osrg · maxime-peim · Oct 2, 2024
diff --git a/api/attribute.pb.go b/api/attribute.pb.go
diff --git a/api/capability.pb.go b/api/capability.pb.go
diff --git a/api/gobgp.pb.go b/api/gobgp.pb.go
diff --git a/api/gobgp.proto b/api/gobgp.proto
@@ -751,6 +751,7 @@ message Transport {
   uint32 remote_port = 6;
   uint32 tcp_mss = 7;
   string bind_interface = 8;
+  string netns = 9;
 }
 
 message RouteServer {
@@ -1108,6 +1109,7 @@ message Global {
   GracefulRestart graceful_restart = 10;
   ApplyPolicy apply_policy = 11;
   string bind_to_device = 12;
+  string netns = 13;
 }
 
 message Confederation {

diff --git a/cmd/gobgp/global.go b/cmd/gobgp/global.go
@@ -2249,7 +2249,7 @@ func showGlobalConfig() error {
 	fmt.Println("AS:       ", g.Asn)
 	fmt.Println("Router-ID:", g.RouterId)
 	if len(g.ListenAddresses) > 0 {
-		fmt.Printf("Listening Port: %d, Addresses: %s\n", g.ListenPort, strings.Join(g.ListenAddresses, ", "))
+		fmt.Printf("Listening Port: %d, Addresses: %s, NetNs: %s\n", g.ListenPort, strings.Join(g.ListenAddresses, ", "), g.Netns)
 	}
 	if g.UseMultiplePaths {
 		fmt.Printf("Multipath: enabled")
@@ -2263,6 +2263,7 @@ func modGlobalConfig(args []string) error {
 		"router-id":        paramSingle,
 		"listen-port":      paramSingle,
 		"listen-addresses": paramList,
+		"netns":            paramSingle,
 		"use-multipath":    paramFlag})
 	if err != nil || len(m["as"]) != 1 || len(m["router-id"]) != 1 {
 		return fmt.Errorf("usage: gobgp global as <VALUE> router-id <VALUE> [use-multipath] [listen-port <VALUE>] [listen-addresses <VALUE>...]")
@@ -2294,6 +2295,7 @@ func modGlobalConfig(args []string) error {
 			RouterId:         id.String(),
 			ListenPort:       int32(port),
 			ListenAddresses:  m["listen-addresses"],
+			Netns:            m["netns"][0],
 			UseMultiplePaths: useMultipath,
 		},
 	})

diff --git a/cmd/gobgp/neighbor.go b/cmd/gobgp/neighbor.go
@@ -284,8 +284,12 @@ func showNeighbor(args []string) error {
 	} else {
 		fmt.Print("\n")
 	}
+	netns := "default"
+	if p.Transport.Netns != "" {
+		netns = p.Transport.Netns
+	}
 	fmt.Printf("  BGP OutQ = %d, Flops = %d\n", p.State.Queues.Output, p.State.Flops)
-	fmt.Printf("  Local address is %s, local ASN: %s\n", p.Transport.LocalAddress, getLocalASN(p))
+	fmt.Printf("  Local address is %s in %s netns, local ASN: %s\n", p.Transport.LocalAddress, netns, getLocalASN(p))
 	fmt.Printf("  Hold time is %d, keepalive interval is %d seconds\n", int(p.Timers.State.NegotiatedHoldTime), int(p.Timers.State.KeepaliveInterval))
 	fmt.Printf("  Configured hold time is %d, keepalive interval is %d seconds\n", int(p.Timers.Config.HoldTime), int(p.Timers.Config.KeepaliveInterval))
 

diff --git a/go.mod b/go.mod
@@ -19,6 +19,7 @@ require (
 	github.com/spf13/viper v1.16.0
 	github.com/stretchr/testify v1.8.4
 	github.com/vishvananda/netlink v1.2.1
+	github.com/vishvananda/netns v0.0.4
 	golang.org/x/sys v0.25.0
 	golang.org/x/text v0.14.0
 	golang.org/x/time v0.3.0
@@ -49,7 +50,6 @@ require (
 	github.com/spf13/jwalterweatherman v1.1.0 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
 	github.com/subosito/gotenv v1.4.2 // indirect
-	github.com/vishvananda/netns v0.0.4 // indirect
 	golang.org/x/net v0.23.0 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20230525234030-28d5490b6b19 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect

diff --git a/pkg/config/oc/bgp_configs.go b/pkg/config/oc/bgp_configs.go
diff --git a/pkg/server/fsm.go b/pkg/server/fsm.go
@@ -494,7 +494,7 @@ func (h *fsmHandler) connectLoop(ctx context.Context, wg *sync.WaitGroup) {
 	defer wg.Done()
 	fsm := h.fsm
 
-	retry, addr, port, password, ttl, ttlMin, mss, localAddress, localPort, bindInterface := func() (int, string, int, string, uint8, uint8, uint16, string, int, string) {
+	retry, addr, port, password, ttl, ttlMin, mss, localAddress, localPort, netns, bindInterface := func() (int, string, int, string, uint8, uint8, uint16, string, int, string, string) {
 		fsm.lock.RLock()
 		defer fsm.lock.RUnlock()
 
@@ -521,7 +521,7 @@ func (h *fsmHandler) connectLoop(ctx context.Context, wg *sync.WaitGroup) {
 				ttl = fsm.pConf.EbgpMultihop.Config.MultihopTtl
 			}
 		}
-		return tick, addr, port, password, ttl, ttlMin, fsm.pConf.Transport.Config.TcpMss, fsm.pConf.Transport.Config.LocalAddress, int(fsm.pConf.Transport.Config.LocalPort), fsm.pConf.Transport.Config.BindInterface
+		return tick, addr, port, password, ttl, ttlMin, fsm.pConf.Transport.Config.TcpMss, fsm.pConf.Transport.Config.LocalAddress, int(fsm.pConf.Transport.Config.LocalPort), fsm.gConf.Config.Netns, fsm.pConf.Transport.Config.BindInterface
 	}()
 
 	tick := minConnectRetryInterval
@@ -545,20 +545,35 @@ func (h *fsmHandler) connectLoop(ctx context.Context, wg *sync.WaitGroup) {
 			}
 		}
 
-		laddr, err := net.ResolveTCPAddr("tcp", net.JoinHostPort(localAddress, strconv.Itoa(localPort)))
-		if err != nil {
-			fsm.logger.Warn("failed to resolve local address",
-				log.Fields{
-					"Topic": "Peer",
-					"Key":   addr})
-		}
+		func() {
+			cleanNs, err := NsEnter(netns)
+			if err != nil {
+				fsm.logger.Warn("failed to enter netns",
+					log.Fields{
+						"Topic":    "Peer",
+						"Key":      addr,
+						"Namspace": netns,
+						"Error":    err})
+				tick = retry
+				return
+			}
+			defer cleanNs()
+
+			laddr, err := net.ResolveTCPAddr("tcp", net.JoinHostPort(localAddress, strconv.Itoa(localPort)))
+			if err != nil {
+				fsm.logger.Warn("failed to resolve local address",
+					log.Fields{
+						"Topic": "Peer",
+						"Key":   addr})
+				tick = retry
+				return
+			}
 
-		if err == nil {
 			d := net.Dialer{
 				LocalAddr: laddr,
 				Timeout:   time.Duration(tick-1) * time.Second,
 				Control: func(network, address string, c syscall.RawConn) error {
-					return dialerControl(fsm.logger, network, address, c, ttl, ttlMin, mss, password, bindInterface)
+					return dialerControl(fsm.logger, network, address, c, ttl, ttlMin, mss, password, bindInterface, netns)
 				},
 			}
 
@@ -593,8 +608,8 @@ func (h *fsmHandler) connectLoop(ctx context.Context, wg *sync.WaitGroup) {
 							"Error": err})
 				}
 			}
-		}
-		tick = retry
+			tick = retry
+		}()
 	}
 }
 

diff --git a/pkg/server/grpc_server.go b/pkg/server/grpc_server.go
@@ -769,6 +769,7 @@ func newNeighborFromAPIStruct(a *api.Peer) (*oc.Neighbor, error) {
 		pconf.Transport.Config.LocalPort = uint16(a.Transport.LocalPort)
 		pconf.Transport.Config.BindInterface = a.Transport.BindInterface
 		pconf.Transport.Config.TcpMss = uint16(a.Transport.TcpMss)
+		pconf.Transport.Config.Netns = a.Transport.Netns
 	}
 	if a.EbgpMultihop != nil {
 		pconf.EbgpMultihop.Config.Enabled = a.EbgpMultihop.Enabled
@@ -1908,6 +1909,7 @@ func newGlobalFromAPIStruct(a *api.Global) *oc.Global {
 			RouterId:         a.RouterId,
 			Port:             a.ListenPort,
 			LocalAddressList: a.ListenAddresses,
+			Netns:            a.Netns,
 		},
 		ApplyPolicy: *applyPolicy,
 		AfiSafis:    families,