Session

netpen.io visual editor for network environments script generation

Speakers

Eyal Birger

Label

Moonshot

Session Type

Talk

Contents

Description

Creating network environment scripts for new feature testing or bug reproduction can be cumbersome - defining network namespaces, setting up different network interfaces types, assigning addresses, configuring routes, vrfs, etc..

netpen.io (to be open sourced) aims to facilitate this process by allowing users to visually define network netspaces, veth devices, different tunneling devices, etc. and generates bash scripts usable on fresh vms which include the necessary configuration including address assignments and routes.

For example, a simple routing topology can be seen at:
https://examples.netpen.io/router.png

Downloading the resulting script and running it on a fresh VM yields the following example output:

```
root@(none):/# ./netpen.sh 
 ____                 _               
|  _ \   ___   _   _ | |_   ___  _ __ 
| |_) | / _ \ | | | || __| / _ \| '__|
|  _ < | (_) || |_| || |_ |  __/| |   
|_| \_\ \___/  \__,_| \__| \___||_|   
                                      

+-----------+------------------------------------+
| Namespace | IPv4                               |
+-----------+------------------------------------+
|     a     | 198.51.100.130/25 (atorouter.dev1) |
+-----------+------------------------------------+
|     b     | 198.51.100.2/25 (btorouter.dev1)   |
+-----------+------------------------------------+
|   router  | 198.51.100.129/25 (atorouter.dev2) |
|           | 198.51.100.1/25 (btorouter.dev2)   |
+-----------+------------------------------------+
net.ipv4.route.mtu_expires = 15
net.ipv4.conf.all.forwarding = 1
net.ipv6.conf.all.forwarding = 2
net.ipv4.conf.all.forwarding = 1
net.ipv6.conf.all.forwarding = 2
net.ipv4.conf.all.forwarding = 1
net.ipv6.conf.all.forwarding = 2
[   10.578767] ip (1451) used greatest stack depth: 12224 bytes left
[   10.769523] random: crng init done
[   10.777003] IPv6: ADDRCONF(NETDEV_CHANGE): atorouter.dev1: link becomes ready
[   10.923704] ip (1460) used greatest stack depth: 12096 bytes left
[   11.121881] IPv6: ADDRCONF(NETDEV_CHANGE): btorouter.dev1: link becomes ready
root@(none):/# [   11.578224] IPv6: ADDRCONF(NETDEV_CHANGE): atorouter.dev2: link becomes ready

root@(none):/# ip netns exec a ping 198.51.100.2
PING 198.51.100.1 (198.51.100.2) 56(84) bytes of data.
64 bytes from 198.51.100.2: icmp_seq=1 ttl=63 time=7.00 ms
64 bytes from 198.51.100.2: icmp_seq=2 ttl=63 time=0.956 ms
```

Topologies are described by YAML documents, e.g. the above router YAML document can be seen at:
https://examples.netpen.io/router.yml

Note for example that the subnet is defined as a single CIDR and there's internal routing logic for partitioning the subnet based on L2/L3 connectivity.

Other examples include bridging, VLANs, MACVLAN, XFRM, different IP tunneling, VRFs.

These YAML documents can be converted to BASH scripts or DOT diagrams using an endpoint, e.g.:

curl --data-binary "@examples/router.yml" https://api.netpen.io/v1/bash > router.sh

or:

curl --data-binary "@examples/router.yml" https://api.netpen.io/v1/dot | dot -Tpng | display

Note: the site isn't openly accessible yet.

Future enhancements can include TC filters, Netfilter rules (ipt/nft), MPLS, eBPF programs, etc. etc.