Unix & Linux Asked by pts on December 13, 2020
I’m running Ubuntu 18.04, Linux kernel 5.4.0. My laptop has local IP address 192.168.0.130:
$ sudo ip addr show dev wlp2s0
3: wlp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 7c:2a:31:09:3e:e0 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.130/24 brd 192.168.0.255 scope global dynamic noprefixroute wlp2s0
valid_lft 2782sec preferred_lft 2782sec
inet6 fe80::b375:a43d:9705:556a/64 scope link noprefixroute
valid_lft forever preferred_lft forever
The routing table looks like:
$ sudo ip route
default via 192.168.0.1 dev wlp2s0 proto dhcp metric 600
169.254.0.0/16 dev wlp2s0 scope link metric 1000
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown
192.168.0.0/24 dev wlp2s0 proto kernel scope link src 192.168.0.130 metric 600
I want to use an additional IP address visible for other hosts on the local network (e.g. 192.168.0.12). It works like this:
$ sudo ip addr add 192.168.0.95/24 dev wlp2s0
$ ssh 192.168.0.12 ping 192.168.0.95
...
64 bytes from 192.168.0.95: ...
(works)
^C
$ sudo ip addr del 192.168.0.95/24 dev wlp2s0
Now, I want to move this IP address to a separate network namespace called net5
, like this:
$ sudo ip netns add net5
$ sudo ip link add link wlp2s0 name net5in type macvlan
$ sudo ip link set net5in netns net5
$ sudo ip netns exec net5 ip addr add 192.168.0.95/24 brd + dev net5in
$ sudo ip netns exec net5 ip link set net5in up
$ ssh 192.168.0.12 ping 192.168.0.95
...
From 192.168.0.95: ... Destination Host Unreachable
(doesn't work)
^C
$ sudo ip netns add net5
How can this be fixed so that the ping above works?
I was following these tutorials:
Updates:
type ipvlan mode l2
instead of type macvlan
above. A local ping still doesn’t work, but — as I understand — that’s expected for macvlan and ipvlan.It looks like macvlan doesn't work on wifi, see https://unix.stackexchange.com/a/555676 for details. It's possible to make it work on both wifi and Ethernet by using type ipvlan mode l2 instead of type macvlan.
Here is my full setup, which creates 3 IP addresses, each in their own network namespace:
sudo ip link del hostnet ||:
sudo ip link add hostnet link wlp2s0 type ipvlan mode l2
sudo ip addr add 192.168.0.90/32 brd + dev hostnet
sudo ip link set hostnet up # `ip route add' below needs it.
for I in 91 92 93; do
sudo ip netns del net"$I" && sleep .5 ||:
sudo ip netns add net"$I"
sudo ip netns exec net$I ip link set lo up
sudo ip link add link wlp2s0 name net"$I"in type ipvlan mode l2
sudo ip link set net"$I"in netns net"$I"
sudo ip netns exec net"$I" ip addr add 192.168.0."$I"/24 brd + dev net"$I"in
sudo ip netns exec net"$I" ip link set net"$I"in up
sudo ip netns exec net"$I" ip route add default via 192.168.0.1
sudo ip route add 192.168.0."$I"/32 dev hostnet
done
This makes e.g. ping 192.168.0.91
, ping 192.168.0.92
, ping 192.168.0.93
, ping 192.168.0.130
and ping 192.168.0.12
work in all 5 participants: host root network namespace (IP address 192.168.0.130), each 3: host net"$I"
network namespace (IP address 192.168.0.91 etc.), other hosts on the local network (IP address e.g. 192.168.0.12).
This also makes TCP connections and UDP packets work in any direction between any of the 5 participants.
This also makes UDP broadcasts work between any of the 5 participants. This is set up by the brd +
clauses above. It looks like the clause is not needed though, because broadcast is enabled by default.
TCP connections have the correct IP address, except that for TCP connections from the host root network namespace to the host net"$I"
network namespace show incoming IP address 192.168.0.90 instead of 192.168.0.130.
The host net"$I"
network namespace can connect to the host root network namespace using either IP address 192.168.0.90 or 192.168.0.130.
Answered by pts on December 13, 2020
Get help from others!
Recent Answers
Recent Questions
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP