Ping through 2 Namespaces in same Subnet

eraser2220

New Member
Credits
14
Hi @ all, i´ve a question.
I have the following setup, but cannot ping from ETHA to ETHB.

1596037834353.png


If i check Namespace 1, i have the following configuration:
Code:
[email protected]:  ip netns exec ns1 ip a
1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN group default
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: [email protected]: <NOARP> mtu 1480 qdisc noop state DOWN group default
    link/ipip 0.0.0.0 brd 0.0.0.0
3: [email protected]: <NOARP> mtu 1480 qdisc noop state DOWN group default
    link/sit 0.0.0.0 brd 0.0.0.0
4: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master br1 state UP group default qlen 1000
    inet 10.128.0.1/24 scope global eth1
       valid_lft forever preferred_lft forever
    inet6 fe80::2c0:3aff:fee4:9a/64 scope link
       valid_lft forever preferred_lft forever
5: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master br1 state UP group default qlen 1000
    inet 10.128.0.2/24 scope global eth2
       valid_lft forever preferred_lft forever
    inet6 fe80::2c0:3aff:fee5:9a/64 scope link
       valid_lft forever preferred_lft forever
6: br1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
    inet6 fe80::2c0:3aff:fee4:9a/64 scope link
       valid_lft forever preferred_lft forever

If i check Namespace 2, i have the following configuration:
Code:
[email protected]:~/EXAMPLES# ip netns exec ns2 ip a
1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN group default
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: [email protected]: <NOARP> mtu 1480 qdisc noop state DOWN group default
    link/ipip 0.0.0.0 brd 0.0.0.0
3: [email protected]: <NOARP> mtu 1480 qdisc noop state DOWN group default
    link/sit 0.0.0.0 brd 0.0.0.0
4: eth3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master br2 state UP group default qlen 1000
    inet 10.128.0.3/24 scope global eth3
       valid_lft forever preferred_lft forever
    inet6 fe80::2c0:3aff:fee6:9a/64 scope link
       valid_lft forever preferred_lft forever
5: eth4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master br2 state UP group default qlen 1000
    inet 10.128.0.4/24 scope global eth4
       valid_lft forever preferred_lft forever
    inet6 fe80::2c0:3aff:fee7:9a/64 scope link
       valid_lft forever preferred_lft forever
6: br2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
    inet6 fe80::2c0:3aff:fee6:9a/64 scope link
       valid_lft forever preferred_lft forever

If i check the route of Namespace 1, i get following:
Code:
[email protected]: ip netns exec ns2 route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.128.0.0      *               255.255.255.0   U     0      0        0 eth3
10.128.0.0      *               255.255.255.0   U     0      0        0 eth4
Code:
[email protected]: ip netns exec ns1 ip route get 10.128.0.100
10.128.0.100 dev eth1  src 10.128.0.1
    cache
Code:
[email protected]: ip netns exec ns1 ip route get 10.128.0.200
10.128.0.200 dev eth1  src 10.128.0.1
    cache

If i check the route of Namespace 2, i get following:
Code:
[email protected]: ip netns exec ns2 route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.128.0.0      0.0.0.0         255.255.255.0   U     0      0        0 eth3
10.128.0.0      0.0.0.0         255.255.255.0   U     0      0        0 eth4
Code:
[email protected]: ip netns exec ns2 ip route get 10.128.0.100
10.128.0.100 dev eth3  src 10.128.0.3
    cache
Code:
[email protected]: ip netns exec ns2 ip route get 10.128.0.200
10.128.0.200 dev eth3  src 10.128.0.3
    cache

Does anyone know, why i can´t ping now from ETHA to ETHB and what the best practice would be to solve the problem?

Thanks for the help !
 


f33dm3bits

Gold Member
Gold Supporter
Credits
1,858
As far as I know the IP address should be on the bridge interface. I'm just thinking out loud don't know if it will help you, give you another insight or new ideas. Wouldn't it be easier to remove the cable between eth2 and eth3, then bridge eth2 and eth3(since both interfaces are in the same machine it seems more logical to bridge them), having the IP address on the bridge interface(ie: br0). This way you are actually bridging two interfaces.

Then it would look something like this:
Code:
PC1:
ethA: 10.128.0.100
ethB: 10.128.0.200

PC2:
eth1: 10.128.0.1
br0(eth2 and eth3): 10.128.0.23
eth4: 10.128.0.4
Then route eth1 through br0(10.128.0.23) and also route eth4 through br0(10.128.0.23) by creating a routing table per interface looking something like this:

(This is how it's done on RHEL based distributions, no idea what distribution you are using but it should also be possible under any other distro although the routing tables might be done a bit differently)

route-eth1:
Code:
10.128.0.23 dev br0
default via 10.128.0.23
route-eth4:
Code:
10.128.0.23 dev br0
default via 10.128.0.23
 
Last edited:

Old Tom Bombadil

New Member
Credits
68
You want to go from one end of your circuit to the other end, but tell us: Is any part of the circuit working? That is, can you ping from ETHA to ETH1, just the first leg, via the cable? If not, I would be sure that you are using crossover cables, not just standard network patch cables, to make your NIC-to-NIC connections.

If you can ping from ETHA to ETH1, but not to ETH2, then check your first bridge settings. Work your way through it segment by segment.

You may well have configuration problems. Your diagram gives IPv4 address/subnet info (and IPv6), but your bridges only show IPv6. You might try to ping using IPv6 addresses to see if they will pass through. You may need to define a default gateway too.
 


Members online


Latest posts

Top