* SO_BINDTODEVICE in VRFs not working?
@ 2017-03-18 1:59 Daniele Orlandi
2017-03-18 5:54 ` David Ahern
0 siblings, 1 reply; 5+ messages in thread
From: Daniele Orlandi @ 2017-03-18 1:59 UTC (permalink / raw)
To: netdev
Hello,
I'm writing an application that should listen on a TCP port bound to an
inteface in a VRF.
The bind/listen sequence is the following:
int s = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
char *ifname = "eth1";
setsockopt(s, SOL_SOCKET, SO_BINDTODEVICE, ifname, strlen(ifname)+1);
struct sockaddr_in addr;
memset(&addr, 0, sizeof addr);
addr.sin_family = AF_INET;
addr.sin_port = htons(555);
addr.sin_addr.s_addr = inet_addr("0.0.0.0");
bind(s, (struct sockaddr *)&addr, sizeof(addr));
listen(s, 5);
The application is confirmed to be bound to the correct interface via "ss":
Netid State Local Address:Port Peer Address:Port
tcp LISTEN *%eth1:555 *:*
I can ping the interface address finely, however I get an RST whenever I
try to connect from a remote host:
$ ping 10.10.10.10
PING 10.10.10.10 (10.10.10.10) 56(84) bytes of data.
64 bytes from 10.10.10.10: icmp_seq=1 ttl=64 time=0.758 ms
64 bytes from 10.10.10.10: icmp_seq=2 ttl=64 time=0.350 ms
$ telnet 10.10.10.10 555
Trying 10.10.10.10...
telnet: Unable to connect to remote host: Connection refused
A similar piece of code without setsockopt run via "ip vrf exec" does
however work!
What am I doing wrong?!?!
Thank you!
--
Daniele Orlandi
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: SO_BINDTODEVICE in VRFs not working?
2017-03-18 1:59 SO_BINDTODEVICE in VRFs not working? Daniele Orlandi
@ 2017-03-18 5:54 ` David Ahern
2017-03-18 10:28 ` Rami Rosen
2017-03-18 12:02 ` Daniele Orlandi
0 siblings, 2 replies; 5+ messages in thread
From: David Ahern @ 2017-03-18 5:54 UTC (permalink / raw)
To: Daniele Orlandi, netdev
On 3/17/17 7:59 PM, Daniele Orlandi wrote:
>
> Hello,
>
> I'm writing an application that should listen on a TCP port bound to an
> inteface in a VRF.
>
> The bind/listen sequence is the following:
>
> int s = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
>
> char *ifname = "eth1";
Bind to the VRF device not an interface enslaved to it. I want to add
the option for enslaved interfaces but have not gotten around to it.
> setsockopt(s, SOL_SOCKET, SO_BINDTODEVICE, ifname, strlen(ifname)+1);
>
> struct sockaddr_in addr;
> memset(&addr, 0, sizeof addr);
> addr.sin_family = AF_INET;
> addr.sin_port = htons(555);
> addr.sin_addr.s_addr = inet_addr("0.0.0.0");
>
> bind(s, (struct sockaddr *)&addr, sizeof(addr));
>
> listen(s, 5);
>
> The application is confirmed to be bound to the correct interface via "ss":
>
> Netid State Local Address:Port Peer Address:Port
> tcp LISTEN *%eth1:555 *:*
>
> I can ping the interface address finely, however I get an RST whenever I
> try to connect from a remote host:
>
> $ ping 10.10.10.10
> PING 10.10.10.10 (10.10.10.10) 56(84) bytes of data.
> 64 bytes from 10.10.10.10: icmp_seq=1 ttl=64 time=0.758 ms
> 64 bytes from 10.10.10.10: icmp_seq=2 ttl=64 time=0.350 ms
>
> $ telnet 10.10.10.10 555
> Trying 10.10.10.10...
> telnet: Unable to connect to remote host: Connection refused
>
> A similar piece of code without setsockopt run via "ip vrf exec" does
> however work!
'ip vrf exec' binds sockets to the VRF.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: SO_BINDTODEVICE in VRFs not working?
2017-03-18 5:54 ` David Ahern
@ 2017-03-18 10:28 ` Rami Rosen
2017-03-20 3:08 ` David Ahern
2017-03-18 12:02 ` Daniele Orlandi
1 sibling, 1 reply; 5+ messages in thread
From: Rami Rosen @ 2017-03-18 10:28 UTC (permalink / raw)
To: David Ahern; +Cc: Daniele Orlandi, Netdev
Hi,
>Bind to the VRF device not an interface enslaved to it. I want to add
>the option for enslaved interfaces but have not gotten around to it.
Maybe this should be added as a note/TBD to the VRF documentation
(which does mention setsockopt with SO_BINDTODEVICE):
http://lxr.free-electrons.com/source/Documentation/networking/vrf.txt#L97
Regards,
Rami Rosen
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: SO_BINDTODEVICE in VRFs not working?
2017-03-18 5:54 ` David Ahern
2017-03-18 10:28 ` Rami Rosen
@ 2017-03-18 12:02 ` Daniele Orlandi
1 sibling, 0 replies; 5+ messages in thread
From: Daniele Orlandi @ 2017-03-18 12:02 UTC (permalink / raw)
To: David Ahern, netdev
On 18/03/2017 06:54, David Ahern wrote:
>
>> int s = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
>>
>> char *ifname = "eth1";
>
> Bind to the VRF device not an interface enslaved to it.
Oh... thanks, it was that simple...
Well, yes, I think it should be possible to bind to the specific
interfaces too although it's not what I was looking for.
Thank you,
Bye,
--
Daniele Orlandi
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: SO_BINDTODEVICE in VRFs not working?
2017-03-18 10:28 ` Rami Rosen
@ 2017-03-20 3:08 ` David Ahern
0 siblings, 0 replies; 5+ messages in thread
From: David Ahern @ 2017-03-20 3:08 UTC (permalink / raw)
To: Rami Rosen; +Cc: Daniele Orlandi, Netdev
On 3/18/17 4:28 AM, Rami Rosen wrote:
> Hi,
>
>> Bind to the VRF device not an interface enslaved to it. I want to add
>> the option for enslaved interfaces but have not gotten around to it.
>
> Maybe this should be added as a note/TBD to the VRF documentation
> (which does mention setsockopt with SO_BINDTODEVICE):
> http://lxr.free-electrons.com/source/Documentation/networking/vrf.txt#L97
I need a doc update to add the 'ip vrf exec'. I can add a to-do list as
well.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2017-03-20 3:08 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-03-18 1:59 SO_BINDTODEVICE in VRFs not working? Daniele Orlandi
2017-03-18 5:54 ` David Ahern
2017-03-18 10:28 ` Rami Rosen
2017-03-20 3:08 ` David Ahern
2017-03-18 12:02 ` Daniele Orlandi
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.