On 11/21/18 6:07 PM, Alexis Bauvin wrote: > Creating a VXLAN device with is underlay in the non-default VRF makes > egress route lookup fail or incorrect since it will resolve in the > default VRF, and ingress fail because the socket listens in the default > VRF. > > This patch binds the underlying UDP tunnel socket to the l3mdev of the > lower device of the VXLAN device. This will listen in the proper VRF and > output traffic from said l3mdev, matching l3mdev routing rules and > looking up the correct routing table. > > When the VXLAN device does not have a lower device, or the lower device > is in the default VRF, the socket will not be bound to any interface, > keeping the previous behaviour. > > The underlay l3mdev is deduced from the VXLAN lower device > (IFLA_VXLAN_LINK). > > +----------+ +---------+ > | | | | > | vrf-blue | | vrf-red | > | | | | > +----+-----+ +----+----+ > | | > | | > +----+-----+ +----+----+ > | | | | > | br-blue | | br-red | > | | | | > +----+-----+ +---+-+---+ > | | | > | +-----+ +-----+ > | | | > +----+-----+ +------+----+ +----+----+ > | | lower device | | | | > | eth0 | <- - - - - - - | vxlan-red | | tap-red | (... more taps) > | | | | | | > +----------+ +-----------+ +---------+ > > Signed-off-by: Alexis Bauvin <abau...@scaleway.com> > Reviewed-by: Amine Kherbouche <akherbou...@scaleway.com> > Tested-by: Amine Kherbouche <akherbou...@scaleway.com> > --- > drivers/net/vxlan.c | 32 +++++-- > .../selftests/net/test_vxlan_under_vrf.sh | 90 +++++++++++++++++++ > 2 files changed, 114 insertions(+), 8 deletions(-) > create mode 100755 tools/testing/selftests/net/test_vxlan_under_vrf.sh >
Reviewed-by: David Ahern <dsah...@gmail.com> Thanks for adding the test case; I'll try it out next week (after the holidays).
