Questions tagged [network-namespace]
A network namespace is an isolated software implementation of a network stack with its own devices, routes and firewall rules within a Linux operating system.
82 questions
0 votes
1 answer
192 views
How can I make packets from a network namespace bypass the WireGuard interface?
I use Mullvad VPN on my host machine (Fedora 41), which sets up a WireGuard interface, wg0-mullvad, and I want traffic from and to the namespace bl to bypass it, with the eventual goal of connecting ...
- 111
0 votes
0 answers
34 views
Can I capture traffic destined for 127.0.0.1 in a linux network namespace?
Is it possible to create a network namespace in which traffic sent to 127.0.0.1 gets routed to a TUN device? The reason is that I have created a network namespace for the purpose of capturing traffic ...
- 252
0 votes
0 answers
79 views
Access to open ports inside a network-namespace
I have a network-namespace created by WireGuard and a tinyproxy defined as: age.identityPaths = [ "..." ]; age.secrets.protonvpn.file = ./protonvpn.age; networking.wireguard.interfaces....
- 198
1 vote
0 answers
171 views
How to correctly route the packets through host and namespaces?
I am trying to route the packets from Client [Host], through namespaces [Demo0 -> Demo1], to Server [Host]. The packets should be routed to tun device 10.0.3.2, from where the black-box process ...
- 11
1 vote
2 answers
720 views
Unshare and port forwarding into namespace
I am playing with unshare to better understand containers. As a normal user, is it possible to make a namespace where a program could listen, say, port 123 and on the "main" namespace a port ...
- 113
0 votes
1 answer
235 views
Ping from a network namespace to another EC2 instance not working without NAT rule
I have the below setup. I have setup two EC2 instances. I have added the security group rules on both machine to allow ICMP traffic and both can ping each other. On one machine I have created two ...
2 votes
2 answers
1k views
How is it possible to connect multiple devices using the same IP to a machine with multiple interfaces and have them all work?
Long story short, I am a bit over my head with this task as I'm not incredibly well versed in networking and complicated network config. I have a few ideas, but want to avoid wasting time. Background: ...
- 121
2 votes
0 answers
1k views
Unable to make bridge interface UP state
I am just learning networking, Pardon if my question does not give all details, I can provide if needed. I am trying to learn network namespaces in Linux. I have created two namespaces red and blue ip ...
- 121
1 vote
0 answers
448 views
network namespace with veth bridge not working - ICMP sent but no reply
I'm attempting to achieve a somewhat standard bridged netns setup with a veth pair, with one end in the ns and the other on the bridge : iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE iptables -...
- 35
2 votes
1 answer
4k views
Use netns to bind programs to specific IP addresses
I have an IP address on my server, say, 192.168.0.3, I want to share in a net namespace, so to run apps there which will only be able to communicate to the internet using that 192.168.0.3. I can "...
- 171
1 vote
1 answer
1k views
WireGuard & Network Namespaces
I am trying to set up a VPN gateway with two wireguard interfaces. One being a gateway accessible from the init namespace, which can forward incoming local packets from eth0. The second interface is ...
- 131
0 votes
1 answer
1k views
Ping to/from KVM QEMU VM running in another network namespace
I cannot ping to the default network namespace from a KVM QEMU VM running in a separate network namespace. Here is my setup: ip netns add test-ns # Creating veth ip link add if-in-ns type veth peer ...
- 1
2 votes
1 answer
2k views
Using socat to proxy abstract-namespace UNIX sockets across network namespaces
I have a system service that listens for commands on a UNIX domain socket in the abstract namespace. I now need to access this from a process in another network namespace. Because the socket is in ...
- 399
0 votes
0 answers
291 views
Why are veth peer interfaces getting created in the current namespace instead of the target namespaces?
I enter the commands below try to create a pair of network namespaces and a veth device pair to connect the namespaces. $ sudo ip netns add netns_br0 $ sudo ip netns add netns_veth0 $ sudo ip link add ...
- 101
0 votes
1 answer
941 views
Ubuntu 22.04 netns with veth connected to bridge unable to ping gateway
Hey guys this is probably just something stupid I'm missing, but I'm having trouble setting up a net namespace to use for my VPN. The weird part is that this script/setup was working, and has suddenly ...
- 27
1 vote
2 answers
1k views
Linux - force different users to use different network interfaces
I have a linux machine set up with a one physical NIC, connected with a managed switch. The connection is a VLAN trunk. On the machine there are two vlan interfaces for which there are different IP ...
- 13
0 votes
0 answers
513 views
How can I set up a transparent proxy (TPROXY type) across network namespaces?
I want to setup a transparent proxy across network namespaces. I have two network namespaces, "nsx" and "nsy", each one has a veth pair, the pair of "nsx" is pointed to ...
- 153
2 votes
1 answer
1k views
Setting up a transparent proxy across network namespaces: failed to get target destination address
I'm trying to setup a transparent proxy across network namespaces. First I create the network namespaces, virtual ethernet devices and enable forwarding inside one of the namespaces: ip netns add nsx ...
- 153
2 votes
3 answers
3k views
Linux ping between 2 network namespaces
Quiet new to Linux networking and couldn't find an answer for it on similar questions Trying to create 2 namespaces and ping between them ip netns add red; ip netns add blue; ip link add dev v-red ...
- 75
1 vote
1 answer
2k views
systemd-resolve resolves incorrectly inside a network namespace
I have an Ubuntu machine with a network namespace (ns1) connected to the host network namespace via veth. I created a MASQUERADE rule in iptables to access the internet and I can ping 8.8.8.8 from the ...
- 319
0 votes
0 answers
2k views
Cannot connect macvlan to the internet
When I tried to connect macvlan to the internet and it was not successful. I used namespace to accomplish that. I also checked the comments on this question - How to connect macvlan to the internet? I ...
- 101
1 vote
1 answer
2k views
Connect to internet through network connection inside network namespace without setting as a default route
I need to do a setup like this (with Linux): I want to have a network namespace (let's say weth_ns) with a network interface connected to internet (weth0) I want to have a different network interface ...
- 165
-2 votes
1 answer
2k views
How can I run two docker containers in the same network namespace? [closed]
I want to run two docker containers in the same Linux network namespace. My goal is to route all my torrent traffic through OpenVPN. This script successfully creates a openvpn client container. I can ...
- 177
7 votes
3 answers
2k views
After a while, /etc/resolv.conf stops using /etc/netns/X/resolv.conf
My setup: /etc/ns-shared-resolv.conf is written to regularly with nameserver x.x.x.x, updated from a script /etc/netns/ag2/resolv.conf is a symlink to the above (along with ag3, ag4).. for central ...
- 181
4 votes
1 answer
3k views
How can I run docker container in existing network namespace?
I have an existing network namespace: dewi@dewiserver:~$ ip netns list dewinetns235 (id: 0) How can I get a docker container to use and run inside this network namespace? e.g. run something like ...
- 177
0 votes
1 answer
3k views
Force new process to use the specific network interface (using netns/network namespaces)
I have a number of interfaces available on Ubuntu 20.04 machine. Among others enx0c5b8f279a64 and usb0 with the later being used as the default one. I want to make sure that a particular process ...
- 11
2 votes
2 answers
823 views
Can't chain more than one network namespace together
Problem Statement With the below configuration a veth pair is created between the default/main net namespace and a netns called ns1. The config also creates a second veth pair: veth2 is in netns ns1 ...
- 4,322
2 votes
1 answer
631 views
Can I change the default sysctl values in grub?
When using kernels older than 5.1, if a user creates a network namespace, it starts with the default sysctl values. Even if the root namespaces changed those values with sysctl, the new network ...
- 319
1 vote
2 answers
2k views
How to set /proc/sys/net/ipv6/conf/all/forwarding to 1 by default in network namespaces?
By default, when I create a network namespace, I get: /proc/sys/net/ipv6/conf/all/forwarding=0 Even if it is 1 in my root network namespace or in /etc/sysctl.conf. I was wondering where network ...
- 319
1 vote
0 answers
436 views
How to whitelist egress traffic with a NetworkPolicy that doesn't prevent Apache Ignite from starting up?
I have some more or less complex microservice architecture, where Apache Ignite is used as a stateless database / cache. The Ignite Pod is the only Pod in its Namespace and the architecture has to ...
- 131
0 votes
1 answer
881 views
How conntrack and network namespaces works together?
Is nf_conntrack respects network namespaces? Does it creates a separate table for each network namespace based on its sysctl limits, or does it share memory (and limits) between different network ...
- 326
0 votes
1 answer
1k views
iptables NETMAP not reliably adjusting source address of multicast UDP packets
In an embedded/IoT use case, I have a management host running Linux that needs to be able to talk to multiple networks that each use a common set of static IP addresses. This mostly works fine, ...
- 193
1 vote
1 answer
2k views
Why are my packets refusing to be routed?
I'm setting up a rather unusual network configuration meant to afford some additional protection to certain containers running on a host. There are some external requirements that are beyond the ...
- 36
1 vote
0 answers
2k views
How to connect macvlan to the internet?
I want to connect macvlan to the internet, but i can't. I added macvlan to the network namespace, what to do next? I am using VPS server (Cloud VPS), OS Debian 10 My default gateway, outside the ...
- 111
0 votes
1 answer
357 views
Using netns to force Java application use specify IP
My VPS provider assigned 4 IPv4 to my vps. However, This assigned to single NIC, and VLAN not working(Maybe it is my configuration problem). If I try using VLAN, I can't get external network using ...
- 113
5 votes
3 answers
3k views
How to use ss in specific network namespace
Whilst investigating some TCP network issues in containers I tried to use ss to peek into container network TCP stack. We are running Amazon Linux in AWS: # uname -a Linux 4.14.173-137.229.amzn2....
- 1,948
0 votes
1 answer
2k views
Unable to ping container from outside
I've to connect to a service running inside a runc container, I've written the below script and is able to ping the container from the host and can connect to the internet from inside the container. ...
- 121
2 votes
1 answer
2k views
Alpine linux veth network/bridge has no internet
I have been trying to follow multiple guides to setup a veth-pair for 2 namespaces which can communicate with each other on alpine linux. So far I have communication between namespaces working but ...
- 123
1 vote
0 answers
2k views
Error: Connection activation failed: Failed to find a compatible device for this connection
Hi linux newbie here pardon any mistakes. I have configured a network namespace local-routeTable and have brought up interface eth3 inside the namespace: # ip netns exec local-routeTable ifconfig eth3:...
- 13
0 votes
1 answer
599 views
Issues resolving queries using bind and linux namespaces
I have been wracking my brain trying to resolve an issue using bind for DNS resolution in centos The setup I have is not typical (this was inherited). Basically on the server there is a namespace ...
- 31
1 vote
2 answers
1k views
Bonding 2 interfaces inside a linux network namespace
I'd like to be able to bond/aggregate 2 interfaces inside a Linux network namespace. The configuration I'm working with is the following: On the root linux net stack I have two physical ethernet ...
4 votes
1 answer
4k views
Run docker in an existing network namespace?
Would it be possible to run a docker container inside an existing namespace ? I created a namespace using: ip netns add client Now I want to run a container (with a bridge or host network, whatever is ...
- 51
3 votes
2 answers
5k views
Inter-Guest Network in KVM without a Bridge
I would like to have a psuedo-wire between two guests in KVM. I cannot use a bridge of any type as the guest VMs are actually virtual switches themselves. Conceptually, it seems that a veth-pair is ...
- 31
11 votes
1 answer
4k views
Windows equivalent of Linux Network Namespace
Does windows have an equivalent of the Linux Network Namespace? I want to create a new interface and have that interface only accessible to specific applications, that interface would not be ...
- 221
0 votes
1 answer
287 views
Weird issue with linux network namespace switching
I'm writing a small prometheus exporter in Go to publish network metrics for docker containers. There is a goroutine which gathers the values in the following way: 1. Get all docker containers using ...
- 11
3 votes
2 answers
1k views
Unable to reach network namespace through master
I'm trying to create an isolated lab using network namespaces. It works correctly, that is, only the machines in the network namespace can talk. But now I want reach the machines by localhost using v-...
- 143
0 votes
1 answer
653 views
ping server in namespace from remote machine
If I run web server in default namespace of SERVER machine I can curl it from REMOTE machine doing that: curl http://SERVER:80/ Now I put web server in namespace nested with providing veth peered ...
- 103
0 votes
1 answer
1k views
How to access the files present inside namespace to the outside in Linux Machine?
I have linux system where i created network namespace "BLUE_NAME", requirement to access the /var/tmp files present in the BLUE_NAME network space to outside of the name space (Host Machine).Request ...
11 votes
1 answer
13k views
Cannot create nested network namespace
Is seems that one is not able to create a network namespace from a network namespace. It results in "Error: Peer netns reference is invalid.". Is this a bug or is there some kind of limitation that I ...
- 213
1 vote
2 answers
3k views
Ping not working in network namespace
If I do: sudo ip link add l4 type veth sudo ip addr add "7.7.7.7/24" dev l4 ping 7.7.7.7 PING 7.7.7.7 (7.7.7.7) 56(84) bytes of data. 64 bytes from 7.7.7.7: icmp_seq=1 ttl=64 time=0.023 ms 64 bytes ...
- 11