Posted on Jun 22 To successfully navigate the labyrinth of Network configuration in a Linux environment, we must first ensure that our system is appropriately primed. This preparatory stage involves keeping our software up-to-date and confirming the presence of essential networking utilities. Here's how we do it:sudo apt update: This command refreshes our local index of software packages, paving the way for us to access the most recent versions.sudo apt upgrade -y: An execution of this command results in an upgrade of all the installed software on our system. The '-y' flag automatically approves any prompts that might arise during the process.sudo apt install iproute2: This command sets about installing 'iproute2', a bundle of essential utilities for handling TCP/IP networking and traffic control in Linux.sudo apt install net-tools: By running this command, we are introducing 'net-tools' into our system. This package provides commands like 'ifconfig' that are instrumental in configuring network interfaces.With these preparatory steps complete, we've established a sturdy foundation that will support our subsequent foray into network exploration and manipulation.Our first order of business is to erect a new network bridge, which we'll christen 'v-bridge'. The subsequent commands breathe life into 'v-bridge', sets it in an active (UP) state, and assigns it an IP address:Next, we shift our attention towards creating three distinct network namespaces, appropriately dubbed "red," "green," and "blue":We can verify the successful creation of our namespaces by executing ip netns list.Our next stride involves the creation of virtual Ethernet (veth) pairs. These pairs function as a conduit, allowing seamless network communication between two endpoints:Our freshly minted veth interfaces are then linked to their corresponding network namespaces and our primary 'v-bridge':andTo activate these interfaces and prepare them for network communication, we execute:andNow we dive into the network namespaces to configure IP addresses and default routes for our veth interfaces:and similar commands for the "green" and "blue" namespaces.We've now configured our network namespaces, laying the groundwork for network communication and establishing a common gateway (192.168.0.1/24) for outbound traffic.We can confirm inter-namespace communication by pinging one namespace from another, as shown below:We start this stage by activating IP forwarding on our system, accomplished by setting the 'net.ipv4.ip_forward' sysctl parameter to 1: sysctl -w net.ipv4.ip_forward=1.Next, we employ iptables to configure NAT. This allows our network namespaces to access the internet via the "enp0s2" interface: iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o enp0s2 -j MASQUERADE.The snapshot below provides a glimpse into the NAT configuration process:We can verify internet connectivity by initiating a ping from any network namespace to an external IP address. An example follows: ip netns exec red ping -c 2 8.8.8.8.The successful ping to an external IP is displayed below:In this detailed guide, we've navigated the complexities of managing network configuration in a Linux environment. We've delved into creating network namespaces and virtual Ethernet pairs, connecting them via a network bridge, assigning IP addresses and default routes within namespaces, and establishing communication between namespaces. Further, we've covered the enabling of IP forwarding, NAT configuration, and firewall rule setup to allow internet access to our network namespaces.Should you want to dive deeper into these subjects or seek professional networking, I'm always open to stimulating discussions. Feel free to connect with me on LinkedIn.Templates let you quickly answer FAQs or store snippets for re-use. Are you sure you want to hide this comment? It will become hidden in your post, but will still be visible via the comment's permalink. Hide child comments as well Confirm For further actions, you may consider blocking this person and/or reporting abuse Prakash Tiwari - May 24 Erika Heidi - May 23 Surendu Suresh - May 23 Argonaut - Apr 19 Once suspended, tanvirrahman will not be able to comment or publish posts until their suspension is removed. Once unsuspended, tanvirrahman will be able to comment and publish posts again. Once unpublished, all posts by tanvirrahman will become hidden and only accessible to themselves. If tanvirrahman is not suspended, they can still re-publish their posts from their dashboard. Note: Once unpublished, this post will become invisible to the public and only accessible to Tanvir Rahman. They can still re-publish the post if they are not suspended. Thanks for keeping DEV Community safe. Here is what you can do to flag tanvirrahman: tanvirrahman consistently posts content that violates DEV Community's code of conduct because it is harassing, offensive or spammy. Unflagging tanvirrahman will restore default visibility to their posts. DEV Community — A constructive and inclusive social network for software developers. With you every step of your journey. Built on Forem — the open source software that powers DEV and other inclusive communities.Made with love and Ruby on Rails. DEV Community © 2016 - 2023. We're a place where coders share, stay up-to-date and grow their careers.