Posted: Fri Jul 05, 2019 14:20 Post subject: SFE isn't work with Policy-based routing
In my router, I have setup VAP to route all VAP traffic wl1.1 (192.168.18.1) to wireguard oet1(192.168.2.1)
following is my rules to control traffic from VAP, and routing to oet1(wireguard interface)
ip rule add from 192.168.18.0/24 lookup 100
ip route add table 100 default via 192.168.2.1
iptables -t nat -A POSTROUTING -s 192.168.18.0/24 -o oet1 -j MASQUERADE
when I disable SFE(Shortcut Forwarding Engine), all works correct.
BUT after I enable SFE, the traffic from wl1.1 cann't work as expected.
what's wrong with my usage, how to fix this issue ?
Joined: 08 May 2018 Posts: 3410 Location: Texas, USA
Posted: Fri Jul 05, 2019 15:21 Post subject:
Read the first ticket. The ip rule add command doesn't exist or work anymore in BS builds. It would take a while to backtrack any commits to the source code to see what broke it. Unfortunately, <Kong> doesn't directly support that router (EA6300).