Le 06/07/2015 17:03, David Ahern a écrit :
This driver borrows heavily from IPvlan and teaming drivers.Routing domains (VRF-lite) are created by instantiating a device and enslaving all routed interfaces that participate in the domain. As part of the enslavement, all local routes pointing to enslaved devices are re-pointed to the vrf device, thus forcing outgoing sockets to bind to the vrf to function. Standard FIB rules can then bind the VRF device to tables and regular fib rule processing is followed. Routed traffic through the box, is fwded by using the VRF device as the IIF and following the IIF rule to a table which is mated with the VRF. Locally originated traffic is directed at the VRF device using SO_BINDTODEVICE or cmsg headers. This in turn drops the packet into the xmit function of the vrf driver, which then completes the ip lookup and output. This solution is completely orthogonal to namespaces and allow the L3 equivalent of vlans to exist allowing the routing space to be partitioned. Example: Create vrf 1: ip link add vrf1 type vrf table 5 ip rule add iif vrf1 table 5 ip rule add oif vrf1 table 5 ip route add table 5 prohibit default ip link set vrf1 up Add interface to vrf 1: ip link set eth1 master vrf1 Signed-off-by: Shrijeet Mukherjee <[email protected]> Signed-off-by: David Ahern <[email protected]> v2: - addressed comments from first RFC - significant changes to improve simplicity of implementation
History should be put after the '---'.
---
ie here.
drivers/net/Kconfig | 7 + drivers/net/Makefile | 1 + drivers/net/vrf.c | 486 +++++++++++++++++++++++++++++++++++++++++++++++++++ include/net/vrf.h | 71 ++++++++ 4 files changed, 565 insertions(+) create mode 100644 drivers/net/vrf.c create mode 100644 include/net/vrf.h
-- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
