Differences between revisions 1 and 5 (spanning 4 versions)
Revision 1 as of 2021-10-24 02:58:38
Size: 581
Editor: PieterSmit
Comment:
Revision 5 as of 2021-10-24 03:28:56
Size: 1638
Editor: PieterSmit
Comment:
Deletions are marked like this. Additions are marked like this.
Line 1: Line 1:
## page was renamed from k8s/StudyNotes/LinuxNetworNamespaces
## page was renamed from k8s/StudyNotes/k8sNetworking
Line 12: Line 14:
ip link add veth-red veth peer name veth-blue ip link add veth-red type veth peer name veth-blue
Line 22: Line 24:

 * create bridge to scale, {{{
ip link add v-net-0 type bridge
ip link
ip link set dev v-net-0 up
}}}
 * remove red-blue link and reconnect to bridge/switch {{{
ip -n red link del veth-red
#
ip link add veth-red type veth peer name veth-red-br
ip link add veth-blue type veth peer name veth-blue-br
#
ip link set veth-red netns red
ip link set veth-red-br master v-net-0
#
ip link set veth-blue netns blue
ip link set veth-blue-br master v-net-0
#
ip -n red addr add 192.168.15.1/24 dev veth-red
ip -n blue addr add 192.168.15.2/24 dev veth-blue
#
ip -n red link
}}}

 * From host can assign ip to bridge interface {{{
ip addr add 192.168.15.15/24 dev v-net-0
#
# can add route to other namespaces for outbound routing
ip netns exec blue ip ruote add 0.0.0.0/0 via 192.168.15.15
}}}
 * Masquerade namespace traffic outbound {{{
iptables -t nat -A POSTROUTING -s 192.168.15.0/24 -j MASQUERADE
}}}

k8s/StudyNotes/ k8sNetworking

  • Linux network namespaces 

    ip netns add red
ip netns add blue
ip netns list
ip netns exec red ip link
ip netns exec red arp
ip netns exec red route

  • Connect two network namespaces with virtual link 

    ip link add veth-red type veth peer name veth-blue
ip link set veth-red  netns red
ip link set veth-blue netns blue
ip -n red  addr add 192.168.15.1 dev veth-red
ip -n blue addr add 192.168.15.2 dev veth-blue
ip -n red  link set veth-red  up
ip -n blue link set veth-blue up
#
ip netns exec red ping 192.168.15.2

  • create bridge to scale, 

    ip link add v-net-0 type bridge
ip link 
ip link set dev v-net-0 up

  • remove red-blue link and reconnect to bridge/switch 

    ip -n red link del veth-red
#
ip link add veth-red  type veth peer name veth-red-br
ip link add veth-blue type veth peer name veth-blue-br
#
ip link set veth-red netns red
ip link set veth-red-br master v-net-0
#
ip link set veth-blue netns blue
ip link set veth-blue-br master v-net-0
#
ip -n red  addr add 192.168.15.1/24 dev veth-red
ip -n blue addr add 192.168.15.2/24 dev veth-blue
#
ip -n red link

  • From host can assign ip to bridge interface 

    ip addr add 192.168.15.15/24 dev v-net-0
#
# can add route to other namespaces for outbound routing
ip netns exec blue ip ruote add 0.0.0.0/0 via 192.168.15.15

  • Masquerade namespace traffic outbound 

    iptables -t nat -A POSTROUTING -s 192.168.15.0/24 -j MASQUERADE

k8s/StudyNotes/LinuxNetworkNamespaces (last edited 2021-10-24 03:28:56 by PieterSmit)