===== Overview =====

How to use network namespaces and ''ip netns'' to tie two ports together in order to ping out one port and to the other.

Links:

  * [[http://man7.org/linux/man-pages/man8/ip-netns.8.html|ip-netns (8) man page]]
  * [[https://blog.scottlowe.org/2013/09/04/introducing-linux-network-namespaces/|Introducing Linux Network Namespaces (Scott Lowe's Blog, Sep 2013)]]
  * [[http://www.opencloudblog.com/?p=42|Linux Network Namespaces (Open Cloud Blog, Sep 2013)]]
  * [[https://lwn.net/Articles/580893/|Namespaces in operation, part 7: Network namespaces (LWN.net, Jan 2014)]]
    * [[https://lwn.net/Articles/531114/#series_index|Full namespace series]]
  * [[https://serverfault.com/questions/568839/linux-network-namespaces-ping-fails-on-specific-veth|Linux network namespaces - ping fails on specific veth (Server Fault, 2014)]]
  * [[https://www.slideshare.net/MikeWilson35/linux-network-namespaces|Linux network namespaces (Mike Wilson Slideshare (Aug 2015)]]
  * [[https://www.dasblinkenlichten.com/an-introduction-to-network-namespaces/|An introduction to network namespaces (Das Blinken Lichten, Oct 2015)]]
  * [[https://blogs.igalia.com/dpino/2016/04/10/network-namespaces/|Network namespaces (Unweaving the web, Apr 2016)]]
  * [[http://abregman.com/2016/09/29/linux-network-namespace/|Linux: Network Namespace (Arie Bregman, Sep 2016}]]
  * [[https://unix.stackexchange.com/questions/391193/how-to-forward-traffic-between-linux-network-namespaces|How to forward traffic between Linux network namespaces? (Stack Exchange, 2017)]]
  * [[https://docs.openstack.org/neutron/pike/admin/intro-network-namespaces.html|Network namespaces (OpenStack, Aug 2018)]]
  * [[https://docker-k8s-lab.readthedocs.io/en/latest/docker/netns.html|Linux Network Namespace Introduction (Docker Kubernetes Lab)]]


===== man ip-netns =====

<code>
NAME
       ip-netns - process network namespace management

SYNOPSIS
       ip [ OPTIONS ] netns  { COMMAND | help }
       ip netns [ list ]
       ip netns add NETNSNAME
       ip [-all] netns del [ NETNSNAME ]
       ip netns set NETNSNAME NETNSID
       ip netns identify [ PID ]
       ip netns pids NETNSNAME
       ip [-all] netns exec [ NETNSNAME ] command...
       ip netns monitor
       ip netns list-id
</code>

===== Basics =====

List current ns (none)

<code>
$ ip netns [list]
$
</code>

Check for ''/var/run/netns/''.

===== Add and delete =====

<code>
$ sudo ip netns add ns1
$ sudo ip netns add ns1
$ ip netns list
ns2
ns1
$
</code>

Also:

<code>
$ tree /var/run/netns
/var/run/netns
├── ns1
└── ns2

0 directories, 2 files
$
</code>

===== Assigning an interface to a namespace =====

<code>
ip link set <device> netns <namespace>
</code>

So:

<code>
$ sudo ip link set enp0s20f0u5u1 netns ns1
</code>

===== netdev mailing list =====

==== Andrew Lunn ====

<code>
Namespaces is a good solution. Something like this should work:

ip netns add ns1
ip netns add ns2

ip link set eth1 netns ns1
ip link set eth2 netns ns2

ip netns exec ns1 \
        ip addr add 10.42.42.42/24 dev eth1

ip netns exec ns1 \
        ip link set eth1 up

ip netns exec ns2 \
        ip addr add 10.42.42.24/24 dev eth2

ip netns exec ns2 \
        ip link set eth2 up

ip netns exec ns1 \
        ping 10.42.42.24

You might also want to consider iperf3 for stress testing, depending
on the sort of stress you need.
</code>

==== Willy Tarreau ====

<code>
FWIW I have a setup somewhere involving ip rule + ip route which achieves
the same without involving namespaces. It's a bit hackish but sometimes
convenient. I can dig if someone is interested.
</code>

==== Roman Mashak ====

<code>
I used this in the past to test dual-port NIC over loopback cable, you
will need to ajust the script:

#!/bin/bash -x

ip="sudo $HOME/bin/ip"
eth1=192.168.2.100
eth2=192.168.2.101

dev1=eth1
dev2=eth2
dev1mac=00:1b:21:9b:24:b4
dev2mac=00:1b:21:9b:24:b5

# fake client interfaces and addresses
dev=dummy0
dev_mac=00:00:00:00:00:11

# max fake clients supported for simulation
maxusers=3

## Create dummy device
## Accepted parameters:
##    $1 - devname
##    $2 - devmac
##    $3 - subnet (e.g. 10.10.10)
##    $4 - max number of IP addresses to create on interface
setup_dummy()
{
#   sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"
   # Enable tc hardware offload
#   ethtool -K $SGW_DEV hw-tc-offload on

   $ip link add $1 address $2 type dummy
   $ip link set $1 up
   for i in `seq 1 $4`;
   do
      $ip addr add $3.$i/32 dev $1
   done
}

## Delete dummy device
## Accepted parameters:
##    $1 - devname
delete_dummy()
{
  $ip link del $1 type dummy
}

setup_network()
{
  # Send traffic eth3 <-> eth4 over loopback cable, where both interfaces
  # eth3 and eth4 are in the same subnet.
  #
  # We assume that NetworkManager is not running and eth3/eth4 are configured
  # via /etc/network/interfaces:
  #
  # 192.168.1.100/32 dev eth3
  # 192.168.1.101/32 dev eth4
  #
  # Specify source IP address when sending the traffic:
  # ping -I 192.168.1.100 192.168.1.101
  #
  #
  $ip neigh add $eth2 lladdr $dev2mac nud permanent dev $dev1
  $ip neigh add $eth1 lladdr $dev1mac nud permanent dev $dev2
  $ip route add table main $eth1 dev $dev2
  $ip route add table main $eth2 dev $dev1
  $ip rule add from all lookup local pref 100
  $ip rule del pref 0
  $ip rule add from $eth2 to $eth1 iif $dev1 lookup local pref 1
  $ip rule add from $eth1 to $eth2 iif $dev2 lookup local pref 2
  $ip rule add from $eth2 to $eth1 lookup main pref 3
  $ip rule add from $eth1 to $eth2 lookup main pref 4

#  $ip rule add from 10.10.10.0/24 to $eth1 iif $dev1 lookup local pref 5
#  $ip rule add from 10.10.10.0/24 to $eth2 iif $dev2 lookup local pref 6
#  $ip rule add from $eth1 to 10.10.10.0/24 iif $dev2 lookup local pref 7
#  $ip rule add from $eth2 to 10.10.10.0/24 iif $dev1 lookup local pref 8
}

restore_network()
{
  # FIX: hangs connections
  $ip rule flush
  $ip rule add priority 32767 lookup default
}

#delete_dummy dummy0
#delete_dummy dummy1

#setup_dummy dummy0 00:00:00:00:00:11 10.10.10 3
#setup_dummy dummy1 00:00:00:00:00:22 20.20.20 3
setup_network
</code>