On Cloud Rootserver, where both public and private interfaces are available, private interfaces are used for BGP with pfsense LAN as GW. Policy based routing must be setup. See http://visrc.com:8000/dokuwiki/doku.php?id=linux:admin:network_routing:source_routing#config_with_netplan
admin@c1-node-01:~$ cat /etc/netplan/51-eth1.yaml
network:
version: 2
renderer: networkd
ethernets:
ens3:
dhcp4: no
dhcp6: no
accept-ra: no
addresses: [81.94.xx.xx/28, "2a01:xxx:xxxx:xx::xx/64"]
gateway4: 81.94.xx.xx
gateway6: 2a01:xxx:xxxx:xx::x
nameservers:
addresses: [1.0.0.1]
ens6:
dhcp4: no
dhcp6: no
accept-ra: no
addresses: [195.16.xxx.111/25]
routes:
- to: 195.16.xxx.x/25
via: 195.16.xxx.gw
table: 102
- to: 0.0.0.0/0
via: 195.16.xxx.gw
table: 102
routing-policy:
- from: 195.16.xxx.111
table: 102
- to: 195.16.xxx.111
table: 102
Example
network:
version: 2
renderer: networkd
ethernets:
eth1:
dhcp4: no
dhcp6: no
accept-ra: no
addresses: [192.168.179.2/24]
routes:
- to: 192.168.179.0/24
via: 192.168.179.224
table: 102
- to: default
via: 192.168.179.224
metric: 100
table: 102
routing-policy:
- from: 192.168.179.2
table: 102
- to: 192.168.179.2
table: 102
nameservers:
addresses: [8.8.8.8]
Somehow the br_filter module disappers so make the setting persistent.
315 vim /etc/sysctl.conf 316 sysctl -p 317 modprobe br_netfilter 318 sysctl -p 319 less /etc/modules-load.d/modules.conf 320 echo br_netfilter > /etc/modules-load.d/br_netfilter.conf