[svc]linux下網橋-docker網橋
阿新 • • 發佈:2017-12-17
com oot mct time post www bin exit tex
網橋和交換機
2口交換機=網橋
交換機: 工作在數據鏈路層,根據源mac學習(控制層),目的mac轉發(數據層).
linux的網卡
vmware workstation中的橋接
參考: http://blog.daocloud.io/docker-bridge/
docker0的橋接
參考: http://blog.daocloud.io/docker-bridge/
網橋操作工具
yum install bridge-utils -y 如果需要使用網橋模式,需要關掉NetworkManager服務 systemctl stop NetworkManager systemctl disable NetworkManager
兩張網卡放在一個bro下
我們已經知道了br網卡是虛擬網橋,相當於一個交換機,可以把eth0接入 eth1接入
實現如圖
方法1: 命令行配置
- 添加br0
brctl addbr br0
- 將eth0連到br0
brctl addif br0 eth0
brctl addif br0 eth1
- 清理eth0的地址-這裏有點問題吧
ifconfig eth0 0.0.0.0
- 配置br0的地址
ifconfig br0 192.168.1.10 netmask 255.255.255.0 up
brctl addif br0 ath0方法2: 持久化配置
參考: http://www.solutionsatexperts.com/how-to-create-a-bridge-interface-on-rhelcentos/
- 規劃 Combine eth1 and eth2 physical interfaces and create a virtual interface br0, assign IP to it. eth1 : No IP eth2 : No IP Note: eth1 and eth2 connect to same physical layer / media. br0 – > eth1 – > eth2 Note: br0 is a virtual interface mapped to eth0 and eth1 br0 – > 192.168.1.10 Netmask – > 255.255.255.0 Gateway – > 192.168.1.1 DNS – > 8.8.8.8 - 操作步驟 Step 1: Disable Network Manager Step 2: Create virtual interface br0 Step 3: Configure Physcial interfaces eth1 and eth2 Step 4: Restart network service and verify network settings Step 1: Disable Network Manager systemctl stop NetworkManager # 網卡開啟橋接模式需要關掉NetworkManager Step 2: Create virtual interface br0 Add ifcfg-br0 file under /etc/sysconfig/network-script/ #vi /etc/sysconfig/network-scripts/ifcfg-br0 DEVICE=br0 TYPE=Bridge ONBOOT=yes BOOTPROTO=static IPADDR=192.168.1.10 NETMASK=255.255.254.0 GATEWAY=192.168.1.1 DNS1=114.114.114.114 DNS2=8.8.8.8 Save & Exit(:wq) Step 3: Configure Physcial interfaces eth1 and eth2 vi /etc/sysconfig/network-script/ifcfg-eth1 DEVICE=eth1 BOOTPROTO=static ONBOOT=yes BRIDGE=br0 TYPE=Ethernet Save & Exit (:wq) Step 4: Restart network service and verify network settings Restart the network services # systemctl restart network Verify network settings # ifconfig -a
需求一臺pc要通過另一臺兩口的linux上網
這裏要理解,兩個網橋之間交互數據: 查路由表(或者nat)
思路其實很簡單:
- 1.就是將虛擬出一個bridge口
- 2.將對應的有線LAN和無線LAN都綁定在這個虛擬bridge口上,並給這個bridge口分配一個地址
- 3.其他子網微機配置網關為bridge口的地址便可以了。
- 4.當然,因為是設備是網關模式,路由和nat也是必須的了。
源地址轉換
iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to 192.168.1.10brctl命令
$ docker run -itd --name=b1 busybox
$ brctl show
bridge name bridge id STP enabled interfaces
docker0 8000.0242fb188161 no veth0a226d0
$ docker run -itd --name=b2 busybox
$ brctl show
bridge name bridge id STP enabled interfaces
docker0 8000.0242fb188161 no veth0a226d0
vethd9de1b2
$ brctl show
show showmacs showstp
- 看到容器的mac地址,docker0這個交換機下接了2個
$ brctl showmacs docker0
port no mac addr is local? ageing timer
1 02:42:ac:11:00:02 no 2.36
$ docker exec -it b1 ip ad
14: eth0@if15: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:11:00:02linux下回環口的配置
ifconfig lo 130.0.0.1 [svc]linux下網橋-docker網橋