VRF Implementation

Here you can post your feature requests and suggestions
Post Reply
vang1804
Posts: 1
Joined: 20 Mar 2020, 15:51

VRF Implementation

Post by vang1804 »

Hello!

It would be very nice to be able to attach the users also in Linux Network VRFs, instead of Namespaces.

There are many advantages with VRF implementation
  • With VRFs all routing is done by a single BGP session.
  • Only a few commands are needed to add a new VRF.
  • New services are very easy to be impemented.
E.g. you have a VRF for full access customers, a captive portal for those that are not paying, one VRF for PayAsYouGo users.
  • With VRFs there is no need to waste IPs for intermediate links. MPLS Core can be full private and it is hidden by the customer.
And many other advantages.

What do you think?

Thanks,
Vangelis
dimka88
Posts: 866
Joined: 13 Oct 2014, 05:51
Contact:

Re: VRF Implementation

Post by dimka88 »

Hi, really good feature request. Will be good if you describe in our https://phabricator.accel-ppp.org/.
dimka88
Posts: 866
Joined: 13 Oct 2014, 05:51
Contact:

Re: VRF Implementation

Post by dimka88 »

Harun
Posts: 1
Joined: 17 May 2020, 16:25

Re: VRF Implementation

Post by Harun »

VRF does not work for non-shared interfaces, incoming traffic is not allowed.

Configuration:

Code: Select all

[ipoe]
verbose=1
interface=re:^eth2\.[0-9]*$,shared=0,mode=L2,ifcfg=1,start=up,start=dhcpv4,ipv6=0,proxy-arp=1,ip-unnumbered=1,mtu=1500
username=lua:qinq
lua-file=/config/user-data/accel-ppp/ipoe/username.lua
idle-timeout=1200
lease-time=240
check-mac-change=0
vlan-mon=eth2,100
Interface after session start:

Code: Select all

eth2.100@eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master internet state UP group default qlen 1000
    link/ether 5a:34:4d:88:14:7f brd ff:ff:ff:ff:ff:ff
    inet 100.64.193.254 peer 100.64.193.136/32 scope global eth2.100
       valid_lft forever preferred_lft forever
Host 100.64.193.136 cannot ping host 100.64.193.254:

Code: Select all

# tcpdump -nptei eth2.100
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on eth2.100, link-type EN10MB (Ethernet), snapshot length 262144 bytes
9a:b7:e2:26:00:24 > 5a:34:4d:88:14:7f, ethertype IPv4 (0x0800), length 70: 100.64.193.136 > 100.64.193.254: ICMP echo request, id 22017, seq 41988, length 36
If I manually configure the interface, then there is no problem:

Code: Select all

ip link set dev eth2.100 master internet
ip addr add 100.64.193.254 peer 100.64.193.136/32 dev eth2.100
dimka88
Posts: 866
Joined: 13 Oct 2014, 05:51
Contact:

Re: VRF Implementation

Post by dimka88 »

Hi @Harun, try patches from this task https://phabricator.accel-ppp.org/T61
Post Reply