Linux network namespaces - part 2

In this post two Linux network namespaces will be configured and communication will be set up between them using bridge interface.

It is continuation of the previous post about Linux network namespaces.

Diagram representing setup which will be implemented:

Configuration

# Add network namespace ns30
ip netns add ns30

# Add network namespace ns40
ip netns add ns40

# Create interconnected pair of virtual ethernet devices veth31 and veth32
ip link add veth31 type veth peer name veth32

# Create interconnected pair of virtual ethernet devices veth41 and veth42
ip link add veth41 type veth peer name veth42

# Associate virtual ethernet device veth32 with network namespace ns30
ip link set veth32 netns ns30

# Associate virtual ethernet device veth42 with network namespace ns40
ip link set veth42 netns ns40

# In network namespace ns30 set ip address on interface veth32
ip netns exec ns30 ip addr add 10.1.1.30/24 dev veth32
ip netns exec ns30 ip link set dev veth32 up

# In network namespace ns40 set ip address on interface veth42
ip netns exec ns40 ip addr add 10.1.1.40/24 dev veth42
ip netns exec ns40 ip link set dev veth42 up

# Add bridge interface br0 in default network namespace and assign IP address to it
ip link add name br0 type bridge
ip addr add 10.1.1.1/24 dev br0
ip link set dev br0 up

# Connect interface veth31 and veth41 to bridge br0
ip link set dev veth31 master br0
ip link set dev veth41 master br0

# Change state of interfaces veth31 and veth41 to up
ip link set dev veth31 up
ip link set dev veth41 up

Information about bridge interface

Information about created bridge br0 and interfaces connected to it:

root@labserver:~# brctl show br0
bridge name	bridge id		STP enabled	interfaces
br0		8000.16b27faa5422	no		veth31
							veth41

Bridge interface br0 behaves like a network switch.

Verification

It is possible to communicate with namespaces ns30 and ns40 from default network namespace:

root@labserver:~# ping 10.1.1.30 -c 2
PING 10.1.1.30 (10.1.1.30) 56(84) bytes of data.
64 bytes from 10.1.1.30: icmp_seq=1 ttl=64 time=0.074 ms
64 bytes from 10.1.1.30: icmp_seq=2 ttl=64 time=0.086 ms

--- 10.1.1.30 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1024ms
rtt min/avg/max/mdev = 0.074/0.080/0.086/0.006 ms
root@labserver:~# ping 10.1.1.40 -c 2
PING 10.1.1.40 (10.1.1.40) 56(84) bytes of data.
64 bytes from 10.1.1.40: icmp_seq=1 ttl=64 time=0.127 ms
64 bytes from 10.1.1.40: icmp_seq=2 ttl=64 time=0.099 ms

--- 10.1.1.40 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1003ms
rtt min/avg/max/mdev = 0.099/0.113/0.127/0.014 ms

It is possible to communicate between namespaces ns30 and ns40:

root@labserver:~# ip netns exec ns30 ping 10.1.1.40 -c 2
PING 10.1.1.40 (10.1.1.40) 56(84) bytes of data.
64 bytes from 10.1.1.40: icmp_seq=1 ttl=64 time=0.036 ms
64 bytes from 10.1.1.40: icmp_seq=2 ttl=64 time=0.083 ms

--- 10.1.1.40 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1026ms
rtt min/avg/max/mdev = 0.036/0.059/0.083/0.023 ms

Links:

• http://manpages.ubuntu.com/manpages/focal/man8/brctl.8.html