1 files changed, 62 insertions, 0 deletions

diff --git a/man/man7/network_namespaces.7 b/man/man7/network_namespaces.7
new file mode 100644
index 000000000..92ebc32ae
--- /dev/null
+++ b/man/man7/network_namespaces.7
@@ -0,0 +1,62 @@
+.\" Copyright (c) 2017 by Michael Kerrisk <mtk.manpages@gmail.com>
+.\"
+.\" SPDX-License-Identifier: Linux-man-pages-copyleft
+.\"
+.\"
+.TH network_namespaces 7 (date) "Linux man-pages (unreleased)"
+.SH NAME
+network_namespaces \- overview of Linux network namespaces
+.SH DESCRIPTION
+Network namespaces provide isolation of the system resources associated
+with networking: network devices, IPv4 and IPv6 protocol stacks,
+IP routing tables, firewall rules, the
+.I /proc/net
+directory (which is a symbolic link to
+.IR /proc/ pid /net ),
+the
+.I /sys/class/net
+directory, various files under
+.IR /proc/sys/net ,
+port numbers (sockets), and so on.
+In addition,
+network namespaces isolate the UNIX domain abstract socket namespace (see
+.BR unix (7)).
+.P
+A physical network device can live in exactly one
+network namespace.
+When a network namespace is freed
+(i.e., when the last process in the namespace terminates),
+its physical network devices are moved back to the
+initial network namespace
+(not to the namespace of the parent of the process).
+.P
+A virtual network
+.RB ( veth (4))
+device pair provides a pipe-like abstraction
+that can be used to create tunnels between network namespaces,
+and can be used to create a bridge to a physical network device
+in another namespace.
+When a namespace is freed, the
+.BR veth (4)
+devices that it contains are destroyed.
+.P
+Use of network namespaces requires a kernel that is configured with the
+.B CONFIG_NET_NS
+option.
+.\" FIXME .SH EXAMPLES
+.SH SEE ALSO
+.BR nsenter (1),
+.BR unshare (1),
+.BR clone (2),
+.BR veth (4),
+.BR proc (5),
+.BR sysfs (5),
+.BR namespaces (7),
+.BR user_namespaces (7),
+.BR brctl (8),
+.BR ip (8),
+.BR ip\-address (8),
+.BR ip\-link (8),
+.BR ip\-netns (8),
+.BR iptables (8),
+.BR ovs\-vsctl (8)