All Products
Search
Document Center

The route information cannot be queried or configured on the ECS instance of the Aliyun Linux 2 system.

Last Updated: Apr 29, 2020

Problem Description

You cannot query and configure routing information for ECS instances that meet the following conditions.

  • Image: aliyun-2.1903-x64-20G-alibase-20190507.vhd and all previous versions.
  • Kernel: kernel-4.19.34-11.al7 and all previous kernel versions.

The specific problems are as follows.

  • Failed to query created route table information. Example:
    Note: The sample information here is only for reference, and the actual situation on site shall prevail.
    1. Run the following command to create a route table:
      ip -4 route add default via 192.168.0.253 dev eth1 table 1001
    2. Run the following command to view the created route table: No route table information is displayed.
      ip route list table 1001
    3. Run the following command again to create a route table:
      ip -4 route add default via 192.168.0.253 dev eth1 table 1001
      The system returns the "File exists" error.
      RTNETLINK answers: File exists
  • Failed to configure policy-based routing. Run the following command to configure the policy-based routing. The system returns the error message "Operation not supported".
    ip -4 rule add from 192.168.0.68 loopup 1001

Cause of problem

Policy-based routing dependencies CONFIG_IP_MULTIPLE_TABLES module, in kernel-4.19.34-11.al7 and all previous kernel versions, not enabled CONFIG_IP_MULTIPLE_TABLES module.

Solution

Alibaba Cloud reminds you that:

  • If you have any risky operations on an instance or data, pay attention to the disaster tolerance and fault tolerance capabilities of the instance to ensure data security.
  • If you modify the configuration and data of an instance (including but not limited to ECS and RDS), we recommend that you create snapshots or enable RDS log backup.
  • If you have granted permissions on the Alibaba Cloud platform or submitted security information such as the logon account and password, we recommend that you modify the information as soon as possible.

In kernel-4.19.36-12.al7.x86_64 in the kernel version, the options that the policy-based routing depends on are enabled to solve the preceding problems. Therefore, upgrade the kernel of the ECS instance to kernel-4.19.36-12.al7.x86_64 or a later version.

CONFIG_IP_MULTIPLE_TABLES=y
CONFIG_IPV6_MULTIPLE_TABLES=y
CONFIG_IPV6_SUBTREES=y
CONFIG_FIB_RULES=y
# CONFIG_NET_VRF is not set

Note: If IPv6 is enabled, the corresponding kernel option also exists.

Applicable to

  • Elastic Compute Service