Skip to content
/ debian-netns Public
forked from m0kct/debian-netns

ifupdown helper scripts for network namespaces

License

MIT license
0 stars 7 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

axxName/debian-netns

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
if-down.d
if-down.d
 
 
if-post-down.d
if-post-down.d
 
 
if-pre-up.d
if-pre-up.d
 
 
if-up.d
if-up.d
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

debian-netns

Some simple scripts to simplify configuring network namespaces on Debian-like systems. Copy them into the corresponding directories under /etc/network.

To configure a veth pair into a namespace:

/etc/network/interfaces:

auto ns0
iface ns0 inet manual
    netns myns
      netns-host-peer-gw eth0
      post-down-delete-netns yes
      netns-host-peer-links ns3eth1:eth1 ns3eth2:eth2 ns3eth3:eth3

Running ifup ns0 will then create the myns network namespace and a veth pair which joins ns0 in the "real world" to eth0 inside the namespace.

There are two more things you can specify:

/etc/network/interfaces:

auto ns0
iface ns0 inet manual
    netns myns
      netns-host-peer-gw eth0
      netns-gw-veth-mode l3
      netns-configure-interfaces yes
      post-down-delete-netns yes
      netns-host-peer-links ns3eth1:eth1 ns3eth2:eth2 ns3eth3:eth3
    post-up ip route add 1.2.3.0/24 dev ns0

netns-gw-veth-mode l3 will configure the veth pair as a L3 point-to-point link (meaning that you can then add routes with the next-hop set to the interface, e.g., ip route add 1.2.3.0/24 dev ns0).

netns-configure-interfaces yes will run ifup -a (or ifdown -a) inside the myns namespace using interface config from /etc/network/netns/myns/interfaces.

/etc/network/netns/myns/interfaces:

auto eth0
iface eth0 inet static
       address 1.2.3.4
       netmask 255.255.255.0
       network 1.2.3.0
       dns-nameservers 8.8.8.8
       post-up ip route add default dev eth0 metric 100

auto eth3
iface eth3 inet static
       address 11.22.33.44
       netmask 255.255.255.0

Thoughts

Ideally, the namespace interface config would be under /etc/netns/myns/network/interfaces, but thanks to this feature of ip netns exec:

"ip netns exec automates handling of this configuration, file convention for network namespace unaware applications, by creating a mount namespace and bind mounting all of the per network namespace configure files into their traditional location in /etc."

this means that when ifup runs, it won't see the /etc/network/if-*.d scripts (at least if they're not mirrored in /etc/netns/myns).

It would be nice to have some better way to run ifup inside a namespace, but this would require hacking ifupdown. If you want to know how to run it by hand, look in if-up.d/netns. It's not as simple as you might think.

About

ifupdown helper scripts for network namespaces

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Shell 100.0%