From: David Ahern <dsah...@gmail.com> Date: Fri, 4 Aug 2017 13:16:56 -0700
> A missing piece to the VRF puzzle is the ability to bind sockets to > devices enslaved to a VRF. This patch set adds the enslaved device > index, sdif, to IPv4 and IPv6 socket lookups. The end result for users > is the following scope options for services: > > 1. "global" services - sockets not bound to any device > > Allows 1 service to work across all network interfaces with > connected sockets bound to the VRF the connection originates > (Requires net.ipv4.tcp_l3mdev_accept=1 for TCP and > net.ipv4.udp_l3mdev_accept=1 for UDP) > > 2. "VRF" local services - sockets bound to a VRF > > Sockets work across all network interfaces enslaved to a VRF but > are limited to just the one VRF. > > 3. "device" services - sockets bound to a specific network interface > > Service works only through the one specific interface. > > v2 > - remove sk_lookup struct and add sdif as an argument to existing > functions > > Changes since RFC: > - no significant logic changes; mainly whitespace cleanups Series applied, thanks David.
