FS#6271 - Consider enabling the "Advanced Router" features on the packaged kernels

Attached to Project: Arch Linux
Opened by Apollon Oikonomopoulos (apoikos) - Wednesday, 24 January 2007, 16:56 GMT
Last edited by Roman Kyrylych (Romashka) - Wednesday, 24 January 2007, 20:56 GMT
Task Type Feature Request
Category Kernel
Status Closed
Assigned To Tobias Powalowski (tpowa)
Architecture not specified
Severity Low
Priority Normal
Reported Version 0.7.2 Gimmick
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

After having worked quite a bit with Linux as a network router OS, I have come to appreciating the advanced routing features the linux kernel has to offer. However, today I found out that these features are disabled in the stock and -beyond kernels, thus preventing the average user from using the "advanced" features of policy routing iproute2 has to offer, without recompiling the kernel. Since these features do not break anything and do not incur any kernel overhead (at least AFAIK), would it be perhaps possible to enable them in the precompiled kernel packages? The respective kernel-configuration entries I'm talking about are:
IP:Advanced Router
IP:Policy Routing
IP:Use netfilter MARK value as routing key
This task depends upon

Closed by  Tobias Powalowski (tpowa)
Monday, 12 February 2007, 06:53 GMT
Reason for closing:  Fixed
Comment by Tobias Powalowski (tpowa) - Sunday, 28 January 2007, 12:52 GMT
ok added the options to new .20 series, the IP:Use netfilter MARK value as routing key
i cannot find in the kernel could you tell me which option matche this?
Comment by Apollon Oikonomopoulos (apoikos) - Sunday, 28 January 2007, 13:06 GMT
It's the CONFIG_IP_ROUTE_FWMARK configuration key. Until 2.6.19 it appeared right in Networking -> Networking options underneath IP: Policy routing, as soon as you would enable that option:

Prompt: IP: use netfilter MARK value as routing key
Defined at net/ipv4/Kconfig:107
Depends on: NET && INET && IP_MULTIPLE_TABLES && NETFILTER
Location:
-> Networking
-> Networking support (NET [=y])
-> Networking options
-> TCP/IP networking (INET [=y])
-> IP: policy routing (IP_MULTIPLE_TABLES [=y])

Thanks for taking this into account :-)
Comment by Tobias Powalowski (tpowa) - Tuesday, 06 February 2007, 13:52 GMT
please check .20 kernel from testing and report success
Comment by Apollon Oikonomopoulos (apoikos) - Wednesday, 07 February 2007, 16:04 GMT
Ok, multiple routing tables work. I'm also glad to see you enabled multipath routing as well. One last you could enable, under Netfilter options, is "Connection mark tracking support", together with the associated target "CONNMARK" and match "connmark".

As for the Firewall Mark as Routing Key stuff, it seems support for it has been hardcoded in net/ipv4/route.c on 2.6.20, so there's no need to bother with that anymore.

Thanks once again!

Loading...