Lines Matching +full:route +full:- +full:up
1 .. SPDX-License-Identifier: GPL-2.0
11 routing and forwarding domains (aka VRFs, VRF-lite to be specific) in the
12 Linux network stack. One use case is the multi-tenancy problem where each
30 ------
31 A VRF device is created with an associated route table. Network interfaces
34 +-----------------------------+
35 | vrf-blue | ===> route table 10
36 +-----------------------------+
38 +------+ +------+ +-------------+
40 +------+ +------+ +-------------+
42 +------+ +------+
44 +------+ +------+
59 .. [2] Iptables on ingress supports PREROUTING with skb->dev set to the real
60 ingress device and both INPUT and PREROUTING rules with skb->dev set to
65 -----
69 ip link add vrf-blue type vrf table 10
70 ip link set dev vrf-blue up
76 with a different priority or install per-VRF rules.
80 ip ru add oif vrf-blue table 10
81 ip ru add iif vrf-blue table 10
83 3. Set the default route for the table (and hence default route for the VRF)::
85 ip route add table 10 unreachable default metric 4278198272
87 This high metric value ensures that the default unreachable route can
94 ip link set dev eth1 master vrf-blue
104 sysctl -w net.ipv6.conf.all.keep_addr_on_down=1
108 ip route add table 10 ...
112 ------------
129 sysctl -w net.ipv4.tcp_l3mdev_accept=1
130 sysctl -w net.ipv4.udp_l3mdev_accept=1
142 sysctl -w net.ipv4.raw_l3mdev_accept=0
147 --------------------------------------------------------------------------------
152 section lists both commands where appropriate -- with the vrf keyword and the
169 $ ip [-d] link show type vrf
170 NOTE: The -d option is needed to show the table id
174 $ ip -d link show type vrf
175 …11: mgmt: <NOARP,MASTER,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default…
178 …12: red: <NOARP,MASTER,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default …
181 …13: blue: <NOARP,MASTER,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default…
184 …14: green: <NOARP,MASTER,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group defaul…
191 $ ip -br link show type vrf
192 mgmt UP 72:b3:ba:91:e2:24 <NOARP,MASTER,UP,LOWER_UP>
193 red UP b6:6f:6e:f6:da:73 <NOARP,MASTER,UP,LOWER_UP>
194 blue UP 36:62:e8:7d:bb:8c <NOARP,MASTER,UP,LOWER_UP>
195 green UP e6:28:b8:63:70:bb <NOARP,MASTER,UP,LOWER_UP>
224 …3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master red state UP mode DEFA…
226 …4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master red state UP mode DEFA…
234 $ ip -br link show vrf red
235 eth1 UP 02:00:00:00:02:02 <BROADCAST,MULTICAST,UP,LOWER_UP>
236 eth2 UP 02:00:00:00:02:03 <BROADCAST,MULTICAST,UP,LOWER_UP>
245 $ ip [-6] neigh show vrf NAME
246 $ ip [-6] neigh show master NAME
254 $ ip -6 neigh show vrf red
269 …3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master red state UP group def…
277 …4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master red state UP group def…
290 $ ip -br addr show vrf red
291 eth1 UP 10.2.1.2/24 2002:1::2/120 fe80::ff:fe00:202/64
292 eth2 UP 10.2.2.2/24 2002:2::2/120 fe80::ff:fe00:203/64
301 $ ip [-6] route show vrf NAME
302 $ ip [-6] route show table ID
306 $ ip route show vrf red
317 $ ip -6 route show vrf red
333 unreachable default dev lo metric 4278198272 error -101 pref medium
335 8. Route Lookup for a VRF
337 A test route lookup can be done for a VRF::
339 $ ip [-6] route get vrf NAME ADDRESS
340 $ ip [-6] route get oif NAME ADDRESS
344 $ ip route get 10.2.1.40 vrf red
348 $ ip -6 route get 2002:1::32 vrf red
366 --------------------------------------------------------------------------------
386 ip route add table ${TBID} unreachable default metric 4278198272
388 ip link set dev ${VRF} up