[FROG] how to make FRR know about configured netns on a centos system?

Roman Dodin dodin.roman at gmail.com
Sun Oct 28 03:25:05 EDT 2018


Thanks David!
Indeed I use a namespace to isolate the management interface of a centos
system from the data namespace which needs to run bgpd and ospfd

You said there is no provided way to run frr services in a non default
namespace and one needs to wire that themselves. But since this seems like
a very common approach to follow (separating management domain from
others), how does the community deal with it? Any examples maybe?

Thanks for you help

вс, 28 окт. 2018 г., 0:06 David Lamparter <equinox at diac24.net>:

> Hi Roman,
>
>
> depending on what you want to do, there are 2 different approaches to
> network namespaces with FRR:
>
> (a) using them to implement VRFs and have FRR be aware of them
> (b) using them to implement virtual routers and run FRR inside of them
>
> For a management interface separation -- where you don't need any
> interaction between the management and routing netns -- I would suggest
> you do (b).
>
> Now, unfortunately the standard init scripts won't start FRR in a
> network namespace for you.  You'll have to wire that up for yourself.
> But on the other hand, after that's done you just have a "normal" FRR
> installation and don't need to deal with VRFs.  If you want to run more
> than one FRR "virtual router", you can use the `-N` option.  In that
> case each netns runs the full set of all daemons.
>
> If you want to do (a), there is the `--vrfwnetns` option to pass to
> zebra at startup, but I don't actually know the details on this since I
> haven't run such a setup.
> [https://frrouting.readthedocs.io/en/latest/zebra.html#cmdoption-zebra-n]
>
> Lastly, if you want to use Linux kernel VRF support, that works by
> creating "vrf" type devices inside the 1 network namespace.
>
> Cheers,
>
>
> -David
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.frrouting.org/pipermail/frog/attachments/20181028/5fbb6370/attachment.html>


More information about the frog mailing list