在 2019/10/23 18:16, Pablo Neira Ayuso 写道:
>>> 2) VLAN encapsulation:
>>>
>>> add vlan "network0" { type push; id 100; proto 0x8100; }
>>> add vlan "network1" { type update; id 101; }
>>> ... encap vlan set ip daddr map { 192.168.0.0/24 : "network0",
>>> 192.168.1.0/24 : "network1" }
>>>
>>> The idea is that the user specifies the vlan policy through object
>>> definition, eg. "network0" and "network1", then it applies this policy
>>> via the "encap vlan set" statement.
>>>
>>> This infrastructure should allow for more encapsulation protocols
>>> with little work, eg. MPLS.
>> So the tunnel already exist in nft_tunnel also can add in this encapsulation protocols
>> as ip.
>>
>> like ip-route
>>
>> encap ip id 100 dst 10.0.0.1?
> Not sure what you mean, please, extend your coment.
For the future there maybe can add a new nft_encap_type NFT_ENCAP_IP which contain all
the ip tunnels such as vxlan, gre etc. This type of encap already in the nft_tunnel.
>
