Tunnel traffic in VRF
Serge
snp at z9.ru
Sun Jan 26 20:46:26 CET 2020
On Sat, 25 Jan 2020 at 14:24, Daniele Orlandi <daniele at orlandi.com> wrote:
> A proper binding to the correct VRF would be a better approach, however.
On user-level it can be done by SO_BINDTODEVICE socket option:
«Applications that are to work within a VRF need to bind their socket to
the VRF device:
setsockopt(sd, SOL_SOCKET, SO_BINDTODEVICE, dev, strlen(dev)+1);
»
But I am not sure how things work on kernel level.
It would be great to add an option like 'listen-interfaces':
wg set <interface> [listen-port <port>] [listen-interfaces
<interface1>[,<interface2>]... ]
[Interface]
ListenPort=54002
ListenInterfaces=vrf-red,vrf-green
This option can be useful in a non-VRF environment too.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20200126/95acd42e/attachment.html>
More information about the WireGuard
mailing list