Hi All, I would like run strongswan in linux namespace between veth pair and protect all the traffic from lan to wan traffic.I need some help in getting routing between veth pairs of interfaces in the linux name space . I am unable to route packets between to different veth pairs . I have the below networking environment in my linux vm . eth0 & eth1 are two physical interfaces on the Host, eth0 is used to access internet and eth1 is connected to local Lan . i have a name space TEST in the host, where i have created two veth pairs of interfaces. one of the veth pair( vlan0-vlan1) is connected to eth1 to Namespace TEST and another veth pair ( vnet0-vnet1) is connected to eth0 . vlan1 and vnet1 are in the same NameSpace TEST. i want to route packets from vlan1 and vnet1 inside the name space, can this be achieved. I have tried to add forwarding rules and iptables rules , but i was not able to see packet from vlan1 to in vnet1.
I have used ovswitch to pull all lan packets from eth1 to vlan0 . I have also added ovs rule to pull all the traffic from vnet0 to eth0 . This are the below commands that i have used . ip netns add TEST ip netns delete TEST ip netns exec TEST ip link set dev lo up ip link add vlan0 type veth peer name vlan1 ip link set vlan1 netns TEST ip netns exec TEST ifconfig vlan1 up 10.4.11.1 ifconfig vlan0 up ip link add vnet0 type veth peer name vnet1 ip link set vnet1 netns TEST ip netns exec TEST ifconfig vnet1 10.4.52.3 up ifconfig vnet0 up echo 1 > /proc/sys/net/ipv4/conf/vlan1/forwarding iptables -A FORWARD -i vlan1 -o vnet1 -j ACCEPT I see traffic on vlan1 but i can't forward traffic to vnet1 . Can we route traffic from one pair of veth to other pair of veth in Linux Name space. Thanks , Naveen
_______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users