Hi.
On Sat, Dec 29, 2018 at 01:31:02PM +0800, Simon Jones wrote:
> Hi all,
>
> This is my OS:
>
> > # uname -a
> > Linux dut211 4.9.0-7-amd64 #1 SMP Debian 4.9.110-3+deb9u2 (2015-12-19)
> > x86_64 GNU/Linux
That's not a kernel 4.3, for starters. And it's outdated, consider
upgrading. Does not affect your problem though.
> Now I have to rewrite /etc/network/interfaces to implement this function,
> but I got errors, so I want to know if there is demo about how to define
> VRF interface and implement VRF function in /etc/network/interfaces.
>
> As I follow your man file, I don't know how to do, and gots errors.
Usual debugging of interfaces(5) involves 'ifup -v' and 'ifdown -v'.
> This is my try on this feature, rewrite /etc/network/interfaces like this
>
> iface eth0 inet static
> > address 172.18.8.211
> > netmask 255.255.255.0
> > ########## management network policy routing rules
> > # management port up rules
> > up ip -4 link add mgmtvrf type vrf table 10
> > up ip -4 link set dev mgmtvrf up
> > up ip -4 link set dev eth0 master mgmtvrf
> > up ip -4 route add default via 172.18.8.1 dev eth0 table 10
> > up ip -4 route add 172.18.8.0/24 dev eth0 table 10
> > up ip -4 rule add from 172.18.8.211/32 table 10
> > post-up sysctl -w net.ipv4.tcp_l3mdev_accept=1
> > # management port down rules
> > down ip -4 route delete default via 172.18.8.1 dev eth0 table 10
> > down ip -4 route delete 172.18.8.0/24 dev eth0 table 10
> > down ip -4 rule delete from 172.18.8.211/32 table 10
> > down ip -4 link set dev eth0 nomaster
'-4' is redundant here (you either modify L2 entities or it can be
guessed from the context), you might remove it as well.
> This is errors I got
>
> Dec 29 02:38:48 dut211 ifup[8690]: RTNETLINK answers: File exists
This. Everything else in your log is useless.
A simple test shows that:
$ ifup -v eth0
ifup: configuring interface eth0=eth0 (inet)
/bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d
/bin/ip addr add 172.18.8.211/255.255.255.0 broadcast 172.18.8.255
dev eth0 label eth0
/bin/ip link set dev eth0 up
ip -4 link add mgmtvrf type vrf table 10
ip -4 link set dev mgmtvrf up
ip -4 link set dev eth0 master mgmtvrf
ip -4 route add default via 172.18.8.1 dev eth0 table 10
ip -4 route add 172.18.8.0/24 dev eth0 table 10
RTNETLINK answers: File exists
ifup: failed to bring up eth0
So, it's all good until you try to add an additional route to
172.18.8.0/24, because this route is there already:
$ ip ro l table 10
broadcast 172.18.8.0 dev eth0 proto kernel scope link src 172.18.8.211
172.18.8.0/24 dev eth0 proto kernel scope link src 172.18.8.211
local 172.18.8.211 dev eth0 proto kernel scope host src 172.18.8.211
broadcast 172.18.8.255 dev eth0 proto kernel scope link src 172.18.8.211
And you've got your 'down' rules wrong, you should delete your custom
'mgmtvrf' interface:
# ifdown eth0
# ip a l dev mgmtvrf
5: mgmtvrf: <NOARP,MASTER,UP,LOWER_UP> mtu 65536 qdisc noqueue state UP
group default qlen 1000
link/ether 4a:dc:f1:71:c7:00 brd ff:ff:ff:ff:ff:ff
And, of course, there's a leftover kernel knob:
# /sbin/sysctl net.ipv4.tcp_l3mdev_accept
net.ipv4.tcp_l3mdev_accept = 1
Summing all this up:
iface eth0 inet static
address 172.18.8.211
netmask 255.255.255.0
########## management network policy routing rules
# management port up rules
up ip link add mgmtvrf type vrf table 10
up ip link set dev mgmtvrf up
up ip link set dev eth0 master mgmtvrf
up ip route add default via 172.18.8.1 dev eth0 table 10
up ip rule add from 172.18.8.211/32 table 10
post-up sysctl -qw net.ipv4.tcp_l3mdev_accept=1
# management port down rules
down ip -4 route delete default via 172.18.8.1 dev eth0 table 10
down ip -4 route delete 172.18.8.0/24 dev eth0 table 10
down ip -4 rule delete from 172.18.8.211/32 table 10
down ip -4 link set dev eth0 nomaster
down ip -4 link del mgmtvrf
post-down sysctl -qw net.ipv4.tcp_l3mdev_accept=0
Reco
