Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
network_namespaces [2018/08/19 09:02] – [Overview] rpjdaynetwork_namespaces [2018/08/19 16:24] (current) – [Roman Mashak] rpjday
Line 11: Line 11:
     * [[https://lwn.net/Articles/531114/#series_index|Full namespace series]]     * [[https://lwn.net/Articles/531114/#series_index|Full namespace series]]
   * [[https://serverfault.com/questions/568839/linux-network-namespaces-ping-fails-on-specific-veth|Linux network namespaces - ping fails on specific veth (Server Fault, 2014)]]   * [[https://serverfault.com/questions/568839/linux-network-namespaces-ping-fails-on-specific-veth|Linux network namespaces - ping fails on specific veth (Server Fault, 2014)]]
 +  * [[https://www.slideshare.net/MikeWilson35/linux-network-namespaces|Linux network namespaces (Mike Wilson Slideshare (Aug 2015)]]
   * [[https://www.dasblinkenlichten.com/an-introduction-to-network-namespaces/|An introduction to network namespaces (Das Blinken Lichten, Oct 2015)]]   * [[https://www.dasblinkenlichten.com/an-introduction-to-network-namespaces/|An introduction to network namespaces (Das Blinken Lichten, Oct 2015)]]
   * [[https://blogs.igalia.com/dpino/2016/04/10/network-namespaces/|Network namespaces (Unweaving the web, Apr 2016)]]   * [[https://blogs.igalia.com/dpino/2016/04/10/network-namespaces/|Network namespaces (Unweaving the web, Apr 2016)]]
Line 91: Line 92:
 Namespaces is a good solution. Something like this should work: Namespaces is a good solution. Something like this should work:
  
-ip netns add namespace1 +ip netns add ns1 
-ip netns add namespace2+ip netns add ns2
  
-ip link set eth1 netns namespace1 +ip link set eth1 netns ns1 
-ip link set eth2 netns namespace2+ip link set eth2 netns ns2
  
-ip netns exec namespace1 \+ip netns exec ns1 \
         ip addr add 10.42.42.42/24 dev eth1         ip addr add 10.42.42.42/24 dev eth1
  
-ip netns exec namespace1 \+ip netns exec ns1 \
         ip link set eth1 up         ip link set eth1 up
  
-ip netns exec namespace2 \+ip netns exec ns2 \
         ip addr add 10.42.42.24/24 dev eth2         ip addr add 10.42.42.24/24 dev eth2
  
-ip netns exec namespace2 \+ip netns exec ns2 \
         ip link set eth2 up         ip link set eth2 up
  
-ip netns exec namespace1 \+ip netns exec ns1 \
         ping 10.42.42.24         ping 10.42.42.24
  
Line 122: Line 123:
 the same without involving namespaces. It's a bit hackish but sometimes the same without involving namespaces. It's a bit hackish but sometimes
 convenient. I can dig if someone is interested. convenient. I can dig if someone is interested.
 +</code>
 +
 +==== Roman Mashak ====
 +
 +<code>
 +I used this in the past to test dual-port NIC over loopback cable, you
 +will need to ajust the script:
 +
 +#!/bin/bash -x
 +
 +ip="sudo $HOME/bin/ip"
 +eth1=192.168.2.100
 +eth2=192.168.2.101
 +
 +dev1=eth1
 +dev2=eth2
 +dev1mac=00:1b:21:9b:24:b4
 +dev2mac=00:1b:21:9b:24:b5
 +
 +# fake client interfaces and addresses
 +dev=dummy0
 +dev_mac=00:00:00:00:00:11
 +
 +# max fake clients supported for simulation
 +maxusers=3
 +
 +## Create dummy device
 +## Accepted parameters:
 +##    $1 - devname
 +##    $2 - devmac
 +##    $3 - subnet (e.g. 10.10.10)
 +##    $4 - max number of IP addresses to create on interface
 +setup_dummy()
 +{
 +#   sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"
 +   # Enable tc hardware offload
 +#   ethtool -K $SGW_DEV hw-tc-offload on
 +
 +   $ip link add $1 address $2 type dummy
 +   $ip link set $1 up
 +   for i in `seq 1 $4`;
 +   do
 +      $ip addr add $3.$i/32 dev $1
 +   done
 +}
 +
 +## Delete dummy device
 +## Accepted parameters:
 +##    $1 - devname
 +delete_dummy()
 +{
 +  $ip link del $1 type dummy
 +}
 +
 +setup_network()
 +{
 +  # Send traffic eth3 <-> eth4 over loopback cable, where both interfaces
 +  # eth3 and eth4 are in the same subnet.
 +  #
 +  # We assume that NetworkManager is not running and eth3/eth4 are configured
 +  # via /etc/network/interfaces:
 +  #
 +  # 192.168.1.100/32 dev eth3
 +  # 192.168.1.101/32 dev eth4
 +  #
 +  # Specify source IP address when sending the traffic:
 +  # ping -I 192.168.1.100 192.168.1.101
 +  #
 +  #
 +  $ip neigh add $eth2 lladdr $dev2mac nud permanent dev $dev1
 +  $ip neigh add $eth1 lladdr $dev1mac nud permanent dev $dev2
 +  $ip route add table main $eth1 dev $dev2
 +  $ip route add table main $eth2 dev $dev1
 +  $ip rule add from all lookup local pref 100
 +  $ip rule del pref 0
 +  $ip rule add from $eth2 to $eth1 iif $dev1 lookup local pref 1
 +  $ip rule add from $eth1 to $eth2 iif $dev2 lookup local pref 2
 +  $ip rule add from $eth2 to $eth1 lookup main pref 3
 +  $ip rule add from $eth1 to $eth2 lookup main pref 4
 +
 +#  $ip rule add from 10.10.10.0/24 to $eth1 iif $dev1 lookup local pref 5
 +#  $ip rule add from 10.10.10.0/24 to $eth2 iif $dev2 lookup local pref 6
 +#  $ip rule add from $eth1 to 10.10.10.0/24 iif $dev2 lookup local pref 7
 +#  $ip rule add from $eth2 to 10.10.10.0/24 iif $dev1 lookup local pref 8
 +}
 +
 +restore_network()
 +{
 +  # FIX: hangs connections
 +  $ip rule flush
 +  $ip rule add priority 32767 lookup default
 +}
 +
 +#delete_dummy dummy0
 +#delete_dummy dummy1
 +
 +#setup_dummy dummy0 00:00:00:00:00:11 10.10.10 3
 +#setup_dummy dummy1 00:00:00:00:00:22 20.20.20 3
 +setup_network
 </code> </code>
  • network_namespaces.1534669359.txt.gz
  • Last modified: 2018/08/19 09:02
  • by rpjday