5 Connecting the two Containers
6 _____________________________
8 Now for connecting these two linux containers to VPP and pinging between them.
10 Enter container *cone*, and check the current network configuration:
12 .. code-block:: console
15 1: lo inet 127.0.0.1/8 scope host lo\ valid_lft forever preferred_lft forever
16 1: lo inet6 ::1/128 scope host \ valid_lft forever preferred_lft forever
17 30: veth0 inet 10.0.3.157/24 brd 10.0.3.255 scope global veth0\ valid_lft forever preferred_lft forever
18 30: veth0 inet6 fe80::216:3eff:fee2:d0ba/64 scope link \ valid_lft forever preferred_lft forever
19 32: veth_link1 inet6 fe80::2c9d:83ff:fe33:37e/64 scope link \ valid_lft forever preferred_lft forever
21 You can see that there are three network interfaces, *lo, veth0*, and *veth_link1*.
23 Notice that *veth_link1* has no assigned IP.
25 Check if the interfaces are down or up:
27 .. code-block:: console
30 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1
31 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
32 30: veth0@if31: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
33 link/ether 00:16:3e:e2:d0:ba brd ff:ff:ff:ff:ff:ff link-netnsid 0
34 32: veth_link1@if33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
35 link/ether 2e:9d:83:33:03:7e brd ff:ff:ff:ff:ff:ff link-netnsid 0
41 Take note of the network index for **veth_link1**. In our case, it 32, and its parent index (the host machine, not the containers) is 33, shown by **veth_link1@if33**. Yours will most likely be different, but **please take note of these index's**.
43 Make sure your loopback interface is up, and assign an IP and gateway to veth_link1.
45 .. code-block:: console
47 root@cone:/# ip link set dev lo up
48 root@cone:/# ip addr add 172.16.1.2/24 dev veth_link1
49 root@cone:/# ip link set dev veth_link1 up
50 root@cone:/# dhclient -r
51 root@cone:/# ip route add default via 172.16.1.1 dev veth_link1
53 Here, the IP is 172.16.1.2/24 and the gateway is 172.16.1.1.
55 Run some commands to verify the changes:
57 .. code-block:: console
60 1: lo inet 127.0.0.1/8 scope host lo\ valid_lft forever preferred_lft forever
61 1: lo inet6 ::1/128 scope host \ valid_lft forever preferred_lft forever
62 30: veth0 inet6 fe80::216:3eff:fee2:d0ba/64 scope link \ valid_lft forever preferred_lft forever
63 32: veth_link1 inet 172.16.1.2/24 scope global veth_link1\ valid_lft forever preferred_lft forever
64 32: veth_link1 inet6 fe80::2c9d:83ff:fe33:37e/64 scope link \ valid_lft forever preferred_lft forever
67 default via 172.16.1.1 dev veth_link1
68 172.16.1.0/24 dev veth_link1 proto kernel scope link src 172.16.1.2
71 We see that the IP has been assigned, as well as our default gateway.
73 Now exit this container and repeat this process with container *ctwo*, except with IP 172.16.2.2/24 and gateway 172.16.2.1.
76 After that's done for *both* containers, exit from the container if you're in one:
78 .. code-block:: console
84 In the machine running the containers, run **ip link** to see the host *veth* network interfaces, and their link with their respective *container veth's*.
86 .. code-block:: console
88 root@localhost:~# ip link
89 1: lo: <LOOPBACK> mtu 65536 qdisc noqueue state DOWN mode DEFAULT group default qlen 1
90 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
91 2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
92 link/ether 08:00:27:33:82:8a brd ff:ff:ff:ff:ff:ff
93 3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
94 link/ether 08:00:27:d9:9f:ac brd ff:ff:ff:ff:ff:ff
95 4: enp0s9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
96 link/ether 08:00:27:78:84:9d brd ff:ff:ff:ff:ff:ff
97 5: lxcbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
98 link/ether 00:16:3e:00:00:00 brd ff:ff:ff:ff:ff:ff
99 19: veth0C2FL7@if18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master lxcbr0 state UP mode DEFAULT group default qlen 1000
100 link/ether fe:0d:da:90:c1:65 brd ff:ff:ff:ff:ff:ff link-netnsid 1
101 21: veth8NA72P@if20: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
102 link/ether fe:1c:9e:01:9f:82 brd ff:ff:ff:ff:ff:ff link-netnsid 1
103 31: vethXQMY4C@if30: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master lxcbr0 state UP mode DEFAULT group default qlen 1000
104 link/ether fe:9a:d9:29:40:bb brd ff:ff:ff:ff:ff:ff link-netnsid 0
105 33: vethQL7KOC@if32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
106 link/ether fe:ed:89:54:47:a2 brd ff:ff:ff:ff:ff:ff link-netnsid 0
109 Remember our network interface index 32 in *cone* from this :ref:`note <networkNote>`? We can see at the bottom the name of the 33rd index **vethQL7KOC@if32**. Keep note of this network interface name for the veth connected to *cone* (ex. vethQL7KOC), and the other network interface name for *ctwo*.
111 With VPP in the host machine, show current VPP interfaces:
113 .. code-block:: console
115 root@localhost:~# vppctl show inter
116 Name Idx State MTU (L3/IP4/IP6/MPLS) Counter Count
117 local0 0 down 0/0/0/0
119 Which should only output local0.
121 Based on the names of the network interfaces discussed previously, which are specific to my systems, we can create VPP host-interfaces:
123 .. code-block:: console
125 root@localhost:~# vppctl create host-interface name vethQL7K0C
126 root@localhost:~# vppctl create host-interface name veth8NA72P
128 Verify they have been set up properly:
130 .. code-block:: console
132 root@localhost:~# vppctl show inter
133 Name Idx State MTU (L3/IP4/IP6/MPLS) Counter Count
134 host-vethQL7K0C 1 down 9000/0/0/0
135 host-veth8NA72P 2 down 9000/0/0/0
136 local0 0 down 0/0/0/0
138 Which should output *three network interfaces*, local0, and the other two host network interfaces linked to the container veth's.
141 Set their state to up:
143 .. code-block:: console
145 root@localhost:~# vppctl set interface state host-vethQL7K0C up
146 root@localhost:~# vppctl set interface state host-veth8NA72P up
148 Verify they are now up:
150 .. code-block:: console
152 root@localhost:~# vppctl show inter
153 Name Idx State MTU (L3/IP4/IP6/MPLS) Counter Count
154 host-vethQL7K0C 1 up 9000/0/0/0
155 host-veth8NA72P 2 up 9000/0/0/0
156 local0 0 down 0/0/0/0
159 Add IP addresses for the other end of each veth link:
161 .. code-block:: console
163 root@localhost:~# vppctl set interface ip address host-vethQL7K0C 172.16.1.1/24
164 root@localhost:~# vppctl set interface ip address host-veth8NA72P 172.16.2.1/24
167 Verify the addresses are set properly by looking at the L3 table:
169 .. code-block:: console
171 root@localhost:~# vppctl show inter addr
172 host-vethQL7K0C (up):
174 host-veth8NA72P (up):
178 Or looking at the FIB by doing:
180 .. code-block:: console
182 root@localhost:~# vppctl show ip fib
183 ipv4-VRF:0, fib_index:0, flow hash:[src dst sport dport proto ] locks:[src:plugin-hi:2, src:default-route:1, ]
186 [@0]: dpo-load-balance: [proto:ip4 index:1 buckets:1 uRPF:0 to:[0:0]]
187 [0] [@0]: dpo-drop ip4
190 [@0]: dpo-load-balance: [proto:ip4 index:2 buckets:1 uRPF:1 to:[0:0]]
191 [0] [@0]: dpo-drop ip4
194 [@0]: dpo-load-balance: [proto:ip4 index:10 buckets:1 uRPF:9 to:[0:0]]
195 [0] [@0]: dpo-drop ip4
198 [@0]: dpo-load-balance: [proto:ip4 index:9 buckets:1 uRPF:8 to:[0:0]]
199 [0] [@4]: ipv4-glean: host-vethQL7K0C: mtu:9000 ffffffffffff02fec953f98c0806
202 [@0]: dpo-load-balance: [proto:ip4 index:12 buckets:1 uRPF:13 to:[0:0]]
203 [0] [@2]: dpo-receive: 172.16.1.1 on host-vethQL7K0C
206 [@0]: dpo-load-balance: [proto:ip4 index:11 buckets:1 uRPF:11 to:[0:0]]
207 [0] [@0]: dpo-drop ip4
210 [@0]: dpo-load-balance: [proto:ip4 index:14 buckets:1 uRPF:15 to:[0:0]]
211 [0] [@0]: dpo-drop ip4
214 [@0]: dpo-load-balance: [proto:ip4 index:13 buckets:1 uRPF:14 to:[0:0]]
215 [0] [@4]: ipv4-glean: host-veth8NA72P: mtu:9000 ffffffffffff02fe305400e80806
218 [@0]: dpo-load-balance: [proto:ip4 index:16 buckets:1 uRPF:19 to:[0:0]]
219 [0] [@2]: dpo-receive: 172.16.2.1 on host-veth8NA72P
222 [@0]: dpo-load-balance: [proto:ip4 index:15 buckets:1 uRPF:17 to:[0:0]]
223 [0] [@0]: dpo-drop ip4
226 [@0]: dpo-load-balance: [proto:ip4 index:4 buckets:1 uRPF:3 to:[0:0]]
227 [0] [@0]: dpo-drop ip4
230 [@0]: dpo-load-balance: [proto:ip4 index:3 buckets:1 uRPF:2 to:[0:0]]
231 [0] [@0]: dpo-drop ip4
234 [@0]: dpo-load-balance: [proto:ip4 index:5 buckets:1 uRPF:4 to:[0:0]]
235 [0] [@0]: dpo-drop ip4
237 At long last you probably want to see some pings:
239 .. code-block:: console
241 root@localhost:~# lxc-attach -n cone -- ping -c3 172.16.2.2
242 PING 172.16.2.2 (172.16.2.2) 56(84) bytes of data.
243 64 bytes from 172.16.2.2: icmp_seq=1 ttl=63 time=0.102 ms
244 64 bytes from 172.16.2.2: icmp_seq=2 ttl=63 time=0.189 ms
245 64 bytes from 172.16.2.2: icmp_seq=3 ttl=63 time=0.150 ms
247 --- 172.16.2.2 ping statistics ---
248 3 packets transmitted, 3 received, 0% packet loss, time 1999ms
249 rtt min/avg/max/mdev = 0.102/0.147/0.189/0.035 ms
251 root@localhost:~# lxc-attach -n ctwo -- ping -c3 172.16.1.2
252 PING 172.16.1.2 (172.16.1.2) 56(84) bytes of data.
253 64 bytes from 172.16.1.2: icmp_seq=1 ttl=63 time=0.111 ms
254 64 bytes from 172.16.1.2: icmp_seq=2 ttl=63 time=0.089 ms
255 64 bytes from 172.16.1.2: icmp_seq=3 ttl=63 time=0.096 ms
257 --- 172.16.1.2 ping statistics ---
258 3 packets transmitted, 3 received, 0% packet loss, time 1998ms
259 rtt min/avg/max/mdev = 0.089/0.098/0.111/0.014 ms
262 Which should send/receive three packets for each command.
264 This is the end of this guide. Great work!