Difference between revisions of "VPP/Pure L3 Between Namespaces with /32s"
From fd.io
< VPP
(Created page with "<pre> INDECES=(1 2) for i in ${INDECES[@]} do INDEX=${i};HNAME=host${INDEX};IP=10.10.1.$((${INDEX}+1));IPGW=10.10.1.1 #Create namespace sudo ip netns add ${HNAME}...") |
(→Verify) |
||
(22 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
+ | __TOC__ | ||
+ | = Method 1 = | ||
+ | |||
+ | == Setup == | ||
<pre> | <pre> | ||
INDECES=(1 2) | INDECES=(1 2) | ||
+ | LOOP_INT=$(sudo vppctl create loopback interface) | ||
+ | LOOP_IDX=$(sudo vppctl show int | grep ${LOOP_INT} | awk '{print $2}') | ||
+ | sudo vppctl set interface ip address ${LOOP_INT} 10.10.1.1/24 | ||
+ | sudo vppctl set int state ${LOOP_INT} up | ||
+ | sudo vppctl set ip arp proxy 10.10.1.2-10.10.1.255 | ||
for i in ${INDECES[@]} | for i in ${INDECES[@]} | ||
do | do | ||
Line 6: | Line 15: | ||
#Create namespace | #Create namespace | ||
sudo ip netns add ${HNAME} | sudo ip netns add ${HNAME} | ||
+ | |||
+ | # Create link and add it to namespace | ||
sudo ip link add name vpp2${HNAME} type veth peer name ${HNAME} | sudo ip link add name vpp2${HNAME} type veth peer name ${HNAME} | ||
sudo ip link set ${HNAME} netns ${HNAME} | sudo ip link set ${HNAME} netns ${HNAME} | ||
sudo ip link | sudo ip link | ||
sudo ip netns exec ${HNAME} ip link | sudo ip netns exec ${HNAME} ip link | ||
+ | |||
+ | # Turn up link in namespace | ||
+ | sudo ip netns exec ${HNAME} ip link set dev ${HNAME} up | ||
+ | |||
+ | # Bring up link in root ns | ||
+ | sudo ip link set dev vpp2${HNAME} up | ||
+ | |||
+ | # Fire up a tcpdump on interface in namespace | ||
+ | sudo ip netns exec ${HNAME} tcpdump -i ${HNAME} -w /tmp/tcpdump-${HNAME}.libpcap & | ||
+ | |||
+ | # Configure IP address on interface in namspace | ||
+ | sudo ip netns exec ${HNAME} ip addr add ${IP}/24 dev ${HNAME} | ||
+ | sudo ip netns exec ${HNAME} ip addr show ${HNAME} | ||
+ | |||
+ | # Create host interface in vpp attached to other end of veth pair | ||
+ | sudo vppctl create host-interface name vpp2${HNAME} | ||
+ | sudo vppctl show hardware | ||
+ | |||
+ | # Set up as unumbered interface against LOOP_INT | ||
+ | INT_IDX=$(sudo vppctl show int | grep host-vpp2${HNAME} | awk '{print $2}') | ||
+ | echo ${INT_IDX} | ||
+ | echo sw_interface_set_unnumbered sw_if_index ${LOOP_IDX} unnum_if_index ${INT_IDX} | sudo vpp_api_test | grep -v "#vat" | ||
+ | |||
+ | # Setup arp proxy | ||
+ | sudo vppctl set interface proxy-arp host-vpp2${HNAME} enable | ||
+ | |||
+ | # Configure route in vpp to namespace /32 | ||
+ | sudo vppctl ip route add ${IP}/32 via ${IP} host-vpp2${HNAME} | ||
+ | sudo vppctl show ip fib ${IP}/32 | ||
+ | |||
+ | # Turn vpp side interfaces up | ||
+ | sudo vppctl set int state host-vpp2${HNAME} up | ||
+ | |||
+ | # Turn on trace | ||
+ | sudo vppctl trace add af-packet-input 100 | ||
+ | |||
+ | # Configure default route in namespace to GW | ||
+ | sudo ip netns exec ${HNAME} ip route add default via ${IPGW} dev ${HNAME} | ||
+ | sudo ip netns exec ${HNAME} ip route | ||
+ | done | ||
+ | </pre> | ||
+ | |||
+ | = Method 2 = | ||
+ | == Setup == | ||
+ | <pre> | ||
+ | INDECES=(1 2) | ||
+ | for i in ${INDECES[@]} | ||
+ | do | ||
+ | INDEX=${i};HNAME=host${INDEX};IP=10.10.1.$((${INDEX}+1));IPGW=10.10.1.1 | ||
+ | #Create namespace | ||
+ | sudo ip netns add ${HNAME} | ||
+ | |||
+ | # Create link and add it to namespace | ||
+ | sudo ip link add name vpp2${HNAME} type veth peer name ${HNAME} | ||
+ | sudo ip link set ${HNAME} netns ${HNAME} | ||
+ | sudo ip link | ||
+ | sudo ip netns exec ${HNAME} ip link | ||
+ | |||
+ | # Capture Namespace Mac address | ||
MACADDR=$(sudo ip netns exec ${HNAME} ip link show dev ${HNAME} | grep link | awk '{print $2}') | MACADDR=$(sudo ip netns exec ${HNAME} ip link show dev ${HNAME} | grep link | awk '{print $2}') | ||
echo "MACADDR: ${MACADDR}" | echo "MACADDR: ${MACADDR}" | ||
+ | |||
+ | # Turn up link in namespace | ||
+ | sudo ip netns exec ${HNAME} ip link set dev ${HNAME} up | ||
+ | |||
+ | # Bring up link in root ns | ||
+ | sudo ip link set dev vpp2${HNAME} up | ||
+ | |||
+ | # Fire up a tcpdump on interface in namespace | ||
sudo ip netns exec ${HNAME} tcpdump -i ${HNAME} -w /tmp/tcpdump-${HNAME}.libpcap & | sudo ip netns exec ${HNAME} tcpdump -i ${HNAME} -w /tmp/tcpdump-${HNAME}.libpcap & | ||
+ | |||
+ | # Configure IP address on interface in namspace | ||
sudo ip netns exec ${HNAME} ip addr add ${IP}/32 dev ${HNAME} | sudo ip netns exec ${HNAME} ip addr add ${IP}/32 dev ${HNAME} | ||
sudo ip netns exec ${HNAME} ip addr show ${HNAME} | sudo ip netns exec ${HNAME} ip addr show ${HNAME} | ||
− | + | ||
+ | # Create host interface in vpp attached to other end of veth pair | ||
sudo vppctl create host-interface name vpp2${HNAME} | sudo vppctl create host-interface name vpp2${HNAME} | ||
sudo vppctl show hardware | sudo vppctl show hardware | ||
+ | |||
+ | # Turn on trace | ||
sudo vppctl trace add af-packet-input 100 | sudo vppctl trace add af-packet-input 100 | ||
+ | |||
+ | # Configure route in vpp to namespace /32 | ||
sudo vppctl ip route add ${IP}/32 via ${IP} host-vpp2${HNAME} | sudo vppctl ip route add ${IP}/32 via ${IP} host-vpp2${HNAME} | ||
sudo vppctl show ip fib ${IP}/32 | sudo vppctl show ip fib ${IP}/32 | ||
+ | |||
+ | # Assign 127.0.0.* IP to vpp interface. This is done to force interface into IP mode | ||
sudo vppctl set interface ip address host-vpp2${HNAME} 127.0.0.$((${INDEX}+1))/32 | sudo vppctl set interface ip address host-vpp2${HNAME} 127.0.0.$((${INDEX}+1))/32 | ||
sudo vppctl set ip arp host-vpp2${HNAME} ${IP} ${MACADDR} | sudo vppctl set ip arp host-vpp2${HNAME} ${IP} ${MACADDR} | ||
sudo vppctl set int state host-vpp2${HNAME} up | sudo vppctl set int state host-vpp2${HNAME} up | ||
+ | |||
+ | # Capture VPP side mac address | ||
VPP_MACADDRESS=$(sudo vppctl show hardware host-vpp2${HNAME} | grep "Ethernet address" | awk '{print $3}') | VPP_MACADDRESS=$(sudo vppctl show hardware host-vpp2${HNAME} | grep "Ethernet address" | awk '{print $3}') | ||
+ | |||
+ | # Staticly peg up arp entry for vpp side of interface associated to GW address | ||
sudo ip netns exec ${HNAME} ip neigh add ${IPGW} lladdr ${VPP_MACADDRESS} dev ${HNAME} | sudo ip netns exec ${HNAME} ip neigh add ${IPGW} lladdr ${VPP_MACADDRESS} dev ${HNAME} | ||
− | + | ||
+ | # Configure route to GW IP in namespace | ||
sudo ip netns exec ${HNAME} ip route add ${IPGW} dev ${HNAME} scope link | sudo ip netns exec ${HNAME} ip route add ${IPGW} dev ${HNAME} scope link | ||
+ | |||
+ | # Configure default route in namespace to GW | ||
sudo ip netns exec ${HNAME} ip route add default via ${IPGW} dev ${HNAME} | sudo ip netns exec ${HNAME} ip route add default via ${IPGW} dev ${HNAME} | ||
sudo ip netns exec ${HNAME} ip route | sudo ip netns exec ${HNAME} ip route | ||
done | done | ||
</pre> | </pre> | ||
+ | |||
+ | == Verify == | ||
<pre> | <pre> | ||
for i in ${INDECES[@]} | for i in ${INDECES[@]} | ||
Line 38: | Line 134: | ||
for j in ${INDECES[@]} | for j in ${INDECES[@]} | ||
do | do | ||
− | sudo ip netns ${HNAME} ping -c | + | PINGIP=10.10.1.$((${j}+1)) |
+ | PINGHNAME=host${j} | ||
+ | if [ ${PINGIP} != ${IP} ]; then | ||
+ | echo "Pinging from ${HNAME} to ${PINGHNAME} " | ||
+ | sudo ip netns exec ${HNAME} ping -c 2 10.10.1.$((${j}+1)) | ||
+ | fi | ||
done | done | ||
done | done | ||
+ | sudo vppctl show trace | ||
+ | for i in ${INDECES[@]} | ||
+ | do | ||
+ | INDEX=${i};HNAME=host${INDEX};IP=10.10.1.$((${INDEX}+1));IPGW=10.10.1.1 | ||
+ | sudo tcpdump -r /tmp/tcpdump-${HNAME}.libpcap -e | ||
+ | done | ||
+ | </pre> | ||
+ | |||
+ | == Cleanup == | ||
+ | <pre> | ||
+ | INDECES=(1 2) | ||
+ | for i in ${INDECES[@]} | ||
+ | do | ||
+ | INDEX=${i};HNAME=host${INDEX};IP=10.10.1.$((${INDEX}+1));IPGW=10.10.1.1 | ||
+ | sudo ip netns del ${HNAME} | ||
+ | sudo ip link del vpp2${HNAME} | ||
+ | ps -ef | grep /tmp/tcpdump-${HNAME}.libpcap | awk '{print $2}' | xargs sudo kill | ||
+ | done | ||
+ | sudo service vpp restart | ||
</pre> | </pre> |
Latest revision as of 00:11, 30 August 2017
Method 1
Setup
INDECES=(1 2) LOOP_INT=$(sudo vppctl create loopback interface) LOOP_IDX=$(sudo vppctl show int | grep ${LOOP_INT} | awk '{print $2}') sudo vppctl set interface ip address ${LOOP_INT} 10.10.1.1/24 sudo vppctl set int state ${LOOP_INT} up sudo vppctl set ip arp proxy 10.10.1.2-10.10.1.255 for i in ${INDECES[@]} do INDEX=${i};HNAME=host${INDEX};IP=10.10.1.$((${INDEX}+1));IPGW=10.10.1.1 #Create namespace sudo ip netns add ${HNAME} # Create link and add it to namespace sudo ip link add name vpp2${HNAME} type veth peer name ${HNAME} sudo ip link set ${HNAME} netns ${HNAME} sudo ip link sudo ip netns exec ${HNAME} ip link # Turn up link in namespace sudo ip netns exec ${HNAME} ip link set dev ${HNAME} up # Bring up link in root ns sudo ip link set dev vpp2${HNAME} up # Fire up a tcpdump on interface in namespace sudo ip netns exec ${HNAME} tcpdump -i ${HNAME} -w /tmp/tcpdump-${HNAME}.libpcap & # Configure IP address on interface in namspace sudo ip netns exec ${HNAME} ip addr add ${IP}/24 dev ${HNAME} sudo ip netns exec ${HNAME} ip addr show ${HNAME} # Create host interface in vpp attached to other end of veth pair sudo vppctl create host-interface name vpp2${HNAME} sudo vppctl show hardware # Set up as unumbered interface against LOOP_INT INT_IDX=$(sudo vppctl show int | grep host-vpp2${HNAME} | awk '{print $2}') echo ${INT_IDX} echo sw_interface_set_unnumbered sw_if_index ${LOOP_IDX} unnum_if_index ${INT_IDX} | sudo vpp_api_test | grep -v "#vat" # Setup arp proxy sudo vppctl set interface proxy-arp host-vpp2${HNAME} enable # Configure route in vpp to namespace /32 sudo vppctl ip route add ${IP}/32 via ${IP} host-vpp2${HNAME} sudo vppctl show ip fib ${IP}/32 # Turn vpp side interfaces up sudo vppctl set int state host-vpp2${HNAME} up # Turn on trace sudo vppctl trace add af-packet-input 100 # Configure default route in namespace to GW sudo ip netns exec ${HNAME} ip route add default via ${IPGW} dev ${HNAME} sudo ip netns exec ${HNAME} ip route done
Method 2
Setup
INDECES=(1 2) for i in ${INDECES[@]} do INDEX=${i};HNAME=host${INDEX};IP=10.10.1.$((${INDEX}+1));IPGW=10.10.1.1 #Create namespace sudo ip netns add ${HNAME} # Create link and add it to namespace sudo ip link add name vpp2${HNAME} type veth peer name ${HNAME} sudo ip link set ${HNAME} netns ${HNAME} sudo ip link sudo ip netns exec ${HNAME} ip link # Capture Namespace Mac address MACADDR=$(sudo ip netns exec ${HNAME} ip link show dev ${HNAME} | grep link | awk '{print $2}') echo "MACADDR: ${MACADDR}" # Turn up link in namespace sudo ip netns exec ${HNAME} ip link set dev ${HNAME} up # Bring up link in root ns sudo ip link set dev vpp2${HNAME} up # Fire up a tcpdump on interface in namespace sudo ip netns exec ${HNAME} tcpdump -i ${HNAME} -w /tmp/tcpdump-${HNAME}.libpcap & # Configure IP address on interface in namspace sudo ip netns exec ${HNAME} ip addr add ${IP}/32 dev ${HNAME} sudo ip netns exec ${HNAME} ip addr show ${HNAME} # Create host interface in vpp attached to other end of veth pair sudo vppctl create host-interface name vpp2${HNAME} sudo vppctl show hardware # Turn on trace sudo vppctl trace add af-packet-input 100 # Configure route in vpp to namespace /32 sudo vppctl ip route add ${IP}/32 via ${IP} host-vpp2${HNAME} sudo vppctl show ip fib ${IP}/32 # Assign 127.0.0.* IP to vpp interface. This is done to force interface into IP mode sudo vppctl set interface ip address host-vpp2${HNAME} 127.0.0.$((${INDEX}+1))/32 sudo vppctl set ip arp host-vpp2${HNAME} ${IP} ${MACADDR} sudo vppctl set int state host-vpp2${HNAME} up # Capture VPP side mac address VPP_MACADDRESS=$(sudo vppctl show hardware host-vpp2${HNAME} | grep "Ethernet address" | awk '{print $3}') # Staticly peg up arp entry for vpp side of interface associated to GW address sudo ip netns exec ${HNAME} ip neigh add ${IPGW} lladdr ${VPP_MACADDRESS} dev ${HNAME} # Configure route to GW IP in namespace sudo ip netns exec ${HNAME} ip route add ${IPGW} dev ${HNAME} scope link # Configure default route in namespace to GW sudo ip netns exec ${HNAME} ip route add default via ${IPGW} dev ${HNAME} sudo ip netns exec ${HNAME} ip route done
Verify
for i in ${INDECES[@]} do INDEX=${i};HNAME=host${INDEX};IP=10.10.1.$((${INDEX}+1));IPGW=10.10.1.1 for j in ${INDECES[@]} do PINGIP=10.10.1.$((${j}+1)) PINGHNAME=host${j} if [ ${PINGIP} != ${IP} ]; then echo "Pinging from ${HNAME} to ${PINGHNAME} " sudo ip netns exec ${HNAME} ping -c 2 10.10.1.$((${j}+1)) fi done done sudo vppctl show trace for i in ${INDECES[@]} do INDEX=${i};HNAME=host${INDEX};IP=10.10.1.$((${INDEX}+1));IPGW=10.10.1.1 sudo tcpdump -r /tmp/tcpdump-${HNAME}.libpcap -e done
Cleanup
INDECES=(1 2) for i in ${INDECES[@]} do INDEX=${i};HNAME=host${INDEX};IP=10.10.1.$((${INDEX}+1));IPGW=10.10.1.1 sudo ip netns del ${HNAME} sudo ip link del vpp2${HNAME} ps -ef | grep /tmp/tcpdump-${HNAME}.libpcap | awk '{print $2}' | xargs sudo kill done sudo service vpp restart