7. Demo: VLANs inside a Linux machine with Internet access

Topology

Expected result

• All PCs can access Internet
• All can see each other (directly if in the same VLAN or via host interface if in different VLANs)

Configuration

#Create namespaces and virtual switch sudo ip netns add pc1 sudo ip netns add pc2 sudo ip netns add pc3 sudo ip netns add pc4 sudo brctl addbr vSwitch   #Create vEth interface pairs sudo ip link add eth1 type veth peer name eth5 sudo ip link add eth2 type veth peer name eth6 sudo ip link add eth3 type veth peer name eth7 sudo ip link add eth4 type veth peer name eth8    #Add interfaces to namespaces sudo ip link set eth1 netns pc1 sudo ip link set eth2 netns pc2 sudo ip link set eth3 netns pc3 sudo ip link set eth4 netns pc4   #Add interfaces to switch sudo brctl addif vSwitch eth5 sudo brctl addif vSwitch eth6 sudo brctl addif vSwitch eth7 sudo brctl addif vSwitch eth8     #Create vlan interface on namespaces sudo ip netns exec pc1 ip link add link eth1 name vlan type vlan id 10 sudo ip netns exec pc2 ip link add link eth2 name vlan type vlan id 10 sudo ip netns exec pc3 ip link add link eth3 name vlan type vlan id 20 sudo ip netns exec pc4 ip link add link eth4 name vlan type vlan id 20    #Set IP address sudo ip netns exec pc1 ip addr add 10.0.0.1/25 dev vlan sudo ip netns exec pc2 ip addr add 10.0.0.2/25 dev vlan sudo ip netns exec pc3 ip addr add 10.0.0.203/25 dev vlan sudo ip netns exec pc4 ip addr add 10.0.0.204/25 dev vlan     #Turn on interfaces sudo ip netns exec pc1 ip link set eth1 up sudo ip netns exec pc2 ip link set eth2 up sudo ip netns exec pc3 ip link set eth3 up sudo ip netns exec pc4 ip link set eth4 up sudo ip link set vSwitch up sudo ip link set eth5 up sudo ip link set eth6 up sudo ip link set eth7 up sudo ip link set eth8 up sudo ip netns exec pc1 ip link set vlan up sudo ip netns exec pc2 ip link set vlan up sudo ip netns exec pc3 ip link set vlan up sudo ip netns exec pc4 ip link set vlan up    #Create vlan interface on Host machine and set IP address sudo ip link add link vSwitch name vlan10 type vlan id 10 sudo ip link add link vSwitch name vlan20 type vlan id 20 sudo ip addr add 10.0.0.10/25 dev vlan10 sudo ip addr add 10.0.0.220/25 dev vlan20 sudo ip link set vlan10 up sudo ip link set vlan20 up   #Set default gateway for namespaces sudo ip netns exec pc1 route add default gw 10.0.0.10 vlan sudo ip netns exec pc2 route add default gw 10.0.0.10 vlan sudo ip netns exec pc3 route add default gw 10.0.0.220 vlan sudo ip netns exec pc4 route add default gw 10.0.0.220 vlan   #Set forwarding route for host machine sudo bash -c 'echo 1 > /proc/sys/net/ipv4/ip_forward' sudo iptables -t nat -A POSTROUTING -o eth0 -j  MASQUERADE   #Check result sudo ip netns exec pc1 ping 8.8.8.8 sudo ip netns exec pc2 ping 8.8.8.8 sudo ip netns exec pc3 ping 8.8.8.8 sudo ip netns exec pc4 ping 8.8.8.8

Result

vdkmai@Ubuntu32bit:~$ sudo ip netns exec pc1 ping 8.8.8.8 PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. 64 bytes from 8.8.8.8: icmp_req=1 ttl=52 time=38.6 ms ^C --- 8.8.8.8 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 38.612/38.612/38.612/0.000 ms vdkmai@Ubuntu32bit:~$ sudo ip netns exec pc2 ping 8.8.8.8 PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. 64 bytes from 8.8.8.8: icmp_req=1 ttl=52 time=32.7 ms ^C --- 8.8.8.8 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 32.771/32.771/32.771/0.000 ms vdkmai@Ubuntu32bit:~$ sudo ip netns exec pc3 ping 8.8.8.8 PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. 64 bytes from 8.8.8.8: icmp_req=1 ttl=52 time=32.9 ms ^C --- 8.8.8.8 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 32.986/32.986/32.986/0.000 ms vdkmai@Ubuntu32bit:~$ sudo ip netns exec pc4 ping 8.8.8.8 PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. 64 bytes from 8.8.8.8: icmp_req=1 ttl=52 time=31.0 ms ^C --- 8.8.8.8 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 31.066/31.066/31.066/0.000 ms vdkmai@Ubuntu32bit:~$ sudo ip netns exec pc1 ping 10.0.0.203 PING 10.0.0.203 (10.0.0.203) 56(84) bytes of data. 64 bytes from 10.0.0.203: icmp_req=1 ttl=63 time=0.088 ms ^C --- 10.0.0.203 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.088/0.088/0.088/0.000 ms vdkmai@Ubuntu32bit:~$ sudo ip netns exec pc1 ping 10.0.0.2 PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data. 64 bytes from 10.0.0.2: icmp_req=1 ttl=64 time=0.450 ms ^C --- 10.0.0.2 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.450/0.450/0.450/0.000 ms vdkmai@Ubuntu32bit:~$ sudo ip netns exec pc1 traceroute 10.0.0.2 traceroute to 10.0.0.2 (10.0.0.2), 30 hops max, 60 byte packets  1  10.0.0.2 (10.0.0.2)  0.048 ms  0.007 ms  0.008 ms vdkmai@Ubuntu32bit:~$ sudo ip netns exec pc1 traceroute 10.0.0.203 traceroute to 10.0.0.203 (10.0.0.203), 30 hops max, 60 byte packets  1  10.0.0.10 (10.0.0.10)  0.047 ms  0.009 ms  0.007 ms  2  10.0.0.203 (10.0.0.203)  0.030 ms  0.015 ms  0.012 ms

If You Enjoyed This, Take 5 Seconds To Share It