RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1439113 - Support for source based routing in systemd-networkd for RHEL 8
Summary: Support for source based routing in systemd-networkd for RHEL 8
Keywords:
Status: CLOSED NEXTRELEASE
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: systemd
Version: 7.4
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: rc
: ---
Assignee: systemd-maint
QA Contact: qe-baseos-daemons
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-04-05 09:23 UTC by Arvind iyengar
Modified: 2020-05-14 15:53 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-04-05 10:11:04 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Arvind iyengar 2017-04-05 09:23:16 UTC 
1. Proposed title of this feature request
>> Support for source based routing in systemd-networkd for RHEL 8


2. Who is the customer behind the request?
Account name: 	ETES GmbH
Customer segment:  ITES
SRM customer: NO
Strategic Customer: NO

3. What is the nature and description of the request?
>> As of writing, only NetworkManager and the legacy /etc/init.d/network have "kind of support" for source based routing. By source based routing, I specifically mean commands like:

  - ip route flush table something
  - ip rule del table something
  - ip route add 0.0.0.0/0 via whatever table something
  - ip rule add priority 32700 from whatever table something
  - ip route flush cache

4. Why does the customer need this? (List the business requirements here)
>> The lack of source based routing support in systemd-networkd would lead to the situation that we would have to use either the legacy /etc/init.d/network SysV initscript or NetworkManager, 
>> which is also not very thin in case of minimal systems suited for routers or firewalls. Thus, systemd-networkd would be a thin, lightweight component perfectly suited for small,
>> static systems and configurations - except that it currently lacks source based routing.

5. How would the customer like to achieve this? (List the functional requirements here)
>> Implementation of source based routing support in systemd-networkd.


6. For each functional requirement listed in question 5, specify how Red Hat
and the customer can test to confirm the requirement is successfully
implemented.
>> As of writing, only NetworkManager and the legacy /etc/init.d/network have "kind of support" for source based routing. By source based routing, I specifically mean commands like:

  - ip route flush table something
  - ip rule del table something
  - ip route add 0.0.0.0/0 via whatever table something
  - ip rule add priority 32700 from whatever table something
  - ip route flush cache

Our common goal is to use systemd-networkd instead of NetworkManager (which seems to be more suited for more dynamic/flexible network configurations, such as notebooks, 
workstations or systems with a less persistent network configuration) and also instead of the legacy SysV initscript /etc/init.d/network, which is likely to go away sooner or later.

7. Is there already an existing RFE upstream or in Red Hat bugzilla?
>>  https://bugzilla.redhat.com/show_bug.cgi?id=1285627 - RHEL7

8. Does the customer have any specific timeline dependencies?
>> Until RHEL 8 GA.

9. Is the sales team involved in this request and do they have any additional input?
>>  NO

10. List any affected packages or components.
>>  Systemd-networkd

11. Would the customer be able to assist in testing this functionality if
implemented?
>>  Yes. 

12. Business Justification provided by the customer for inclusion of this feature in future RHEL7 release.
>> The lack of source based routing support in systemd-networkd would lead to the situation that we would have to use either the legacy /etc/init.d/network SysV initscript or NetworkManager, which is also not very thin in case of minimal systems suited for routers or firewalls. Thus, systemd-networkd would be a thin, lightweight component perfectly suited for small, static systems and configurations - except that it currently lacks source based routing.Source based routing is e.g. required when having at least two internet uplinks ("two default gateways"), where e.g. no asynchronous routing shall happen. Asynchronous routing would be an issue in order with common internet uplinks in non-data center environments, because this would allow kind of IP spoofing which is usually filtered by upstream providers (for good reasons). Thus, source based routing allows sending answers/replies via the same interface back.
While this is only a common scenario, there are priorities and weighted routings depending on other source criteria possible (e.g. to check the availability of different internet uplinks on a Linux system acting as router/firewall).All those scenarios, we are currently covering with the legacy etc/init.d/network SysV initscript on small, static systems - where we would like to see full and complete systemd units rather legacy components in the future.
Comment 4 Robert Scheck 2017-04-05 11:06:56 UTC 
Lukáš, is there "ip rule" support in systemd-networkd already, too? Or
just "ip route"? The patch you mentioned in bug #1285627 comment #9 makes
me assuming just "ip route", but not "ip rule".
Comment 5 Lukáš Nykrýn 2017-04-05 11:52:57 UTC 
Honestly, I don't know. Right now I think it would be better to ask directly on systemd-devel or systemd github. Right now we are not working in downstream on anything that would influence future rhels beyond rhel7.
Note You need to log in before you can comment on or make changes to this bug.