Linux Policy-based routing

Linux policies-based routing (Linux policy Routing)

Linux has traditional routing algorithm based on packet destination address, and new policy-based routing algorithm
Advantages of the new algorithm: support for multiple routing tables, supporting the selection of different routing tables by datagram attributes (source address, Destination address, protocol, port, packet size, content, etc.)

# View rule commands, followed by other parameters, show all by default to show (list)
IP rule

The system has 3 records by default
0:from All lookup Local
32766:from All lookup Main
32767:from All Lookup Default

Explanation of each part
XX: First column number is priority, small number has high priority
lookup [XXX]: Represents the search for the XXX route table, number or name between 1-252
Middle content: As from all, this is the rule

The whole line means that if a packet conforms to a rule (source address, Destination address, protocol, port, packet size, content, and so on), the specified route table is used

# The system supports a maximum of 255 routing tables. File/etc/iproute2/rt_tables
# you can see the system reserved tables and their corresponding names, 253:default 254:main 255:local
# you can freely add a custom name
# View routing table commands, parameters available numbers or names
IP Route List Table 101
IP Route List Table main
IP Route List Cache

# Clear table or memory cache
IP Route Flush Table 101
IP route Flush Cache

# example

# #清空一个路由表
# #添加一条路由
# #添加这个表的默认路由
# #添加规则使用这个表, if no priority is specified, use a minimum number than the current rule
IP Route Flush Table 100
IP route add 192.168.1.0/24 dev eth0 src 192.168.1.240 table 100
IP route add default dev eth0 table 100
IP rule add from 192.168.1.242 table [pre 12345]

# example 2 (IP address settings for multiple Linux NICs using the same network segment)
# # Linux system with 4 network cards, connect the same switch, set the IP of the same network segment,
# # ETH0-ETH3 IP is 192.168.1.240-243, respectively
# # By default, the results of route-n are determined in the order of ETH up,
# # IP actually all point to the first block up network card, can ping the 4 IP on other machine, use ARP-A to see
# # All IPs are connected to the same MAC address
# # So the result is to retain the first network cable, unplug other network cables, other machines can still connect the 4 IP
# # means 4 NICs, 4 IP with the same network segment, but all traffic is transmitted through the first NIC

# # Execute the following command
IP Route Flush Table 100
IP Route Flush Table 101
IP Route Flush Table 102
IP Route Flush Table 103

IP route add default dev eth0 table 100
IP route add default dev eth1 table 101
IP route add default dev eth2 table 102
IP route add default dev eth3 table 103

IP rule add from 192.168.1.240 table 100
IP rule add from 192.168.1.241 Table 101
IP rule add from 192.168.1.242 table 102
IP rule add from 192.168.1.243 table 103

IP route Flush Cache
# # Ping These 4 IPs on other machines and use ARP-A to see
# # IP-connected Macs are not the same.
# # Unplug any cable, other machines will not connect to the corresponding IP
# # This means that different IPs use their own NIC to transmit data.

Linux Policy-based routing