I tend to over-engineer my setup.
I am not quite happy with networking in #WSL2, so now I am considering rebuilding my wsl2 setup as a #HyperV virtual machine with an external virtual switch. But I also have at least one customer with a VPN I can't get to work on Linux (Cisco AnyConnect), so I also need an internal virtual switch and then some #Linux #netns magic to us the right network.
Now and then it would be nice to run a few commands with VPN enabled without interfering with other tasks.
OpenVPN does not support network namespaces directly, but as a proof of concept I have written an `up` script that configures the tun device inside a network namespace.
This allows me to run commands (including bash) with `ip netns exec vpn cmd`
https://codeberg.org/pmakholm/openvpn-netns/src/branch/main/vpn-up.sh
Any #Podman #netns experts here? 
I seem to have exhausted my netns IP range:
"IPAM error: failed to find free IP in range: 10.89.0.1 - 10.89.0.254"
/run/user/1000/netns contains 257 netns-* files.
The thing is: `ip netns list` shows nothing, and `podman network rm` does not fix the issue. Rebooting probably will, but that's the Windows way of solving things …
More details here:
The CheckMK Agent does not support monitoring interfaces in netns ... so I hacked a little agent plugin to add some basic netns interface and bond monitoring 😎
Last month I was looking for a way to output a list of interfaces including the ifalias attribute under Linux. With iproute2 the ifalias is only output with the `ip link show ...` command.
For fun I started RoSh (Router Shell) as a PoC 🤷
https://codeberg.org/liske/rosh
RoSh implements a diagnostic shell for Linux routers. The project is still at an early stage of development and is of course fully #netns aware.
Available in PyPi and #AlpineLinux edge.
#ifstate 1.10.1 has been released:
https://github.com/liske/ifstate/releases/tag/1.10.1
(available in @alpinelinux edge)
This release fixes some minor issue on #netns handling. It also containes a port of #pyroute2's RTM_NEWNSID wrapper (from git HEAD) to make the netns feature work with the current pyroute2 release.
The OpenRC netns support in Alpine Linux edge is now available. Some network related initd scripts got patched for netns support (ipset, iptables, nftables), too.
OpenRC can now start regular daemons inside netns. In combination with the multi-services function it is possible to run multiple instances of daemons in different netns (i.e. dnsmasq).
A new Alpine Linux wiki page gives a short overview: https://wiki.alpinelinux.org/wiki/Netns
#alpinelinux #networking #linuxnetworking #netns #ifstate @alpinelinux
Ifstate now scans all network namespaces for existing links and records their properties used for link identification.
This 'link registry' is used to find interfaces regardless in which netns they are currently in or how they are named.
Ifstate also got a netns aware link dependency resolver to configure interfaces in stages.
When ifstate is run verbose it will dump those data. The screenshots are related to the previous post showing those dumps.
Now working on network namespace (#netns) support in #ifstate.
The basic stuff is already working 🥳
Systemd and Linux Network Namespaces together are terrible, although each is very nice individually. I have seperated clearnet access and dn42 access via netns in a lab setup. For each program I wanted to use in both namespaces, I had to copy-paste and customize the Systemd unit. This is terrible. Too bad Systemd doesn't support this natively, but only with tricks.
Peter Makholm
scy
Thomas Liske
Marek