Sandor, Not on the VRF usage side but there is a feature in MAAS 2.6 to have a better way to work in multi-homed environments (for bionic+ machines):
https://docs.maas.io/2.6/en/intro-new "Networking - Multiple default gateways" It relies on "routing policy database" (RPDB) functionality https://paste.ubuntu.com/p/xg6vFm8Hx7/ (netplan config, routing-policy sections are defined only for subnets that have a gateway configured in MAAS) At the target machine you will see something like this: # ip rule 0: from all lookup local 0: from 10.232.24.0/21 to 10.232.24.0/21 lookup main 0: from 10.232.40.0/21 to 10.232.40.0/21 lookup main 100: from 10.232.24.0/21 lookup 2 100: from 10.232.40.0/21 lookup 1 32766: from all lookup main 32767: from all lookup default # ip route show table 1 default via 10.232.40.1 dev b-enp4s0f0-2730 proto static # ip route show table 2 default via 10.232.24.1 dev b-enp4s0f0-2731 proto static This works well for TCP when responding to traffic (even when software listens on 0.0.0.0). For UDP a frequent server use-case is DNS servers and bind9 binds its UDP sockets to interface addresses directly as opposed to using 0.0.0.0 (some other DNS servers do the same, e.g. PowerDNS - they even have a post about it https://blog.powerdns.com/2012/10/08/on-binding-datagram-udp-sockets-to- the-any-addresses/). For sending, the policy rules will also kick in provided that a client socket (TCP or UDP) is bound to a specific address (so that the source IP is not automatically selected). This requires that the target software supports binding client sockets to specific addresses unfortunately. So far using static routes to summarized prefixes has been a solution for east-west traffic (because we control nodes managed by MAAS) and using the approach above for client responses to arbitrary networks (via https://jaas.ai/u/canonical-bootstack/policy-routing). After juju starts supporting this new MAAS feature https://bugs.launchpad.net/juju/+bug/1829150 we can stop using charm- policy-routing. I hope that helps while VRF functionality is not implemented. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1737428 Title: VRF support to solve routing problems associated with multi-homing To manage notifications about this bug go to: https://bugs.launchpad.net/juju/+bug/1737428/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
