On 3/17/17 7:59 PM, Daniele Orlandi wrote: > > Hello, > > I'm writing an application that should listen on a TCP port bound to an > inteface in a VRF. > > The bind/listen sequence is the following: > > int s = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); > > char *ifname = "eth1";
Bind to the VRF device not an interface enslaved to it. I want to add the option for enslaved interfaces but have not gotten around to it. > setsockopt(s, SOL_SOCKET, SO_BINDTODEVICE, ifname, strlen(ifname)+1); > > struct sockaddr_in addr; > memset(&addr, 0, sizeof addr); > addr.sin_family = AF_INET; > addr.sin_port = htons(555); > addr.sin_addr.s_addr = inet_addr("0.0.0.0"); > > bind(s, (struct sockaddr *)&addr, sizeof(addr)); > > listen(s, 5); > > The application is confirmed to be bound to the correct interface via "ss": > > Netid State Local Address:Port Peer Address:Port > tcp LISTEN *%eth1:555 *:* > > I can ping the interface address finely, however I get an RST whenever I > try to connect from a remote host: > > $ ping 10.10.10.10 > PING 10.10.10.10 (10.10.10.10) 56(84) bytes of data. > 64 bytes from 10.10.10.10: icmp_seq=1 ttl=64 time=0.758 ms > 64 bytes from 10.10.10.10: icmp_seq=2 ttl=64 time=0.350 ms > > $ telnet 10.10.10.10 555 > Trying 10.10.10.10... > telnet: Unable to connect to remote host: Connection refused > > A similar piece of code without setsockopt run via "ip vrf exec" does > however work! 'ip vrf exec' binds sockets to the VRF.