From 9219b5e2e0f2a9d6aa181fc6bc460459d727f399 Mon Sep 17 00:00:00 2001
From: Christian Breunig <christian@breunig.cc>
Date: Wed, 20 Dec 2023 22:25:47 +0100
Subject: vrf: T591: define sysctl setting for net.vrf.strict_mode

Enable/Disable VRF strict mode, when net.vrf.strict_mode=0 (default) it is
possible to associate multiple VRF devices to the same table. Conversely, when
net.vrf.strict_mode=1 a table can be associated to a single VRF device.

A VRF table can be used by the VyOS CLI only once (ensured by verify()), this
simply adds an additional Kernel safety net, but a requirement for IPv6 segment
routing headers.

(cherry picked from commit 10701108fecb36f7be7eb7ef5f1e54e63da5fb4e)
---
 src/etc/sysctl.d/30-vyos-router.conf | 8 --------
 1 file changed, 8 deletions(-)

(limited to 'src/etc')

diff --git a/src/etc/sysctl.d/30-vyos-router.conf b/src/etc/sysctl.d/30-vyos-router.conf
index 67d96969e..1c9b8999f 100644
--- a/src/etc/sysctl.d/30-vyos-router.conf
+++ b/src/etc/sysctl.d/30-vyos-router.conf
@@ -105,11 +105,3 @@ net.core.rps_sock_flow_entries = 32768
 net.core.default_qdisc=fq_codel
 net.ipv4.tcp_congestion_control=bbr
 
-# VRF - Virtual routing and forwarding
-# When net.vrf.strict_mode=0 (default) it is possible to associate multiple
-# VRF devices to the same table. Conversely, when net.vrf.strict_mode=1 a
-# table can be associated to a single VRF device.
-#
-# A VRF table can be used by the VyOS CLI only once (ensured by verify()),
-# this simply adds an additional Kernel safety net
-net.vrf.strict_mode=1
-- 
cgit v1.2.3