VRF/MPLS on Linux
Jussi Peltola
pelzi at pelzi.net
Wed Aug 24 17:37:45 UTC 2011
On Wed, Aug 24, 2011 at 09:18:29AM -0400, Simon Perreault wrote:
> On 2011-08-24 06:06, Brian Raaen wrote:
> > The only issue with this is that the Linux box is not acting as a
> > router, but as the egress devices. I'm trying to figure out how to
> > properly get my application to 'color' the traffic. standard BSD
> > sockets appear to have no concept of 'Labels'.
>
> Just FYI: on OpenBSD you can set the VRF (aka "routing table" or
> "routing domain") per socket with code like this:
>
> int s, table;
> s = socket(...);
> table = 123;
> setsockopt(s, IPPROTO_IP, SO_RTABLE, &table, sizeof(table));
>
Or exec your commands wrapped in route -T$TABLE exec $*
Caveat: ipv6 vrf's did not work the last time I tried, and I think they
still don't.
OpenBSD should also do MPLS VPNs with the VRF's, but it's also pretty
much experimental. It worked fine in a quick lab test at my last try, I
should dig my lab notes and document it...
Some things, like /etc/resolv.conf, still need some attention with VRFs.
More information about the NANOG
mailing list