On 10/13/21 12:50 AM, Leonard Crestez wrote:
Multiple VRFs are generally meant to be "separate" but right now md5
keys for the default VRF also affect connections inside VRFs if the IP
addresses happen to overlap.
So far the combination of TCP_MD5SIG_IFINDEX with tcpm_ifindex == 0
TCP_MD5SIG_IFINDEX does not exist in net-next and it was not added by
patch 1 or this patch.