在一个Ubuntu主机上,我有两个相同的IP地址在两个不同的内核vrfs奴役的接口上configuration。 他们来了:
mikle@LabHost:~$ ip link show vrf VRF1401 7: enp3s0f0.1401@enp3s0f0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master VRF1401 state UP mode DEFAULT group default qlen 1000 link/ether c0:3f:d5:e9:76:c6 brd ff:ff:ff:ff:ff:ff 10: Lo1401: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue master VRF1401 state UNKNOWN mode DEFAULT group default qlen 1000 link/ether a6:45:5b:d6:bf:43 brd ff:ff:ff:ff:ff:ff mikle@LabHost:~$ ip link show vrf VRF1402 8: enp3s0f0.1402@enp3s0f0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master VRF1402 state UP mode DEFAULT group default qlen 1000 link/ether c0:3f:d5:e9:76:c6 brd ff:ff:ff:ff:ff:ff 11: Lo1402: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue master VRF1402 state UNKNOWN mode DEFAULT group default qlen 1000 link/ether 1a:7b:13:3a:5b:19 brd ff:ff:ff:ff:ff:ff mikle@LabHost:~$ ip addr show vrf VRF1401 7: enp3s0f0.1401@enp3s0f0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master VRF1401 state UP group default qlen 1000 link/ether c0:3f:d5:e9:76:c6 brd ff:ff:ff:ff:ff:ff inet 10.14.0.1/24 scope global enp3s0f0.1401 valid_lft forever preferred_lft forever inet6 fe80::c23f:d5ff:fee9:76c6/64 scope link valid_lft forever preferred_lft forever 10: Lo1401: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue master VRF1401 state UNKNOWN group default qlen 1000 link/ether a6:45:5b:d6:bf:43 brd ff:ff:ff:ff:ff:ff inet 10.14.100.100/32 scope global Lo1401 valid_lft forever preferred_lft forever inet6 fe80::a445:5bff:fed6:bf43/64 scope link valid_lft forever preferred_lft forever mikle@LabHost:~$ ip addr show vrf VRF1402 8: enp3s0f0.1402@enp3s0f0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master VRF1402 state UP group default qlen 1000 link/ether c0:3f:d5:e9:76:c6 brd ff:ff:ff:ff:ff:ff inet 10.14.0.1/24 scope global enp3s0f0.1402 valid_lft forever preferred_lft forever inet6 fe80::c23f:d5ff:fee9:76c6/64 scope link valid_lft forever preferred_lft forever 11: Lo1402: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue master VRF1402 state UNKNOWN group default qlen 1000 link/ether 1a:7b:13:3a:5b:19 brd ff:ff:ff:ff:ff:ff inet 10.14.100.100/32 scope global Lo1402 valid_lft forever preferred_lft forever inet6 fe80::187b:13ff:fe3a:5b19/64 scope link valid_lft forever preferred_lft forever mikle@LabHost:~$ ip route show vrf VRF1401 10.14.0.0/24 dev enp3s0f0.1401 proto kernel scope link src 10.14.0.1 mikle@LabHost:~$ ip route show vrf VRF1402 default via 10.14.0.11 dev enp3s0f0.1402 proto 186 metric 20 10.14.0.0/24 dev enp3s0f0.1402 proto kernel scope link src 10.14.0.1 Ubuntu是LTS 16.04更新的内核和ip实用程序mikle@LabHost:~$ ip -V ip utility, iproute2-ss161212 mikle@LabHost:~$ dpkg -s iproute2 Package: iproute2 Version: 4.9.0-1ubuntu1 mikle@LabHost:~$ uname -r 4.9.51-040951-lowlatency Vrfs正在工作,您可以在vrf VRF1402中看到来自外部对等点的bgp路由。
现在我想build立两个不同的非托pipel2tpv3隧道,从特定的接口中获取每一个隧道。 我使用的“ip”实用程序只提供绑定到本地ip地址,但ip地址在我的设置中不是唯一的。 “ip l2tp add tunnel”命令没有提供将隧道绑定到设备的选项,所以我没有看到特定的隧道如何configuration为使用第二个vrf的本地IP地址,而不是第一个vrf。
我的问题#1 :ip2pv3隧道如何通过将其套接字绑定到vrf设备来使其“vrf aware”使用与该vrf设备关联的路由表?
2.我也尝试创build一个隧道,然后将本地隧道会话接口限制到特定的vrf,但“ip l2tp add tunnel”失败:
mikle@LabHost:~$ sudo ip l2tp add tunnel tunnel_id 14011 peer_tunnel_id 1401 encap ip local 10.14.100.100 remote 10.14.0.11 RTNETLINK answers: Cannot assign requested address mikle@LabHost:~$ sudo ip l2tp add tunnel tunnel_id 14011 peer_tunnel_id 1401 encap ip local 10.14.0.1 remote 10.14.0.11 RTNETLINK answers: Cannot assign requested address
看来ip l2tp add tunnel试图在全局路由表中查找本地IP地址并失败? (我用grt检查了本地ip接口,它工作)
是否需要修补ip工具以支持将隧道源绑定到特定的vrf-ip-interface? 还是只是我的configuration问题?