1IP-VRF(8)                            Linux                           IP-VRF(8)
2
3
4

NAME

6       ip-vrf - run a command against a vrf
7

SYNOPSIS

9       ip vrf  { COMMAND | help }
10
11
12       ip vrf identify [ PID ]
13
14       ip vrf pids NAME
15
16       ip vrf exec [ NAME ] command...
17
18

DESCRIPTION

20       A VRF provides traffic isolation at layer 3 for routing, similar to how
21       a VLAN is used to isolate traffic at layer 2. Fundamentally, a VRF is a
22       separate routing table. Network devices are associated with a VRF by
23       enslaving the device to the VRF. At that point network addresses
24       assigned to the device are local to the VRF with host and connected
25       routes moved to the table associated with the VRF.
26
27       A process can specify a VRF using several APIs -- binding the socket to
28       the VRF device using SO_BINDTODEVICE, setting the VRF association using
29       IP_UNICAST_IF or IPV6_UNICAST_IF, or specifying the VRF for a specific
30       message using IP_PKTINFO or IPV6_PKTINFO.
31
32       By default a process is not bound to any VRF. An association can be set
33       explicitly by making the program use one of the APIs mentioned above or
34       implicitly using a helper to set SO_BINDTODEVICE for all IPv4 and IPv6
35       sockets (AF_INET and AF_INET6) when the socket is created. This ip-vrf
36       command is a helper to run a command against a specific VRF with the
37       VRF association inherited parent to child.
38
39
40       ip vrf exec [ NAME ] cmd ... - Run cmd against the named VRF
41
42              This command allows applications that are VRF unaware to be run
43              against a VRF other than the default VRF (main table). A command
44              can be run against the default VRF by passing the "default" as
45              the VRF name. This is useful if the current shell is associated
46              with another VRF (e.g, Management VRF).
47
48
49       ip vrf identify [PID] - Report VRF association for process
50
51              This command shows the VRF association of the specified process.
52              If PID is not specified then the id of the current process is
53              used.
54
55
56       ip vrf pids NAME - Report processes associated with the named VRF
57
58              This command shows all process ids that are associated with the
59              given VRF.
60
61

CAVEATS

63       This command requires a kernel compiled with CGROUPS and CGROUP_BPF
64       enabled.
65
66       The VRF helper *only* affects network layer sockets.
67
68

EXAMPLES

70       ip vrf exec red ssh 10.100.1.254
71              Executes ssh to 10.100.1.254 against the VRF red table.
72
73

SEE ALSO

75       ip(8), ip-link(8), ip-address(8), ip-route(8), ip-neighbor(8)
76
77

AUTHOR

79       Original Manpage by David Ahern
80
81
82
83iproute2                          7 Dec 2016                         IP-VRF(8)
Impressum