How to include loopback in policy based routing?

Hello.

I have a TP-Link ER605 running OpenWRT 23.05.02. I have the pbr and luci-app-pbr packages installed with a policy set to route time.google.com across my VPN. The routing policy is working for LAN clients, but if I execute a traceroute to time.google.com from the router (Luci or CLI) the traffic still goes across my WAN interface.

Is there a way to have the loopback participate in the pbr policy? I have tried setting the source address in the policy to 0.0.0.0/0, 127.0.0.1, and even loopback without success.

Ultimately, what I really want is for the router to pull NTP (UDP 123) updates over the VPN, as I'm dealing with a network that blocks NTP and I need to keep the routers time synced so the VPN doesn't drop. BTW, I need to keep the VPN as spit tunnel so that all other Internet traffic uses the WAN.

Any help is greatly appreciated.

If you want to make the rule valid for the router itself, you need to set option chain to 'output' (default is prerouting).

1 Like