Example: Policy Based Routing (PBR)
This example configures policy based routing:
- enable ipv4 forwarding via
sysctl
- rename two interfaces to
inside
andoutside
- add an ipv4 address for each interface
- configure a default route
- configure policy based routing using another gateway
ifstate
options:
sysctl:
all:
ipv4:
forwarding: 1
interfaces:
- name: outside
addresses:
- 198.51.100.6/29
link:
state: up
kind: physical
address: 00:50:56:ad:db:ac
- name: inside
addresses:
- 192.0.2.1/24
link:
kind: physical
address: 8c:16:45:dc:b1:ad
state: up
routing:
routes:
- to: 0.0.0.0/0
via: 198.51.100.1
- to: 0.0.0.0/0
via: 198.51.100.2
table: 100
rules:
- priority: 4000
table: 100
from: 192.0.2.42
manually
# enable ipv4 forwarding
sysctl net.ipv4.conf.all.forwarding=1
# configure outside
ip link dev eth0 set down
ip link set dev eth0 name outside up
ip address add 198.51.100.6/29 dev outside
# configure inside
ip link dev eth1 set down
ip link set dev eth1 name inside up
ip address add 192.0.2.1/24 dev inside
# setup routing
ip route add default via 198.51.100.1
ip route add default via 198.51.100.2 table 100
ip rule add from 192.0.2.42 priority 4000 table 100