network

TCP/IP networking relies on IP addresses mapped to a machine to facilitate routing through the Border Gateway Protocol (BGP). This mapping is usually done through the DNS, which maps human-readable names ("cats.com") to IP addresses. Service centric networks are an alternative/extension to DNS, where the host maintains their own table of mappings from service names to tuples of IP address and port number, but with additional capabilities to control the routing of data. This additional flexibility is usually referenced in the literature as separating the control plane and data plane. The key advantage provided by…

The fundamental isolation technology supporting containers on Linux are Linux namespaces. Namespaces provide isolation of global resources in a way that is transparent to the processes within the namespace. There are currently 7 different namespaces that are supported: Cgroups, IPC, Network, Mount, PID, User, UTS. Today we will be looking at the network namespace. The network namespace can be thought of as a copy of the network stack. It provides isolation in network interfaces, routes, and firewall rules. In this article we will be using the tools from iproute2 to demonstrate. First let's create a new network namespace to play…