Setting MAC address on a VLAN interface, source-based routing, and kernel set routes

here’s a synopsis of what I’ve found, and how I got things working as desired (I know there are others in similar situations with VLAN that might find this useful):

~If you want/need to set the MAC address on your VLAN interface, include the parameter MACADDR=XX:XX:XX:XX:XX:XX in your /etc/sysconfig/network-scripts/ifcfg-eth* file.

~If you’d like to keep you traffic confined on it’s respective interface, you’ll probably want source-based routing. Look at http://lartc.org/howto/lartc.rpdb.multiple-links.html and extrapolate/leave out what you don’t need. One caveat is that when using ip link set and ip address add (wether called by hand, homebrew script, or by Peter’s nasty ifup), the kernel will add a route for you that you (probably) don’t want in this scenario, since you’ll be creating separate routing tables for each interface.

~Here’s a patch for ifup-post (my system is kernel 2.4.21-9.EL on RedHat ESv3, YMMV) that will fixup (read: delete) the kernel added route if you define ‘ALLOW_KERNEL_ROUTE = no’ in your /etc/sysconfig/network-scripts/ifcfg-eth* file:

--- ifup-post.distro    2004-01-30 22:08:55.000000000 -0600
+++ ifup-post   2004-01-30 22:11:11.000000000 -0600
@@ -14,6 +14,12 @@

 /etc/sysconfig/network-scripts/ifup-routes ${DEVICE} ${DEVNAME}

+if [ "$ALLOW_KERNEL_ROUTE" = no ] ; then
+  expand_config
+  if ! ip ro del ${NETWORK}/${PREFIX} dev ${DEVICE}; then
+    echo "Sorry, but I wasn't able to delete the kernel added route..."
+  fi
+fi
 if [ "$PEERDNS" != "no" -o -n "$RESOLV_MODS" -a "$RESOLV_MODS" != "no" ]; then
   [ -n "$MS_DNS1" ] && DNS1=$MS_DNS1
   [ -n "$MS_DNS2" ] && DNS2=$MS_DNS2
Advertisements