3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-11-21 22:09:23 +01:00

doc: Add notes about running hostapd in a network namespace

This commit is contained in:
Marcel Holtmann 2018-10-16 17:46:33 +02:00
parent 2000a24ff6
commit 36cedb1f46

View File

@ -9,7 +9,7 @@ traffic on these interfaces and use protocols other than IP.
To create a virtual ethernet pipe with one end called veth0 and the other
called veth1, use the following command:
ip link add veth0 type veth peer name veth1
sudo ip link add veth0 type veth peer name veth1
The pair of interfaces are identical and act as a dumb pipe, there is no
master or slave end. Deleting either end will cause both interfaces to be
@ -18,8 +18,8 @@ when one side of the link is in the 'DOWN' state. if the other link is in
the 'DOWN' state it will indicate 'NO-CARRIER' until the other end is
brought up:
ip link set veth0 up
ip link set veth1 up
sudo ip link set veth0 up
sudo ip link set veth1 up
Testing 802.1x on Virtual Ethernet Device
@ -72,3 +72,29 @@ To run wpa_supplicant (add "-dd -K" for debugging):
sudo ./wpa_supplicant -iveth1 -c./wpa_supplicant.conf -Dwired
Running Authenticator in a network namespace
============================================
In some cases it might be useful to run hostapd in a network namespace to
provide real separation between the two network interfaces. First create
the "hostap" named network namespace:
sudo ip netns add hostap
Now move the network interface of hostapd into the "hostap" named network
namespace:
sudo ip link set veth0 netns hostap
Inside the "hostap" named network namespace the loopback interface needs
to be brought up and also the network interface:
sudo ip netns exec hostap ip link set lo up
sudo ip netns exec hostap ip link set veth0 up
Then execute hostapd inside the network namespace:
sudo ip netns exec hostap ./hostapd wired_hostapd.conf
After that run wpa_supplicant as described above.