Difference between policy local-route and policy route?

exp · January 4, 2024, 7:35pm

I am a little confused about the functional difference between policy local-route and policy route .... The manual does not provide a concise explanation.

From the name, I would expect that “local-route” handles locally generated packets and “route” everything that’s routed through VyOS. This is even written in the manual:

Local Route: The following example allows VyOS to use PBR for traffic, which originated from the router itself.
[…]

But this is functionally not the case: “local-route” modifies ip route and ip rule output directly. For example, I can use:

local-route {
     rule 110 {
         destination {
             address 0.0.0.0/0
         }
         set {
             table 44
         }
         source {
             address 192.168.56.0/24
         }
     }
}

to create a “policy routing” that works for local and forwarded packets. I am not sure what I would need policy route for and when I should use it over policy local-route…

Viacheslav · January 4, 2024, 7:50pm

Policy route affected only for inbound traffic and must be attached to interface. And not affected to local generated traffic from the router itself.
Original policy local route was added for only local traffic but was extended to new features and affected not only local traffic . It could confuse now and there is the task for renaming this feature ⚓ T5654 Migrate policy local-route

system · February 3, 2024, 7:50pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.