I have two namespaces, ns1 and ns2. I created two veth pairs and connected the namespaces to the host via these veth pairs. Now, I want to enable these two namespaces to ping each other using a very simple XDP program. Below is my XDP program:
volatile __u32 container_1_if_id = -1;
volatile __u32 container_2_if_id = -1;
SEC("xdp")
int xdp_redirect_tmp_test(struct xdp_md *ctx) {
// bpf_printk("container_1_if_id: %d, container_2_if_id: %d, ingress_ifindex: %d\n", container_1_if_id, container_2_if_id, ctx->ingress_ifindex);
if (ctx->ingress_ifindex == container_1_if_id) {
return bpf_redirect(container_2_if_id, 0);
} else if (ctx->ingress_ifindex == container_2_if_id) {
return bpf_redirect(container_1_if_id, 0);
}
return XDP_PASS;
}
The container_x_if_id variable is set via a userspace program, and I have verified through the bpf_printk() function that these values correctly correspond to the device indices of the veth interfaces on the host.
Now, I attached this XDP program to the host-side of the two veth devices. Unfortunately, ip netns exec ns1 ping 10.244.1.2 does not work. When I captured packets, I noticed that the ARP requests could not be received on the v2 interface in ns2. I am trying to figure out what the issue is.
The Topo is something like this:
ns1 | host | ns2
v1 ---veth---h1 h2---veth---v2
10.244.1.1/16 10.244.1.2/16
