Doc: Update documentation about VRFs and BFD
This commit is contained in:
parent
2de1e2062e
commit
8c703ecf73
1 changed files with 25 additions and 8 deletions
|
@ -671,14 +671,24 @@ agreement").
|
||||||
This is an optional description of the protocol. It is displayed as a
|
This is an optional description of the protocol. It is displayed as a
|
||||||
part of the output of 'show protocols all' command.
|
part of the output of 'show protocols all' command.
|
||||||
|
|
||||||
<tag><label id="proto-vrf">vrf "<m/text/"</tag>
|
<tag><label id="proto-vrf">vrf "<m/text/"|default</tag>
|
||||||
Associate the protocol with specific VRF. The protocol will be
|
Associate the protocol with specific VRF. The protocol will be
|
||||||
restricted to interfaces assigned to the VRF and will use sockets bound
|
restricted to interfaces assigned to the VRF and will use sockets bound
|
||||||
to the VRF. Appropriate VRF interface must exist on OS level. For kernel
|
to the VRF. A corresponding VRF interface must exist on OS level. For
|
||||||
protocol, an appropriate table still must be explicitly selected by
|
kernel protocol, an appropriate table still must be explicitly selected
|
||||||
<cf/table/ option. Note that for proper VRF support it is necessary to
|
by <cf/table/ option.
|
||||||
use Linux kernel version at least 4.14, older versions have limited VRF
|
|
||||||
implementation.
|
By selecting <cf/default/, the protocol is associated with the default
|
||||||
|
VRF; i.e., it will be restricted to interfaces not assigned to any
|
||||||
|
regular VRF. That is different from not specifying <cf/vrf/ at all, in
|
||||||
|
which case the protocol may use any interface regardless of its VRF
|
||||||
|
status.
|
||||||
|
|
||||||
|
Note that for proper VRF support it is necessary to use Linux kernel
|
||||||
|
version at least 4.14, older versions have limited VRF implementation.
|
||||||
|
Before Linux kernel 5.0, a socket bound to a port in default VRF collide
|
||||||
|
with others in regular VRFs. In BGP, this can be avoided by using
|
||||||
|
<ref id="bgp-strict-bind" name="strict bind"> option.
|
||||||
|
|
||||||
<tag><label id="proto-channel"><m/channel name/ [{<m/channel config/}]</tag>
|
<tag><label id="proto-channel"><m/channel name/ [{<m/channel config/}]</tag>
|
||||||
Every channel must be explicitly stated. See the protocol-specific
|
Every channel must be explicitly stated. See the protocol-specific
|
||||||
|
@ -1896,12 +1906,11 @@ the BFD session went down).
|
||||||
advanced features like the echo mode or authentication are not implemented), IP
|
advanced features like the echo mode or authentication are not implemented), IP
|
||||||
transport for BFD as defined in <rfc id="5881"> and <rfc id="5883"> and
|
transport for BFD as defined in <rfc id="5881"> and <rfc id="5883"> and
|
||||||
interaction with client protocols as defined in <rfc id="5882">.
|
interaction with client protocols as defined in <rfc id="5882">.
|
||||||
We currently support at most one protocol instance.
|
|
||||||
|
|
||||||
<p>BFD packets are sent with a dynamic source port number. Linux systems use by
|
<p>BFD packets are sent with a dynamic source port number. Linux systems use by
|
||||||
default a bit different dynamic port range than the IANA approved one
|
default a bit different dynamic port range than the IANA approved one
|
||||||
(49152-65535). If you experience problems with compatibility, please adjust
|
(49152-65535). If you experience problems with compatibility, please adjust
|
||||||
<cf>/proc/sys/net/ipv4/ip_local_port_range</cf>
|
<cf>/proc/sys/net/ipv4/ip_local_port_range</cf>.
|
||||||
|
|
||||||
<sect1>Configuration
|
<sect1>Configuration
|
||||||
<label id="bfd-config">
|
<label id="bfd-config">
|
||||||
|
@ -1918,6 +1927,14 @@ configuration is often sufficient.
|
||||||
<p>Note that to use BFD for other protocols like OSPF or BGP, these protocols
|
<p>Note that to use BFD for other protocols like OSPF or BGP, these protocols
|
||||||
also have to be configured to request BFD sessions, usually by <cf/bfd/ option.
|
also have to be configured to request BFD sessions, usually by <cf/bfd/ option.
|
||||||
|
|
||||||
|
<p>A BFD instance not associated with any VRF handles session requests from all
|
||||||
|
other protocols, even ones associated with a VRF. Such setup would work for
|
||||||
|
single-hop BFD sessions if <cf/net.ipv4.udp_l3mdev_accept/ sysctl is enabled,
|
||||||
|
but does not currently work for multihop sessions. Another approach is to
|
||||||
|
configure multiple BFD instances, one for each VRF (including the default VRF).
|
||||||
|
Each BFD instance associated with a VRF (regular or default) only handles
|
||||||
|
session requests from protocols in the same VRF.
|
||||||
|
|
||||||
<p>Some of BFD session options require <m/time/ value, which has to be specified
|
<p>Some of BFD session options require <m/time/ value, which has to be specified
|
||||||
with the appropriate unit: <m/num/ <cf/s/|<cf/ms/|<cf/us/. Although microseconds
|
with the appropriate unit: <m/num/ <cf/s/|<cf/ms/|<cf/us/. Although microseconds
|
||||||
are allowed as units, practical minimum values are usually in order of tens of
|
are allowed as units, practical minimum values are usually in order of tens of
|
||||||
|
|
Loading…
Reference in a new issue