On 23 August 2011 14:45, <na...@rhemasound.org> wrote: > While I have found some information on a project called linux-mpls I am > having a hard time finding any solid VRF framework for Linux. I have a > monitoring system that needs check devices that sit in overlapping private ip > space, and I was wondering if there is anyway I could use some kind or VRF > type solution that would allow me to label the "site" the traffic is intended > for. The upstream router supports VRF/MPLS, but I need to know how I can get > the server to label the traffic. I would appreciate any input.
I would probably go for the suggestion of (ab)using QoS tags for the routing table selection, but just to throw this alternate idea out there: 1.0.0.0/8 1:1 NATed to 10.0.0.0/8 marked to use routing table 1, which routes to network 1 2.0.0.0/8 1:1 NATed to 10.0.0.0/8 marked to use routing table 2, which routes to network 2 etc That way your application layer won't need any additional logic and can just deal with them as separate non-overlapping IP spaces, this won't work if you have too many overlapping networks (but then linux only supports 252 additional routing tables anyway afaik) or if you need external connectivity that can't be proxied. In a similar manner if your tools support IPv6 you could have a /96 that is NAT64'ed on to each different network, i'm not sure about this for a production setup although it would have the added benefit that you can expose these routes to your management network to provide easier access from your other machines if you wanted to. - Mike
