Howdy Folks!
I'm currently on switching to nftables framework, but I'm stalled a
little bit, my question is about table netdev and hook for ingress devices.
is there are possible ways to specify devices that are join to link
groups ( /etc/iproute2/group) like (type filter hook ingress devices [
group "bgpext" ] priority -400; policy accept;)?
# ip -br link show *group bgpext*
vmbr140018 UP 00:d8:79:fe:c7:ae
<BROADCAST,MULTICAST,UP,LOWER_UP>
vmbr140444 UP 00:d8:79:fe:c7:ab
<BROADCAST,MULTICAST,UP,LOWER_UP>
or there are exist possible ways to specify devices that are join to
specific vrf like (type filter hook ingress devices [ vrf "bgp" ]
priority -400; policy accept;)? I know I can specify device "bgp", but
this hook will not work, until I specify exact ether devices.
# ip -br link show *vrf bgp*
vmbr5000 UP 86:ec:4d:d2:61:32
<BROADCAST,MULTICAST,UP,LOWER_UP>
vmbr140018 UP 00:d8:79:fe:c7:ae
<BROADCAST,MULTICAST,UP,LOWER_UP>
vmbr140444 UP 00:d8:79:fe:c7:ab
<BROADCAST,MULTICAST,UP,LOWER_UP>
Yes, i know that I can manually add variables like that {dev1,
dev2....devn}, but I would more flex configuration template.
--
With Best Regards
Alov, igor
