use ppp for Internet for netns

Question

Use of

ip r add 0.0.0.0 via 172.20.10.10 src 10.0.100.10

GOT:

Error: Invalid prefsrc address

How to fix this?

Goal: netns (host) => ppp0 => Internet via ppp0

My config:

/home# ip netns
ns2
ns1 (id: 0)   <<<<<<<<<<<<<<<<<<

/home# ip netns exec ns1 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: ip_vti0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN group default qlen 1000
    link/ipip 0.0.0.0 brd 0.0.0.0
15: virt1@if14: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 02:e6:f6:3a:19:2f brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 10.0.100.10/24 scope global virt1    <<<<<<<<<<<<<<<<<<<<<<<<<<<
       valid_lft forever preferred_lft forever
    inet6 fe80::e6:f6ff:fe3a:192f/64 scope link
       valid_lft forever preferred_lft forever

/home# ip netns exec ns1 ip r
default via 10.0.100.1 dev virt1
10.0.100.0/24 dev virt1 proto kernel scope link src 10.0.100.10

/home# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 11:22:33:44:31:34 brd ff:ff:ff:ff:ff:ff
    inet 1.2.3.4/20 brd 1.2.3.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet 10.10.0.8/16 brd 10.10.255.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 1111::2222:3333:4444:5555/64 scope link
       valid_lft forever preferred_lft forever
5: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1450 qdisc fq_codel state UNKNOWN group default qlen 3
    link/ppp
    inet 172.20.10.1 peer 172.20.10.10/32 scope global ppp0
       valid_lft forever preferred_lft forever
14: virt-h@if15: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether f2:7e:68:40:ff:13 brd ff:ff:ff:ff:ff:ff link-netns ns1
    inet 10.0.100.1/24 scope global virt-h   <<<<<<<<<<<<
       valid_lft forever preferred_lft forever
    inet6 fe80::f07e:68ff:fe40:ff13/64 scope link
       valid_lft forever preferred_lft forever

netns : virt1 <> virt-h

/home# ip r
default via 1.2.3.4 dev eth0 proto static
10.0.100.0/24 dev virt-h proto kernel scope link src 10.0.100.1
1.2.3.0/20 dev eth0 proto kernel scope link src 1.2.3.4
172.20.10.10 dev ppp0 proto kernel scope link src 172.20.10.1

Forwarding is on. netns is set as written here : https://blogs.igalia.com/dpino/2016/04/10/network-namespaces/

also:

/home# ip netns exec ns1 ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=117 time=2.39 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=117 time=1.52 ms

/home# ip netns exec ns1 ping 172.20.10.1
PING 172.20.10.1 (172.20.10.1) 56(84) bytes of data.
64 bytes from 172.20.10.1: icmp_seq=1 ttl=64 time=0.071 ms
64 bytes from 172.20.10.1: icmp_seq=2 ttl=64 time=0.118 ms

UPD 1: this route should be set on host, but for commenter, this also gives error (as written in Why "Nexthop has invalid gateway" when it seems to be defined?):

/home# ip netns exec ns1 ip r add default via 172.20.10.10 src 10.0.100.10
Error: Nexthop has invalid gateway.

added upd 1. This should be done in netns ns1 as it should be routed on the host, ns1 not sees ppp0, but maybe it can be done this way? — Master, Jun 30 '21 at 17:37
You can't set the default route to the remote PPP peer until the PPP link is up! — Michael Hampton, Jun 30 '21 at 17:40
`/home# ip link set ppp0 down /home# ip r add 0.0.0.0 via 172.20.10.10 src 10.0.100.10 Error: Nexthop has invalid gateway` — Master, Jun 30 '21 at 17:49

score 1 · Answer 1 · answered Jun 14 '22 at 20:01

Another issue seems to be that when you move an active ppp interface into another namespace, its IP address and peer IP address are zeroed out. I'm attempting to set up a VPN and then move the ppp interface into a namespace as its only interface, just like you can do with WireGuard, but in this case the VPN is L2TP which uses ppp interface.

score 0 · Answer 2 · answered Jul 01 '21 at 16:35

Solution is:
0.0.0.0 => 0.0.0.0/0

But the task is not solved, full solution is:

add rule to /etc/iproute2/rt_tables with new index
ip rule add from 10.0.100.0/24 table ns1
ip route add 0.0.0.0/0 via 172.20.10.10 table ns1

src no needed to be set as default rule works on all local network interfaces.

use ppp for Internet for netns

2 Answers2