SDN
个人博客Kubernetes指南Linux性能优化实战eBPF 核心技术与实战
搜索文档…
1. 前言
网络基础
2. 网络基础理论
3. Linux网络
Linux网络配置
iptables/netfilter
负载均衡
流量控制
SR-IOV
内核VRF
eBPF
XDP
常用工具
内核网络参数
4. Open vSwitch
5. DPDK
SDN&NFV
6. SDN
7. NFV
8. SDWAN
容器网络
9. 容器网络
SDN实践
10. Mininet
11. SDN实践案例
参考文档
12. FAQ
13. 参考文档
GitBook 提供支持
内核VRF
Linux内核的Virtual Routing and Forwarding (VRF) 是由路由表和一组网络设备组成的路由实例。

VRF安装

Ubuntu默认不包括vrf内核模块,需要额外安装:
1
apt-get install linux-headers-4.10.0-14-generic linux-image-extra-4.10.0-14-generic
2
reboot
3
apt-get install linux-image-extra-$(uname -r)
4
modprobe vrf
Copied!

VRF示例

1
# create vrf device
2
ip link add vrf-blue type vrf table 10
3
ip link set dev vrf-blue up
4
5
# An l3mdev FIB rule directs lookups to the table associated with the device.
6
# A single l3mdev rule is sufficient for all VRFs.
7
# Prior to the v4.8 kernel iif and oif rules are needed for each VRF device:
8
ip ru add oif vrf-blue table 10
9
ip ru add iif vrf-blue table 10
10
11
#Set the default route for the table (and hence default route for the VRF).
12
ip route add table 10 unreachable default
13
14
# Enslave L3 interfaces to a VRF device.
15
# Local and connected routes for enslaved devices are automatically moved to
16
# the table associated with VRF device. Any additional routes depending on
17
# the enslaved device are dropped and will need to be reinserted to the VRF
18
# FIB table following the enslavement.
19
ip link set dev eth1 master vrf-blue
20
21
# The IPv6 sysctl option keep_addr_on_down can be enabled to keep IPv6 global
22
# addresses as VRF enslavement changes.
23
sysctl -w net.ipv6.conf.all.keep_addr_on_down=1
24
25
# Additional VRF routes are added to associated table.
26
ip route add table 10 ...
Copied!

进程绑定VRF

Linux进程可以通过在VRF设备上监听socket来绑定VRF:
1
setsockopt(sd, SOL_SOCKET, SO_BINDTODEVICE, dev, strlen(dev)+1);
Copied!
TCP & UDP services running in the default VRF context (ie., not bound to any VRF device) can work across all VRF domains by enabling the tcp_l3mdev_accept and udp_l3mdev_accept sysctl options:
1
sysctl -w net.ipv4.tcp_l3mdev_accept=1
2
sysctl -w net.ipv4.udp_l3mdev_accept=1
Copied!

VRF操作

创建VRF

1
ip link add dev NAME type vrf table ID
Copied!

查询VRF列表

1
# ip -d link show type vrf
2
16: vrf-blue: <NOARP,MASTER,UP,LOWER_UP> mtu 65536 qdisc noqueue state UP mode DEFAULT group default qlen 1000
3
link/ether 9e:9c:8e:7b:32:a4 brd ff:ff:ff:ff:ff:ff promiscuity 0
4
vrf table 10 addrgenmode eui64
Copied!

添加网卡到VRF

1
ip link set dev eth0 master vrf-blue
Copied!

查询VRF邻接表和路由

1
ip neigh show vrf vrf-blue
2
ip addr show vrf vrf-blue
3
ip -br addr show vrf vrf-blue
4
ip route show vrf vrf-blue
Copied!

从VRF中删除网卡

1
ip link set dev eth0 nomaster
Copied!
参考文档
以前
SR-IOV
下一个
eBPF
最近更新 3yr ago
复制链接
内容
VRF安装
VRF示例
进程绑定VRF
VRF操作
创建VRF
查询VRF列表
添加网卡到VRF
查询VRF邻接表和路由
从VRF中删除网卡