Project
Linux Virtual Routing and Forwarding is an open source effort to implement
a flexible scable mechanism for providing multiple routing instance within
the Linux kernel. This functionality will be exposed to userland so processes
may choose which VRF to attached to
Status
So far a stable and flexible kernel implementation has been created. 'iproute2' has been modified to allow for configuring and viewing of VRF entities. 'chvrf' has been created to allow a process to be associated with a specific VRF.
Some of its features are:
Ability to bind an interface or a socket to a VRF
Add/delete IPv4 routes to a VRF
TCP and UDP ports can be re-used within each VRF
Ability to run a process 'in' a VRF
To Do
Basic Functionality
-------------------
-make sure iptables still works with VRFs
-correct filtering of all /proc/net/ 'files' to only
show the entries associated with the 'current' VRF
-VRF support for IPv6 (it compiles, but it needs testing and debugging)
-virtual interface to move traffic between VRFs
-make sure all aspects of the current IPv4 stack work with VRFs (ipvs?)
-develop a set of scripts to build VRFs on bootup
-better documentation
-better examples
quagga
------
-use existing 'VRF' syntax to config linux-vrf entities
-modify ripd, ospfd, bgpd to be able to operate as 'PE-CE' protocols
-integrate with mpls-linux project and implement MPLS BGP VPNs (RFC2547bis)
Example
By default all processes and interfaces are associated with VRF 0.
Create a IPv4 VRF
-----------------
Only processes associated with VRF 0 can create VRFs
ip vrf add 1
Associate an interface with a VRF
---------------------------------
Only processes associated with VRF 0 can add interfaces to a VRF
ip link set eth0 vrf 1
(any IPv4 addresses associated with the interface will be removed)
Add an address to an interface
------------------------------
You can add IPv4 addresses to the interface without refering to a vrf.
They will automatically be associated with that VRF. Any routes associated
with the new address will be added to that VRF routing table.
ip addr add 192.168.1.1/24 dev eth0
Add a route to a VRF
--------------------
Only processes associated with VRF 0 can specify a VRF other then 0.
ip route add 10.0.0.0/8 via 192.168.1.2 vrf 1
Associating a process with a VRF
--------------------------------
After a VRF is created and interfaces are added to it, you can use the
'chvrf' command to associate a process with a VRF other then VRF 0.
Once a process is associated with a VRF other then VRF 0 it will only
be able to add routes to that VRF and will only be able to see interfaces
associated with that VRF. All of the sockets created by that process will
be associated with that VRF. All child processes will be associated with
that VRF.
chvrf 1 tcsh
Links
Go to the Linux VRF project page
http://sourceforge.net/projects/linux-vrf/
The Linux VRF mailing list is can be reached at
Sourceforge
Last edited 09-27-2004 by jleu
|
All trademarks and copyrights on this page are properties of their respective owners. Forum comments are owned by the poster. The rest is copyright ©1999-2000 VA Linux Systems, Inc.
|
