What is a namespace on Linux

VRF on Linux with network namespaces

My ultimate goal is to implement VRF (Virtual Routing and Forwarding) in Linux. The most commonly accepted method is to set up different network namespaces (one for each separate routing table) and run a Quagga or BIRD daemon on each namespace / routing table. I am not married to this method. If anyone has any other suggestions, please let me know.

The computer in question is running Debian 7 (Wheezy) in VMware Workstation 12. It was always a router and was routing successfully some time ago before I started the reconfiguration. Hence, I know the general routing setup is good.

The immediate problem is that I cannot communicate using my network namespace. That said, veth1 (which is at the bottom of my namespace) can ONLY ping veth0 and nothing else. There is no network communication between veth1 and the underlying networks - not even ARPs. If I didn't know better, I'd say someone pulled the cable from the switch (but it's pretty difficult in a virtual environment). And yes, I checked that the VMnets are set up correctly. The router will work if the old configuration is restored. It just doesn't work in this new configuration.

Does anyone have any idea how to get veth1 to communicate? Or even a completely different method of getting VRF working on Linux? Thanks in advance.

I set up the new configuration as follows:

Add namespace

Add virtual interfaces

Build a bridge

Add eth1 AND veth1 to the bridge

Assign veth1 to the namespace

Configure the IPs of the veth

Bring the i / f up

assigns veth2 its own routing table

Defines the default route for the vtable

You can see in the output from iptables-save that everything is set to ACCEPT or FORWARD, respectively

Output of the IP addr show:

Output of the IP route show:

Output from ip netns exec nsx ip addr show:

Output from ip netns exec nsx ip route show

Output from iptables-save