Networking Namespaces

The host OS and TNSR use separate network namespaces to isolate their networking functions, as covered in TNSR Architecture. These are the dataplane namespace and the host namespace. The dataplane namespace is for the networking environment managed by TNSR, and the host namespace is for the networking environment managed by the host operating system. These two namespaces are isolated from one another and cannot communicate directly without manually creating a link or routing between them.

TNSR Service Namespaces

Services on TNSR can run in the host namespace, the dataplane namespace, or both, depending on the nature of the service.

Network-related services such as dynamic routing daemons (BGP, OSPF, OSPF6, RIP), Unbound, DHCP Server, and IPsec run only in the dataplane namespace.

Management-oriented services such as SSH, the RESTCONF API, and SNMP run in the host namespace by default, but these services are capable of running in both namespaces at the same time using separate instances.

The NTP daemon can run in either namespace, but cannot be active in both at once.

See also

See Service Control for information on controlling services in multiple namespaces, and Default Namespaces for a full list of default namespaces used by TNSR services.

Namespaces in TNSR CLI Commands

TNSR commands which can operate in multiple namespaces will support a namespace parameter (Either host or dataplane) prefixed before the command. To see a list of these commands, enter the namespace name followed by ? from master mode:

tnsr# host ?
  ping                  Send ICMP echo
  shell                 Invoke shell or run a command
  traceroute            Determine path to destination
tnsr# dataplane ?
  ping                  Send ICMP echo
  shell                 Invoke shell or run a command
  traceroute            Determine path to destination

The remainder of the command parameters are the same.

Note

The ping and traceroute commands default to the dataplane namespace if the parameter is omitted; The shell command defaults to the host namespace.

Configuration commands for items which support multiple namespaces are called out throughout the documentation where appropriate. Typically these will have either a namespace parameter or command, depending on the service and mode.

Namespaces in Shell Commands

When operating in a shell on the TNSR device, commands can be run in the current namespace or the dataplane namespace. Outside of TNSR, the shell defaults to the host namespace. When starting a shell through the TNSR CLI with the shell command, the default is the namespace from which the TNSR CLI was launched. This is typically the host namespace unless clixon_cli was manually launched in the dataplane namespace.

A shell can be started in a specific namespace as mentioned previously in Namespaces in TNSR CLI Commands. For example, using dataplane shell starts a shell where all commands are executed in the dataplane namespace.

When using a host namespace shell, specific commands may be executed in the dataplane namespace in two ways.

sudo ip netns exec dataplane <command>

This method requires elevated privileges using sudo or to be run from a shell as root.

dp-exec <command>

TNSR includes a convenience launcher program, dp-exec, which may be run by any user and executes the given command in the dataplane namespace as the current user.

Warning

While commands may be run in the dataplane namespace from a host namespace shell, commands cannot be run in the host namespace from within a dataplane shell.

Similarly, if the TNSR CLI (clixon_cli) is started in the dataplane namespace using one of the above methods, it is not possible to run commands in the host namespace.