From: David Ahern <dsah...@gmail.com> Date: Mon, 7 Aug 2017 08:44:15 -0700
> A missing piece to the VRF puzzle is the ability to bind sockets to > devices enslaved to a VRF. This patch set adds the enslaved device > index, sdif, to IPv4 and IPv6 socket lookups. The end result for users > is the following scope options for services: > > 1. "global" services - sockets not bound to any device > > Allows 1 service to work across all network interfaces with > connected sockets bound to the VRF the connection originates > (Requires net.ipv4.tcp_l3mdev_accept=1 for TCP and > net.ipv4.udp_l3mdev_accept=1 for UDP) > > 2. "VRF" local services - sockets bound to a VRF > > Sockets work across all network interfaces enslaved to a VRF but > are limited to just the one VRF. > > 3. "device" services - sockets bound to a specific network interface > > Service works only through the one specific interface. > > v3 > - convert __inet_lookup_established in dccp_v4_err; missed in v2 > > v2 > - remove sk_lookup struct and add sdif as an argument to existing > functions > > Changes since RFC: > - no significant logic changes; mainly whitespace cleanups Series applied, let's see if it builds this time :-)
