Posted on March 17, 2017 5:50 pm
 |  Asked by Larry Acuna
 |  3180 views
RESOLVED
0
0
Print Friendly, PDF & Email

I was trying to do a Curl or Dig command con bash trying to access a ip address on a different VRF that the default but I can´t get a response, if a ping is tried the response is the same, i can´t reach to the ip address.

When the ping is maded from the CLI using: ping vrf <nane> ip-address, the ping reach the address without any problem.

How I can do to reach the VRF from the bash? or if you know how to do a dig or curl from CLI this can work do.

0
Posted by Upasana Dangi
Answered on March 17, 2017 5:59 pm

Hi Larry,

When we drop into bash, the namespace spawned is defined by the routing context of the switch which is by default for the default VRF:

switch#show routing-context vrf
Current VRF routing-context is default

Should you want to run commands for another namespace in bash without changing routing context, we can make use of the ip netns utility.

[admin@switch ~]$ sudo ip netns exec ns-<VRF_NAME> <Command>

For example:

[admin@switch ~]$ sudo ip netns exec ns-test ping 130.211.17.32
PING 130.211.17.32 (130.211.17.32) 56(84) bytes of data.
64 bytes from 130.211.17.32: icmp_seq=1 ttl=64 time=0.032 ms

0
Posted by Gary Nigg
Answered on March 17, 2017 6:01 pm

Hi Larry. From bash, you can achieve this by using the Linux network namespaces commands. The names are in the form of ns-<vrf>. You can run ‘ip netns list’ to see the full list that you have available. You would then run “ip netns exec <netns> <cmd>” to achieve what you want.

Here is an example:

-bash-4.3# ping -c 1 172.24.68.1
connect: Network is unreachable
-bash-4.3# ip netns list
ns-mgmt
default
-bash-4.3# ip netns exec ns-mgmt ping -c 1 172.24.68.1
PING 172.24.68.1 (172.24.68.1) 56(84) bytes of data.
64 bytes from 172.24.68.1: icmp_seq=1 ttl=64 time=0.198 ms

— 172.24.68.1 ping statistics —
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.198/0.198/0.198/0.000 ms

1
Posted by Jeremy Georges
Answered on March 17, 2017 6:05 pm

Hi,

You can either use the ‘routing-context vrf ‘ command before you execute bash, which will place you in the correct Network Name Space.

Or from within bash, you can use the Linux ip command to change or start a shell in that namespace.
Example:

‘sudo ip netns exec ns-mgmt bash’

Which will start a bash session in the vrf mgmt.

-Jeremy

0
Posted by Larry Acuna
Answered on March 17, 2017 7:32 pm

Great!, with the line sudo ip netns exec ns-VRF curl …. now I can do the curl on the VRF I need, thanks a lot for all the responses, the same line work for the dig command.

Thanks a lot for the fast response

0
Posted by Larry Acuna
Answered on March 17, 2017 7:54 pm

Great!, with the line sudo ip netns exec ns-VRF curl …. now I can do the curl on the VRF I need, thanks a lot for all the responses, the same line work for the dig command.

Thanks a lot for the fast response

0
Posted by Larry Acuna
Answered on March 22, 2017 3:02 am

Thanks a lot for the help, I was trying the command sudo ip netns exec ns-<VRF_NAME> and work great for me.

Have a good day and thanks.

Post your Answer

You must be logged in to post an answer.