Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
| network_namespaces [2018/08/19 08:49] – [Overview] rpjday | network_namespaces [2018/08/19 16:24] (current) – [Roman Mashak] rpjday | ||
|---|---|---|---|
| Line 3: | Line 3: | ||
| How to use network namespaces and '' | How to use network namespaces and '' | ||
| - | Updated links: | + | Links: | 
| * [[http:// | * [[http:// | ||
| * [[https:// | * [[https:// | ||
| + | * [[http:// | ||
| + | * [[https:// | ||
| + | * [[https:// | ||
| + | * [[https:// | ||
| + | * [[https:// | ||
| + | * [[https:// | ||
| + | * [[https:// | ||
| + | * [[http:// | ||
| + | * [[https:// | ||
| + | * [[https:// | ||
| + | * [[https:// | ||
| - | Links: | ||
| - | |||
| - | * [[https:// | ||
| - | * [[http:// | ||
| - | * [[https:// | ||
| - | * [[http:// | ||
| - | * [[https:// | ||
| - | * [[https:// | ||
| ===== man ip-netns ===== | ===== man ip-netns ===== | ||
| Line 89: | Line 92: | ||
| Namespaces is a good solution. Something like this should work: | Namespaces is a good solution. Something like this should work: | ||
| - | ip netns add namespace1 | + | ip netns add ns1 | 
| - | ip netns add namespace2 | + | ip netns add ns2 | 
| - | ip link set eth1 netns namespace1 | + | ip link set eth1 netns ns1 | 
| - | ip link set eth2 netns namespace2 | + | ip link set eth2 netns ns2 | 
| - | ip netns exec namespace1 | + | ip netns exec ns1 \ | 
| ip addr add 10.42.42.42/ | ip addr add 10.42.42.42/ | ||
| - | ip netns exec namespace1 | + | ip netns exec ns1 \ | 
| ip link set eth1 up | ip link set eth1 up | ||
| - | ip netns exec namespace2 | + | ip netns exec ns2 \ | 
| ip addr add 10.42.42.24/ | ip addr add 10.42.42.24/ | ||
| - | ip netns exec namespace2 | + | ip netns exec ns2 \ | 
| ip link set eth2 up | ip link set eth2 up | ||
| - | ip netns exec namespace1 | + | ip netns exec ns1 \ | 
| ping 10.42.42.24 | ping 10.42.42.24 | ||
| Line 120: | Line 123: | ||
| the same without involving namespaces. It's a bit hackish but sometimes | the same without involving namespaces. It's a bit hackish but sometimes | ||
| convenient. I can dig if someone is interested. | convenient. I can dig if someone is interested. | ||
| + | </ | ||
| + | |||
| + | ==== Roman Mashak ==== | ||
| + | |||
| + | < | ||
| + | I used this in the past to test dual-port NIC over loopback cable, you | ||
| + | will need to ajust the script: | ||
| + | |||
| + | #!/bin/bash -x | ||
| + | |||
| + | ip=" | ||
| + | eth1=192.168.2.100 | ||
| + | eth2=192.168.2.101 | ||
| + | |||
| + | dev1=eth1 | ||
| + | dev2=eth2 | ||
| + | dev1mac=00: | ||
| + | dev2mac=00: | ||
| + | |||
| + | # fake client interfaces and addresses | ||
| + | dev=dummy0 | ||
| + | dev_mac=00: | ||
| + | |||
| + | # max fake clients supported for simulation | ||
| + | maxusers=3 | ||
| + | |||
| + | ## Create dummy device | ||
| + | ## Accepted parameters: | ||
| + | ## $1 - devname | ||
| + | ## $2 - devmac | ||
| + | ## $3 - subnet (e.g. 10.10.10) | ||
| + | ## $4 - max number of IP addresses to create on interface | ||
| + | setup_dummy() | ||
| + | { | ||
| + | #   sudo sh -c "echo 1 > / | ||
| + | # Enable tc hardware offload | ||
| + | # | ||
| + | |||
| + | $ip link add $1 address $2 type dummy | ||
| + | $ip link set $1 up | ||
| + | for i in `seq 1 $4`; | ||
| + | do | ||
| + | $ip addr add $3.$i/32 dev $1 | ||
| + | done | ||
| + | } | ||
| + | |||
| + | ## Delete dummy device | ||
| + | ## Accepted parameters: | ||
| + | ## $1 - devname | ||
| + | delete_dummy() | ||
| + | { | ||
| + | $ip link del $1 type dummy | ||
| + | } | ||
| + | |||
| + | setup_network() | ||
| + | { | ||
| + | # Send traffic eth3 <-> eth4 over loopback cable, where both interfaces | ||
| + | # eth3 and eth4 are in the same subnet. | ||
| + | # | ||
| + | # We assume that NetworkManager is not running and eth3/eth4 are configured | ||
| + | # via / | ||
| + | # | ||
| + | # 192.168.1.100/ | ||
| + | # 192.168.1.101/ | ||
| + | # | ||
| + | # Specify source IP address when sending the traffic: | ||
| + | # ping -I 192.168.1.100 192.168.1.101 | ||
| + | # | ||
| + | # | ||
| + | $ip neigh add $eth2 lladdr $dev2mac nud permanent dev $dev1 | ||
| + | $ip neigh add $eth1 lladdr $dev1mac nud permanent dev $dev2 | ||
| + | $ip route add table main $eth1 dev $dev2 | ||
| + | $ip route add table main $eth2 dev $dev1 | ||
| + | $ip rule add from all lookup local pref 100 | ||
| + | $ip rule del pref 0 | ||
| + | $ip rule add from $eth2 to $eth1 iif $dev1 lookup local pref 1 | ||
| + | $ip rule add from $eth1 to $eth2 iif $dev2 lookup local pref 2 | ||
| + | $ip rule add from $eth2 to $eth1 lookup main pref 3 | ||
| + | $ip rule add from $eth1 to $eth2 lookup main pref 4 | ||
| + | |||
| + | #  $ip rule add from 10.10.10.0/ | ||
| + | #  $ip rule add from 10.10.10.0/ | ||
| + | #  $ip rule add from $eth1 to 10.10.10.0/ | ||
| + | #  $ip rule add from $eth2 to 10.10.10.0/ | ||
| + | } | ||
| + | |||
| + | restore_network() | ||
| + | { | ||
| + | # FIX: hangs connections | ||
| + | $ip rule flush | ||
| + | $ip rule add priority 32767 lookup default | ||
| + | } | ||
| + | |||
| + | # | ||
| + | # | ||
| + | |||
| + | # | ||
| + | # | ||
| + | setup_network | ||
| </ | </ | ||