在 ubuntu 主机上,我在两个接口上配置了两个相同的 ip 地址,这两个接口隶属于两个不同的内核 vrfs。它们如下:
mikle@LabHost:~$ ip link show vrf VRF1401
7: enp3s0f0.1401@enp3s0f0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master VRF1401 state UP mode DEFAULT group default qlen 1000
link/ether c0:3f:d5:e9:76:c6 brd ff:ff:ff:ff:ff:ff
10: Lo1401: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue master VRF1401 state UNKNOWN mode DEFAULT group default qlen 1000
link/ether a6:45:5b:d6:bf:43 brd ff:ff:ff:ff:ff:ff
mikle@LabHost:~$ ip link show vrf VRF1402
8: enp3s0f0.1402@enp3s0f0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master VRF1402 state UP mode DEFAULT group default qlen 1000
link/ether c0:3f:d5:e9:76:c6 brd ff:ff:ff:ff:ff:ff
11: Lo1402: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue master VRF1402 state UNKNOWN mode DEFAULT group default qlen 1000
link/ether 1a:7b:13:3a:5b:19 brd ff:ff:ff:ff:ff:ff
mikle@LabHost:~$ ip addr show vrf VRF1401
7: enp3s0f0.1401@enp3s0f0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master VRF1401 state UP group default qlen 1000
link/ether c0:3f:d5:e9:76:c6 brd ff:ff:ff:ff:ff:ff
inet 10.14.0.1/24 scope global enp3s0f0.1401
valid_lft forever preferred_lft forever
inet6 fe80::c23f:d5ff:fee9:76c6/64 scope link
valid_lft forever preferred_lft forever
10: Lo1401: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue master VRF1401 state UNKNOWN group default qlen 1000
link/ether a6:45:5b:d6:bf:43 brd ff:ff:ff:ff:ff:ff
inet 10.14.100.100/32 scope global Lo1401
valid_lft forever preferred_lft forever
inet6 fe80::a445:5bff:fed6:bf43/64 scope link
valid_lft forever preferred_lft forever
mikle@LabHost:~$ ip addr show vrf VRF1402
8: enp3s0f0.1402@enp3s0f0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master VRF1402 state UP group default qlen 1000
link/ether c0:3f:d5:e9:76:c6 brd ff:ff:ff:ff:ff:ff
inet 10.14.0.1/24 scope global enp3s0f0.1402
valid_lft forever preferred_lft forever
inet6 fe80::c23f:d5ff:fee9:76c6/64 scope link
valid_lft forever preferred_lft forever
11: Lo1402: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue master VRF1402 state UNKNOWN group default qlen 1000
link/ether 1a:7b:13:3a:5b:19 brd ff:ff:ff:ff:ff:ff
inet 10.14.100.100/32 scope global Lo1402
valid_lft forever preferred_lft forever
inet6 fe80::187b:13ff:fe3a:5b19/64 scope link
valid_lft forever preferred_lft forever
mikle@LabHost:~$ ip route show vrf VRF1401
10.14.0.0/24 dev enp3s0f0.1401 proto kernel scope link src 10.14.0.1
mikle@LabHost:~$ ip route show vrf VRF1402
default via 10.14.0.11 dev enp3s0f0.1402 proto 186 metric 20
10.14.0.0/24 dev enp3s0f0.1402 proto kernel scope link src 10.14.0.1
Ubuntu 是 LTS 16.04,具有更新的内核和 ip 实用程序
mikle@LabHost:~$ ip -V ip utility, iproute2-ss161212 mikle@LabHost:~$ dpkg -s iproute2 Package: iproute2 Version: 4.9.0-1ubuntu1 mikle@LabHost:~$ uname -r 4.9.51-040951-lowlatency
Vrfs 正在运行,您可以在 vrf VRF1402 中看到来自外部对等点的 bgp 路由。
现在我想设置两个不同的非托管 l2tpv3 隧道,每个隧道都来自特定接口。我使用的“ip”实用程序仅提供与本地 ip 地址的绑定,但 ip 地址在我的设置中不是唯一的。“ip l2tp add tunnel”命令不提供将隧道绑定到设备的选项,因此我不知道如何将特定隧道配置为使用第二个 vrf 的本地 ip 地址,而不是第一个 vrf。
我的问题 #1:如何通过将其套接字绑定到 vrf 设备,使 ip lt2pv3 隧道实现“vrf 感知”,以使用与该 vrf 设备关联的路由表?
2.我也尝试过创建一个隧道,然后将本地隧道会话接口奴役到特定的 vrf,但是“ip l2tp add tunnel”失败:
mikle@LabHost:~$ sudo ip l2tp add tunnel tunnel_id 14011 peer_tunnel_id 1401 encap ip local 10.14.100.100 remote 10.14.0.11 RTNETLINK answers: Cannot assign requested address mikle@LabHost:~$ sudo ip l2tp add tunnel tunnel_id 14011 peer_tunnel_id 1401 encap ip local 10.14.0.1 remote 10.14.0.11 RTNETLINK answers: Cannot assign requested address
它似乎ip l2tp add tunnel尝试在全局路由表中找到本地 IP 地址并失败了?(我已经使用 grt 中的本地 ip 接口检查过,它可以工作)
是否需要修补 ip 实用程序以支持将隧道源绑定到特定的 vrf-ip-interface?还是这只是我的配置问题?