| Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision |
| docs:guide-user:network:routing:pbr [2021/08/16 01:55] – reorganize content vgaetera | docs:guide-user:network:routing:pbr [2023/09/27 02:36] – [PBR (Policy-Based Routing)] vgaetera |
|---|
| ===== Policy-based routing ===== | ====== PBR (Policy-Based Routing) ====== |
| | See also: |
| | [[docs:guide-user:network:routing:basics#policy-based_routing|Routing basics]] |
| [[wp>Policy-based_routing|PBR]] is a technique used to make routing decisions based on policies set by the network administrator. | [[wp>Policy-based_routing|PBR]] is a technique used to make routing decisions based on policies set by the network administrator. |
| There are different methods to implement PBR with their own pros and cons, and some methods can be more suitable than others depending on your goal. | There are different methods to implement PBR with their own pros and cons, and some methods can be more suitable than others depending on your goal. |
| |
| ===== PBR solutions ===== | ===== Solutions ===== |
| ==== PBR with netifd ==== | ==== PBR app ==== |
| See also: | See also: |
| [[docs:guide-user:network:routing:pbr_netifd|PBR with netifd]], | [[docs:guide-user:network:routing:pbr_app|PBR app]] |
| [[docs:guide-user:network:routing:examples:pbr_netifd|Routing example: PBR with netifd]] | |
| |
| PBR with netifd helps to utilize different routing tables to route traffic to a specific interface based on traffic parameters like ingress/egress interfaces, source/destination addresses, firewall mark, etc.: | PBR app helps overcome routing issues for the following scenarios: |
| * Relies on the built-in netifd functionality and requires no extra software installation. | * Utilize split tunneling to route your traffic to VPN/WAN selectively for some of hosts/subnets/domains. |
| * Suitable for network protocols supported by netifd such as static, DHCP/DHCPv6, WireGuard, OpenConnect, PPTP, etc. | * Implement port forwarding on the WAN interface when traffic is routed to VPN by default. |
| * Can be used for network protocols unsupported by netifd such as OpenVPN using the [[docs:guide-user:network:routing:pbr_netifd#pbr_protocol|PBR protocol]]. | * Run VPN client and server simultaneously and route traffic to the VPN client. |
| * Works well with interfaces, subnets, IP addresses and ports, but not domains. | * Provide web interface to manage routing policies. |
| |
| ==== VPN policy routing ==== | ==== PBR with netifd ==== |
| See also: | See also: |
| [[https://docs.openwrt.melmac.net/vpn-policy-routing/|VPN policy routing]], | [[docs:guide-user:network:routing:pbr_netifd|PBR with netifd]] |
| [[docs:guide-user:network:routing:examples:pbr_app|Routing example: VPN policy routing]] | |
| |
| VPN policy routing helps overcome routing issues for the following scenarios: | PBR with netifd helps to utilize different routing tables to route traffic to a specific interface based on traffic parameters like ingress/egress interface, source/destination address, firewall mark, etc.: |
| * Utilize split tunneling to route your traffic to VPN/WAN selectively for some of hosts/subnets/domains. | * Relies on the built-in netifd functionality and requires no extra software installation. |
| * Implement port forwarding on the WAN interface when traffic is routed to VPN by default. | * Suitable for managed and unmanaged interfaces declared in the network configuration. |
| * Run VPN server and client simultaneously and route traffic to the VPN client. | * Works well with interfaces, subnets, IP addresses and ports, but not domains. |
| |
| ==== mwan3 ==== | ==== mwan3 ==== |
| See also: | See also: |
| [[docs:guide-user:network:wan:multiwan:mwan3|mwan3]], | [[docs:guide-user:network:wan:multiwan:mwan3|mwan3]], |
| [[docs:guide-user:services:vpn:openvpn:dual-wan|Routing example: Dual VPN with mwan3]] | [[docs:guide-user:routing:examples:dual-wan|Routing example: Dual VPN with mwan3]] |
| |
| mwan3 provides load balancing and failover with multiple WAN interfaces. | mwan3 provides load balancing and failover with multiple WAN interfaces. |
| |