[Bug 2784] Add native support for routing domains / VRF

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Fri Feb 23 21:50:51 AEDT 2018


https://bugzilla.mindrot.org/show_bug.cgi?id=2784

--- Comment #38 from Luca Boccassi <luca.boccassi at gmail.com> ---
>  once cgroups v2 is stable and full-featured.

I admire your optimism! :-D

Yes I agree that it's a bit invasive as there are multiple sockets and
features to account for, and for the normal use case ip exec will
suffice when cgoups2 is complete (hope to see that before I retire :-P
).

There are other corner cases where, unless I'm mistaken, I think that
won't be enough though - for example, doing forwarding over a vrf and
connecting via another, eg:

ssh -r vrf-blue -L 192.168.122.1:9001:localhost:22226 192.168.122.1

or

ssh -L 192.168.122.1:9001:vrf-blue:localhost:22226 192.168.122.1

Since ip exec is an "all or nothing" deal (I'm not sure if there is a
BSD equivalent). Do you know of a way to achieve the same functionality
without changing the client?

Now strictly speaking I don't need these cases at $work so I'm not too
fussed about it, but some other users might want that at some point so
I thought it would be worth at least mentioning.

Thanks!

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.


More information about the openssh-bugs mailing list