Le 14/12/2018 à 12:19, Jean Delvare a écrit :
> Hi all,
>
> The question: is there any way to uniquely identify a network namespace
> in the kernel?
>
> The context: for debugging purposes, I need to log information about
> network devices. netdev_info() uses the device name to identify the
> device, however there can be several devices by that name in different
> namespaces. To know which device the message relates to, I would need
> to know the namespace in addition to the device name. For all I know,
> the namespace's name is a user-space thing and the kernel has no idea.
> But I would at least need some kind of unique identifier to group log
> message by device.
>
> So far I'm using the struct address returned by dev_net() as the unique
> ID, but leaking kernel addresses to userspace is not recommended. So I
> am wondering, is there another recommended way to uniquely identify a
> network namespace in a log message?
You can use nsid, which are also used in netlink messages sent by the kernel.
$ ip netns
$ ip netns add foo
$ ip netns add bar
$ ip netns set foo auto
$ ip netns set bar 1234
$ ip netns
bar (id: 1234)
foo (id: 0)
$ ip link add veth1 type veth peer name veth2
$ ip link set veth2 netns bar
$ ip -d l ls veth1
9: veth1@if8: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT
group default qlen 1000
link/ether 22:41:5b:e4:af:b5 brd ff:ff:ff:ff:ff:ff link-netns bar
promiscuity 0 minmtu 68 maxmtu 65535
veth addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536
gso_max_segs 65535
iproute2 get the link-netns name via the nsid sent by the kernel ('link-netns
bar').
Note that nsid are local to one netns, there are not global (ie the same netns
can have a different nsid in each netns):
$ ip -n bar netns set foo 456
$ ip -n bar netns
bar
foo (id: 456)
$ ip -n foo netns
bar
foo
$ ip netns
bar (id: 1234)
foo (id: 0)
Regards,
Nicolas
