Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
| docs:guide-user:network:routing:pbr [2021/08/15 21:06] – split from essentials vgaetera | docs:guide-user:network:routing:pbr [2023/09/27 02:36] – [PBR (Policy-Based Routing)] vgaetera | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ===== Policy-based routing solutions | + | ====== PBR (Policy-Based Routing) |
| + | See also: | ||
| + | [[docs: | ||
| [[wp> | [[wp> | ||
| There are different methods to implement PBR with their own pros and cons, and some methods can be more suitable than others depending on your goal. | There are different methods to implement PBR with their own pros and cons, and some methods can be more suitable than others depending on your goal. | ||
| - | ===== PBR solutions | + | ===== Solutions |
| - | ==== PBR with netifd | + | ==== PBR app ==== |
| - | [[docs: | + | See also: |
| - | * Relies on the built-in netifd functionality and requires no extra software installation. | + | [[docs: |
| - | * Suitable for network protocols supported by netifd such as static, DHCP/ | + | |
| - | * Can be used for network protocols unsupported by netifd such as OpenVPN using the [[docs: | + | |
| - | * Works well with interfaces, subnets, IP addresses and ports, but not domains. | + | |
| - | ==== VPN policy routing ==== | + | PBR app helps overcome routing issues for the following scenarios: |
| - | [[https:// | + | |
| * Utilize split tunneling to route your traffic to VPN/WAN selectively for some of hosts/ | * Utilize split tunneling to route your traffic to VPN/WAN selectively for some of hosts/ | ||
| * Implement port forwarding on the WAN interface when traffic is routed to VPN by default. | * Implement port forwarding on the WAN interface when traffic is routed to VPN by default. | ||
| - | * Run VPN server and client simultaneously and route traffic to the VPN client. | + | * Run VPN client |
| + | * Provide web interface to manage routing policies. | ||
| - | A typical configuration scenario that can be adapted for most use cases: | + | ==== PBR with netifd ==== |
| - | | + | See also: |
| - | * Route LAN '' | + | [[docs:guide-user: |
| - | <code bash> | + | PBR with netifd helps to utilize different |
| - | opkg update | + | * Relies on the built-in netifd functionality and requires no extra software installation. |
| - | opkg install vpn-policy-routing | + | * Suitable for managed and unmanaged interfaces declared in the network configuration. |
| - | /etc/ | + | * Works well with interfaces, subnets, IP addresses and ports, but not domains. |
| - | uci set vpn-policy-routing.config.enabled=" | + | |
| - | uci set vpn-policy-routing.config.resolver_ipset=" | + | |
| - | uci set vpn-policy-routing.config.webui_show_ignore_target=" | + | |
| - | while uci -q delete vpn-policy-routing.@policy[0]; do :; done | + | |
| - | uci add vpn-policy-routing policy | + | |
| - | uci set vpn-policy-routing.@policy[-1].dest_addr=" | + | |
| - | uci set vpn-policy-routing.@policy[-1].interface=" | + | |
| - | uci add vpn-policy-routing policy | + | |
| - | uci set vpn-policy-routing.@policy[-1].src_addr=" | + | |
| - | uci set vpn-policy-routing.@policy[-1].interface=" | + | |
| - | uci commit vpn-policy-routing | + | |
| - | / | + | |
| - | </ | + | |
| ==== mwan3 ==== | ==== mwan3 ==== | ||
| - | [[docs: | + | See also: |
| + | [[docs: | ||
| + | [[docs: | ||
| + | |||
| + | mwan3 provides load balancing and failover with multiple WAN interfaces. | ||