veth - Virtual Ethernet Device
devices are virtual Ethernet devices. They can act as tunnels
between network namespaces to create a bridge to a physical network device in
another namespace, but can also be used as standalone network devices.
devices are always created in interconnected pairs. A pair can be
created using the command:
# ip link add <p1-name> type veth peer name <p2-name>
In the above, p1-name
are the names assigned to the
two connected end points.
Packets transmitted on one device in the pair are immediately received on the
other device. When either devices is down the link state of the pair is down.
device pairs are useful for combining the network facilities of the
kernel together in interesting ways. A particularly interesting use case is to
place one end of a veth
pair in one network namespace and the other end
in another network namespace, thus allowing communication between network
namespaces. To do this, one first creates the veth
device as above and
then moves one side of the pair to the other namespace:
# ip link set <p2-name> netns <p2-namespace>
(8) can be used to find the peer of a veth
interface, using commands something like:
# ip link add ve_A type veth peer name ve_B # Create veth pair
# ethtool -S ve_A # Discover interface index of peer
# ip link | grep '^16:' # Look up interface
16: ve_B@ve_A: <BROADCAST,MULTICAST,M-DOWN> mtu 1500 qdisc ...