|VRF within containers [message #48456]
||Thu, 18 October 2012 08:31
Registered: October 2012
When physical routers are used, they allow VRF based forwarding. They
can be made of Linux namespace.
However, when a container is being used to virtualize routers, it
prevents from running within each containers some VRF based packet
processing. For instance, assume that you have 10 containers running
MP-BGP into each containers; using MP-BGP, each container can manage 1
to few thousands of VRF (routing table).
With the current assumptions, assuming than MP-BGP uses namespace to
index the routing table, then it cannot support the combination of VRF
forwarding within each container/namespace.
A workaround can be to add a VRF attribute into each namespace so any
packet processing can be prefixed by an VR index (routing table, IPsec
SAD/SPD lookup, etc.).
Have you ever considered any other options like adding a VRF index into
Multicore Packet Processing Forum: