Re: [iproute2 v2 net-next 0/8] Add support for vrf helper

[Stephen Hemminger <stephen@networkplumber.org>]

On Sat, 10 Dec 2016 12:32:06 -0800
David Ahern <dsa@cumulusnetworks.com> wrote:

> This series adds support to iproute2 to run a command against a specific
> VRF. The user semnatics are similar to 'ip netns'.
> 
> The 'ip vrf' subcommand supports 3 usages:
> 
> 1. Run a command against a given vrf:
>        ip vrf exec NAME CMD
> 
>    Uses the recently committed cgroup/sock BPF option. vrf directory
>    is added to cgroup2 mount. Individual vrfs are created under it. BPF
>    filter is attached to vrf/NAME cgroup2 to set sk_bound_dev_if to the
>    device index of the VRF. From there the current process (ip's pid) is
>    addded to the cgroups.proc file and the given command is exected. In
>    doing so all AF_INET/AF_INET6 (ipv4/ipv6) sockets are automatically
>    bound to the VRF domain.
> 
>    The association is inherited parent to child allowing the command to
>    be a shell from which other commands are run relative to the VRF.
> 
> 2. Show the VRF a process is bound to:
>        ip vrf id
>    This command essentially looks at /proc/pid/cgroup for a "::/vrf/"
>    entry.
> 
> 3. Show process ids bound to a VRF
>        ip vrf pids NAME
>    This command dumps the file MNT/vrf/NAME/cgroup.procs since that file
>    shows the process ids in the particular vrf cgroup.
> 
> v2
> - updated suject of patch 3 to avoid spam filters on vger
> 
> David Ahern (8):
>   lib bpf: Add support for BPF_PROG_ATTACH and BPF_PROG_DETACH
>   bpf: export bpf_prog_load
>   Add libbpf.h header with BPF_ macros
>   move cmd_exec to lib utils
>   Add filesystem APIs to lib
>   change name_is_vrf to return index
>   libnetlink: Add variant of rtnl_talk that does not display RTNETLINK
>     answers error
>   Introduce ip vrf command
> 
>  include/bpf_util.h   |   6 ++
>  include/libbpf.h     | 184 ++++++++++++++++++++++++++++++++
>  include/libnetlink.h |   3 +
>  include/utils.h      |   4 +
>  ip/Makefile          |   3 +-
>  ip/ip.c              |   4 +-
>  ip/ip_common.h       |   4 +-
>  ip/iplink_vrf.c      |  29 ++++--
>  ip/ipnetns.c         |  34 ------
>  ip/ipvrf.c           | 289 +++++++++++++++++++++++++++++++++++++++++++++++++++
>  lib/Makefile         |   2 +-
>  lib/bpf.c            |  71 ++++++++-----
>  lib/exec.c           |  41 ++++++++
>  lib/fs.c             | 143 +++++++++++++++++++++++++
>  lib/libnetlink.c     |  20 +++-
>  man/man8/ip-vrf.8    |  88 ++++++++++++++++
>  16 files changed, 850 insertions(+), 75 deletions(-)
>  create mode 100644 include/libbpf.h
>  create mode 100644 ip/ipvrf.c
>  create mode 100644 lib/exec.c
>  create mode 100644 lib/fs.c
>  create mode 100644 man/man8/ip-vrf.8
> 

Please use tooling that puts v2 on all the updated patches.
It makes it easier to spot them in patchwork