| 1 |
It helps if I actually add the foot note. |
| 2 |
|
| 3 |
On 06/10/2018 10:38 AM, Grant Taylor wrote: |
| 4 |
> I will say that you'll likely need other systems [1] to test things like |
| 5 |
> tunnels to / between. |
| 6 |
|
| 7 |
[1] You can easily have one machine be multiple systems via Network |
| 8 |
Namespaces. |
| 9 |
|
| 10 |
I routinely use Network Namespaces to mess with networking in my |
| 11 |
virtualization lab. Think of Network Namespaces as micro TCP/IP stacks |
| 12 |
in the Linux kernel. Each can be configured completely independent of |
| 13 |
the others. |
| 14 |
|
| 15 |
I was using Network Namespaces about 12 hours ago to test what I |
| 16 |
determined was a bug in VirtualBox. (KVM didn't exhibit the same behavior.) |
| 17 |
|
| 18 |
I used the "ip" command to create a pair of vEth (virtual Ethernet) links: |
| 19 |
|
| 20 |
ip link add veth0 type veth peer name veth1 |
| 21 |
ip link add veth2 type veth peer name veth3 |
| 22 |
|
| 23 |
I then created a new Network Namespace: |
| 24 |
|
| 25 |
ip netns add myNetNS |
| 26 |
|
| 27 |
Then I moved two of the vEth interfaces to the vEth links into myNetNS. |
| 28 |
|
| 29 |
ip link set veth1 netns myNetNS |
| 30 |
ip link set veth3 netns myNetNS |
| 31 |
|
| 32 |
Then I brought all the interfaces up: |
| 33 |
|
| 34 |
ip link set veth0 up |
| 35 |
ip link set veth2 up |
| 36 |
ip netns exec myNetNS ip link set veth1 up |
| 37 |
ip netns exec myNetNS ip link set veth3 up |
| 38 |
|
| 39 |
Then I bound IPs to three of the vEth interfaces: |
| 40 |
|
| 41 |
ip addr add 192.0.2.1/24 dev veth0 |
| 42 |
ip netns exec myNetNS ip addr add 192.0.2.254/24 dev veth1 |
| 43 |
ip netns exec myNetNS ip addr add 198.51.100.254/24 dev veth3 |
| 44 |
|
| 45 |
Then I added a route to my workstation (main / default / nameless NetNS) |
| 46 |
to point to the remote 198.51.100.0/24 network: |
| 47 |
|
| 48 |
ip route add 198.51.100.0/24 via 192.0.2.254 |
| 49 |
|
| 50 |
That gave me what I needed to continue troubleshooting my VirtualBox |
| 51 |
issue. I was able to have both VBox and KVM glom onto the veth2 |
| 52 |
interface and put the guest at 198.51.100.1/24 IP address using |
| 53 |
198.51.100.254 as it's default gateway. |
| 54 |
|
| 55 |
This meant that I had a micro routed connection from my workstation |
| 56 |
(main / default / nameless NetNS) to the VM that I was testing. |
| 57 |
|
| 58 |
I do things like this weekly. Almost all of the configuration uses the |
| 59 |
"ip" command. IMHO the biggest issue is that you have to understand |
| 60 |
what you want to do and then translate it to the proper ip commands to |
| 61 |
do it. You need that high level blueprint (if you will) so that you can |
| 62 |
then implement it with the "ip" command. This is why you need at least |
| 63 |
a basic understanding of networking to fully take advantage of the "ip" |
| 64 |
command. |
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
-- |
| 69 |
Grant. . . . |
| 70 |
unix || die |
Archives