On 1/22/21 8:02 AM, David Ahern wrote:
On 1/22/21 8:45 AM, Ben Greear wrote:
Hello,
I have a system with a management interface that is not in any VRF, and
then I have
a port that *is* in a VRF. I'd like to be able to set up ssh port
forwarding so that
when I log into the system on the management interface it will
automatically forward to
an IP accessible through the VRF interface.
Is there a way to do such a thing?
For a while I had a system setup with eth0 in a management VRF and setup
to do NAT and port forwarding of incoming ssh connections, redirecting
to VMs running in a different namespace. Crossing VRFs with netfilter
most likely will not work without some development. You might be able to
do it with XDP - rewrite packet headers and redirect. That too might
need a bit of development depending on the netdevs involved.
Maybe easier to improve ssh so that it could specify a netdev to bind to when
making the call to the redirected destination?
Thanks,
Ben
--
Ben Greear <gree...@candelatech.com>
Candela Technologies Inc http://www.candelatech.com
