I agree with your explanation that the confusion stems from the fact that TUNNEL uses tunneldomain as well as MPLS.
Thank you for your explanation. -- ASOU Masato From: Sebastian Benoit <be...@openbsd.org> Date: Thu, 14 Jul 2022 10:10:52 +0200 > The manpage is correct here. > > Routing tables (rtable) and routing domains (rdomain) are intermingled in > that a rdomain has at least one rtable (with the same ID). But it can have > multiple rtables, see rtable(4). > > There are 2 settings that can be configured: > > * the tunnel interfaces' rdomain, keyword "rdomain": The tunnel interface is > in this rdomain and will receive encapsulated packets in that rdomain and > send encapsulated packets in that rdomain. This is the same setting that can > also be applied to all interface types. > > * the tunnel interfaces routing table, keyword "tunneldomain": This is the > routing table that is used for packets coming out of the tunnel. This > implies a routing domain, the one the rtable belongs to. > > I think the confusion comes from the reuse of the "tunneldomain" keyword in > ifconfig (mpls interfaces have that setting too, where it actually wants a > rdomain ID as argument). In hindsight, it might have been clearer to use a > new keyword like "tunnelrtable", but that was not done. Also how rdomains > and rtables work is a bit hard to understand. > > Best, > Benno > > YASUOKA Masahiko(yasu...@openbsd.org) on 2022.07.14 15:41:54 +0900: >> Hello, >> >> On Thu, 14 Jul 2022 14:09:52 +0900 (JST) >> Masato Asou <a...@soum.co.jp> wrote: >> > The TUNNEL in the man ifconfig(8) is described as follows: >> > >> > TUNNEL >> > </snip> >> > tunneldomain rtable >> > ^^^^^^here >> > Use routing table rtable instead of the default table. The >> > ^^^^^^here >> > tunnel does not need to terminate in the same routing domain >> > as >> > the interface itself. rtable can be set to any valid routing >> > ^^^^^^here >> > table ID; the corresponding routing domain is derived from >> > this >> > table. >> > >> > -tunneldomain >> > Use the default routing table and routing domain 0. >> > >> > Shouldn't rdomain be specified for TUNNELDOMAIN, not rtable? >> >> I think it actually means rtable. >> >> > When tunneldomain is set, rdomain is displayed and Rdomain 1 is >> > created as shown below: >> > >> > $ netstat -R >> > Rdomain 0 >> > Interfaces: lo0 em0 enc0 pflog0 gif0 >> > Routing table: 0 >> > >> > $ doas ifconfig gif0 tunneldomain 1 >> > 0 asou@asou-curr: ~ 14:04:15 >> > $ ifconfig gif0 >> > gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280 >> > index 7 priority 0 llprio 3 >> > encap: txprio payload rxprio payload >> > groups: gif >> > tunnel: (unset) ttl 64 nodf ecn rdomain 1 >> > $ netstat -R >> > Rdomain 0 >> > Interfaces: lo0 em0 enc0 pflog0 gif0 wg0 >> > Routing table: 0 >> > >> > Rdomain 1 >> > Interface: lo1 >> > Routing table: 1 >> > >> > $ >> >> Which version? This doesn't match my test. >> >> # ifconfig >> lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 32768 >> index 3 priority 0 llprio 3 >> groups: lo >> inet6 ::1 prefixlen 128 >> inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 >> inet 127.0.0.1 netmask 0xff000000 >> em0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500 >> lladdr 52:54:00:12:34:56 >> index 1 priority 0 llprio 3 >> media: Ethernet autoselect (1000baseT full-duplex) >> status: active >> enc0: flags=0<> >> index 2 priority 0 llprio 3 >> groups: enc >> status: active >> pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33136 >> index 4 priority 0 llprio 3 >> groups: pflog >> # >> # netstat -R >> Rdomain 0 >> Interfaces: lo0 em0 enc0 pflog0 >> Routing table: 0 >> >> # >> # ifconfig gif0 tunneldomain 1 >> ifconfig: SIOCSLIFPHYRTABLE: Invalid argument >> # >> >> tunneldomain X fails if X doesn't exist. >> >> Also, >> >> # route -T1 add 10.0.0.0/8 127.0.0.1 >> add net 10.0.0.0/8: gateway 127.0.0.1 >> # >> >> create a rtable 1 by creating a dummy route. >> >> # ifconfig gif0 tunneldomain 1 >> # >> # ifconfig gif0 >> gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280 >> index 5 priority 0 llprio 3 >> encap: txprio payload rxprio payload >> groups: gif >> tunnel: (unset) ttl 64 nodf ecn rdomain 1 >> >> the command becomes ok. >> >> # >> # netstat -R >> Rdomain 0 >> Interfaces: lo0 em0 enc0 pflog0 gif0 >> Routing tables: 0 1 >> >> # sysctl kern.version >> kern.version=OpenBSD 7.1 (GENERIC.MP) #465: Mon Apr 11 18:03:57 MDT 2022 >> dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP >> >> # >> >> It seems a rtable can be specified for "tunneldomain". >> >
