VPP/Configure VPP As A Router Between Namespaces
From fd.io
< VPP
This example shows how to configure VPP as an IPv4 router between 2 linux namespaces (or containers).
In this setup we use 2 linux veth interface pairs as an interconnect between VPP and 2 different namespaces called vpp1 and vpp2.
Setup
The Linux infrastructure can be setup by running this bash script:
#!/bin/bash
if [ $USER != "root" ] ; then
echo "Restarting script with sudo..."
sudo $0 ${*}
exit
fi
# delete previous incarnations if they exist
ip link del dev veth_vpp1
ip link del dev veth_vpp2
ip netns del vpp1
ip netns del vpp2
#create namespaces
ip netns add vpp1
ip netns add vpp2
# create and configure 1st veth pair
ip link add name veth_vpp1 type veth peer name vpp1
ip link set dev vpp1 up
ip link set dev veth_vpp1 up netns vpp1
ip netns exec vpp1 \
bash -c "
ip link set dev lo up
ip addr add 172.16.1.2/24 dev veth_vpp1
ip route add 172.16.2.0/24 via 172.16.1.1
"
# create and configure 2st veth pair
ip link add name veth_vpp2 type veth peer name vpp2
ip link set dev vpp2 up
ip link set dev veth_vpp2 up netns vpp2
ip netns exec vpp2 \
bash -c "
ip link set dev lo up
ip addr add 172.16.2.2/24 dev veth_vpp2
ip route add 172.16.1.0/24 via 172.16.2.1
"
Configure Interfaces
We need to configure VPP interface ip address and interface state:
sudo vppctl create host-interface name vpp1 sudo vppctl create host-interface name vpp2 sudo vppctl set int state host-vpp1 up sudo vppctl set int state host-vpp2 up sudo vppctl set int ip address host-vpp1 172.16.1.1/24 sudo vppctl set int ip address host-vpp2 172.16.2.1/24
Test
We should now be able to send a ping from one namespace to another:
$ sudo ip netns exec vpp1 ping 172.16.2.1 -c 1 PING 172.16.2.2 (172.16.2.2) 56(84) bytes of data. 64 bytes from 172.16.2.2: icmp_seq=1 ttl=63 time=0.135 ms --- 172.16.2.2 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.135/0.135/0.135/0.000 ms
Using the VPP debug Command-line Interface (CLI) we can verify interface and fib statistics.
Use the VPP CLI command show ip arp:
vpp# show ip arp
Time FIB IP4 Stat Ethernet Interface
1050.5729 0 172.16.1.2 5a:df:31:28:dc:5c host-vpp1
1050.5768 0 172.16.2.2 12:fa:19:cb:39:e3 host-vpp2
Use the command show interface:
vpp# show interface
Name Idx State Counter Count
host-vpp1 5 up rx packets 1
rx bytes 98
tx packets 1
tx bytes 98
ip4 1
host-vpp2 6 up rx packets 1
rx bytes 98
tx packets 1
tx bytes 98
ip4 1
Use the command show ip fib:
vpp# show ip fib
Table 0, fib_index 0, flow hash: src dst sport dport proto
Destination Packets Bytes Adjacency
172.16.1.0/24 0 0 weight 1, index 3
arp host-vpp1 172.16.1.1/24
172.16.1.1/32 0 0 weight 1, index 4
local 172.16.1.1/24
172.16.1.2/32 0 0 weight 1, index 11
host-vpp1
IP4: 02:fe:67:ce:36:a9 -> 5a:df:31:28:dc:5c
172.16.2.0/24 1 98 weight 1, index 5
arp host-vpp2 172.16.2.1/24
172.16.2.1/32 0 0 weight 1, index 6
local 172.16.2.1/24
172.16.2.2/32 0 0 weight 1, index 9
host-vpp2
IP4: 02:fe:cc:9a:f7:d4 -> 12:fa:19:cb:39:e3
