# [SOLVED] add route to specific host on boot

## Rhiakath

Hi there.

Short description of the problem is at the end of post. It should be enough to know what i'm asking.

Long description:

At work, i have setup two nics, each for its own network. 

One of the networks has a proxy, the other one does not.

I connect to the proxy'd network thru eth0, and to the other one thru eth1.

The proxy'd network is configured correctly thru environment variables http_proxy, and so on.

I want to access a specific address that the proxy blocks, so i'm trying to use eth1 to do it.

So, i excluded that address with the no_proxy env variable. If i connect the no-proxy-network-cable to my eth0 card, or just drop eth0 and start eth1, i can access that site. Also, i can no longer access any other site, since it will be looking for the proxy on the wrong network. That is expected and correct.

Now, all i want is to have both nic's connected, and that the second nic ( eth1 - no proxy ) is used only to access the said specific address.

So, i have eth0 thru dhcp, and the proxy env variables all setup. All works well.

Eth1 thru dhcp would bork my config, so i have edited my conf.d/net to the following:

```

routes_eth1="the.address.i.want gw gateway.of.proxyless.network"

dhcp_eth1="release nodns nontp nonis nogateway nosendhost"

```

I expected this to work, but alas, it does not. route still gives me nothing

short description:

It works if i manually execute this command 

```
route add -host the.address.i.want gw gateway.of.proxyless.network eth1
```

So basically... I want to add that command to my conf.d/net.

I seem to be doing something wrong on the syntax on the file. What is wrong? 

Thanks.

----------

## ShadowCat8

Greetings,

As a thought, I think you might be using the wrong syntax.  I just had to do an update recently on a server that was about a year old and got hit with the OpenRC & baselayout-2 updates and had to go over the configs for the files under /etc/conf.d again and it seems to me that your route for eth1 should look something like this:

```
routes_eth1="the.address.i.want/32 via gateway.of.proxyless.network" 
```

HTH.  Let us know.

----------

## Rhiakath

Nope. sorry.

I edited my net configuration to reflect that

```

routes_eth1="the.address.i.want/32 via 172.23.210.253"

dhcp_eth1="release nodns nontp nonis nogateway nosendhost"

```

```

gentoo rhiakath # route

Kernel IP routing table

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface

default         172.23.127.254  0.0.0.0         UG    4      0        0 eth0

loopback        localhost       255.0.0.0       UG    0      0        0 lo

172.23.64.0     *               255.255.192.0   U     4      0        0 eth0

172.23.210.0    *               255.255.255.0   U     0      0        0 eth1

gentoo rhiakath # 

```

so, still no route rule for eth1. After i do the route add command, it works flawlessly.

----------

## Rhiakath

come on, anyone?

Currently, after logon, i add the routes manually, and it works.

Is ifplugd the problem, or something? Why doesn't the init script work correctly?

Or, if there's any other way to do it, can you tell me?

Thanks.

----------

## Knute

I know that this isn't elegant or anything, but have you considered adding the route add commands to your shell login script?

I use zsh, and have a ~/.zlogin file that I can put whatever into that I want my environment set up with and it only executes at login.   I think bash has something similar, but as I don't use bash, I can't say exactly what that file would be.

I suggest the login file, because then that route would only happen when u logged in, and not be run when you open up a terminal and then your shell rc file gets run.

HTH

----------

## Hu

Modifying the routing table is a privileged operation, so he would still need to login as root at least once to make that happen.  It would be much better to fix this properly.

----------

## Knute

True, but then I have to ask what then is sudo for?   :Wink: 

[edit] I just had another thought about this.

You posted the routing table when it wasn't working, so what does the routing table look like after the route command was sent?  Wouldn't that change point you to what may need to be changed?

----------

## ShadowCat8

Greetings,

I took a look at your response with a fresh cup of coffee in my system and noticed a couple of additional configs you have in your "dhcp_eth1":

```
dhcp_eth1="release nodns nontp nonis nogateway nosendhost"
```

If you are trying to set a default gateway with that interface, why are you using the "nogateway" option in the config for that interface?

I just caught that... I need more coffee!   :Confused:   hehe

HTH.  Let us know.

----------

## Rhiakath

uhhh. I copied that from some other place.

My current setup is currently this :

```

modules_eth1=("!ifplugd")

dhcp_eth1="nodns nogateway"

config_eth1="172.23.210.8 netmask 255.255.255.0 gw 172.23.210.253"

routes_eth1="74.125.132.125 dev eth1 via 172.23.210.253"

```

I added the !ifplugd so i can see the messages

Now, this is adding talk.google.com to the route table, so that all comms to that address are handled thru eth1, and not thru eth0, which is fine.

The problem is, must i add the resolved ip address for every site? How can i add the hostname?

----------

## kimmie

If you really want to establish a route by hostname at the time an interface comes up, put a postup() function in your /etc/conf.d/net, eg.

```
postup() {

  if [[ $IFACE == eth1 ]] ; then

    route add somehost.com $IFACE

  fi

  return 0

}
```

(note that this won't work if there are multiple A records for somehost.com in DNS, in that case you'll have to do a little more scripting - hint: "dig +short google.com")

But something isn't quite making sense to me here, because if setting a route redirects traffic away from a proxy, then there must be some sort of transparent proxying going on. Yet you say that proxying is set up with env vars http_proxy etc. which means the proxying is explicit, not transparent. In any case, your explicit proxying setup isn't picking up the traffic you are trying to redirect...

So what exactly is the proxing setup, and what traffic exactly do you want to redirect? There's probably a better solution to your problem.

----------

## Rhiakath

I have two networks at work. One that is the "official" company network, which goes thru a proxy, which is the one i've set up as environment variables. If I don't, basically, i see a whole lot of error messages from the proxy refusing connections.

Another network, is basically a router connected to a cable modem. No proxy, nothing.

So, i have two nics:

eth0 - Connected to the work network, which has a proxy, and this should be the main network, for everyday usage;

eth1 - connected to the simple router, no proxy, nothing, should be used ONLY for some addresses/ports which the proxy of the main network blocks;

So, i want to use the proxy'd network for everything EXCEPT access to freedb for example, which rip ( media-sound/rip ) uses on some port;

Or to ssh home, which the proxy blocks;

It's a simple setup, actually.

I want to redirect connections from eth0 to eth1 IF they are certain addresses. Since i never know which address i may have at home, i have a dyndns account. hence the need for hostnames, and not ip addresses.

PS - I just noticed I'm a 'Guru'. wow. I wonder what the criteria is  :Very Happy: 

PS2 - Also noticed i use ; as end of line. I code too much.... emerge vacation

----------

## kimmie

I think I misinterpreted a little, I thought because you mentioned the proxy that it was likely proxied browser traffic that you wanted to redirect. So the routing solution seems like the right one; using postup() will do the DNS lookups afresh whenever you start the eth1 interface / plug in the eth1 cable.

PS Only the true guru denies his guruvity!  :Wink: 

----------

## Rhiakath

I went with your post_up answer.

It seems to work. I just find it stupid that i can't add hosts by name on routes_eth?. Today my isp changed my ip address, so voila. That was the drop that made me change from my previous setup to yours...

Thanks.

----------

## kimmie

Glad its working for you.

But it's a hack, not a real solution for routing-by-name. For that you'd need to monitor any dns changes and adjust the route accordingly. And if there's firewall rules involved they need adjusting too... probably that's the reason it's not in the openrc scripts, it's a higher level function, and tricky. Perhaps the hack should be in the scripts, dunno. it would tend to confuse a few people who don't realise why it randomly stops working.

----------

## Rhiakath

also. why the hell must i restart eth1 whenever i boot?

for some reason it doesn't apply the routing rules the first time...

----------

## kimmie

What does your /etc/conf.d/net look like now?

----------

## Rhiakath

```
# eth1

modules_eth1=("!ifplugd")

#routes_eth1=("89.153.104.133 dev eth1 via 172.23.210.253"

#"74.125.132.125 dev eth1 via 172.23.210.253"

#"195.214.216.38 dev eth1 via 172.23.210.253")

config_eth1=("172.23.210.8 netmask 255.255.255.0 gw 172.23.210.253")

postup()

        { 

        if [[ $IFACE == eth1 ]] ; then 

                route add -host home.router.address gw 172.23.210.253 eth1

                route add -host talk.google.com gw 172.23.210.253 eth1

        fi 

        return 0 

        }

```

the "routes" command above seemed to work ok, until my home router changed ip address. so, instead of inserting it via ip, i followed your suggestion and got it this way.

but, it has the mentioned effect, dunno why.

I tried inserting !ifplugd, to see if it could fix it...

----------

## kimmie

I experimented, I always get the route, whether using dhcp or plugging, and whether configuring in background or otherwise. So I'm not sure exactly why it's not working for you.

 :Idea:  Oh, I get it, it's because you need your other interface (I think it was wlan0?) to be up first, or you don't have DNS, and the name can't be looked up. Try adding this line to /etc/rc.conf EDIT: As the doco in /etc/rc.conf points out, this properly lives in /etc/conf.d/net:

```
rc_net_eth1_need="net.wlan0"
```

A clean up for your /etc/conf.d/net: since version 2 openrc hasn't used bash array syntax. You probably want plugging, and you can use the more generic "plug" instead of ifplugd. Also you can't configure a gw in a config_ line.

```
rc_net_eth1_need="net.wlan0"

modules_eth1="!plug" 

#routes_eth1="89.153.104.133 via 172.23.210.253

#74.125.132.125 dev eth1 via 172.23.210.253 

#195.214.216.38 dev eth1 via 172.23.210.253" 

config_eth1="172.23.210.8 netmask 255.255.255.0"

postup() 

        { 

        if [[ $IFACE == eth1 ]] ; then 

                route add home.router.address gw 172.23.210.253 

                route add talk.google.com gw 172.23.210.253 

        fi 

        return 

        }
```

----------

## Rhiakath

About the _gw part, yeah, i noticed the error. But I think i had done that way in the past.

Maybe evolution left me in the past  :Very Happy: 

Also, can't i just configure a dns server for eth1, then?

i could add google's dns ( 8.8.8.8 )

----------

## kimmie

 *Rhiakath wrote:*   

> 
> 
> Also, can't i just configure a dns server for eth1, then?
> 
> 

 

It doesn't work like that. It's not interfaces which have dns servers, it's that interfaces tell the system about dns servers when they come up, they end up in /etc/resolv.conf. Having >1 active interface specify dns servers in this way is unusual and I'm not sure what will happen... certainly it's not sure which server your system will pick. Also you would have to add a route to the dns server via eth1. Besides which, if you're on a company network, you usually need to use their DNS to see their machines.

Just let DNS work via your other interface.

----------

