On Thu, Jul 9, 2015 at 7:19 PM, David Ahern <d...@cumulusnetworks.com> wrote:
> On the to-do list to use cmsg to specify a VRF for outbound packets using > non-connected sockets. I do not believe it is going to work, but need to > look into it. > >> What about setting ipsec policy for interfaces in the vrf? >From a purely parochial standpoint, how would rds sockets work in this model? Would the tcp encaps happen before or after the the vrf "driver" output? Same problem for NFS. >From a non-parochial standpoint. There are a *lot* of routing apps that >actually need more visibility into many details about the "slave" interface: e.g., OSPF, ARP snoop, IPSLA.. the list is pretty long. I think it's a bad idea to use a "driver" to represent a table lookup. Too many hacks will become necessary. --Sowmini -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
