lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 09 Feb 2015 08:38:36 -0800
From:	roopa <roopa@...ulusnetworks.com>
To:	David Ahern <dsahern@...il.com>
CC:	netdev@...r.kernel.org, ebiederm@...ssion.com,
	Dinesh Dutt <ddutt@...ulusnetworks.com>,
	Vipin Kumar <vipin@...ulusnetworks.com>,
	Nicolas Dichtel <nicolas.dichtel@...nd.com>,
	hannes@...essinduktion.org
Subject: Re: [RFC PATCH 00/29] net: VRF support

On 2/5/15, 6:19 PM, David Ahern wrote:
> On 2/5/15 4:12 PM, roopa wrote:
>> Wondering if you have thought about some of the the below cases in your
>> approach to vrfs ?.
>> - Leaking routes from one vrf to another
>
> Can you give me an example of what you mean by this?

sorry for the delay in my response.
I cant say I know a lot about types of vrfs and vrf route leaking today :).
Hoping that i will catch up someday ;)

But I think it is needed to deploy VRF-lite (when MPLS is not in the 
picture).
And there maybe a need to leak routes from one VRF to another.
And the leaking can be done with static routes or dynamic using a 
routing protocol
I think (lot of content on the web for vrf route leaking).

I have been in discussions where namespaces are considered for vrfs..
and on the same lines as above there have been discussions on
  having the ability to add a route in one vrf with nexthop in another vrf
>
>> - route lookup in one vrf on failure to fallback to the global vrf (This
>> for example can be done using throw if we used ip rules and route tables
>> to do the same).
>> - A route in one vrf pointing to a nexthop in another vrf
>
> I have been more focused on the initial VRF infrastructure and have 
> not spent too much time on these use cases or other route lookup 
> features (e.g., allow an application to handle route lookup misses 
> similar to arp misses, allow custom route lookup modules) that are 
> needed to approach the feature richness provided by high end routers.
agreed. Thanks for opening up the vrf discussion!.
It will be good to consider all types of vrf deployments with any vrf 
solution we consider for the kernel.


Thanks,
Roopa


--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ