setting the network namespace "protected" failed

Question

setting the network namespace "protected" failed

DjLeChuck opened this issue 4 years ago · comments

Hi there,

I'am using Ubuntu 19.10, Python 3.7.5

$ sudo ./namespaced-openvpn --config ../vpn-config/openvpn.ovpn
setting the network namespace "protected" failed: Invalid argument
Traceback (most recent call last):
  File "./namespaced-openvpn", line 398, in <module>
    sys.exit(main())
  File "./namespaced-openvpn", line 377, in main
    setup_namespace(args.namespace)
  File "./namespaced-openvpn", line 66, in setup_namespace
    adapters = _adapter_names(namespace)
  File "./namespaced-openvpn", line 56, in _adapter_names
    output = subprocess.check_output(cmd)
  File "/usr/lib/python3.7/subprocess.py", line 411, in check_output
    **kwargs).stdout
  File "/usr/lib/python3.7/subprocess.py", line 512, in run
    output=stdout, stderr=stderr)
subprocess.CalledProcessError: Command '['/sbin/ip', 'netns', 'exec', 'protected', '/sbin/ip', 'link', 'show']' returned non-zero exit status 255.

Tell me if you want any specific command outputs!

Shivaram Lingamneni · Answer 1 · Sun Apr 26 2020 09:02:55 GMT+0800 (China Standard Time)

Yeah, could you post the output of sudo ip netns list and sudo ip netns exec protected ip route get 1.1.1.1?

Vivien DE BONA · Answer 2 · Sun Apr 26 2020 14:45:42 GMT+0800 (China Standard Time)

djlechuck@nuc:~$ sudo ip netns list
Error: Peer netns reference is invalid.
Error: Peer netns reference is invalid.
protected
djlechuck@nuc:~$ sudo ip netns exec protected ip route get 1.1.1.1
setting the network namespace "protected" failed: Invalid argument
djlechuck@nuc:~$

Shivaram Lingamneni · Answer 3 · Sun Apr 26 2020 15:21:15 GMT+0800 (China Standard Time)

What's the current output of ip netns identify?

I googled this and it looks like the current state of your namespaces is invalid in some way: https://serverfault.com/questions/961504/cannot-create-nested-network-namespace

The expected output of sudo ip netns list is more like this:

$ sudo ip netns list
protected (id: 0)

I think it's possible that my instructions are at fault (in particular, I think you can get into this situation by following my recipe for "stacking" tunnels if you haven't pre-created both of the namespaces involved), but I'm not sure. In particular, I'm curious what happens if you:

Reboot the system
Verify that you aren't somehow already in a non-root namespace (by checking the output of ip netns identify)
Rerun your original command (sudo ./namespaced-openvpn --config ../vpn-config/openvpn.ovpn)

Vivien DE BONA · Answer 4 · Sun Apr 26 2020 20:01:21 GMT+0800 (China Standard Time)

No ouput for ip netns identify, before and after the reboot.

After the reboot, all is OK. I don't know what was wrong the first time :/

Sorry for the useless issue, I should have test the reboot before posting!

Shivaram Lingamneni · Answer 5 · Mon Apr 27 2020 00:52:25 GMT+0800 (China Standard Time)

No problem! Best wishes.