Mon, Apr 18, 2016 at 06:59:37PM CEST, d...@cumulusnetworks.com wrote:
>On 4/18/16 9:47 AM, Jiri Pirko wrote:
>>Proposed solutions (ideas):
>>1) per-netns. Add a procfs file:
>> /proc/sys/net/ipv4/route/fib_offload_error_policy
>> with values: "evict" - default, current behaviour
>> "fail" - propagate offload error to user
>> The policy value would be stored in struct net.
>>
>>2) per-VRF/table
>> When user creates a VRF master, he specifies a table ID
>> this VRF is going to use. I propose to extend this so
>> he can pass a policy ("evict"/"fail").
>> The policy value would be stored in struct fib_table or
>> struct fib6_table. The problem is that vfr only saves
>> table ID, allocates dst but does not actually create
>> table. That might be created later. But I think this
>> could be resolved.
>
>Yes, we have a local patch where I do create the table for IPv6. Can do that
>for IPv4 as well. Some other clean ups are needed in this area - like the
>ability to delete a table
>
>>
>>3) per-VFR/master_netdev
>> In this case, the policy would be also set during
>> the creation of VFR master. From user perspective,
>> this looks same as 2)
>> The policy value would be stored in struct net_vrf (vrf private).
>
>The VRF device is really only used for guiding lookups, not inserting routes.
>
>A per table/VRF policy (option 2) seems more appropriate.
Right. Option 2 also seems better to me. Thanks.
