Tunnel traffic in VRF

Daniele Orlandi daniele at orlandi.com
Sat Jan 25 15:10:42 CET 2020


On 25/01/2020 07:55, Steven Honson wrote:
> Hi Daniele,
> 
> By VRFs, do you mean Linux network namespaces, or something different?

They are a different feature. In short VRFs are separate routing tables
to provide routing isolation. They are somewhat different with respect
to namespaces as the isolation is visible to userspace.

In the meantime I was able to find a workaround by setting the sysctl
variable:

net.ipv4.udp_l3mdev_accept=1

this way the socket that is created in the default VRF is automatically
visible in all VRFs.

A proper binding to the correct VRF would be a better approach, however.

Regards,

-- 
  Daniele Orlandi


More information about the WireGuard mailing list