Creating a static route through a specific interface
https://apple.stackexchange.com/questions/390635
-
28-05-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
My problem involves a High Sierra Mac Pro, a NAS and an old house. Things are like this: Mac Pro and NAS sit close together, and are connected via bonded Ethernet through a switch allowing for ultra-fast transfer speed between the two.
Being in an old house, the switch itself is connected to the main router only via a PowerLine interface. While this actually brings web surfing to the Mac Pro's Ethernet, the truth is that for this purpose only WiFi is way faster (about 10x).
For the sake of this example let's assume the web router is 192.168.0.1, Mac is 192.168.0.2 and NAS is 192.168.0.3; wifi is en2 and ethernet is bond0. I need my Mac to route all traffic through en2, except for traffic directed to 192.168.0.3 which should go through bond0 only.
I tried moving Ethernet on top of service order stack and removing its IPV4 Gateway, but my Mac still keeps connecting to the NAS via WiFi even though Ethernet comes first.
I understand I would need some kind of static route to do this, but after reading a lot of (contradictory) posts I'm still not sure how to exactly accomplish this...
Can someone help me? What sort of code should I type in Terminal to create this static route and make sure it's still there after reboot?
Thank you.
Solution
I tried moving Ethernet on top of service order stack and removing its IPV4 Gateway, but my Mac still keeps connecting to the NAS via WiFi even though Ethernet comes first.
Service order priority is great for different networks (i.e. home and work via VPN or work network and lab network). If you're multi-homing to the same network (WiFi and Ethernet both connect to home), the priority doesn't matter. Routes are determined by what gets advertised first, the least amount of latency, etc. As you said, your WiFi is about 10x faster; it makes sense that the traffic will try to go through what it thinks is the fastest.
Set a static route for the host
You can set a static route for an individual host and ensure that all traffic bound for that host goes through a particular interface (gateway). The route command takes the following syntax:
% sudo route add -host <target host IP> <IP of network adapter>
So, in your case, using 0.3 as the NAS and 0.55 as your bonded interface, it would be as follows:
% sudo route add -host 192.168.0.3 192.168.0.55
All traffic would be to that one host (NAS) would be routed though the bonded interface while everything else would go through WiFi.
The problem with this is that it's only temporary. You'll need to rerun this command every time you boot and quite possibly can get overridden (see next section). To automate it, you'll need to put this into a script (call it setroute.sh for example) and have it executed with launchd. See the following posts on how to accomplish this:
- launchd plist format for running a command at a specific time on a weekday
- How do I run an app using launchd at regular intervals?
- How do I create a static permanent ifconfig alias?
Create a different subnet
This is my preferred solution because the NAS will be on it's own network isolated from the rest of the traffic by default. You won't have to tell it where to go or what traffic to prioritize because it will already know that. In addition RIP (Route Information Protocol) advertising packets can't override any static routes you may have put in. Yes, your router can tell your Mac how to get to hosts automatically and this may conflict with what you want.
WiFi Network -> 192.168.0.0/24 ← 254 hosts max NAS Network -> 192.168.5.0/29 ← 6 hosts max
So, on your Mac, you'll have two network connections: 192.168.0.2 (WiFi)
and 192.168.5.2 (Bonded Connection) to the switch (or directly to the NAS). The NAS, 192.168.5.3, will have it's connection to the same Ethernet switch that your Mac is connected to. All traffic destined for the NAS will have no choice but to go through the bonded Ethernet while all other traffic will go via WiFi.
OTHER TIPS
TL;DR: if your static route doesn't work, but you have Wifi+Ethernet on your Mac, and 2 Ethernet ports on your NAS, you can configure one port on the NAS and the Ethernet port of your Mac to be on a different subnet than your wifi/router one (192.168.100.x vs 192.168.0.x: it doesn't really matter as long as they're different). The second port of your NAS can still be connected to the router via DHCP, to ensure remote sync processes keep working.
Ok everyone, this is for future reference for people in my same situation (a Mac with at least one Ethernet port and WiFi + a NAS with two ethernet ports).
One way you could accomplish the task of routing all traffic towards the NAS through one specific interface (in my case, Ethernet) and all the rest through WiFi could be as follows:
On the MAC:
- Configure WiFi for web surfing (usually, DHCP or a static address inside the router subnet). E.g.: if your router is
192.168.0.1, your Mac's WiFi card could be assigned192.168.0.2. Subnet mask will be255.255.255.0, and obviously the Gateway will be your router's address. - Turn DHCP off for your Ethernet port and manually configure its address inside a different subnet from the one where the router is. E.g.: you could set it to -say-
192.168.100.1, subnet mask always255.255.255.0, leave "Gateway" blank (and check that DNS too is blank). - Make sure the Ethernet addresses are advertised first by placing Ethernet on top of WiFi in the Services Order panel (click the gear button below the network services)
Link your Mac to your NAS via a cable (or through a switch), and let's set the NAS this way: (remember that for this to work the NAS has to have two Ethernet ports, not one)
- Link one of the NAS Ethernet ports to your WAN network (the one with internet access). Set this interface as DHCP in the Network settings of the NAS. This will assign the NAS and address in the same pool of the router, and the Mac's (let's say
192.168.0.3) - Link the second Ethernet interface to your Mac's Ethernet, directly or via a switch (note that both connections coming from the NAS can run through the same switch and still work)
- In your NAS' control panel turn DHCP off for this second interface (you don't want the router to talk to it!) and manually configure it to another address in the same pool of your Mac's Ethernet IP. In this example, it could be
192.168.100.2, Subnet mask255.255.255.0, Gateway192.168.100.1(your Mac's address).
YMMV depending on your NAS, or on your Mac's OS, but as far as I'm concerned I can testify that now on my MacOs 10.13.6 all "standard" traffic is correctly routed through WiFi, while the NAS (and the NAS only) is receiving full-speed traffic directly from the Ethernet connection.
This trick has one "downside", in that it will project not one but two NAS instances on the network (one is 192.168.0.x, the other 192.168.100.x), so obviously you'll have to make sure that you instruct your Finder to see the "correct" (Ethernet) NAS. If you keep addressing the other IP, its traffic will still be routed through WiFi.
As to the management console (usually reachable via web browser), it will keep working flawlessly on both addresses.
This is only one possible solution. The other route (no pun intended), via script + static route, would possibly be more elegant and streamlined, but it requires some scripting and it's seemingly harder to achieve. I'll post it anyway as soon as I'll get it to work.
