On 6/7/19 1:19 AM, Jakub Nowacki wrote:
I'm trying to figure out if it's possible to use protocol kernel to export routes to OS routing table that are in different Linux namespaces. Is this possible at all?
Maybe indirectly. Do you need bidirectional synchronization of routes / routing tables? How often will the routes / routing tables change?
I've found previous post https://bird.network.cz/pipermail/bird-users/2014-October/009393.html suggesting that only option is to use multiple instances of Bird, each running in different namespace. I was hoping I could just stick to one instance and export routes to different namespaces.
I'm not aware of a way that BIRD itself can do this across network namespaces. But there may still be a way to do it.
What would happen if you told BIRD about additional routing tables in the main (default / unnamed) namespace and then used something outside of BIRD to replicate that routing table into a routing table in a different network namespace?
Let BIRD do it's thing between main (254) and netns1 (101) / netns2 (102) / netns3 (103). Then you have something scrape the netnsX (10X) routing table in the main (…) namespace and put the routes into the desired routing table, likely main (254), inside the various network namespaces.
It may be crude, but I think you could do something as simple as 1) flush the routing table in the network namespace, and then set up a while loop to read lines from the output of "ip route show table netns1" and mung them into an "ip route add …" command inside the network namespace. (Possibly via "ip netns exec netns1 ip route add …".)
There's probably room for optimization. Possibly with NetLink or the likes to receive notifications of updates from the kernel and be smarter about adding / removing routes in the (remote) network namespace.
-- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
