Static routes and network interface reconnect

Networking
1

Hello everyone,
I have 2 static routes added from the Ipfire interface

I have a script that performs some checks and depending on the results, may sometimes have to restart the network interface with command line “/usr/local/bin/connscheduler reconnect”. The problem is that when the network interface restarts, the static routes disappear.

How could I, from my script, add the routes present in the file “/var/ipfire/main/routing” as ipfire does when adding static routes from the interface?

My Ipfire:

IPFire version IPFire 2.27 (x86_64) - core171
Pakfire version 2.27-x86_64
Kernel version 5.15.71-ipfire #1 SMP Tue Oct 18 11:57:26 GMT 2022 x86_64 Intel(R) Atom™ CPU C3758 @ 2.20GHz GenuineIntel GNU/Linux

Many thanks

2

What happens if you use in your script /etc/init.d/network restart instead of connscheduler reconnect?

3

Hi @cfusco ,
Thanks for your answer.
I don’t want (need) restart all interface but only RED interface in my script (https://wiki.ipfire.org/configuration/network/connectionscheduler)
It seems that when the command "/usr/local/bin/connscheduler reconnect” runs…my static routes disappear :frowning:
I’m looking for a way to integrate their re-creation by using the content of the file “/var/ipfire/main/routing” in my script.

4

Looking at the sources shows, that ‘/usr/local/bin/connscheduler reconnect’ starts also ‘/etc/rc.d/init.d/static-routes start’ ( which should reinstall the static routes ).
Therefore I assume there is some problem in your static routes definition.
Can you try to do the command
/etc/rc.d/init.d/static-routes reload
from a console? Are there errors ( on the console and/or the syslogs )?

5

Hi @bbitsch ,
Thanks for your answer
Sorry for the delay of my answer
So I tested:

  • Command line: /etc/rc.d/init.d/static-routes reload → NOK
  • Uncheck and then check again from the interface the route → NOK

…the only way I can reach the concerned network is to manually add the route with the command “ip route add …” :frowning:

I did not detect anything wrong in “/var/log/messages”

Any ideas ?

6

I would still use the network script to restart the red interface only:

/etc/init.d/network red restart

That one should work.

7

@tikok974 , what’s the contents of /var/ipfire/main/routing?
According to the source of /etc/rc.d/init.d/static-routes, invalid entries to this file are silently discarded/skipped.
static-routes does the ip route add command for all valid entries.

8

Here is the content of my file /var/ipfire/main/routing

[root@myfirewall log]# cat /var/ipfire/main/routing 
on,193.168.19.0/24,10.100.34.2,WIFI  FR access
on,192.168.96.0/29,10.100.34.2,DMZ FR access
[root@myfirewall log]#
9

I just did some tests.

  • Installed your routing file
    • made a little little shell script ( modified static-routes to just reading the routing file and echoing the commands to be issued ); gives no errors, commands are as expected
    • invocation of static-routes reload ; when using IPs out my networks as gateway, no problems routes are installed

Very obscure. Just another thought: are the file modes of the routing file ok ( 0644 ), did you edit it ( how)?

10 
[root@myfirewall log]# ls -altr /var/ipfire/main/routing 
-rw-r--r-- 1 nobody nobody 112 Nov 30 10:51 /var/ipfire/main/routing
[root@myfirewall log]

yes…i can edit the file (console and ipfire dashboard)

11

I continue to investigate and… I specify that this route is linked to a TUN interface (OpenVPN net-to-net)
For resume:

When I do the command line “route add…” the route is added and visible with command line “route -n” or “ip route show”. the network can be joined.

When I add the route from the ipfire Dashboard, the route is only visible via the “ip static route show” command and the network is not reachable !