Use of Policy Routing (reprint)

First, the principle of explanation
1, the Routing table (table) numbering from 0 to 255, each number can correspond to an alias, the corresponding relationship between the number and alias in Linux/etc/iproute2/rt_tables this file, the general 0 numbered table corresponding alias is Upspec, The aliases for the 255 numbers correspond to local,254 and 253, respectively main and default, and we typically configure and view the route table information with the route command as the routing table information that is aliased to main.

2. The routing rule is responsible for defining the routing policy, which defines which routing table (using aliases) The IP of the source needs to query. The view of routing rules using IP rule SH Routing rules are also numbered from 0, which can be freely added, and routing rules that originate from the same IP are prioritized according to the size of the rule number, and the smaller the number the higher the priority. For example, the following routing rules:0:From all lookup local32766:From all lookup main32767:From all lookup defaultThe highest priority rule is 0, the name of the routing table to query is local, followed by 32766, the name of the routing table to query is main, and so on.3, the operating system in the selection of the road first according to the Routing rules select Table, and then select the corresponding route from the table, if the same table in different interfaces using the same gateway, select the route will default to choose the first route, so when there are two network interface cards, if the target network in the same network segment, Then, because the route is routed through the first exit, it causes all traffic to go out of the first NIC.

Second, the configuration
1. For the routing table configuration and viewing of the alias main, we generally only need to use the route command, the usual format is as follows:
Route [-nnvee] [-FC] [<af>]: Used to list routing table records with alias Main
Route [-v] [-FC] {Add|del|flush} ... : Used to modifyrouting table records with alias mainExample: route-n: List routing records for main route tableKernel IP Routing tabledestination     Gateway         Genmask         F Lags Metric Ref    use Iface192.168.4.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1192.168.8.0     0.0.0.0     &N Bsp   255.255.252.0   U     0      0        0 eth0169.254.0.0   &N Bsp 0.0.0.0         255.255.0.0     U     1002   0        0 E th0169.254.0.0     0.0.0.0         255.255.0.0     U     1003   0 & nbsp      0 eth10.0.0.0         192.168.4.1     0.0.0.0       &NBSP ; UG    0      0        0 ETH1 Note: The list of 169.254.0.0 in the main routing table is used to automatically add IP addresses when DHCP does not acquire IP addresses.Paragraph Route del default:                 Delete the default route in the main routing table route add, 192.168.10.1 : Adds a default route record in the main routing table 192.168.10.1 2. When adding other numbered routing table, we need to use the IP route command, usually in the following format:
IP route {List | flush | show} SELECTOR: the route table record used to display the specified table
IP route {Add | del | change | append | replace | monitor} route: Used to modify the routing table record for the specified table
Note: The IP command is a tool for the IPROUTE2 package that defines some rules for IP packets

3. Example
Solve the dual network card in the same subnet, the gateway is the same situation, so that the two network cards of the respective IP packets from their own interface out.
A, two blocks of the network configuration as follows:
IP:192.168.9.8/22 Gateway: 192.168.9.1
IP:192.168.9.9/22 Gateway: 192.168.9.1
B, table 0 of the Routing table View (route-n)
Kernel IP Routing Table
Destination Gateway genmask Flags Metric Ref use Iface
192.168.8.0 0.0.0.0 255.255.252.0 U 0 0 0 eth0
192.168.8.0 0.0.0.0 255.255.252.0 U 0 0 0 eth1 (this is actually useless and will not be chosen when the route is chosen)
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1
0.0.0.0 192.168.9.1 0.0.0.0 UG 0 0 0 eth0
C, Description: The 1th, 2 routes are generated by the configuration of the network card, you need to route using the last default route 192.168.9.1, and go out from the eth0. Problem: The traffic of the two NICs goes out from eth0, which is equivalent to wasting a NIC.
D, the solution, because the Add route in table 0 can only solve the destination address or destination network not simultaneously routing problems, but the two network cards have the same subnet, the gateway is the same, the destination subnet is the same, so it is not possible to add routing records in table 0 to solve the problem, We can only add other numbered table and add route records to the new table, so that the ETH1 packet is routed using the new table's routing record and out of the eth1. The process is as follows:
A. Add routing records for new table and new table
IP route add 192.168.8.0 via 192.168.9.9 [dev eth1] Table 10
IP route add default via 192.168.9.9 [Dev eth1] Table 10

B. Records with route table ID 10 view: IP route show|list table 10:192.168.8.0 via 192.168.9.9 dev eth1 default via 192.168.9.9 dev eth1c, add routing rules, To enable IP packets from 192.168.9.9 to use table 10 routing records
IP rule add from 192.168.9.9 table 10

D, the management of routing rules uses IP rule, such as IP rule show|list to view routing rules, IP rule Add|del used to add and remove routing rules.
E, once again to see the traffic on the two interface or grab packets, you can see the two network cards on the package from different network card out.

Use of Policy Routing (reprint)