-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[question] How do packets arrive into the application containers? #1742
Comments
Hi, @mrafatpanah Regarding your questions:
By default docker container provides an isolation of network namespace from the host, so it can't be easily accessed. admin@sonic:~$ docker inspect bgp | jq .[].HostConfig.NetworkMode
"host"
The packet is being processed by IP stack in kernel until the forwarding decision is taken. Usually the flow is:
For packets not intended for control plane, the forwarding decision is done exclusively by dataplane - packet is processed only by ASIC Note: netdevs are created in kernel by SAI/SDK and represent the relevant physical interfaces of the switch
Usually the flow is:
|
@mrafatpanah please ask these kind of questions using |
Regarding your questions:
In a typical Docker setup, containers are isolated in their own network namespaces, which means they don’t have direct access to the host's network interfaces. However, in SONiC, the network containers like BGP, LLDP, and others operate differently. These containers share the host’s network namespace, allowing them to access and manage all the host's network interfaces directly. This shared namespace feature enables network containers to interact with the host’s interfaces (netdevs) in the same way as if the operations were being performed directly on the host itself. As a result, you can configure and manage network devices from within the container as easily as you would on the host machine, without the need for additional networking configurations like port mappings or virtual bridges. In essence, SONiC removes the network isolation typically provided by Docker to ensure seamless access between the host and container for managing network functions, making network operations more straightforward and consistent across both the host and containers. |
Hello. I'm new to using SONiC.
I read many documents, such as Architecture, Configuration, Design specs, etc but I don't clearly understand how a packet arrives in application containers such as BGP or LDP.
What happens when a packet enters an interface until it leaves the switch?
I don't understand how SDK and kernel interact. For example, when a new route arrives in one of the interfaces how will it convert to a kernel netlink message?
The text was updated successfully, but these errors were encountered: