[SOLVED] permanent static route in /etc/network/interfaces

chriswol

Member
Jun 1, 2021
31
4
13
Hi,

following is my /etc/network/interfaces entry.

Code:
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug eth0
iface eth0 inet manual

auto vmbr0
iface vmbr0 inet dhcp
bridge-ports eth0
bridge-stp off
bridge-fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A PREROUTING -i vmbr0 -d WAN_IP_1 -p tcp -m multiport ! --dport 1307,8006 -j DNAT --to 10.10.1.1
post-up iptables -t nat -A PREROUTING -i vmbr0 -d WAN_IP_1 -p udp -j DNAT --to 10.10.1.1
post-up iptables -t nat -A PREROUTING -i vmbr0 -d WAN_IP_1 -p icmp -j DNAT --to 10.10.1.1
post-up iptables -t nat -A PREROUTING -i vmbr0 -d WAN_IP_2 -p tcp -j DNAT --to 10.10.2.1
post-up iptables -t nat -A PREROUTING -i vmbr0 -d WAN_IP_2 -p udp -j DNAT --to 10.10.2.1
post-up iptables -t nat -A PREROUTING -i vmbr0 -d WAN_IP_2 -p icmp -j DNAT --to 10.10.2.1

auto vmbr1
iface vmbr1 inet static
address 10.10.1.2/30
bridge-ports none
bridge-stp off
bridge-fd 0
post-up   iptables -t nat -A POSTROUTING -s '10.10.1.0/30' -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.10.1.0/30' -o vmbr0 -j MASQUERADE
#WAN Subnet

auto vmbr2
iface vmbr2 inet static
address 10.10.2.2/30
bridge-ports none
bridge-stp off
bridge-fd 0
post-up   iptables -t nat -A POSTROUTING -s '10.10.2.0/30' -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.10.2.0/30' -o vmbr0 -j MASQUERADE
#WAN Subnet 2

auto vmbr4
iface vmbr4 inet static
address 172.22.0.2/22
gateway 172.22.0.1
post-up ip route add 172.16.0.0/16 via 172.22.0.1 dev vmbr4
bridge-ports none
bridge-stp off
bridge-fd 0
#LAN Subnet

auto vmbr5
iface vmbr5 inet manual
bridge-ports none
bridge-stp off
bridge-fd 0
#DMZ Subnet

iface eth0 inet6 static
address WAN_IP6
netmask 64
post-up ip -6 route add fe80::1 dev eth0
post-up ip -6 route add default via fe80::1 dev eth0
post-down ip -6 route del default via fe80::1 dev eth0
post-down ip -6 route del fe80::1 dev eth0

The entry in line 51 (under gateway of vmbr4) seems to be ignored:
Code:
post-up ip route add 172.16.0.0/16 via 172.22.0.1 dev vmbr4
I have to set this route manually after boot and then it's working fine. What am I missing?
 
what does ip r say BEFORE you manually set it up? what about ip a?
 
ip r BEFORE manually adding that route is:
Code:
default via 10.255.255.1 dev vmbr0
10.10.1.0/30 dev vmbr1 proto kernel scope link src 10.10.1.2
10.10.2.0/30 dev vmbr2 proto kernel scope link src 10.10.2.2
10.255.255.1 dev vmbr0 scope link
172.22.0.0/22 dev vmbr4 proto kernel scope link src 172.22.0.2

ip a:

Code:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master vmbr0 state UP group default qlen 1000
    link/ether xxx brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether xxx brd ff:ff:ff:ff:ff:ff
4: vmbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 0c:c4:7a:33:64:b8 brd ff:ff:ff:ff:ff:ff
    inet xxx brd xxx scope global dynamic vmbr0
       valid_lft 172757sec preferred_lft 172757sec
    inet6 fe80::ec4:7aff:fe33:64b8/64 scope link
       valid_lft forever preferred_lft forever
5: vmbr1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 72:3e:94:50:1b:ad brd ff:ff:ff:ff:ff:ff
    inet 10.10.1.2/30 brd 10.10.1.3 scope global vmbr1
       valid_lft forever preferred_lft forever
    inet6 fe80::d86e:5dff:fe54:9183/64 scope link
       valid_lft forever preferred_lft forever
6: vmbr2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 86:3e:c2:0c:9b:4e brd ff:ff:ff:ff:ff:ff
    inet 10.10.2.2/30 brd 10.10.2.3 scope global vmbr2
       valid_lft forever preferred_lft forever
    inet6 fe80::cc70:79ff:fea2:c511/64 scope link
       valid_lft forever preferred_lft forever
7: vmbr4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 46:6b:07:c5:95:8b brd ff:ff:ff:ff:ff:ff
    inet 172.22.0.2/22 brd 172.22.3.255 scope global vmbr4
       valid_lft forever preferred_lft forever
    inet6 fe80::b0aa:fcff:febb:a02a/64 scope link
       valid_lft forever preferred_lft forever
8: vmbr5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 2e:c6:c2:7a:78:a8 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::f477:8ff:fe97:e0d3/64 scope link
       valid_lft forever preferred_lft forever
9: tap1001i0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master fwbr1001i0 state UNKNOWN group default qlen 1000
    link/ether a2:b2:0a:1d:66:f7 brd ff:ff:ff:ff:ff:ff
10: fwbr1001i0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 56:23:6f:04:6e:bf brd ff:ff:ff:ff:ff:ff
11: fwpr1001p0@fwln1001i0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master vmbr1 state UP group default qlen 1000
    link/ether 72:3e:94:50:1b:ad brd ff:ff:ff:ff:ff:ff
12: fwln1001i0@fwpr1001p0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master fwbr1001i0 state UP group default qlen 1000
    link/ether 56:23:6f:04:6e:bf brd ff:ff:ff:ff:ff:ff
13: tap1001i1: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master fwbr1001i1 state UNKNOWN group default qlen 1000
    link/ether 3a:ce:b7:c0:f8:bb brd ff:ff:ff:ff:ff:ff
14: fwbr1001i1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether d2:ff:45:69:b8:70 brd ff:ff:ff:ff:ff:ff
15: fwpr1001p1@fwln1001i1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master vmbr4 state UP group default qlen 1000
    link/ether 46:6b:07:c5:95:8b brd ff:ff:ff:ff:ff:ff
16: fwln1001i1@fwpr1001p1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master fwbr1001i1 state UP group default qlen 1000
    link/ether d2:ff:45:69:b8:70 brd ff:ff:ff:ff:ff:ff
17: tap1001i2: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master fwbr1001i2 state UNKNOWN group default qlen 1000
    link/ether 4e:4e:fe:76:a0:a5 brd ff:ff:ff:ff:ff:ff
18: fwbr1001i2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether ba:5c:9a:b9:cf:94 brd ff:ff:ff:ff:ff:ff
19: fwpr1001p2@fwln1001i2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master vmbr2 state UP group default qlen 1000
    link/ether 86:3e:c2:0c:9b:4e brd ff:ff:ff:ff:ff:ff
20: fwln1001i2@fwpr1001p2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master fwbr1001i2 state UP group default qlen 1000
    link/ether ba:5c:9a:b9:cf:94 brd ff:ff:ff:ff:ff:ff
21: tap1001i3: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master fwbr1001i3 state UNKNOWN group default qlen 1000
    link/ether 6e:0b:6e:35:72:9a brd ff:ff:ff:ff:ff:ff
22: fwbr1001i3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 76:cd:b3:6e:08:52 brd ff:ff:ff:ff:ff:ff
23: fwpr1001p3@fwln1001i3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master vmbr5 state UP group default qlen 1000
    link/ether 2e:c6:c2:7a:78:a8 brd ff:ff:ff:ff:ff:ff
24: fwln1001i3@fwpr1001p3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master fwbr1001i3 state UP group default qlen 1000
    link/ether 76:cd:b3:6e:08:52 brd ff:ff:ff:ff:ff:ff
25: tap1002i0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master fwbr1002i0 state UNKNOWN group default qlen 1000
    link/ether 76:e4:96:46:cb:47 brd ff:ff:ff:ff:ff:ff
26: fwbr1002i0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether d6:19:79:5a:3c:08 brd ff:ff:ff:ff:ff:ff
27: fwpr1002p0@fwln1002i0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master vmbr5 state UP group default qlen 1000
    link/ether 36:a6:74:12:ab:83 brd ff:ff:ff:ff:ff:ff
28: fwln1002i0@fwpr1002p0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master fwbr1002i0 state UP group default qlen 1000
    link/ether d6:19:79:5a:3c:08 brd ff:ff:ff:ff:ff:ff
 
anything in the boot log? it seems you get a gateway via DHCP, so maybe removing the 'gateway' part of vmbr4 helps..
 
Many thanks for the hint with that second gateway. That was an error in the configuration. Removed that from vmbr4 and it is working like expected.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!