ap/app/iproute2/iproute2-3.4.0/man/man8/ip-netns.8

.TH IP\-NETNS 8 "20 Dec 2011" "iproute2" "Linux"
.SH NAME
ip-netns \- process network namespace management
.SH SYNOPSIS
.sp
.ad l
.in +8
.ti -8
.B ip
.RI "[ " OPTIONS " ]"
.B netns
.RI  " { " COMMAND " | "
.BR help " }"
.sp
.ti -8
.BR "ip netns" " { " list " } "

.ti -8
.BR "ip netns" " { " add " | " delete " } "
.I NETNSNAME

.ti -8
.BR "ip netns exec "
.I NETNSNAME command ...

.SH DESCRIPTION
A network namespace is logically another copy of the network stack,
with it's own routes, firewall rules, and network devices.

By convention a named network namespace is an object at
.BR "/var/run/netns/" NAME
that can be opened.  The file descriptor resulting from opening
.BR "/var/run/netns/" NAME
refers to the specified network namespace.  Holding that file
descriptor open keeps the network namespace alive.  The file
descriptor can be used with the
.B setns(2)
system call to change the network namespace associated with a task.

The convention for network namespace aware applications is to look
for global network configuration files first in
.BR "/etc/netns/" NAME "/"
then in
.BR "/etc/".
For example, if you want a different version of
.BR /etc/resolv.conf
for a network namespace used to isolate your vpn you would name it
.BR /etc/netns/myvpn/resolv.conf.

.B ip netns exec
automates handling of this configuration, file convention for network
namespace unaware applications, by creating a mount namespace and
bind mounting all of the per network namespace configure files into
their traditional location in /etc.

.SS ip netns list - show all of the named network namespaces
.SS ip netns add NAME - create a new named network namespace
.SS ip netns delete NAME - delete the name of a network namespace
.SS ip netns exec NAME cmd ... - Run cmd in the named network namespace

.SH EXAMPLES

.SH SEE ALSO
.br
.BR ip (8)

.SH AUTHOR
Original Manpage by Eric W. Biederman