Using Linux Network Namespaces with GOAL

Owned by Marcus Tangermann
Last updated: Oct 04, 2021
2 min read

Introduction

When using PROFINET with GOAL on Linux, the IP settings of the Ethernet interface where the application runs, is reset on startup as this is the defined behaviour of PROFINET devices.

This renders any other IP based services running on the Linux device such as a webserver or an SSH console inaccessible.

This application note describes how to use the Linux Network Namespaces to solve this problem. Therefore, a simple webserver will be running on a virtual Ethernet interface named webserv0 on top of the physical eth0 used by the PROFINET stack.

For a detailed introduction to the Linux' virtual Ethernet capabilites please refer to this article: Introduction to Linux interfaces for virtual networking

Setting up Linux Network Namespaces

Linux Network Namespaces allow to run several virtual Ethernet interfaces on top of a physical device. This technology is widely used by virtualization technologies like VMs and Containers.

 

Please note that the following commands need to be run with the according admin privileges.

 

First, we create a new virtual Ethernet interface and establish a connection between a physical device and the virtual Ethernet interface. This can be achieved using the ip tools:

ip link add <virtualif> link <physicalif> type macvlan mode bridge

So in case we would like to link the virtual interface webserv0 to the physical interface eth0 the command would be:

ip link add webserv0 link eth0 type macvlan mode bridge

As a next step, we create a new namespace where webserv0 will be located in:

ip netns add <namespace>

In this example, we will name the new namespace webserver:

Now we need to signal the Linux kernel, that webserv0 belongs to the new namespace:

For our example, this results in the line:

It’s now time to set an IP address to the virtual interface and bring it up. As the virtual interface is now only visible within the new namespace, we have to use the ip netns exec command:

Using the values of this example, the commands are:

For simplicity, we use the simple HTTP server provided by Python 3.4 and above. This server can now be started using the command:

The webserver is accessible via http://192.168.11.223:8082 independently from the IP settings of the underlying phyiscal interface eth0.

The PROFINET application can now be started as usual on the physical interface eth0 e.g.:

The complete script looks like this:

Summary

In this application note, the setup of Linux Network Namespaces was shown. It also explained how to use this scheme to provide virtual Ethernet interfaces that work independently from the underlying phyiscal interface. This allows to run application like PROFINET devices on the same physical device as IP based services like webserver or SSH consoles.