On 4/18/16 9:47 AM, Jiri Pirko wrote:
Proposed solutions (ideas):
1) per-netns. Add a procfs file:
/proc/sys/net/ipv4/route/fib_offload_error_policy
with values: "evict" - default, current behaviour
"fail" - propagate offload error to user
The policy value would be stored in struct net.
2) per-VRF/table
When user creates a VRF master, he specifies a table ID
this VRF is going to use. I propose to extend this so
he can pass a policy ("evict"/"fail").
The policy value would be stored in struct fib_table or
struct fib6_table. The problem is that vfr only saves
table ID, allocates dst but does not actually create
table. That might be created later. But I think this
could be resolved.
Yes, we have a local patch where I do create the table for IPv6. Can do
that for IPv4 as well. Some other clean ups are needed in this area -
like the ability to delete a table
3) per-VFR/master_netdev
In this case, the policy would be also set during
the creation of VFR master. From user perspective,
this looks same as 2)
The policy value would be stored in struct net_vrf (vrf private).
The VRF device is really only used for guiding lookups, not inserting
routes.
A per table/VRF policy (option 2) seems more appropriate.
