Skip to content

Conversation

@fihuer
Copy link

@fihuer fihuer commented Aug 8, 2025

Description

This pull request introduces support for enhanced routing policy rules in Netplan, specifically adding support for type, iif (input interface), and oif (output interface) parameters in routing policy configurations. The changes enable more granular control over network traffic routing and support advanced routing scenarios.

The pull request implement and test the new routing policy features:

  • Routing Policy Type Support

Added type scalar to routing-policy specification in the YAML schema
Implemented parsing and validation for rule types in the core parser

Enhanced test coverage with test cases

  • Input/Output Interface Support

Added iif (input interface) and oif (output interface) scalars to routing-policy specification
Implemented parsing logic for interface-based routing rules
Enhanced test coverage with test cases

  • NetworkManager & networkd backend integration of these new items

  • Fixed IPv4 link-local method handling to avoid unnecessary configuration when not explicitly requested

  • Corrected rule generation logic to ensure proper rule application

These changes enhance Netplan's routing capabilities, enabling admins to:

  • Define specific rule types (unicast, blackhole, unreachable, etc.)
  • Configure interface-specific routing policies
  • Implement complex traffic steering scenarios

Some of theses features are requested in Launchpad bug #1798417

Checklist

  • Runs make check successfully.
  • Retains code coverage (make check-coverage).
  • New/changed keys in YAML format are documented.
  • (Optional) Adds example YAML for new feature.
  • (Optional) Closes an open bug in Launchpad.

fihuer added 8 commits August 8, 2025 08:47
One can now manage the type of the rule (which is unicast by default).
This allows to manage exotic - but used in the wild - rule like blackholes.
It may be used later on in some cases like virtual IPs set by an external tool (eg. keepalived)
…cation

One can now fine-tune IP rules using input or output interfaces.

One use-case is to catch locally-generated trafic by setting 'iif' to 'lo'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant