Static route required with OVS bond+bridge

cmonty14

Active Member
Mar 4, 2014
338
4
38
Hello,
I have 2 routers in my network, and therefore I need a static route for a dedicated subnet.

My idea was to add this line in /etc/network/interfaces:
post-up ip route add <network> via <ip router> dev <interface> onlink

However the static route is not shown correctly when checking with command route:
Code:
$ sudo route
Kernel-IP-Routentabelle
Ziel            Router          Genmask         Flags Metric Ref    Use Iface
default         192.168.0.2     0.0.0.0         UG    0      0        0 vlan1
10.0.0.0        0.0.0.0         255.0.0.0       U     0      0        0 vlan1000
172.16.10.0     0.0.0.0         255.255.255.0   U     0      0        0 vlan100
172.16.20.0     0.0.0.0         255.255.255.0   U     0      0        0 vlan200
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 vlan1
localnet        0.0.0.0         255.255.255.0   U     0      0        0 vmbr0
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 vlan20
192.168.3.0     0.0.0.0         255.255.255.0   U     0      0        0 vlan30
192.168.4.0     0.0.0.0         255.255.255.0   U     0      0        0 vlan40
192.168.9.0     0.0.0.0         255.255.255.0   U     0      0        0 vlan90

When I enter the ip command manually, I get this error:
Code:
$ sudo ip route add 192.168.1.0/24 via 192.168.1.1 dev vmbr0
RTNETLINK answers: File exists

Then I continue with deleting the route and re-entering it manually:
Code:
locadmin@maggie:~
$ sudo ip route del 192.168.1.0/24

locadmin@maggie:~
$ sudo ip route add 192.168.1.0/24 via 192.168.1.1 dev vmbr0 onlink

locadmin@maggie:~
$ sudo route
Kernel-IP-Routentabelle
Ziel            Router          Genmask         Flags Metric Ref    Use Iface
default         192.168.0.2     0.0.0.0         UG    0      0        0 vlan1
10.0.0.0        0.0.0.0         255.0.0.0       U     0      0        0 vlan1000
172.16.10.0     0.0.0.0         255.255.255.0   U     0      0        0 vlan100
172.16.20.0     0.0.0.0         255.255.255.0   U     0      0        0 vlan200
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 vlan1
localnet        192.168.1.1     255.255.255.0   UG    0      0        0 vmbr0
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 vlan20
192.168.3.0     0.0.0.0         255.255.255.0   U     0      0        0 vlan30
192.168.4.0     0.0.0.0         255.255.255.0   U     0      0        0 vlan40
192.168.9.0     0.0.0.0         255.255.255.0   U     0      0        0 vlan90

So, there are 2 questions now:
1. Is the static route configured correctly with command post-up ip route add <network> via <ip router> dev <interface> onlink?
2. How must the relevant command look in /etc/network/interfaces?

Please advise.

This is my /etc/network/interfaces:
Code:
source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback

auto eno1
allow-vmbr0 eno1
##eno1

auto enp4s0f2
allow-vmbr1 enp4s0f2
iface enp4s0f2 inet manual
        ovs_type OVSPort
        ovs_bridge vmbr1
        ovs_options tag=1 trunks=40 vlan_mode=native-untagged
        ovs_mtu 1500
##enp4s0f2

auto enp4s0f3
allow-vmbr0 enp4s0f3
##enp4s0f3

auto bond0
iface bond0 inet manual
        ovs_type OVSBond
        ovs_bridge vmbr0
        ovs_bonds eno1 enp4s0f3
        ovs_options bond_mode=balance-tcp lacp=active other_config:lacp-time=fast
        ovs_mtu 1500
##bond0

auto vmbr0
iface vmbr0 inet manual
        ovs_type OVSBridge
        ovs_ports bond0 vlan20 vlan30
        ovs_mtu 1500
        address 192.168.1.11
        netmask 255.255.255.0
        post-up ip route add 192.168.1.0/24 via 192.168.1.1 dev vmbr0 onlink
##vmbr0

auto vmbr1
iface vmbr1 inet manual
        ovs_type OVSBridge
        ovs_ports enp4s0f2 vlan1 vlan40
        ovs_mtu 1500
##vmbr1

auto vlan1
iface vlan1 inet static
        ovs_type OVSIntPort
        ovs_bridge vmbr1
        ovs_options tag=1
        ovs_mtu 1500
        address 192.168.0.11
        netmask 255.255.255.0
        gateway 192.168.0.2
##MGMT

auto vlan20
iface vlan20 inet static
        ovs_type OVSIntPort
        ovs_bridge vmbr0
        ovs_options tag=20
        ovs_mtu 1500
        address 192.168.2.11
        netmask 255.255.255.0
##PVEGST

auto vlan30
iface vlan30 inet static
        ovs_type OVSIntPort
        ovs_bridge vmbr0
        ovs_options tag=30
        ovs_mtu 1500
        address 192.168.3.11
        netmask 255.255.255.0
##PVEMGRT


THX
 
Last edited:

Stoiko Ivanov

Proxmox Staff Member
Staff member
May 2, 2018
7,410
1,191
164
auto vmbr0
iface vmbr0 inet manual
ovs_type OVSBridge
ovs_ports bond0 vlan20 vlan30
ovs_mtu 1500
address 192.168.1.11
netmask 255.255.255.0
post-up ip route add 192.168.1.0/24 via 192.168.1.1 dev vmbr0 onlink
##vmbr0

if you configure an the cidr 192.168.1.11/24 on the interface it'll try to reach each ip in 192.168.1.0/24 directly (by sending arp-requests for the ip...
not sure how your network is configured - but either create a smaller cidr (use a different netmask) - or simple drop the specific route. ..
 

cmonty14

Active Member
Mar 4, 2014
338
4
38
if you configure an the cidr 192.168.1.11/24 on the interface it'll try to reach each ip in 192.168.1.0/24 directly (by sending arp-requests for the ip...
not sure how your network is configured - but either create a smaller cidr (use a different netmask) - or simple drop the specific route. ..
Hello,

if you recommend to drop the specific route because it is not required, I will do this.

In my network there are 2 routers:
a) Fritzbox providing subnet 192.168.1.0/24
b) OPNsense firewall and router providing any other subnet

THX
 

Stoiko Ivanov

Proxmox Staff Member
Staff member
May 2, 2018
7,410
1,191
164
if you recommend to drop the specific route because it is not required, I will do this.
I cannot tell you if it's required or not ... it just looks odd to me - I'd say a) make sure you can access the system even if networking is not working, and b) try it...

I hope this helps!
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!