Connect the network namespace to the Internet

pgsandstrom

My situation is this: I want to be able to execute a program in a separate namespace using its own network interface. But I also want it to be able to access the internet through my physical network interface. Here is my code so far:

ip netns add private_ns
ip link add link eth1 name eth1.100 type vlan id 100
ip link set eth1.100 netns private_ns
ip netns exec private_ns ip addr add 10.1.1.1/24 dev eth1.100
ip netns exec private_ns ip link set eth1.100 up

Then I try:

ip netns exec private_ns ping 8.8.8.8

I getconnect: Network is unreachable

plug wash

Each network namespace is a separate logical copy of the network stack. Therefore, you need to treat the network namespace as a separate computer.

To connect your new computer to the Internet through your current computer, you will need

    1. Select an unused network card (or install a new one) on each computer.
    1. Connect them together with a network cable.
    1. Choose between Ethernet bridging, normal IP routing, or NAT.
  • 4a. For ethernet bridging, add the new NIC in the existing computer to the appropriate bridge and give the NIC in the secondary computer the IP in the subnet where the bridge is located.
  • 4b. For regular IP routing, choose an IP block for the new link. Assign interface IPs from that block, make sure IP forwarding is enabled on existing machines, make sure the rest of the network knows about the new subnet, and make sure iptables rules (if any) allow traffic through.
  • 4c. For NAT, choose an IP block for the new link. Assign interface IPs from this block, ensure IP forwarding is enabled on existing machines, ensure IPtables rules allow traffic through, and set up SNAT or MASQURADE rules for traffic from the new subnet to external hosts.
    1. Set the appropriate default gateway on the new computer.

Similar when using network namespaces.

    1. Create a veth pair in the main network namespace.
    1. Move one end of the veth pair to the secondary network namespace.
    1. Choose between Ethernet bridging, normal IP routing, or NAT.
  • 4a. For ethernet bridging, add the new veth in the main network namespace to the appropriate bridge and give the veth in the new network namespace the IP in the subnet where the bridge is located.
  • 4b. For regular IP routing, choose an IP block for the new link. Assign interface IPs from that block, make sure IP forwarding is enabled on existing machines, make sure the rest of the network knows about the new subnet, and make sure iptables rules (if any) allow traffic through.
  • 4c. For NAT, choose an IP block for the new link. Assign interface IPs from this block, ensure IP forwarding is enabled on existing machines, ensure IPtables rules allow traffic through, and set up SNAT or MASQURADE rules for traffic from the new subnet to external hosts.
    1. Set an appropriate default gateway in the secondary network namespace.

(Sorry for the ugly formatting, feel free to fix it if you're more skilled at Markdown than I am)

Related

Connect the network namespace to the Internet

pgsandstrom My situation is this: I want to be able to execute a program in a separate namespace using its own network interface. But I also want it to be able to access the internet through my physical network interface. Here is my code so far: ip netns add p

Connect with D-Bus in network namespace

Lakenstein I am using network namespaces so that I can capture network traffic of a single process. Namespaces are connected via "host" via the ve pair and have network connectivity via NAT. So far this works for IP traffic and named Unix domain sockets. The p

Connect with D-Bus in network namespace

Lakenstein I am using network namespaces so that I can capture network traffic of a single process. Namespaces are connected via "host" via the ve pair and have network connectivity via NAT. So far this works for IP traffic and named Unix domain sockets. The p

Lost settings and network, can't connect to the internet

spooky Had to type this on my phone, it sucks lately, so I apologize for any typos/autocorrect issues I missed while proofreading. I've checked all hardware (ethernet ports, cables, etc.). A few days ago, my desktop suddenly had no internet ( running 18.04.1 L

Unable to connect local network to internet using router

Chizo I have a local network on the router. I want to use my other router to connect it to the internet ISP. My internet router ISPhas a static IP accessible from the internet. What I'm trying to achieve is to be able to access a client server application runn

Unable to connect local network to internet using router

Chizo I have a local network on the router. I want to use my other router to connect it to the internet ISP. My internet router ISPhas a static IP accessible from the internet. What I'm trying to achieve is to be able to access a client server application runn

The network adapter is missing and cannot connect to the internet

MoveDude So I had the problem of not being able to connect to the internet, and after days of poking around I found that under Device Manager > Network Adapters , the network adapter was missing. How can I fix this? I'm running an HP Pavilion laptop that came

The network adapter is missing and cannot connect to the internet

MoveDude So I had the problem of not being able to connect to the internet, and after days of poking around I found that under Device Manager > Network Adapters , the network adapter was missing. How can I fix this? I'm running an HP Pavilion laptop that came

Unable to connect local network to internet using router

Chizo I have a local network on the router. I want to use my other router to connect it to the internet ISP. My internet router ISPhas a static IP accessible from the internet. What I'm trying to achieve is to be able to access a client server application runn

The network adapter is missing and cannot connect to the internet

MoveDude So I had the problem of not being able to connect to the internet, and after days of poking around I found that under Device Manager > Network Adapters , the network adapter was missing. How can I fix this? I'm running an HP Pavilion laptop that came

Can't connect to internet using Debian WIFI network

help I installed debian 9 and everything worked fine - I was able to discover the surrounding networks and connect to the internet. The problem arose when I decided to try by changing this file, trying to go from automatically assigning an IP address via DHCP

Connect Wired Internet from Desktop to Laptop via Wireless Network

Andrei Rînea I have it: Desktop, wired internet access only wired router Laptop with wireless capability Windows 8.1 Preview on both computers - actually Windows 8 with some UI touches and performance tweaks What I need is: A device connected to a desktop that

Connect to 5ghz network without internet support wireless card

S. Buddha I just got a new wireless card fenvi fv8801 for my windows 10 desktop. With additional user accounts and product descriptions, it supports 5ghz networks. My wireless router is still a Linksys EA7400, which is 5GHz compatible. When I try to connect, I

Can't connect to internet using Debian WIFI network

help I installed debian 9 and everything worked fine - I was able to discover the surrounding networks and connect to the internet. The problem arose when I decided to try by changing this file, trying to go from automatically assigning an IP address via DHCP