0

I have a Mac with two network interfaces, connected to different networks. For the sake of argument, let's say one is connected to a private network and the other to the Internet.

I understand that I can use the Networks system preference pane to place the Internet interface higher in the "service order" than the private network and that, by doing so, its "Router" will become the system's default gateway (and the other interface's "Router" is ignored).

However, this obviously results in all traffic being routed over the Internet (except the specific subnet of the private network to which the machine is directly connected). I want to override this behaviour for the entire private network, routing all private traffic via the appropriate interface.

What is the "Apple Way" of accomplishing this? Merely executing sudo route add ... only creates the route temporarily, whereas I want to associate it with the interface in some permanent way (i.e. that will survive the interface changing state, or the system rebooting).

I presume that the solution will involve launchd invoking a script after the interface has come up… but how?!

eggyal
  • 488
  • Please add some informations about the "entire private network" and how it differs from the "specific subnet private network". – klanomath Nov 19 '14 at 15:34
  • @klanomath: For the sake of argument, assume "entire private network" is 10/8 and the "specific subnet" is 10.11.12/24. – eggyal Nov 19 '14 at 19:10
  • I'm just asking because NO traffic to private networks is ever successfully routed over the internet (except when VPN is involved) please check. So some really basic informations about your network infrastructure are missing. – klanomath Nov 19 '14 at 19:57
  • @klanomath: That is exactly why I need a static route to ensure the private network traffic is routed over the private network interface. – eggyal Nov 19 '14 at 20:21
  • did you check this: staticroute – klanomath Nov 19 '14 at 21:49

1 Answers1

0

1 - Here is a copied solution but deprecated:

First of all, you have to be a local admin.

Open a terminal and change to the StartupItems directory

cd /Library/StartupItems

Then create a new directory with root priviledges, e.g. AddRoutes and change into it

sudo mkdir ./AddRoutes
cd ./AddRoutes

Now you have to create and edit the bash script

sudo touch ./AddRoutes
sudo nano ./AddRoutes

Paste the following Lines into the bash script and adapt it for your network

#!/bin/sh

# Set static routing tables

. /etc/rc.common

StartService ()
{
sleep 10
ConsoleMessage "Adding Static Routing Table"
sudo /sbin/route add -net 10.0.0.0 -netmask 255.0.0.0 -gateway w.x.y.z
}

StopService ()
{
return 0
}

StopService ()
{
return 0
}

RestartService ()
{
return 0
}

RunService "$1"

When you finished with the script, save it.

Then create the corresponding plist.

sudo touch StartupParameters.plist
sudo nano StartupParameters.plist

When you created the plist file, paste the following lines into it.

{
Description = "Add static routing tables";
Provides = ("AddRoutes");
Requires = ("Network");
OrderPreference = "None";
}

When you finished the plist file, save it.

Finally you have to set the access rights

sudo chmod 755 /Library/StartupItems/AddRoutes/*

At the end you have to reboot and now your permanent static routes are set.

You can verify with the following

netstat -nr

2 - Here you may find a more up-to-date solution involving a little program:

staticroute

Configured static routes survive a restart, and will automatically be added and removed as network interfaces go up and down.

klanomath
  • 66,391
  • 9
  • 130
  • 201
  • Thank you. I had seen this solution before. However, StartipItems has been deprecated for a while in favour of launchd. Is there a current recommendation? – eggyal Nov 19 '14 at 20:49
  • It works similar. You probably still need the same shell script. Let me have a look... – klanomath Nov 19 '14 at 20:54
  • A further problem is that the script will need to be triggered whenever the interface comes up, not just when the machine reboots. – eggyal Nov 19 '14 at 20:55