cni
cni copied to clipboard
containernetworking
cnitool example: ping doesn't work
I'm trying the cnitool example and it works up until testing the created network. ping says one package send, but none received.
OS: openSUSE tumbleweed cnitool: latest version
That's what I have done:
» echo '{"cniVersion":"0.4.0","name":"myptp","type":"ptp","ipMasq":true,"ipam":{"type":"host-local","subnet":"172.16.29.0/24","routes":[{"dst":"0.0.0.0/0"}]}}' | sudo tee /etc/cni/net.d/10-myptp.conf
{"cniVersion":"0.4.0","name":"myptp","type":"ptp","ipMasq":true,"ipam":{"type":"host-local","subnet":"172.16.29.0/24","routes":[{"dst":"0.0.0.0/0"}]}}
» sudo ip netns add testing
» sudo CNI_PATH=./bin cnitool add myptp /var/run/netns/testing
{
"cniVersion": "0.4.0",
"interfaces": [
{
"name": "veth7b3b22f7",
"mac": "7a:e7:7b:e8:76:cc"
},
{
"name": "eth0",
"mac": "9a:36:c1:73:f9:7b",
"sandbox": "/var/run/netns/testing"
}
],
"ips": [
{
"version": "4",
"interface": 1,
"address": "172.16.29.6/24",
"gateway": "172.16.29.1"
}
],
"routes": [
{
"dst": "0.0.0.0/0"
}
],
"dns": {}
}
» sudo CNI_PATH=./bin cnitool check myptp /var/run/netns/testing
» sudo ip -n testing addr
1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0@if12: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 9a:36:c1:73:f9:7b brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.16.29.6/24 brd 172.16.29.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::9836:c1ff:fe73:f97b/64 scope link
valid_lft forever preferred_lft forever
» sudo ip netns exec testing ping -c 1 4.2.2.2
PING 4.2.2.2 (4.2.2.2) 56(84) Bytes an Daten.
--- 4.2.2.2 ping-Statistik ---
1 Package send, 0 received, 100% packet loss, time 0ms
Is this behaviour known on openSUSE, or did I do something wrong?
Did you apply any iptables rules? Since your src ip address is 172.16.29.6 it cannot be routed on the internet. Does that help?
