1 files changed, 24 insertions, 0 deletions
diff --git a/man7/namespaces.7 b/man7/namespaces.7
index a3d49dea6c..850a5e2c14 100644
--- a/man7/namespaces.7
+++ b/man7/namespaces.7
@@ -201,6 +201,30 @@ directory,
 .I /sys/class/net 
 directory, port numbers, and so on.
 
+A network namespace provides an isolated view of the networking stack
+(network device interfaces, IPv4 and IPv6 protocol stacks,
+IP routing tables, firewall rules, the
+.I /proc/net
+and
+.I /sys/class/net
+directory trees, sockets, etc.).
+A physical network device can live in exactly one
+network namespace.
+A virtual network device ("veth") pair provides a pipe-like abstraction
+.\" FIXME Add pointer to veth(4) page when it is eventually completed
+that can be used to create tunnels between network namespaces,
+and can be used to create a bridge to a physical network device
+in another namespace.
+
+When a network namespace is freed
+(i.e., when the last process in the namespace terminates),
+its physical network devices are moved back to the
+initial network namespace (not to the parent of the process).
+
+Use of network namespaces requires a kernel that is configured with the
+.B CONFIG_NET_NS
+option.
+
 .SS Mount namespaces (CLONE_NEWNS)
 
 Mount namespaces isolate the set of file system mount points,