Run a command with a specified FIB (routing table)?

I'd like to be able to run a specific command with a specific FIB.

While Linux supports multiple FIBs and policy-based routing once the packets are in the kernel, the specific application is not one where the end point is distinct between the desired commands and other activity on the device.

The specific application is that occasional, specific activity needs to be routed over a non-primary link (transfer-limited WWAN backing up Comcast primary). This activity terminates on hosts that have "regular" activity to the same remote ports that should go over the primary link.

On FreeBSD, I can use setfib(1):

SYNOPSIS
     setfib [-F] fib utility [argument ...]

DESCRIPTION
     The setfib	utility	runs another utility with a different routing table.
     The table number fib will be used by default for all sockets started by
     this process or descendants.

Is there something equivalent in Linux that my searches haven't found yet?

I've scratched my head on this and even things like wrapping the command in a script to capture the PID can run into problems if the child then spawns additional threads to handle the sockets (the PPID then isn't that of the script, but the invocation of the command).

I'd prefer not to have to dedicate a UID to this kind of activity, especially as some of it will be triggered by daemons no longer running in privileged mode.

Looks like

ip netns exec [namespace] [command]

might do the trick.

From https://www.evolware.org/?p=293

Edit: Changed thread title to describe "FIB"

1 Like

Never heard term FIB but If FIB means routing tables, then I think the netns solution is what you are looking for. Basically you set up the namespace to do the special stuff then launch your program in that namespace.

2 Likes