From: Nicolas Dichtel <nicolas.dichtel@6wind.com>
To: David Ahern <dsa@cumulusnetworks.com>, netdev@vger.kernel.org
Cc: shm@cumulusnetworks.com, roopa@cumulusnetworks.com,
gospo@cumulusnetworks.com, jtoppins@cumulusnetworks.com,
nikolay@cumulusnetworks.com, ddutt@cumulusnetworks.com,
hannes@stressinduktion.org, stephen@networkplumber.org,
hadi@mojatatu.com, ebiederm@xmission.com, davem@davemloft.net
Subject: Re: [RFC net-next 3/6] net: Introduce VRF device driver - v2
Date: Mon, 06 Jul 2015 17:42:26 +0200 [thread overview]
Message-ID: <559AA1E2.2080906@6wind.com> (raw)
In-Reply-To: <1436195001-4818-4-git-send-email-dsa@cumulusnetworks.com>
Le 06/07/2015 17:03, David Ahern a écrit :
> This driver borrows heavily from IPvlan and teaming drivers.
>
> Routing domains (VRF-lite) are created by instantiating a device
> and enslaving all routed interfaces that participate in the domain.
> As part of the enslavement, all local routes pointing to enslaved
> devices are re-pointed to the vrf device, thus forcing outgoing
> sockets to bind to the vrf to function.
>
> Standard FIB rules can then bind the VRF device to tables and regular
> fib rule processing is followed.
>
> Routed traffic through the box, is fwded by using the VRF device as
> the IIF and following the IIF rule to a table which is mated with
> the VRF.
>
> Locally originated traffic is directed at the VRF device using
> SO_BINDTODEVICE or cmsg headers. This in turn drops the packet into
> the xmit function of the vrf driver, which then completes the ip lookup
> and output.
>
> This solution is completely orthogonal to namespaces and allow the L3
> equivalent of vlans to exist allowing the routing space to be
> partitioned.
>
> Example:
>
> Create vrf 1:
> ip link add vrf1 type vrf table 5
> ip rule add iif vrf1 table 5
> ip rule add oif vrf1 table 5
> ip route add table 5 prohibit default
> ip link set vrf1 up
>
> Add interface to vrf 1:
> ip link set eth1 master vrf1
>
> Signed-off-by: Shrijeet Mukherjee <shm@cumulusnetworks.com>
> Signed-off-by: David Ahern <dsa@cumulusnetworks.com>
>
> v2:
> - addressed comments from first RFC
> - significant changes to improve simplicity of implementation
History should be put after the '---'.
> ---
ie here.
> drivers/net/Kconfig | 7 +
> drivers/net/Makefile | 1 +
> drivers/net/vrf.c | 486 +++++++++++++++++++++++++++++++++++++++++++++++++++
> include/net/vrf.h | 71 ++++++++
> 4 files changed, 565 insertions(+)
> create mode 100644 drivers/net/vrf.c
> create mode 100644 include/net/vrf.h
next prev parent reply other threads:[~2015-07-06 15:42 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-06 15:03 [RFC net-next 0/6] Proposal for VRF-lite - v2 David Ahern
2015-07-06 15:03 ` [RFC net-next 1/6] fib: export symbols David Ahern
2015-07-06 15:03 ` [RFC net-next 2/6] net: Preparation for vrf device David Ahern
2015-07-08 8:37 ` Nicolas Dichtel
2015-07-08 8:40 ` Nicolas Dichtel
2015-07-08 16:10 ` David Ahern
2015-07-06 15:03 ` [RFC net-next 3/6] net: Introduce VRF device driver - v2 David Ahern
2015-07-06 15:42 ` Nicolas Dichtel [this message]
2015-07-06 16:37 ` Nikolay Aleksandrov
2015-07-06 16:46 ` David Ahern
2015-07-08 9:27 ` Nicolas Dichtel
2015-07-08 16:38 ` David Ahern
2015-07-08 18:34 ` Sowmini Varadhan
2015-07-09 17:19 ` David Ahern
2015-07-09 17:28 ` Sowmini Varadhan
2015-07-10 1:36 ` Eric W. Biederman
2015-07-10 2:12 ` David Ahern
2015-07-10 3:55 ` Eric W. Biederman
2015-07-10 4:20 ` David Ahern
2015-07-10 4:56 ` Eric W. Biederman
2015-07-10 18:42 ` David Ahern
2015-07-10 2:39 ` David Ahern
2015-07-10 3:28 ` Sowmini Varadhan
2015-07-10 3:44 ` David Ahern
2015-07-06 15:03 ` [RFC net-next 4/6] net: Modifications to ipv4 stack for VRF devices David Ahern
2015-07-06 15:03 ` [RFC net-next 5/6] net: Add sk_bind_dev_if to task_struct David Ahern
2015-07-06 15:03 ` [RFC net-next 6/6] net: Add chvrf command David Ahern
2015-07-06 15:03 ` [RFC PATCH] iproute2: Add support for VRF device David Ahern
2015-07-06 15:40 ` [RFC net-next 0/6] Proposal for VRF-lite - v2 Nicolas Dichtel
2015-07-06 17:53 ` Shrijeet Mukherjee
2015-07-08 9:30 ` Nicolas Dichtel
2015-07-10 5:14 ` Scott Feldman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=559AA1E2.2080906@6wind.com \
--to=nicolas.dichtel@6wind.com \
--cc=davem@davemloft.net \
--cc=ddutt@cumulusnetworks.com \
--cc=dsa@cumulusnetworks.com \
--cc=ebiederm@xmission.com \
--cc=gospo@cumulusnetworks.com \
--cc=hadi@mojatatu.com \
--cc=hannes@stressinduktion.org \
--cc=jtoppins@cumulusnetworks.com \
--cc=netdev@vger.kernel.org \
--cc=nikolay@cumulusnetworks.com \
--cc=roopa@cumulusnetworks.com \
--cc=shm@cumulusnetworks.com \
--cc=stephen@networkplumber.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).