Linux NetWork Namespace Technique

LinuxNetwork Namespace

 

Namespace and cgroup are  important technique.in this post, I will introduceyou how to create a Network Namespace.

1,  create network namespace

 ip netns add<newnamespace name>   

for example, you can run commandlike this

 ip netns add blue

2, and  then we could assign anetwork interface to this new network namespace 

      You  could use

  ip linkset <devicename> netns<namespace name>

  you can add eth0 to  this new net namespace,for example

 ip link set eht0  netns  blue

3, config that network interface ,set ip,netmask and brocast network

   

3.1  Before  configing a  network  interface ,I will introduce some  about virtual  Einternet.Virtual Ethernetis a interesting construct ,it occur in paris.whenrver one of them receive messagethey will send to other.

And then  how to create a virtual Ethernet ,command  like this

iplink add veth0 type veth peer name veth1

one of pair call veth0 another isveth1 ,type is  veth.

 

When fisrt create veth pairs,theybelong to the global or default  networknamespace. You may want to move one of them into a new network namespace ,likeblue.

command like  this

 ip link set veth1 netns blue

 after this command you can’tsee veth1 in global netns,because it move into blue netns,instead of global ofdefault netns.

 

You could verify by run ip link list in global netns,you wiilsee nothing about veth1,but how could you view interface information in netnsblue by run this command:

 

ipnetns exec  blue ip link list

 

it will  show someinformation  about veth1

 

3.2 config interface

 After move the interface intonetns,left to go is config ths interface.

 You canrun command like this

ip netns exec blue ifconfigveth1 10.1.1.1/24 up

 

 

4 conect a new network namespace with  a physical  network

 You can use a bridge toconnect with network namespace and physical

Link

http://blog.scottlowe.org/2013/09/04/introducing-linux-network-namespaces/

http://blog.scottlowe.org/2013/09/04/introducing-linux-network-namespaces/

 

bridge is used to connect virtual machine with physical network。

 

Bridge connects many interfaces together,connet eth1,eth2,eth3together

 TODO :bridge play a role in container?how it work?i dont see anything about bridge in warden

 

Sina Weibo: ChampionLai