Code-Memo

Network namespaces

What are namespaces?

Linux namespaces isolate system resources. Network namespaces isolate:

• interfaces
• routing tables
• firewall rules
• ports/sockets

Basic workflow

Create namespace:

sudo ip netns add ns1
ip netns list

Run a command inside:

sudo ip netns exec ns1 ip addr

Create a veth pair and move one end:

sudo ip link add veth0 type veth peer name veth1
sudo ip link set veth1 netns ns1
sudo ip addr add 10.0.0.1/24 dev veth0
sudo ip link set veth0 up
sudo ip netns exec ns1 ip addr add 10.0.0.2/24 dev veth1
sudo ip netns exec ns1 ip link set veth1 up

Typical uses

• Containers (each container often gets its own netns)
• Testing routing/firewall changes safely

Cleanup

sudo ip netns del ns1

Related

• Traffic control (tc)