Main tasks
- create new network namespaces
- connect two network namespaces via virtual ethernet (veth)
- connect to a
python HTTP serveron a separate namespace - connect two network namespaces via a virtual switch bridge
- use IP masquerading to establish an ingress connection
Meta tasks
- docker test environment setup
- apply color in bash at docker startup
- run container forever
- test network types
Connect Two Namespaces Using VETH- TL;DR ๐
Outline for basic command and process.
Note
Please prefix following commands with
sudoif we're not logged in as a root user.
- Create a new network namespace
ip netns add <NAMESPACE_NAME>- Create a veth cable and assign an interface to a particular namespace
ip link add <INTERFACE_NAME> type veth peer name <OTHER_INTERFACE_NAME>
ip link set <INTERFACE_NAME> netns <NAMESPACE_NAME>Note
This step must be done after the interface assigning to a namespace is complete.
Now, enter into one of the namespaces
ip netns exec <NAMESPACE_NAME> bash- Assign an IP address to an interface
ip addr add <SUBNET_WITH_CIDR> dev <INTERFACE_NAME>- Bring up the interface
ip link set dev <INTERFACE_NAME> up- Configure route
If we just want the namespace to send packets to the server that is making the request, we need to configure routes in both namespaces as follows -
ip route add default via <GATEWAY_IP> dev <INTERFACE_NAME>- Test with
ping
ping <OTHER_NAMESAPCE_IP>We can also specify the interface
ping -I <INTERFACE> <OTHER_NAMESAPCE_IP> # ๐ from the other namespace
tcpdump -v -i <OTHER_INTERFACE> # ๐ from the other namespaceFind the step-by-step example to connect two network namespaces here.
Connect Two Namespaces Using Bridge - TL;DR ๐
Outline for basic command and process.
Note
Please prefix following commands with
sudoif we're not logged in as a root user.
- Create a new network namespace
ip netns add <NAMESPACE_NAME>- Create a bridge
ip link add <BRIDGE_NAME> type bridge- Create veth cables and assign interfaces
ip link add <INTERFACE_NAME> type veth peer name <BRIDGE_INTERFACE_NAME>
ip link set <INTERFACE_NAME> netns <NAMESPACE_NAME>
ip link set <BRIDGE_INTERFACE_NAME> master <BRIDGE_NAME>- Assign an IP address to the Bridge interface
ip addr add <SUBNET_WITH_CIDR> dev <BRIDGE_NAME>- Assign an IP address to a namespace interface
ip netns exec <NAMESPACE_NAME> ip addr add <SUBNET_WITH_CIDR> dev <INTERFACE_NAME>- Bring up the interface
ip link set dev <BRIDGE_INTERFACE_NAME> up
ip link set dev <BRIDGE_NAME> up
ip netns exec <NAMESPACE_NAME> ip link set dev <INTERFACE_NAME> up- Configure route
If we just want the namespace to send packets to the server that is making the request, we need to configure routes in both namespaces as follows -
ip route add default via <GATEWAY_IP> dev <INTERFACE_NAME>- Test with
ping
ping -I <INTERFACE> <OTHER_NAMESAPCE_IP> # ๐ from the other namespace
tcpdump -v -i <OTHER_INTERFACE> # ๐ from the other namespaceFind the step-by-step example to connect two network namespaces here.
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent