Created
December 13, 2023 20:52
-
-
Save paigeadelethompson/0559d8b624751eb5931124f52836aff1 to your computer and use it in GitHub Desktop.
NetNS / VRF with routes and ipv6
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| /usr/bin/env ip netns delete _netcrave | |
| /usr/bin/env ip link del vrf2 | |
| /usr/bin/env ip route flush table 2 | |
| /usr/bin/env ip rule add to 198.51.100.0/30 table 2 | |
| /usr/bin/env ip netns add _netcrave | |
| /usr/bin/env ip netns exec _netcrave ip link set lo up | |
| /usr/bin/env ip netns exec _netcrave ip link add ns0vrf2 type vrf table 2 | |
| /usr/bin/env ip link add vethma0 type veth peer name ns0vethsl0 | |
| /usr/bin/env ip netns exec _netcrave ip link set dev ns0vrf2 up | |
| /usr/bin/env ip netns exec _netcrave ip route add table 2 unreachable default metric 4278198272 | |
| /usr/bin/env ip link set ns0vethsl0 netns _netcrave | |
| /usr/bin/env ip netns exec _netcrave ip link set dev ns0vethsl0 master ns0vrf2 | |
| /usr/bin/env ip netns exec _netcrave ip addr add 198.51.100.1/30 dev ns0vethsl0 | |
| /usr/bin/env ip netns exec _netcrave ip link set ns0vethsl0 up | |
| /usr/bin/env ip netns exec _netcrave ip route add default via 198.51.100.2 table 2 | |
| /usr/bin/env ip link add vrf2 type vrf table 2 | |
| /usr/bin/env ip link set dev vrf2 up | |
| /usr/bin/env ip route add table 2 unreachable default metric 4278198272 | |
| /usr/bin/env ip link set vethma0 master vrf2 | |
| /usr/bin/env ip addr add 198.51.100.2/30 dev vethma0 | |
| /usr/bin/env ip link set vethma0 up | |
| /usr/bin/env ip route add default via 198.51.100.1 table 2 | |
| /usr/bin/env ip route add default via 206.125.168.65 table 2 | |
| /usr/bin/env ip rule add to 198.51.100.0/30 table 2 | |
| iptables -T POSTROUTING -o ens18 -j MASQUERADE | |
| #/usr/bin/env ip netns exec _netcrave /usr/bin/env ip vrf exec ns0vrf2 /usr/bin/env bash -c 'cgroupfs-mount && /opt/docker/dockerd -D --bip 10.0.0.1/16' | |
| # ens18 /64 is 2607:f2f8:a2c4:2000::85 | |
| # ip -6 rule add to 2607:f2f8:a2c4:2000:8000::/65 table 2 | |
| # ip -6 addr add 2607:f2f8:a2c4:2000:8000::1/66 dev vethma0 | |
| # ip -6 route add 2607:f2f8:a2c4:2000:c000::/66 via 2607:f2f8:a2c4:2000:8000::2 table 2 | |
| # ip -6 route add default via 2607:f2f8::2/48 table 2 (ens18's default gateway, too) | |
| # ip -6 neigh add proxy 2607:f2f8:a2c4:2000:8000::2 dev ens18 | |
| # maybe this ip -6 rule add to ff02::1 table 2 | |
| # tf is this, found this looking for info on ndp-proxy | |
| # https://www.irtf.org/anrw/2017/anrw17-final3.pdf |
Author
paigeadelethompson
commented
Dec 13, 2023
•
- https://groups.google.com/g/pyroute2-dev/c/12Z_b4Vpfig?pli=1
- https://docs.pyroute2.org/netns.html#spawn-a-process-within-a-netns
- https://wiki.gentoo.org/wiki/IPv6_Static_Addresses_using_Tokens
- https://gist.github.com/tomkins/c1fec82499fa273c6e1712147867bfa5
- https://pypi.org/project/sysctl/
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment