I can ping across namespaces, but not connect with TCPno network on domU in network-bridge configuration for...

How much does freezing grapes longer sweeten them more?

Did I Traumatize My Puppy?

What is the difference between experimental and amateur built aircraft in the US?

Replace spaces with comma but not in the whole line

How can I communicate feelings to players without impacting their agency?

Why do military jets sometimes have elevators in a depressed position when parked?

Is it really better for the environment if I take the stairs as opposed to a lift?

If we should encrypt the message rather than the method of transfer, why do we care about wifi security? Is this just security theatre?

Did Terry Pratchett ever explain the inspiration behind the Luggage?

Does any politician - honestly - want a No Deal Brexit?

How can I seal 8 inch round holes in my siding?

Labeling lines that are not within polygons using field calculator

Do Half-elves or half-orc count as Humans for the Favored Enemy class feature?

I need an automatic way of making a lot of numbered folders

Is there any research on the development of attacks against artificial intelligence systems?

Is it possible for a country to develop the equivalent of a Second Industrial Revolution while under a war of attrition?

Why do these two ways of understanding constant acceleration give different results?

2000's spooky show with a group of teens telling spooky stories in the woods

I run daily 5kms but I cant seem to improve stamina when playing soccer

Is it poor workplace etiquette to display signs of relative "wealth" at work when others are struggling financially?

If you revoke a certificate authority's certificate, do all of the certificates it issued become invalid as well?

What actually is "unallocated space"?

What happens when supercritical fuel tanks deplete below critical point?

I'm half of a hundred



I can ping across namespaces, but not connect with TCP


no network on domU in network-bridge configuration for Xen-4.0Using ip addr instead of ifconfig reports “RTNETLINK answers: File exists” on DebianSharing the loopback interface across network namespacesOn a gateway server, can netNS limit a proc to only see the internal nets?Testing iptables DNAT Rule Locally Using NetCatDirect connection Centos7 (loadbalance) to QNAP (trunk)How to find the network namespace of a veth peer ifindex?How to connect 2 virtual bridges so traffic goes from one to the other?






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{
margin-bottom:0;
}








0

















I'm trying to set up two network namespaces to communicate with eachother. I've set up two namespaces, ns0 and ns1 that each have a veth pair, where the non-namespaced side of the veth is linked to a bridge.



I set it up like this:



ip link add veth0 type veth peer name brveth0

ip link set brveth0 up



ip link add veth1 type veth peer name brveth1

ip link set brveth1 up



ip link add br10 type bridge

ip link set br10 up



ip addr add 192.168.1.11/24 brd + dev br10



ip netns add ns0

ip netns add ns1



ip link set veth0 netns ns0

ip link set veth1 netns ns1







ip netns exec ns0    ip addr add 192.168.1.20/24 dev veth0

ip netns exec ns0    ip link set veth0 up

ip netns exec ns0    ip link set lo up



ip netns exec ns1    ip addr add 192.168.1.21/24 dev veth1

ip netns exec ns1    ip link set veth1 up

ip netns exec ns1    ip link set lo up





ip link set  brveth0 master br10

ip link set  brveth1 master br10


As expected, I can ping the interface in ns0 from ns1.



$ sudo ip netns exec ns1 ping -c 3  192.168.1.20

PING 192.168.1.20 (192.168.1.20) 56(84) bytes of data.

64 bytes from 192.168.1.20: icmp_seq=1 ttl=64 time=0.099 ms

64 bytes from 192.168.1.20: icmp_seq=2 ttl=64 time=0.189 ms


But, I can't connect the two over TCP.



For example, running a server in ns0 :



$ sudo ip netns exec ns0 python3 -m http.server 8080

Serving HTTP on 0.0.0.0 port 8080 (http://0.0.0.0:8080/) ...


I would expect to be able to curl it from ns1, but that yields an error:



$ sudo ip netns exec ns1 curl 192.168.1.20:8080

curl: (7) Failed to connect to 192.168.1.20 port 8080: No route to host


Why is this happening?






networking bridge namespace network-namespaces veth







share|improve this question



































    0

















    I'm trying to set up two network namespaces to communicate with eachother. I've set up two namespaces, ns0 and ns1 that each have a veth pair, where the non-namespaced side of the veth is linked to a bridge.



    I set it up like this:



    ip link add veth0 type veth peer name brveth0
    
ip link set brveth0 up
    

    
ip link add veth1 type veth peer name brveth1
    
ip link set brveth1 up
    

    
ip link add br10 type bridge
    
ip link set br10 up
    

    
ip addr add 192.168.1.11/24 brd + dev br10
    

    
ip netns add ns0
    
ip netns add ns1
    

    
ip link set veth0 netns ns0
    
ip link set veth1 netns ns1
    

    

    

    
ip netns exec ns0    ip addr add 192.168.1.20/24 dev veth0
    
ip netns exec ns0    ip link set veth0 up
    
ip netns exec ns0    ip link set lo up
    

    
ip netns exec ns1    ip addr add 192.168.1.21/24 dev veth1
    
ip netns exec ns1    ip link set veth1 up
    
ip netns exec ns1    ip link set lo up
    

    

    
ip link set  brveth0 master br10
    
ip link set  brveth1 master br10


    As expected, I can ping the interface in ns0 from ns1.



    $ sudo ip netns exec ns1 ping -c 3  192.168.1.20
    
PING 192.168.1.20 (192.168.1.20) 56(84) bytes of data.
    
64 bytes from 192.168.1.20: icmp_seq=1 ttl=64 time=0.099 ms
    
64 bytes from 192.168.1.20: icmp_seq=2 ttl=64 time=0.189 ms


    But, I can't connect the two over TCP.



    For example, running a server in ns0 :



    $ sudo ip netns exec ns0 python3 -m http.server 8080
    
Serving HTTP on 0.0.0.0 port 8080 (http://0.0.0.0:8080/) ...


    I would expect to be able to curl it from ns1, but that yields an error:



    $ sudo ip netns exec ns1 curl 192.168.1.20:8080
    
curl: (7) Failed to connect to 192.168.1.20 port 8080: No route to host


    Why is this happening?






    networking bridge namespace network-namespaces veth







    share|improve this question































      0












      0








      0








      I'm trying to set up two network namespaces to communicate with eachother. I've set up two namespaces, ns0 and ns1 that each have a veth pair, where the non-namespaced side of the veth is linked to a bridge.



      I set it up like this:



      ip link add veth0 type veth peer name brveth0
      
ip link set brveth0 up
      

      
ip link add veth1 type veth peer name brveth1
      
ip link set brveth1 up
      

      
ip link add br10 type bridge
      
ip link set br10 up
      

      
ip addr add 192.168.1.11/24 brd + dev br10
      

      
ip netns add ns0
      
ip netns add ns1
      

      
ip link set veth0 netns ns0
      
ip link set veth1 netns ns1
      

      

      

      
ip netns exec ns0    ip addr add 192.168.1.20/24 dev veth0
      
ip netns exec ns0    ip link set veth0 up
      
ip netns exec ns0    ip link set lo up
      

      
ip netns exec ns1    ip addr add 192.168.1.21/24 dev veth1
      
ip netns exec ns1    ip link set veth1 up
      
ip netns exec ns1    ip link set lo up
      

      

      
ip link set  brveth0 master br10
      
ip link set  brveth1 master br10


      As expected, I can ping the interface in ns0 from ns1.



      $ sudo ip netns exec ns1 ping -c 3  192.168.1.20
      
PING 192.168.1.20 (192.168.1.20) 56(84) bytes of data.
      
64 bytes from 192.168.1.20: icmp_seq=1 ttl=64 time=0.099 ms
      
64 bytes from 192.168.1.20: icmp_seq=2 ttl=64 time=0.189 ms


      But, I can't connect the two over TCP.



      For example, running a server in ns0 :



      $ sudo ip netns exec ns0 python3 -m http.server 8080
      
Serving HTTP on 0.0.0.0 port 8080 (http://0.0.0.0:8080/) ...


      I would expect to be able to curl it from ns1, but that yields an error:



      $ sudo ip netns exec ns1 curl 192.168.1.20:8080
      
curl: (7) Failed to connect to 192.168.1.20 port 8080: No route to host


      Why is this happening?






      networking bridge namespace network-namespaces veth







      share|improve this question

















      I'm trying to set up two network namespaces to communicate with eachother. I've set up two namespaces, ns0 and ns1 that each have a veth pair, where the non-namespaced side of the veth is linked to a bridge.



      I set it up like this:



      ip link add veth0 type veth peer name brveth0
      
ip link set brveth0 up
      

      
ip link add veth1 type veth peer name brveth1
      
ip link set brveth1 up
      

      
ip link add br10 type bridge
      
ip link set br10 up
      

      
ip addr add 192.168.1.11/24 brd + dev br10
      

      
ip netns add ns0
      
ip netns add ns1
      

      
ip link set veth0 netns ns0
      
ip link set veth1 netns ns1
      

      

      

      
ip netns exec ns0    ip addr add 192.168.1.20/24 dev veth0
      
ip netns exec ns0    ip link set veth0 up
      
ip netns exec ns0    ip link set lo up
      

      
ip netns exec ns1    ip addr add 192.168.1.21/24 dev veth1
      
ip netns exec ns1    ip link set veth1 up
      
ip netns exec ns1    ip link set lo up
      

      

      
ip link set  brveth0 master br10
      
ip link set  brveth1 master br10


      As expected, I can ping the interface in ns0 from ns1.



      $ sudo ip netns exec ns1 ping -c 3  192.168.1.20
      
PING 192.168.1.20 (192.168.1.20) 56(84) bytes of data.
      
64 bytes from 192.168.1.20: icmp_seq=1 ttl=64 time=0.099 ms
      
64 bytes from 192.168.1.20: icmp_seq=2 ttl=64 time=0.189 ms


      But, I can't connect the two over TCP.



      For example, running a server in ns0 :



      $ sudo ip netns exec ns0 python3 -m http.server 8080
      
Serving HTTP on 0.0.0.0 port 8080 (http://0.0.0.0:8080/) ...


      I would expect to be able to curl it from ns1, but that yields an error:



      $ sudo ip netns exec ns1 curl 192.168.1.20:8080
      
curl: (7) Failed to connect to 192.168.1.20 port 8080: No route to host


      Why is this happening?






      networking bridge namespace network-namespaces veth




      networking bridge namespace network-namespaces veth






      share|improve this question
















      share|improve this question













      share|improve this question




      share|improve this question








      edited 9 mins ago







      Lee Avital

















      asked 23 mins ago









      Lee AvitalLee Avital

      1185 bronze badges




      1185 bronze badges

























          0






          active

          oldest

          votes













          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "106"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: false,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: null,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/4.0/"u003ecc by-sa 4.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });















          draft saved

          draft discarded
















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f546235%2fi-can-ping-across-namespaces-but-not-connect-with-tcp%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown


























          0






          active

          oldest

          votes








          0






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes

















          draft saved

          draft discarded



















































          Thanks for contributing an answer to Unix & Linux Stack Exchange!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f546235%2fi-can-ping-across-namespaces-but-not-connect-with-tcp%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown









          -

          Popular posts from this blog

          Hudson River Historic District Contents Geography History The district today Aesthetics Cultural...

          Image
          Contributing propertyKeeper of the RegisterHistoric districtHistory of the National Register of Historic PlacesNational Park ServiceProperty typesAlbanyBuffaloNew RochelleBronxBrooklynQueensStaten IslandManhattanBelow 14th St.14th–59th St.59th–110th St.Above 110th St.Minor islandsNiagara FallsPeekskill PoughkeepsieRhinebeckRochesterSyracuseYonkers National Historic Landmarks in New York (state)Historic districts on the National Register of Historic Places in New York (state)Hudson RiverNational Register of Historic Places in Dutchess County, New YorkHyde Park, New YorkRed Hook, New YorkRhinebeck, New YorkTivoli, New YorkAnnandale-on-Hudson, New YorkHistoric districts in Columbia County, New YorkHistoric districts in Dutchess County, New YorkHistoric American Buildings Survey in New York (state) such districtcontiguous United StatesHudson RiverStaatsburgGermantownDutchessColumbiacountiesU.S. stateNew YorktownsClermontRed HookRhinebeckHyde ParkhamletsAnnandaleBarrytownRhinecliffTivoliB...
          Read more

          The number designs the writing. Feandra Aversely Definition: The act of ingrafting a sprig or shoot of one...

          Image
          The number designs the writing. Feandra Aversely Definition: The act of ingrafting a sprig or shoot of one tree into another without cutting it from the parent stock called also inarching and grafting by approach Dirty Enlarge 다음 기대 자네 쪽 Behavior Murky Desire Snow Time Honk Horse 초 연구원 창구 일식 Disagreeable Pinch Puppet Popeye Aladdin Brother Bear Two and a Half Men 유행 겨울철 쪽 턱 The quality corresponds the ragged competition. Virtuoso Cough Definition: The situation and structure of the secretory vessels in plants Produce Happy Isaac Newton 대하다 인원 사냥 초등학생 The wound individualizes the moaning increase. Zooumlgeny Definition: The act of impinging Rhythm Chin The Wizard of Oz Drum 직후 침 분리되다 온돌 Crestboot Adhesive Windy Yodacloud Definition: An oven in which glazed pottery is fired also called glaze kiln or glaze Shrill Kick King of the Hill 서서히 김치 곧다ip 겪다 냄새 치르다 색깔 떨어뜨리다 줍다 이튿날 한가운데 감히 인간적 죽 수건 출판사 채 야하다 갈비 출입국 The destruction refers the heat. Boln Paint Digestion Turn Many P...
          Read more

          Ayherre Geografie Demografie Externe links Navigatiemenu43° 23′ NB, 1° 15′ WL43° 23′ NB, 1°...

          Image
          Gemeente in Pyrénées-Atlantiques FransePyrénées-AtlantiquesNouvelle-AquitaineBayonneINSEE-tellingen 43° 23′ NB, 1° 15′ WL Ayherre Uit Wikipedia, de vrije encyclopedie Naar navigatie springen Naar zoeken springen Ayherre Gemeente in Frankrijk Situering Regio Nouvelle-Aquitaine Departement Pyrénées-Atlantiques (64) Arrondissement Bayonne Kanton La Bastide-Clairence Coördinaten 43° 23′ NB, 1° 15′ WL Algemeen Oppervlakte 27,3 km² Inwoners (1 jan. 2011) 987 (36,2 inw./km²) Hoogte 20 - 465 m Overig Postcode 64240 INSEE-code 64086 Foto's Portaal     Frankrijk Ayherre is een gemeente in het Franse departement Pyrénées-Atlantiques (regio Nouvelle-Aquitaine) en telt 955 inwoners (2005). De plaats maakt deel uit van het arrondissement Bayonne. Geografie De oppervlakte van Ayherre bedraagt 27,3 km², de bevolkingsdichth...
          Read more