vrf.rst - OpenGrok cross reference for /kernel/linux/linux-5.10/Documentation/networking/vrf.rst

Lines Matching +full:master +full:- +full:kernel
1 .. SPDX-License-Identifier: GPL-2.0
11 routing and forwarding domains (aka VRFs, VRF-lite to be specific) in the
12 Linux network stack. One use case is the multi-tenancy problem where each
30 ------
34 	 +-----------------------------+
35 	 |           vrf-blue          |  ===> route table 10
36 	 +-----------------------------+
38 	 +------+ +------+     +-------------+
40 	 +------+ +------+     +-------------+
42 			      +------+ +------+
44 			      +------+ +------+
59 .. [2] Iptables on ingress supports PREROUTING with skb->dev set to the real
60        ingress device and both INPUT and PREROUTING rules with skb->dev set to
65 -----
69 	ip link add vrf-blue type vrf table 10
70 	ip link set dev vrf-blue up
76    with a different priority or install per-VRF rules.
78    Prior to the v4.8 kernel iif and oif rules are needed for each VRF device::
80        ip ru add oif vrf-blue table 10
81        ip ru add iif vrf-blue table 10
89    kernel metrics as a combined admin distance (upper byte) and priority
94        ip link set dev eth1 master vrf-blue
104        sysctl -w net.ipv6.conf.all.keep_addr_on_down=1
112 ------------
129     sysctl -w net.ipv4.tcp_l3mdev_accept=1
130     sysctl -w net.ipv4.udp_l3mdev_accept=1
142     sysctl -w net.ipv4.raw_l3mdev_accept=0
147 --------------------------------------------------------------------------------
152 section lists both commands where appropriate -- with the vrf keyword and the
161    As of v4.8 the kernel supports the l3mdev FIB rule where a single rule
169        $ ip [-d] link show type vrf
170 	 NOTE: The -d option is needed to show the table id
174        $ ip -d link show type vrf
175 …11: mgmt: <NOARP,MASTER,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default…
178 …12: red: <NOARP,MASTER,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default …
181 …13: blue: <NOARP,MASTER,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default…
184 …14: green: <NOARP,MASTER,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group defaul…
191        $ ip -br link show type vrf
192        mgmt         UP             72:b3:ba:91:e2:24 <NOARP,MASTER,UP,LOWER_UP>
193        red          UP             b6:6f:6e:f6:da:73 <NOARP,MASTER,UP,LOWER_UP>
194        blue         UP             36:62:e8:7d:bb:8c <NOARP,MASTER,UP,LOWER_UP>
195        green        UP             e6:28:b8:63:70:bb <NOARP,MASTER,UP,LOWER_UP>
203        $ ip link set dev NAME master NAME
210        $ ip link set dev eth0 master mgmt
215    To show devices that have been assigned to a specific VRF add the master
219        $ ip link show master NAME
224 …3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master red state UP mode DEFA…
226 …4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master red state UP mode DEFA…
228 …7: eth5: <BROADCAST,MULTICAST> mtu 1500 qdisc noop master red state DOWN mode DEFAULT group defaul…
234        $ ip -br link show vrf red
243    add the master option to the ip command::
245        $ ip [-6] neigh show vrf NAME
246        $ ip [-6] neigh show master NAME
254        $ ip -6 neigh show vrf red
260    To show addresses for interfaces associated with a VRF add the master
264        $ ip addr show master NAME
269 …3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master red state UP group def…
277 …4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master red state UP group def…
285 	7: eth5: <BROADCAST,MULTICAST> mtu 1500 qdisc noop master red state DOWN group default qlen 1000
290 	$ ip -br addr show vrf red
301        $ ip [-6] route show vrf NAME
302        $ ip [-6] route show table ID
308 	broadcast 10.2.1.0 dev eth1  proto kernel  scope link  src 10.2.1.2
309 	10.2.1.0/24 dev eth1  proto kernel  scope link  src 10.2.1.2
310 	local 10.2.1.2 dev eth1  proto kernel  scope host  src 10.2.1.2
311 	broadcast 10.2.1.255 dev eth1  proto kernel  scope link  src 10.2.1.2
312 	broadcast 10.2.2.0 dev eth2  proto kernel  scope link  src 10.2.2.2
313 	10.2.2.0/24 dev eth2  proto kernel  scope link  src 10.2.2.2
314 	local 10.2.2.2 dev eth2  proto kernel  scope host  src 10.2.2.2
315 	broadcast 10.2.2.255 dev eth2  proto kernel  scope link  src 10.2.2.2
317 	$ ip -6 route show vrf red
320 	2002:1::/120 dev eth1  proto kernel  metric 256  pref medium
323 	2002:2::/120 dev eth2  proto kernel  metric 256  pref medium
328 	fe80::/64 dev eth1  proto kernel  metric 256  pref medium
329 	fe80::/64 dev eth2  proto kernel  metric 256  pref medium
333 	unreachable default dev lo  metric 4278198272  error -101 pref medium
339        $ ip [-6] route get vrf NAME ADDRESS
340        $ ip [-6] route get oif NAME ADDRESS
348 	$ ip -6 route get 2002:1::32 vrf red
349 	2002:1::32 from :: dev eth1  table red  proto kernel  src 2002:1::2  metric 256  pref medium
366 --------------------------------------------------------------------------------
392      ip link set dev eth0 master mgmt
395      ip link set dev eth1 master red
396      ip link set dev eth2 master red
397      ip link set dev eth5 master red
400      ip link set dev eth3 master blue
403      ip link set dev eth4 master green