Score:0

How to add persistent IP routes in Ubuntu 20.04 server

cn flag

Maybe this question has been answered somewhere before but I can’t seems to figure it out as yet. Lately I’m having some issues with my Ubuntu 20.04 server. I installed OpenVPN and I can successfully create a vpn tunnel with NordVPN. Problem is that when the tunnel is created the connection breaks down and I cannot ssh back into the server unless I add some ip routes. I found a solution for this: Assuming the server real ip is 185.230.125.107, I manually added the routes as follows:

sudo ip rule add from 185.230.125.107 table 128
sudo ip route add table 128 185.230.125.107/32 dev eno0
sudo ip route add table 128 default via 185.230.125.254

This works fine until reboot. After the machine restarts, I have to add those rules back in again. My question is this: How would I add these rules, making them persistent so at reboot they stay in place!? Where and how should I add them!? I read somewhere that I need to create some sort of a script in /etc/network/if-up.d but I have no idea how to make such a script. Please, is somebody willing to help!? I’d really appreciate that guys. Many thanks Nick

raj avatar
cn flag
raj
I am pretty sure you can add this somewhere in Netplan configuration, however I don't know Netplan, because Ubuntu Desktop uses Network Manager and not Netplan. In Network Manager you can add persistent routes, so I'm sure it's possible in Netplan too. Hope someone would give an answer how to do it.
Nicola avatar
cn flag
Thank you anyways mate
Score:1
us flag
  1. Hello mate, i cannot comment so i will try to answer here.
  2. There are few options to create a scheduled process to solve that problem.
  3. Here are two options:
    • crontab - wich is less fitting your problem.
    • making a service - wich is fitting your problem perfectly.
    • there might be more and a better ways to solve that problem.
  4. About crontab:
    • The crontab is a list of commands that you want to run on a regular schedule.
    • To add a command you want to schedule run you have to edit the crontab file with the command crontab -e.
    • you can use this site to help you calculate the interval you want to execute a specific command crontabCalculator
    • you can use this guide to figure your own crontab file crontabGuide
  5. The better option for my opinion is to create your own service.
    • when you create a service you can run it just as all the other services, that means that you can enable, disable, restart, start and all other options that coming with systemctl command.
    • you have to create your service as a text file and name it myServiceName.service.
    • then you have to locate that service in /etc/systemd/system/.
    • use this guide to have a service template howToMakeAServiceGuide.
    • after creating the service and locating him in the specific directory you can enable and start him by this commands: systemctl enable serviceName.service and systemctl start serviceName.service.
    • the service should start on any reboot so it might solve your problem.
  6. Edited after comments.
    • create a script with sudo nano /usr/local/sbin/SCRIPT_NAME.sh
    • example for a script with your commands:
    • #/bin/bash!
    • ip rule add from 185.230.125.107 table 128
    • ip route add table 128 185.230.125.107/32 dev eno0
    • ip route add table 128 default via 185.230.125.254
    • now give the script a execute permissions with chmod a+x SCRIPT_NAME.sh
    • now create a service with sudo nano /systemd/system/SERVICE_NAME.service
    • use that template: in the ExecStart field execute your script
Description=ROT13 demo service
After=network.target
StartLimitIntervalSec=0
[Service]
Type=simple
Restart=always
RestartSec=1
User=centos
ExecStart=/usr/local/sbin/./SCRIPT_NAME.sh

[Install]
WantedBy=multi-user.target
  1. Edited after comments two:
  2. To make sure your service is configured correctly follow this steps:
    • locate the service in /etc/systemd/system/LOCATE_HERE.service
    • give your script that running by the service the execute permission with sudo chmod a+x yourscript.sh
    • execute the command sudo systemctl daemon-reload to reload the new service.
    • execute the command sudo systemctl enable serviceName.service
    • execute the command sudo systemctl start serviceName.service
    • execute the command sudo systemctl status serviceName.service
    • if the service is running reboot your system.
    • after the reboot execute the command sudo systemctl status serviceName.service to check if the service is running.
    • images:
    • serviceExampleThatWorksForMe
    • howToStartTheServiceCommands
    • if all that solution is not working there might be a problem with the file type - check for solution here solutionForFileTypeError
Nicola avatar
cn flag
Thank you very much my friend. You made my life much more easier. This is the perfect solution.
CrazyTux avatar
us flag
your welcome, again i guess there are more solutions that might be better, but that's should work out, if it is working you can accept the answer by clicking on V near my answer field.
CrazyTux avatar
us flag
i just found this topic that can be helpful and maybe better then my answer https://askubuntu.com/questions/168033/how-to-set-static-routes-in-ubuntu-server?rq=1
Nicola avatar
cn flag
So here I’m again. The script I made like you suggested works perfectly. Only problem is that at boot, the service won’t start. Through Journalctl I found out that systemd failed to start the service because “Assignment outside of section. Ignoring". I don’t know what went wrong. The script I created I changed the ownership to root. If I run it manually it works but systemd won’t start it as a service.
CrazyTux avatar
us flag
There are two passible suolutions: the recommended one is to fix the service. (You can send the service you made so i can take a look at him, please delete your personal details), the other one premitive but works, is to use the crontab to run the script.
Nicola avatar
cn flag
Hi and thank you for getting back to me. This is how the service file looks like: --------------------------------------------- Description=iprules_service After=network.target StartLimitIntervalSec=0 [Service] Type=simple Restart=always RestartSec=1 User=nick ExecStart=/usr/local/sbin/iprules.sh [Install] WantedBy=multi-user.target ------------------------------------ The *.sh file works just fine because i can start it manually with sudo without problems I prefer this solution because is more elegant than crontab. Hop I'll figure it out somehow. Ty very much
CrazyTux avatar
us flag
i will now edit my answer and hope that will work out for you, i just run the service on my vps and its running perfectly.
Nicola avatar
cn flag
IT WORKED!! Thank you very much for your patience. I owe you one.
Score:0
cn flag

You can definitely do this in Netplan. I just did it and confirmed persistence following a reboot. The Netplan official website's Examples page shows many examples of this.

Example:

  1. Edit your netplan config file (located in /etc/netplan/)

  2. Locate the interface where you want the route (ex. eth0)

  3. Locate the addresses section

  4. Add the routes keyword and route details under the addresses section

    routes:
       - to: default
         via: 1.1.1.254
    
  5. Save and close

  6. Type: sudo netplan generate (and press Enter)

  7. Type: sudo netplan apply (and press Enter)

  8. Test your route by pinging a known IP on the target network

Drew avatar
cn flag
This does not work.
cn flag
@Drew These are steps that work for Ubuntu 20.04 with Netplan, both what I did and also what is documented in the official Netplan examples section. What you said doesn't help me help you. Provide some details, please.
Drew avatar
cn flag
@TitaniumCoder477 Thank you for your reply. Would be great if you could explain what exactly those lines do? What does 1.1.1.254 mean? Default gateway? Does that mean that all the traffic would not go via the VPN gateway?
Zanna avatar
kr flag
It would be nice if you could add some more specific instructions.
Score:0
fo flag

Here is what ended up working for me using netplan. Taking the IPs from your post, here is what you will do in /etc/netplan/*.yaml:

network:
    version: 2
    ethernets:
        eno0:
            ...
            routing-policy:
            - from: 185.230.125.107
              table: 128
            routes:
            -   to: 0.0.0.0/0
                via: 185.230.125.254
            -   to: default
                via: 185.230.125.254
                on-link: True
                table: 128
            -   to: 185.230.125.107/32
                on-link: True
                table: 128
            ...
            set-name: eno0

The things I was missing for a while was - to: default

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.