VRF/MPLS on Linux

• Previous message (by thread): VRF/MPLS on Linux
• Next message (by thread): VRF/MPLS on Linux
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 23 August 2011 14:45,  <nanog at rhemasound.org> wrote:
> While I have found some information on a project called linux-mpls I am having a hard time finding any solid VRF framework for Linux.  I have a monitoring system that needs check devices that sit in overlapping private ip space, and I was wondering if there is anyway I could use some kind or VRF type solution that would allow me to label the "site" the traffic is intended for.  The upstream router supports VRF/MPLS, but I need to know how I can get the server to label the traffic.  I would appreciate any input.

I would probably go for the suggestion of (ab)using QoS tags for the
routing table selection, but just to throw this alternate idea out
there:

1.0.0.0/8 1:1 NATed to 10.0.0.0/8 marked to use routing table 1, which
routes to network 1
2.0.0.0/8 1:1 NATed to 10.0.0.0/8 marked to use routing table 2, which
routes to network 2
etc

That way your application layer won't need any additional logic and
can just deal with them as separate non-overlapping IP spaces, this
won't work if you have too many overlapping networks (but then linux
only supports 252 additional routing tables anyway afaik) or if you
need external connectivity that can't be proxied.

In a similar manner if your tools support IPv6 you could have a /96
that is NAT64'ed on to each different network, i'm not sure about this
for a production setup although it would have the added benefit that
you can expose these routes to your management network to provide
easier access from your other machines if you wanted to.

- Mike

• Previous message (by thread): VRF/MPLS on Linux
• Next message (by thread): VRF/MPLS on Linux
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]