Move network device between Linux network namespaces
In Linux, set up 2 network namespaces, ns1
and ns2
. ip netns list
can view the 2 network namespaces.
If I move one network device from Linux root namespace to ns1
then from ns1
to ns2
, then delete ns2
, I expect that the network device can move back to ns1
.
The actual result is that eth1
is back to Linux root network namespace. I'm not sure whether it's as expected.
Here is the detail test scenario:
ip netns add ns1
ip netns add ns2
ip link set eth1 netns ns1
ip netns exec ns1 ip link set eth1 netns ns2
ip netns del ns2
Expected result: eth1
will be in ns1
Actual result: eth1
is back in Linux root namespace 1
Question: is there any method to realize such scenario to make sure device can be back to ns1 not Linux root network namespace 1?
linux network-namespaces
add a comment |
In Linux, set up 2 network namespaces, ns1
and ns2
. ip netns list
can view the 2 network namespaces.
If I move one network device from Linux root namespace to ns1
then from ns1
to ns2
, then delete ns2
, I expect that the network device can move back to ns1
.
The actual result is that eth1
is back to Linux root network namespace. I'm not sure whether it's as expected.
Here is the detail test scenario:
ip netns add ns1
ip netns add ns2
ip link set eth1 netns ns1
ip netns exec ns1 ip link set eth1 netns ns2
ip netns del ns2
Expected result: eth1
will be in ns1
Actual result: eth1
is back in Linux root namespace 1
Question: is there any method to realize such scenario to make sure device can be back to ns1 not Linux root network namespace 1?
linux network-namespaces
Make ns2 a child of ns1.
– Patrick
Jun 15 '18 at 12:28
To overcome this limitation, you could have an event loop running (on the output of)ip monitor link
to detect the reapparition of the device on the initial net namespace, and immediately cast it to ns1. Interface's name could be different from the former in some cases of renaming or naming conflict.
– A.B
Jan 7 at 18:45
add a comment |
In Linux, set up 2 network namespaces, ns1
and ns2
. ip netns list
can view the 2 network namespaces.
If I move one network device from Linux root namespace to ns1
then from ns1
to ns2
, then delete ns2
, I expect that the network device can move back to ns1
.
The actual result is that eth1
is back to Linux root network namespace. I'm not sure whether it's as expected.
Here is the detail test scenario:
ip netns add ns1
ip netns add ns2
ip link set eth1 netns ns1
ip netns exec ns1 ip link set eth1 netns ns2
ip netns del ns2
Expected result: eth1
will be in ns1
Actual result: eth1
is back in Linux root namespace 1
Question: is there any method to realize such scenario to make sure device can be back to ns1 not Linux root network namespace 1?
linux network-namespaces
In Linux, set up 2 network namespaces, ns1
and ns2
. ip netns list
can view the 2 network namespaces.
If I move one network device from Linux root namespace to ns1
then from ns1
to ns2
, then delete ns2
, I expect that the network device can move back to ns1
.
The actual result is that eth1
is back to Linux root network namespace. I'm not sure whether it's as expected.
Here is the detail test scenario:
ip netns add ns1
ip netns add ns2
ip link set eth1 netns ns1
ip netns exec ns1 ip link set eth1 netns ns2
ip netns del ns2
Expected result: eth1
will be in ns1
Actual result: eth1
is back in Linux root namespace 1
Question: is there any method to realize such scenario to make sure device can be back to ns1 not Linux root network namespace 1?
linux network-namespaces
linux network-namespaces
edited Feb 1 at 23:54
guntbert
1,06111017
1,06111017
asked Jun 15 '18 at 7:52
Pamela MeiPamela Mei
61
61
Make ns2 a child of ns1.
– Patrick
Jun 15 '18 at 12:28
To overcome this limitation, you could have an event loop running (on the output of)ip monitor link
to detect the reapparition of the device on the initial net namespace, and immediately cast it to ns1. Interface's name could be different from the former in some cases of renaming or naming conflict.
– A.B
Jan 7 at 18:45
add a comment |
Make ns2 a child of ns1.
– Patrick
Jun 15 '18 at 12:28
To overcome this limitation, you could have an event loop running (on the output of)ip monitor link
to detect the reapparition of the device on the initial net namespace, and immediately cast it to ns1. Interface's name could be different from the former in some cases of renaming or naming conflict.
– A.B
Jan 7 at 18:45
Make ns2 a child of ns1.
– Patrick
Jun 15 '18 at 12:28
Make ns2 a child of ns1.
– Patrick
Jun 15 '18 at 12:28
To overcome this limitation, you could have an event loop running (on the output of)
ip monitor link
to detect the reapparition of the device on the initial net namespace, and immediately cast it to ns1. Interface's name could be different from the former in some cases of renaming or naming conflict.– A.B
Jan 7 at 18:45
To overcome this limitation, you could have an event loop running (on the output of)
ip monitor link
to detect the reapparition of the device on the initial net namespace, and immediately cast it to ns1. Interface's name could be different from the former in some cases of renaming or naming conflict.– A.B
Jan 7 at 18:45
add a comment |
1 Answer
1
active
oldest
votes
As far as I know, there is no way to enforce "physical" network interfaces return to a different network namespace than the root network namespace. Contrary to Patrick's comment, the Linux kernel considers network namespace to be flat (see ioctl_ns - ioctl() operations for Linux namespaces, which explicitly mentions only PID and user namespaces to be hierarchical).
Because there is no hierarchy for network namespaces defined (which would be difficult to apply to IP stacks, addresses, and route tables), Linux has the return-to-home rule which moves network interfaces back into the network namespace joined/created by init(1).
All ip netns add ...
does is create a new network namespace by calling unshare()
and then bind-mounts it into /run/netns/ns1
to keep it floating alive. The next ip nets add ...
starts anew, mount-binding another network namespace into /run/netns/ns2
. Two completely unrelated network namespaces.
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f449948%2fmove-network-device-between-linux-network-namespaces%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
As far as I know, there is no way to enforce "physical" network interfaces return to a different network namespace than the root network namespace. Contrary to Patrick's comment, the Linux kernel considers network namespace to be flat (see ioctl_ns - ioctl() operations for Linux namespaces, which explicitly mentions only PID and user namespaces to be hierarchical).
Because there is no hierarchy for network namespaces defined (which would be difficult to apply to IP stacks, addresses, and route tables), Linux has the return-to-home rule which moves network interfaces back into the network namespace joined/created by init(1).
All ip netns add ...
does is create a new network namespace by calling unshare()
and then bind-mounts it into /run/netns/ns1
to keep it floating alive. The next ip nets add ...
starts anew, mount-binding another network namespace into /run/netns/ns2
. Two completely unrelated network namespaces.
add a comment |
As far as I know, there is no way to enforce "physical" network interfaces return to a different network namespace than the root network namespace. Contrary to Patrick's comment, the Linux kernel considers network namespace to be flat (see ioctl_ns - ioctl() operations for Linux namespaces, which explicitly mentions only PID and user namespaces to be hierarchical).
Because there is no hierarchy for network namespaces defined (which would be difficult to apply to IP stacks, addresses, and route tables), Linux has the return-to-home rule which moves network interfaces back into the network namespace joined/created by init(1).
All ip netns add ...
does is create a new network namespace by calling unshare()
and then bind-mounts it into /run/netns/ns1
to keep it floating alive. The next ip nets add ...
starts anew, mount-binding another network namespace into /run/netns/ns2
. Two completely unrelated network namespaces.
add a comment |
As far as I know, there is no way to enforce "physical" network interfaces return to a different network namespace than the root network namespace. Contrary to Patrick's comment, the Linux kernel considers network namespace to be flat (see ioctl_ns - ioctl() operations for Linux namespaces, which explicitly mentions only PID and user namespaces to be hierarchical).
Because there is no hierarchy for network namespaces defined (which would be difficult to apply to IP stacks, addresses, and route tables), Linux has the return-to-home rule which moves network interfaces back into the network namespace joined/created by init(1).
All ip netns add ...
does is create a new network namespace by calling unshare()
and then bind-mounts it into /run/netns/ns1
to keep it floating alive. The next ip nets add ...
starts anew, mount-binding another network namespace into /run/netns/ns2
. Two completely unrelated network namespaces.
As far as I know, there is no way to enforce "physical" network interfaces return to a different network namespace than the root network namespace. Contrary to Patrick's comment, the Linux kernel considers network namespace to be flat (see ioctl_ns - ioctl() operations for Linux namespaces, which explicitly mentions only PID and user namespaces to be hierarchical).
Because there is no hierarchy for network namespaces defined (which would be difficult to apply to IP stacks, addresses, and route tables), Linux has the return-to-home rule which moves network interfaces back into the network namespace joined/created by init(1).
All ip netns add ...
does is create a new network namespace by calling unshare()
and then bind-mounts it into /run/netns/ns1
to keep it floating alive. The next ip nets add ...
starts anew, mount-binding another network namespace into /run/netns/ns2
. Two completely unrelated network namespaces.
edited Jun 26 '18 at 17:38
answered Jun 25 '18 at 21:08
TheDiveOTheDiveO
25811
25811
add a comment |
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f449948%2fmove-network-device-between-linux-network-namespaces%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Make ns2 a child of ns1.
– Patrick
Jun 15 '18 at 12:28
To overcome this limitation, you could have an event loop running (on the output of)
ip monitor link
to detect the reapparition of the device on the initial net namespace, and immediately cast it to ns1. Interface's name could be different from the former in some cases of renaming or naming conflict.– A.B
Jan 7 at 18:45