vrf.rst - OpenGrok cross reference for /Linux-v6.1/Documentation/networking/vrf.rst

Lines Matching +full:master +full:- +full:kernel
1 .. SPDX-License-Identifier: GPL-2.0
11 routing and forwarding domains (aka VRFs, VRF-lite to be specific) in the
12 Linux network stack. One use case is the multi-tenancy problem where each
30 ------
34 	 +-----------------------------+
35 	 |           vrf-blue          |  ===> route table 10
36 	 +-----------------------------+
38 	 +------+ +------+     +-------------+
40 	 +------+ +------+     +-------------+
42 			      +------+ +------+
44 			      +------+ +------+
59 .. [2] Iptables on ingress supports PREROUTING with skb->dev set to the real
60        ingress device and both INPUT and PREROUTING rules with skb->dev set to
65 -----
69 	ip link add vrf-blue type vrf table 10
70 	ip link set dev vrf-blue up
76    with a different priority or install per-VRF rules.
78    Prior to the v4.8 kernel iif and oif rules are needed for each VRF device::
80        ip ru add oif vrf-blue table 10
81        ip ru add iif vrf-blue table 10
89    kernel metrics as a combined admin distance (upper byte) and priority
94        ip link set dev eth1 master vrf-blue
104        sysctl -w net.ipv6.conf.all.keep_addr_on_down=1
112 ------------
129     sysctl -w net.ipv4.tcp_l3mdev_accept=1
130     sysctl -w net.ipv4.udp_l3mdev_accept=1
142     sysctl -w net.ipv4.raw_l3mdev_accept=0
147 Using VRF-aware applications (applications which simultaneously create sockets
160 --------------------------------------------------------------------------------
165 section lists both commands where appropriate -- with the vrf keyword and the
174    As of v4.8 the kernel supports the l3mdev FIB rule where a single rule
182        $ ip [-d] link show type vrf
183 	 NOTE: The -d option is needed to show the table id
187        $ ip -d link show type vrf
188 …11: mgmt: <NOARP,MASTER,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default…
191 …12: red: <NOARP,MASTER,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default …
194 …13: blue: <NOARP,MASTER,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default…
197 …14: green: <NOARP,MASTER,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group defaul…
204        $ ip -br link show type vrf
205        mgmt         UP             72:b3:ba:91:e2:24 <NOARP,MASTER,UP,LOWER_UP>
206        red          UP             b6:6f:6e:f6:da:73 <NOARP,MASTER,UP,LOWER_UP>
207        blue         UP             36:62:e8:7d:bb:8c <NOARP,MASTER,UP,LOWER_UP>
208        green        UP             e6:28:b8:63:70:bb <NOARP,MASTER,UP,LOWER_UP>
216        $ ip link set dev NAME master NAME
223        $ ip link set dev eth0 master mgmt
228    To show devices that have been assigned to a specific VRF add the master
232        $ ip link show master NAME
237 …3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master red state UP mode DEFA…
239 …4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master red state UP mode DEFA…
241 …7: eth5: <BROADCAST,MULTICAST> mtu 1500 qdisc noop master red state DOWN mode DEFAULT group defaul…
247        $ ip -br link show vrf red
256    add the master option to the ip command::
258        $ ip [-6] neigh show vrf NAME
259        $ ip [-6] neigh show master NAME
267        $ ip -6 neigh show vrf red
273    To show addresses for interfaces associated with a VRF add the master
277        $ ip addr show master NAME
282 …3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master red state UP group def…
290 …4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master red state UP group def…
298 	7: eth5: <BROADCAST,MULTICAST> mtu 1500 qdisc noop master red state DOWN group default qlen 1000
303 	$ ip -br addr show vrf red
314        $ ip [-6] route show vrf NAME
315        $ ip [-6] route show table ID
321 	broadcast 10.2.1.0 dev eth1  proto kernel  scope link  src 10.2.1.2
322 	10.2.1.0/24 dev eth1  proto kernel  scope link  src 10.2.1.2
323 	local 10.2.1.2 dev eth1  proto kernel  scope host  src 10.2.1.2
324 	broadcast 10.2.1.255 dev eth1  proto kernel  scope link  src 10.2.1.2
325 	broadcast 10.2.2.0 dev eth2  proto kernel  scope link  src 10.2.2.2
326 	10.2.2.0/24 dev eth2  proto kernel  scope link  src 10.2.2.2
327 	local 10.2.2.2 dev eth2  proto kernel  scope host  src 10.2.2.2
328 	broadcast 10.2.2.255 dev eth2  proto kernel  scope link  src 10.2.2.2
330 	$ ip -6 route show vrf red
333 	2002:1::/120 dev eth1  proto kernel  metric 256  pref medium
336 	2002:2::/120 dev eth2  proto kernel  metric 256  pref medium
341 	fe80::/64 dev eth1  proto kernel  metric 256  pref medium
342 	fe80::/64 dev eth2  proto kernel  metric 256  pref medium
346 	unreachable default dev lo  metric 4278198272  error -101 pref medium
352        $ ip [-6] route get vrf NAME ADDRESS
353        $ ip [-6] route get oif NAME ADDRESS
361 	$ ip -6 route get 2002:1::32 vrf red
362 	2002:1::32 from :: dev eth1  table red  proto kernel  src 2002:1::2  metric 256  pref medium
379 --------------------------------------------------------------------------------
405      ip link set dev eth0 master mgmt
408      ip link set dev eth1 master red
409      ip link set dev eth2 master red
410      ip link set dev eth5 master red
413      ip link set dev eth3 master blue
416      ip link set dev eth4 master green