Am Sat, Nov 08, 2025 at 07:22:29PM -0500, schrieb Etienne Champetier: > Le sam. 8 nov. 2025 à 16:52, Jonas Lochmann <[email protected]> a > écrit : > > > > Am Sat, Nov 08, 2025 at 01:11:17PM -0500, schrieb Etienne Champetier: > > > I also had a look at rewriting mwan3rtmon in ucode recently and I'm > > > wondering if we could just get rid of it. > > > Basically this script watches the main routing table to copy all non > > > default routes, and also fill an ipset, > > > > It does this per interface and keeps the default rules of that > > particular interface while also removing source based routing in case > > of IPv6. (Well, this can be disabled, but I would not recommend that.) > > Thanks for pointing that out, I missed that sed line > > > > but I think using rules like 'lookup main suppress_prefixlength 0' we > > > should be able to remove mwan3rtmon. > > > > But where do we get the default routes from then? > > We still need something for the default routes indeed, but we can simplify a > bit > Have something like > ``` > 1000: from all lookup main suppress_prefixlength 0 > ``` > and then in table 1 / 2 ... just have the default route of each wan > > This would also remove the need for the mwan3_connected_ipv4/6 ipsets > as the mark doesn't matter if you match rule 1000 first.
I think that those ipsets are useless in any case as all local routes are in all tables and thus you could pick any of them. But having first a "lookup regular routes ignoring default routes" could simplify a few things. > > I see no possibility to skip mwan3rtmon. > > If we only have wans with static ips then we don't need mwan3rtmon anymore ... > so we would still need it :), but if it only handles default routes > that's way less work to do. That would remove that theoretical route update delay for local routes. So I consider it an advantage. I would also go from the current imperative implementation to a functional one: wait for changes; calculate new interface specific tables; replace tables. > Yep, there is very little explanation of why each piece is present > Example, the ip rule > ``` > 1001: from all iif wan1 lookup 1 > ``` > I think it is used if we bind to the ip of wan1 (and not the device) > to ensure the traffic goes out the right interface, but maybe it's for > something else :( That's about the input interface. It prevents routing from one wan to another. But that's a task for the firewall and not mwan3. I don't expect binding to an IP only to work correctly. There is a reason why "mwan3 use" sets the fwmark. I just found some rough description of the mwan3 architecture at https://openwrt.org/docs/guide-user/network/wan/multiwan/mwan3 _______________________________________________ openwrt-devel mailing list [email protected] https://lists.openwrt.org/mailman/listinfo/openwrt-devel
