Page MenuHomeVyOS Platform

Extend VRF table number
Closed, DuplicatePublicENHANCEMENT

Description

We are limiting the table number in range 100-65535

vyos@r-left# set vrf name red table
Possible completions:
   <100-65535>          Routing table ID

But the actual range is 1-4294967295. and should exclude 253-255 which are used for the default routing tables

vyos@r-left:~$ sudo ip link add dev RED type vrf table 4294967295
vyos@r-left:~$
vyos@r-left:~$ ip -d link show dev RED
9: RED: <NOARP,MASTER> mtu 65575 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/ether 9e:2a:44:36:8f:d8 brd ff:ff:ff:ff:ff:ff promiscuity 0 allmulti 0 minmtu 1280 maxmtu 65575
    vrf table 4294967295 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535 tso_max_size 65536 tso_max_segs 65535 gro_max_size 65536 gso_ipv4_max_size 65536 gro_ipv4_max_size 65536
vyos@r-left:~$

Details

Version
-
Is it a breaking change?
Unspecified (possibly destroys the router)

Event Timeline

Viacheslav triaged this task as Wishlist priority.
Viacheslav changed the subtype of this task from "Feature Request" to "Enhancement".Apr 22 2024, 9:55 AM

I tried to extend the range, and seems it also relies on nftables conntrack zones

vyos@r4# compare 
+ vrf {
+     name blue {
+         table "4294967295"
+     }
+     name red {
+         table "1"
+     }
+ }


commit
vyos@r4# commit
[ vrf ]
VyOS had an issue completing a command.

Traceback (most recent call last):
  File "/usr/libexec/vyos/conf_mode/vrf.py", line 351, in <module>
    apply(c)
  File "/usr/libexec/vyos/conf_mode/vrf.py", line 308, in apply
    cmd(f'nft {nft_add_element}')
  File "/usr/lib/python3/dist-packages/vyos/utils/process.py", line 155, in cmd
    raise OSError(code, feedback)
PermissionError: [Errno 1] failed to run command: nft add element inet vrf_zones ct_iface_map { "blue" : 4294967295 }
returned: 
exit code: 1

noteworthy:
cmd 'nft add element inet vrf_zones ct_iface_map { "blue" : 4294967295 }'
returned (out):

returned (err):
Error: Value 4294967295 exceeds valid range 0-65535
add element inet vrf_zones ct_iface_map { blue : 4294967295 }
                                                 ^^^^^^^^^^

[[vrf]] failed
Commit failed
[edit]
vyos@r4#
Viacheslav claimed this task.

Care to elaborate on why this became "wontfix"?

At the meeting, we concluded that tables should not intersect with protocols static table x
This PR was just to make this use case when they intersect and have a more flexible configuration.
Without using the same tables, it makes no sense in this PR.
That's why it was closed