On Wed, Aug 24, 2011 at 09:18:29AM -0400, Simon Perreault wrote: > On 2011-08-24 06:06, Brian Raaen wrote: > > The only issue with this is that the Linux box is not acting as a > > router, but as the egress devices. I'm trying to figure out how to > > properly get my application to 'color' the traffic. standard BSD > > sockets appear to have no concept of 'Labels'. > > Just FYI: on OpenBSD you can set the VRF (aka "routing table" or > "routing domain") per socket with code like this: > > int s, table; > s = socket(...); > table = 123; > setsockopt(s, IPPROTO_IP, SO_RTABLE, &table, sizeof(table)); > Or exec your commands wrapped in route -T$TABLE exec $*
Caveat: ipv6 vrf's did not work the last time I tried, and I think they still don't. OpenBSD should also do MPLS VPNs with the VRF's, but it's also pretty much experimental. It worked fine in a quick lab test at my last try, I should dig my lab notes and document it... Some things, like /etc/resolv.conf, still need some attention with VRFs.
