Gitiles
Code Review Sign In
gerrit.nordix.org / fdio / vpp / c6fe6174908d9a045a7c4f055a9f60f233618e87 / . / docs / usecases / containers / Routing.rst
blob: a468d239709e4a86021fdb4f6645bf83346e04f1 [file] [log] [blame]
John DeNisco06dcd452018-07-26 12:45:10 -0400[diff] [blame]1.. _Routing:
2
3.. toctree::
4
5Connecting the two Containers
6_____________________________
7
8Now for connecting these two linux containers to VPP and pinging between them.
9
10Enter container *cone*, and check the current network configuration:
11
andrewdf50b452018-08-09 13:23:59 -0400[diff] [blame]12.. code-block:: console
Nathan Skrzypczak9ad39c02021-08-19 11:38:06 +0200[diff] [blame]13
John DeNisco06dcd452018-07-26 12:45:10 -0400[diff] [blame]14 root@cone:/# ip -o a
15 1: lo inet 127.0.0.1/8 scope host lo\ valid_lft forever preferred_lft forever
16 1: lo inet6 ::1/128 scope host \ valid_lft forever preferred_lft forever
17 30: veth0 inet 10.0.3.157/24 brd 10.0.3.255 scope global veth0\ valid_lft forever preferred_lft forever
18 30: veth0 inet6 fe80::216:3eff:fee2:d0ba/64 scope link \ valid_lft forever preferred_lft forever
19 32: veth_link1 inet6 fe80::2c9d:83ff:fe33:37e/64 scope link \ valid_lft forever preferred_lft forever
20
21You can see that there are three network interfaces, *lo, veth0*, and *veth_link1*.
22
23Notice that *veth_link1* has no assigned IP.
24
25Check if the interfaces are down or up:
26
andrewdf50b452018-08-09 13:23:59 -0400[diff] [blame]27.. code-block:: console
John DeNisco06dcd452018-07-26 12:45:10 -0400[diff] [blame]28
29 root@cone:/# ip link
30 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1
31 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
32 30: veth0@if31: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
33 link/ether 00:16:3e:e2:d0:ba brd ff:ff:ff:ff:ff:ff link-netnsid 0
34 32: veth_link1@if33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
35 link/ether 2e:9d:83:33:03:7e brd ff:ff:ff:ff:ff:ff link-netnsid 0
36
37.. _networkNote:
38
39.. note::
40
41 Take note of the network index for **veth_link1**. In our case, it 32, and its parent index (the host machine, not the containers) is 33, shown by **veth_link1@if33**. Yours will most likely be different, but **please take note of these index's**.
42
43Make sure your loopback interface is up, and assign an IP and gateway to veth_link1.
44
andrewdf50b452018-08-09 13:23:59 -0400[diff] [blame]45.. code-block:: console
Nathan Skrzypczak9ad39c02021-08-19 11:38:06 +0200[diff] [blame]46
John DeNisco06dcd452018-07-26 12:45:10 -0400[diff] [blame]47 root@cone:/# ip link set dev lo up
48 root@cone:/# ip addr add 172.16.1.2/24 dev veth_link1
49 root@cone:/# ip link set dev veth_link1 up
50 root@cone:/# dhclient -r
51 root@cone:/# ip route add default via 172.16.1.1 dev veth_link1
52
53Here, the IP is 172.16.1.2/24 and the gateway is 172.16.1.1.
54
55Run some commands to verify the changes:
56
andrewdf50b452018-08-09 13:23:59 -0400[diff] [blame]57.. code-block:: console
Nathan Skrzypczak9ad39c02021-08-19 11:38:06 +0200[diff] [blame]58
John DeNisco06dcd452018-07-26 12:45:10 -0400[diff] [blame]59 root@cone:/# ip -o a
60 1: lo inet 127.0.0.1/8 scope host lo\ valid_lft forever preferred_lft forever
61 1: lo inet6 ::1/128 scope host \ valid_lft forever preferred_lft forever
62 30: veth0 inet6 fe80::216:3eff:fee2:d0ba/64 scope link \ valid_lft forever preferred_lft forever
63 32: veth_link1 inet 172.16.1.2/24 scope global veth_link1\ valid_lft forever preferred_lft forever
64 32: veth_link1 inet6 fe80::2c9d:83ff:fe33:37e/64 scope link \ valid_lft forever preferred_lft forever
65
hsandide75176a2023-10-30 18:47:36 +0100[diff] [blame]66 root@cone:/# ip route
67 default via 172.16.1.1 dev veth_link1
68 172.16.1.0/24 dev veth_link1 proto kernel scope link src 172.16.1.2
John DeNisco06dcd452018-07-26 12:45:10 -0400[diff] [blame]69
70
71We see that the IP has been assigned, as well as our default gateway.
72
73Now exit this container and repeat this process with container *ctwo*, except with IP 172.16.2.2/24 and gateway 172.16.2.1.
74
75
Paul Vinciguerra7fa3dd22019-10-27 17:28:10 -0400[diff] [blame]76After that's done for *both* containers, exit from the container if you're in one:
John DeNisco06dcd452018-07-26 12:45:10 -0400[diff] [blame]77
andrewdf50b452018-08-09 13:23:59 -0400[diff] [blame]78.. code-block:: console
Nathan Skrzypczak9ad39c02021-08-19 11:38:06 +0200[diff] [blame]79
John DeNisco06dcd452018-07-26 12:45:10 -0400[diff] [blame]80 root@ctwo:/# exit
81 exit
82 root@localhost:~#
83
84In the machine running the containers, run **ip link** to see the host *veth* network interfaces, and their link with their respective *container veth's*.
85
andrewdf50b452018-08-09 13:23:59 -0400[diff] [blame]86.. code-block:: console
Nathan Skrzypczak9ad39c02021-08-19 11:38:06 +0200[diff] [blame]87
John DeNisco06dcd452018-07-26 12:45:10 -0400[diff] [blame]88 root@localhost:~# ip link
89 1: lo: <LOOPBACK> mtu 65536 qdisc noqueue state DOWN mode DEFAULT group default qlen 1
90 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
91 2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
92 link/ether 08:00:27:33:82:8a brd ff:ff:ff:ff:ff:ff
93 3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
94 link/ether 08:00:27:d9:9f:ac brd ff:ff:ff:ff:ff:ff
95 4: enp0s9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
96 link/ether 08:00:27:78:84:9d brd ff:ff:ff:ff:ff:ff
97 5: lxcbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
98 link/ether 00:16:3e:00:00:00 brd ff:ff:ff:ff:ff:ff
99 19: veth0C2FL7@if18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master lxcbr0 state UP mode DEFAULT group default qlen 1000
100 link/ether fe:0d:da:90:c1:65 brd ff:ff:ff:ff:ff:ff link-netnsid 1
101 21: veth8NA72P@if20: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
102 link/ether fe:1c:9e:01:9f:82 brd ff:ff:ff:ff:ff:ff link-netnsid 1
103 31: vethXQMY4C@if30: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master lxcbr0 state UP mode DEFAULT group default qlen 1000
104 link/ether fe:9a:d9:29:40:bb brd ff:ff:ff:ff:ff:ff link-netnsid 0
105 33: vethQL7KOC@if32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
106 link/ether fe:ed:89:54:47:a2 brd ff:ff:ff:ff:ff:ff link-netnsid 0
107
108
109Remember our network interface index 32 in *cone* from this :ref:`note <networkNote>`? We can see at the bottom the name of the 33rd index **vethQL7KOC@if32**. Keep note of this network interface name for the veth connected to *cone* (ex. vethQL7KOC), and the other network interface name for *ctwo*.
110
111With VPP in the host machine, show current VPP interfaces:
112
andrewdf50b452018-08-09 13:23:59 -0400[diff] [blame]113.. code-block:: console
Nathan Skrzypczak9ad39c02021-08-19 11:38:06 +0200[diff] [blame]114
John DeNisco06dcd452018-07-26 12:45:10 -0400[diff] [blame]115 root@localhost:~# vppctl show inter
Nathan Skrzypczak9ad39c02021-08-19 11:38:06 +0200[diff] [blame]116 Name Idx State MTU (L3/IP4/IP6/MPLS) Counter Count
117 local0 0 down 0/0/0/0
John DeNisco06dcd452018-07-26 12:45:10 -0400[diff] [blame]118
119Which should only output local0.
120
121Based on the names of the network interfaces discussed previously, which are specific to my systems, we can create VPP host-interfaces:
122
andrewdf50b452018-08-09 13:23:59 -0400[diff] [blame]123.. code-block:: console
Nathan Skrzypczak9ad39c02021-08-19 11:38:06 +0200[diff] [blame]124
John DeNisco06dcd452018-07-26 12:45:10 -0400[diff] [blame]125 root@localhost:~# vppctl create host-interface name vethQL7K0C
126 root@localhost:~# vppctl create host-interface name veth8NA72P
127
128Verify they have been set up properly:
129
andrewdf50b452018-08-09 13:23:59 -0400[diff] [blame]130.. code-block:: console
Nathan Skrzypczak9ad39c02021-08-19 11:38:06 +0200[diff] [blame]131
John DeNisco06dcd452018-07-26 12:45:10 -0400[diff] [blame]132 root@localhost:~# vppctl show inter
Nathan Skrzypczak9ad39c02021-08-19 11:38:06 +0200[diff] [blame]133 Name Idx State MTU (L3/IP4/IP6/MPLS) Counter Count
134 host-vethQL7K0C 1 down 9000/0/0/0
135 host-veth8NA72P 2 down 9000/0/0/0
136 local0 0 down 0/0/0/0
John DeNisco06dcd452018-07-26 12:45:10 -0400[diff] [blame]137
138Which should output *three network interfaces*, local0, and the other two host network interfaces linked to the container veth's.
139
140
141Set their state to up:
142
andrewdf50b452018-08-09 13:23:59 -0400[diff] [blame]143.. code-block:: console
Nathan Skrzypczak9ad39c02021-08-19 11:38:06 +0200[diff] [blame]144
John DeNisco06dcd452018-07-26 12:45:10 -0400[diff] [blame]145 root@localhost:~# vppctl set interface state host-vethQL7K0C up
146 root@localhost:~# vppctl set interface state host-veth8NA72P up
147
148Verify they are now up:
149
andrewdf50b452018-08-09 13:23:59 -0400[diff] [blame]150.. code-block:: console
John DeNisco06dcd452018-07-26 12:45:10 -0400[diff] [blame]151
152 root@localhost:~# vppctl show inter
Nathan Skrzypczak9ad39c02021-08-19 11:38:06 +0200[diff] [blame]153 Name Idx State MTU (L3/IP4/IP6/MPLS) Counter Count
154 host-vethQL7K0C 1 up 9000/0/0/0
155 host-veth8NA72P 2 up 9000/0/0/0
156 local0 0 down 0/0/0/0
John DeNisco06dcd452018-07-26 12:45:10 -0400[diff] [blame]157
158
159Add IP addresses for the other end of each veth link:
160
andrewdf50b452018-08-09 13:23:59 -0400[diff] [blame]161.. code-block:: console
Nathan Skrzypczak9ad39c02021-08-19 11:38:06 +0200[diff] [blame]162
John DeNisco06dcd452018-07-26 12:45:10 -0400[diff] [blame]163 root@localhost:~# vppctl set interface ip address host-vethQL7K0C 172.16.1.1/24
164 root@localhost:~# vppctl set interface ip address host-veth8NA72P 172.16.2.1/24
165
166
167Verify the addresses are set properly by looking at the L3 table:
168
andrewdf50b452018-08-09 13:23:59 -0400[diff] [blame]169.. code-block:: console
John DeNisco06dcd452018-07-26 12:45:10 -0400[diff] [blame]170
171 root@localhost:~# vppctl show inter addr
172 host-vethQL7K0C (up):
173 L3 172.16.1.1/24
174 host-veth8NA72P (up):
175 L3 172.16.2.1/24
176 local0 (dn):
177
178Or looking at the FIB by doing:
179
andrewdf50b452018-08-09 13:23:59 -0400[diff] [blame]180.. code-block:: console
Nathan Skrzypczak9ad39c02021-08-19 11:38:06 +0200[diff] [blame]181
John DeNisco06dcd452018-07-26 12:45:10 -0400[diff] [blame]182 root@localhost:~# vppctl show ip fib
183 ipv4-VRF:0, fib_index:0, flow hash:[src dst sport dport proto ] locks:[src:plugin-hi:2, src:default-route:1, ]
184 0.0.0.0/0
185 unicast-ip4-chain
186 [@0]: dpo-load-balance: [proto:ip4 index:1 buckets:1 uRPF:0 to:[0:0]]
187 [0] [@0]: dpo-drop ip4
188 0.0.0.0/32
189 unicast-ip4-chain
190 [@0]: dpo-load-balance: [proto:ip4 index:2 buckets:1 uRPF:1 to:[0:0]]
191 [0] [@0]: dpo-drop ip4
192 172.16.1.0/32
193 unicast-ip4-chain
194 [@0]: dpo-load-balance: [proto:ip4 index:10 buckets:1 uRPF:9 to:[0:0]]
195 [0] [@0]: dpo-drop ip4
196 172.16.1.0/24
197 unicast-ip4-chain
198 [@0]: dpo-load-balance: [proto:ip4 index:9 buckets:1 uRPF:8 to:[0:0]]
199 [0] [@4]: ipv4-glean: host-vethQL7K0C: mtu:9000 ffffffffffff02fec953f98c0806
200 172.16.1.1/32
201 unicast-ip4-chain
202 [@0]: dpo-load-balance: [proto:ip4 index:12 buckets:1 uRPF:13 to:[0:0]]
203 [0] [@2]: dpo-receive: 172.16.1.1 on host-vethQL7K0C
204 172.16.1.255/32
205 unicast-ip4-chain
206 [@0]: dpo-load-balance: [proto:ip4 index:11 buckets:1 uRPF:11 to:[0:0]]
207 [0] [@0]: dpo-drop ip4
208 172.16.2.0/32
209 unicast-ip4-chain
210 [@0]: dpo-load-balance: [proto:ip4 index:14 buckets:1 uRPF:15 to:[0:0]]
211 [0] [@0]: dpo-drop ip4
212 172.16.2.0/24
213 unicast-ip4-chain
214 [@0]: dpo-load-balance: [proto:ip4 index:13 buckets:1 uRPF:14 to:[0:0]]
215 [0] [@4]: ipv4-glean: host-veth8NA72P: mtu:9000 ffffffffffff02fe305400e80806
216 172.16.2.1/32
217 unicast-ip4-chain
218 [@0]: dpo-load-balance: [proto:ip4 index:16 buckets:1 uRPF:19 to:[0:0]]
219 [0] [@2]: dpo-receive: 172.16.2.1 on host-veth8NA72P
220 172.16.2.255/32
221 unicast-ip4-chain
222 [@0]: dpo-load-balance: [proto:ip4 index:15 buckets:1 uRPF:17 to:[0:0]]
223 [0] [@0]: dpo-drop ip4
224 224.0.0.0/4
225 unicast-ip4-chain
226 [@0]: dpo-load-balance: [proto:ip4 index:4 buckets:1 uRPF:3 to:[0:0]]
227 [0] [@0]: dpo-drop ip4
228 240.0.0.0/4
229 unicast-ip4-chain
230 [@0]: dpo-load-balance: [proto:ip4 index:3 buckets:1 uRPF:2 to:[0:0]]
231 [0] [@0]: dpo-drop ip4
232 255.255.255.255/32
233 unicast-ip4-chain
234 [@0]: dpo-load-balance: [proto:ip4 index:5 buckets:1 uRPF:4 to:[0:0]]
235 [0] [@0]: dpo-drop ip4
236
237At long last you probably want to see some pings:
238
andrewdf50b452018-08-09 13:23:59 -0400[diff] [blame]239.. code-block:: console
Nathan Skrzypczak9ad39c02021-08-19 11:38:06 +0200[diff] [blame]240
John DeNisco06dcd452018-07-26 12:45:10 -0400[diff] [blame]241 root@localhost:~# lxc-attach -n cone -- ping -c3 172.16.2.2
242 PING 172.16.2.2 (172.16.2.2) 56(84) bytes of data.
243 64 bytes from 172.16.2.2: icmp_seq=1 ttl=63 time=0.102 ms
244 64 bytes from 172.16.2.2: icmp_seq=2 ttl=63 time=0.189 ms
245 64 bytes from 172.16.2.2: icmp_seq=3 ttl=63 time=0.150 ms
246
247 --- 172.16.2.2 ping statistics ---
248 3 packets transmitted, 3 received, 0% packet loss, time 1999ms
249 rtt min/avg/max/mdev = 0.102/0.147/0.189/0.035 ms
250
251 root@localhost:~# lxc-attach -n ctwo -- ping -c3 172.16.1.2
252 PING 172.16.1.2 (172.16.1.2) 56(84) bytes of data.
253 64 bytes from 172.16.1.2: icmp_seq=1 ttl=63 time=0.111 ms
254 64 bytes from 172.16.1.2: icmp_seq=2 ttl=63 time=0.089 ms
255 64 bytes from 172.16.1.2: icmp_seq=3 ttl=63 time=0.096 ms
256
257 --- 172.16.1.2 ping statistics ---
258 3 packets transmitted, 3 received, 0% packet loss, time 1998ms
259 rtt min/avg/max/mdev = 0.089/0.098/0.111/0.014 ms
260
261
Paul Vinciguerra7fa3dd22019-10-27 17:28:10 -0400[diff] [blame]262Which should send/receive three packets for each command.
John DeNisco06dcd452018-07-26 12:45:10 -0400[diff] [blame]263
Nathan Skrzypczak9ad39c02021-08-19 11:38:06 +0200[diff] [blame]264This is the end of this guide. Great work!