k8s/StudyNotes/ k8sNetworking
Linux network namespaces
ip netns add red ip netns add blue ip netns list ip netns exec red ip link ip netns exec red arp ip netns exec red route
Connect two network namespaces with virtual link
ip link add veth-red type veth peer name veth-blue ip link set veth-red netns red ip link set veth-blue netns blue ip -n red addr add 192.168.15.1 dev veth-red ip -n blue addr add 192.168.15.2 dev veth-blue ip -n red link set veth-red up ip -n blue link set veth-blue up # ip netns exec red ping 192.168.15.2
create bridge to scale,
ip link add v-net-0 type bridge ip link ip link set dev v-net-0 up
remove red-blue link and reconnect to bridge/switch
ip -n red link del veth-red # ip link add veth-red type veth peer name veth-red-br ip link add veth-blue type veth peer name veth-blue-br # ip link set veth-red netns red ip link set veth-red-br master v-net-0 # ip link set veth-blue netns blue ip link set veth-blue-br master v-net-0 # ip -n red addr add 192.168.15.1/24 dev veth-red ip -n blue addr add 192.168.15.2/24 dev veth-blue # ip -n red link
From host can assign ip to bridge interface
ip addr add 192.168.15.15/24 dev v-net-0 # # can add route to other namespaces for outbound routing ip netns exec blue ip ruote add 0.0.0.0/0 via 192.168.15.15
Masquerade namespace traffic outbound
iptables -t nat -A POSTROUTING -s 192.168.15.0/24 -j MASQUERADE