Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?

Assume we have two machines (m0 and m1) with IPs 10.33.33.10 and 10.33.33.11, respectively.

First, we enable forwarding, if it is not already enabled. If a firewall is running on the machine, then it should be adapted or disabled.

m0# echo 1 > /proc/sys/net/ipv4/ip_forward

On m0, we create a new veth device, attach one of its ends to a new network namespace, configure it to use 10.66.10.1 inside and 10.66.10.100 outside, and establish proper routes.

m0# ip netns add pizza
m0# ip link add pizza_out type veth peer name pizza_in
m0# ip link set pizza_in netns pizza

m0# ip netns exec pizza ip addr add 10.66.10.1/32 dev pizza_in
m0# ip netns exec pizza ip link set dev pizza_in up

m0# ip addr add 10.66.10.100/32 dev pizza_out
m0# ip link set dev pizza_out up

m0# ip netns exec pizza ip route add 10.66.10.100/32 dev pizza_in
m0# ip netns exec pizza ip route add default via 10.66.10.100

m0# ip route add 10.66.10.1/32 dev pizza_out

At this point, we should be able to ping 10.66.10.1 from the host namespace of m0.

   m0# ping 10.66.10.1
   PING 10.66.10.1 (10.66.10.1) 56(84) bytes of data.
   64 bytes from 10.66.10.1: icmp_seq=1 ttl=64 time=0.075 ms
   64 bytes from 10.66.10.1: icmp_seq=2 ttl=64 time=0.057 ms
   ^C

Next, we want to reach the pod from another machine. To this end, we add a route via m0 to `m``

  m1# ip route add 10.66.10.1/32 via 10.33.33.10

Now m1 and the pizza namespace on m0 should be able to talk to each other.

Let's run netperf:

m0# ip netns exec pizza netperf -H 10.33.33.11 -t tcp_stream
MIGRATED TCP STREAM TEST from 0.0.0.0 (0.0.0.0) port 0 AF_INET to 10.33.33.11 () port 0 AF_INET : demo
Recv   Send    Send
Socket Socket  Message  Elapsed
Size   Size    Size     Time     Throughput
bytes  bytes   bytes    secs.    10^6bits/sec

 87380  87380  87380    10.01    6694.16
m0# ip netns exec pizza netperf -H 10.33.33.11 -t tcp_maerts
MIGRATED TCP MAERTS TEST from 0.0.0.0 (0.0.0.0) port 0 AF_INET to 10.33.33.11 () port 0 AF_INET : demo
Recv   Send    Send
Socket Socket  Message  Elapsed
Size   Size    Size     Time     Throughput
bytes  bytes   bytes    secs.    10^6bits/sec

 87380  87380  87380    10.00    9412.78
m0# netperf -H 10.33.33.11 -t tcp_stream
MIGRATED TCP STREAM TEST from 0.0.0.0 (0.0.0.0) port 0 AF_INET to 10.33.33.11 () port 0 AF_INET : demo
Recv   Send    Send
Socket Socket  Message  Elapsed
Size   Size    Size     Time     Throughput
bytes  bytes   bytes    secs.    10^6bits/sec

 87380  87380  87380    10.01    9410.90
m0# netperf -H 10.33.33.11 -t tcp_maerts
MIGRATED TCP MAERTS TEST from 0.0.0.0 (0.0.0.0) port 0 AF_INET to 10.33.33.11 () port 0 AF_INET : demo
Recv   Send    Send
Socket Socket  Message  Elapsed
Size   Size    Size     Time     Throughput
bytes  bytes   bytes    secs.    10^6bits/sec

 87380  87380  87380    10.00    9412.12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.