## page was renamed from k8s/StudyNotes/LinuxNetworNamespaces
## page was renamed from k8s/StudyNotes/k8sNetworking
= k8s/StudyNotes/ k8sNetworking =

 * Linux network namespaces {{{
ip netns add red
ip netns add blue
ip netns list
ip netns exec red ip link
ip netns exec red arp
ip netns exec red route
}}}
 * Connect two network namespaces with virtual link {{{
ip link add veth-red type veth peer name veth-blue
ip link set veth-red  netns red
ip link set veth-blue netns blue
ip -n red  addr add 192.168.15.1 dev veth-red
ip -n blue addr add 192.168.15.2 dev veth-blue
ip -n red  link set veth-red  up
ip -n blue link set veth-blue up
#
ip netns exec red ping 192.168.15.2
}}}

 * create bridge to scale,  {{{
ip link add v-net-0 type bridge
ip link 
ip link set dev v-net-0 up
}}}
 * remove red-blue link and reconnect to bridge/switch {{{
ip -n red link del veth-red
#
ip link add veth-red  type veth peer name veth-red-br
ip link add veth-blue type veth peer name veth-blue-br
#
ip link set veth-red netns red
ip link set veth-red-br master v-net-0
#
ip link set veth-blue netns blue
ip link set veth-blue-br master v-net-0
#
ip -n red  addr add 192.168.15.1/24 dev veth-red
ip -n blue addr add 192.168.15.2/24 dev veth-blue
#
ip -n red link
}}}

 * From host can assign ip to bridge interface {{{
ip addr add 192.168.15.15/24 dev v-net-0
#
# can add route to other namespaces for outbound routing
ip netns exec blue ip ruote add 0.0.0.0/0 via 192.168.15.15
}}}
 * Masquerade namespace traffic outbound {{{
iptables -t nat -A POSTROUTING -s 192.168.15.0/24 -j MASQUERADE
}}}