified (possibly destroys the router).Sep 1 2021, 10:58 AM
erkin set Issue type to Feature (new functionality).
erkin changed Issue type from Feature (new functionality) to Improvement (missing useful functionality).
dmbaturin renamed this task from Add source route option to vti interface to Add source route option to VTI interfaces.Sep 10 2021, 5:59 AM
dmbaturin edited projects, added VyOS 1.3 Equuleus (1.3.0-epa1); removed VyOS 1.3 Equuleus.
dmbaturin changed Is it a breaking change? from Unspecified (possibly destroys the router) to Perfectly compatible.