[Bug 2784] New: Add native support for Linux VRF (via SO_BINDTODEVICE socket option)

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Tue Sep 26 03:33:35 AEST 2017


https://bugzilla.mindrot.org/show_bug.cgi?id=2784

            Bug ID: 2784
           Summary: Add native support for Linux VRF (via SO_BINDTODEVICE
                    socket option)
           Product: Portable OpenSSH
           Version: 7.6p1
          Hardware: All
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: luca.boccassi at gmail.com

Created attachment 3061
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3061&action=edit
patch

In the past couple of years the Linux kernel gained support for VRF.
Applications can bind to a specific VRF via the SO_BINDTODEVICE socket
option.
Add a new -B option that takes a string as a parameter to both ssh and
sshd, and use it to bind the socket.

https://www.kernel.org/doc/Documentation/networking/vrf.txt

Original mailing list thread  asking for this feature:
https://lists.mindrot.org/pipermail/openssh-unix-dev/2015-November/034525.html

A patch implementing the feature is attached. Tested by creating a VRF
and enslaving a virtual device to it, that connects to a VM. Tested
that the VM is reachable over the VRF, and not "normally".

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list