当前位置：首页 > news >正文

备案号不放在网站首页免费网站

news 2025/11/4 6:03:33

备案号不放在网站首页,免费网站,山东网站app制作,梧州网站设计文章目录二层网络整体拓扑相关配置配置namespace创建switch创建veth设备配置veth的IP启动veth 测试三层网络配置vm1配置vm2配置测试二层网络我们用Linux bridge模拟现实中的switch#xff0c;用namespace模拟连接在交换机上的pc 整体拓扑 ------------------ ----… 文章目录二层网络整体拓扑相关配置配置namespace创建switch创建veth设备配置veth的IP启动veth 测试三层网络配置vm1配置vm2配置测试二层网络我们用Linux bridge模拟现实中的switch用namespace模拟连接在交换机上的pc 整体拓扑 ------------------ ------------------ ------------------ | | | | | | | | | | | | | | | | | | | ns1 | | ns2 | | ns3 | | | | | | | | | | | | | | | | | | | | 192.168.1.1/24 | | 192.168.1.2/24 | | 192.168.1.3/24 | ----(veth-ns1)---- ----(veth-ns2)---- ----(veth-ns3)---- | | || | | --(veth-ns1-br)-------------(veth-ns2-br)------------(veth-ns3-br)-- | | | linux-bridge | | | --------------------------------------------------------------------其中ns1、ns2、n3分别表示三条pclinux-bridge为switchveth设备可以看作网线相关配置配置namespace rooti-pvirg1hu:~# ip netns add ns1 rooti-pvirg1hu:~# ip netns add ns2 rooti-pvirg1hu:~# ip netns add ns3 rooti-pvirg1hu:~# ip netns list ns3 ns2 ns1 rooti-pvirg1hu:~#创建switch rooti-pvirg1hu:/etc/apt# brctl addbr virtual-bridge rooti-pvirg1hu:/etc/apt# brctl show bridge name bridge id STP enabled interfaces virtual-bridge 8000.000000000000 no创建veth设备创建veth pair然后将veth pair一端的虚拟网卡加入到namespace再将另一端通过brctl addif命令加入到网桥上。这样就相当于用一条网线将三个namespace连接到了网桥上 rooti-pvirg1hu:/etc/apt# ip link add veth-ns1 type veth peer name veth-ns1-br rooti-pvirg1hu:/etc/apt# ip link set veth-ns1 netns ns1 rooti-pvirg1hu:/etc/apt# brctl addif virtual-bridge veth-ns1-brrooti-pvirg1hu:/etc/apt# ip link add veth-ns2 type veth peer name veth-ns2-br rooti-pvirg1hu:/etc/apt# ip link set veth-ns2 netns ns2 rooti-pvirg1hu:/etc/apt# brctl addif virtual-bridge veth-ns2-br rooti-pvirg1hu:/etc/apt# rooti-pvirg1hu:/etc/apt# ip link add veth-ns3 type veth peer name veth-ns3-br rooti-pvirg1hu:/etc/apt# ip link set veth-ns3 netns ns3 rooti-pvirg1hu:/etc/apt# brctl addif virtual-bridge veth-ns3-brrooti-pvirg1hu:/etc/apt# ip -n ns1 a 1: lo: LOOPBACK mtu 65536 qdisc noop state DOWN group default qlen 1link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 5: veth-ns1if4: BROADCAST,MULTICAST mtu 1500 qdisc noop state DOWN group default qlen 1000link/ether 8a:b8:cd:5d:e6:7f brd ff:ff:ff:ff:ff:ff link-netnsid 0rooti-pvirg1hu:/etc/apt# ip -n ns3 a 1: lo: LOOPBACK mtu 65536 qdisc noop state DOWN group default qlen 1link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 9: veth-ns3if8: BROADCAST,MULTICAST mtu 1500 qdisc noop state DOWN group default qlen 1000link/ether ca:f2:a3:de:a3:d5 brd ff:ff:ff:ff:ff:ff link-netnsid 0rooti-pvirg1hu:/etc/apt# ip -n ns2 a 1: lo: LOOPBACK mtu 65536 qdisc noop state DOWN group default qlen 1link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 7: veth-ns2if6: BROADCAST,MULTICAST mtu 1500 qdisc noop state DOWN group default qlen 1000link/ether 5e:9b:f6:00:fc:df brd ff:ff:ff:ff:ff:ff link-netnsid 0rooti-pvirg1hu:/etc/apt# brctl show bridge name bridge id STP enabled interfaces virtual-bridge 8000.1641be237cac no veth-ns1-brveth-ns2-brveth-ns3配置veth的IP 为三个namespace中的虚拟网卡设置IP地址这些IP地址位于同一个子网192.168.1.0/24中 rooti-pvirg1hu:/etc/apt# ip -n ns1 addr add local 192.168.1.1/24 dev veth-ns1 rooti-pvirg1hu:/etc/apt# ip -n ns2 addr add local 192.168.1.2/24 dev veth-ns2 rooti-pvirg1hu:/etc/apt# ip -n ns3 addr add local 192.168.1.3/24 dev veth-ns3 rooti-pvirg1hu:/etc/apt# ip -n ns1 a 1: lo: LOOPBACK mtu 65536 qdisc noop state DOWN group default qlen 1link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 5: veth-ns1if4: BROADCAST,MULTICAST mtu 1500 qdisc noop state DOWN group default qlen 1000link/ether 8a:b8:cd:5d:e6:7f brd ff:ff:ff:ff:ff:ff link-netnsid 0inet 192.168.1.1/24 scope global veth-ns1valid_lft forever preferred_lft forever rooti-pvirg1hu:/etc/apt# rooti-pvirg1hu:/etc/apt# rooti-pvirg1hu:/etc/apt# ip -n ns2 a 1: lo: LOOPBACK mtu 65536 qdisc noop state DOWN group default qlen 1link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 7: veth-ns2if6: BROADCAST,MULTICAST mtu 1500 qdisc noop state DOWN group default qlen 1000link/ether 5e:9b:f6:00:fc:df brd ff:ff:ff:ff:ff:ff link-netnsid 0inet 192.168.1.2/24 scope global veth-ns2valid_lft forever preferred_lft forever rooti-pvirg1hu:/etc/apt# rooti-pvirg1hu:/etc/apt# rooti-pvirg1hu:/etc/apt# ip -n ns3 a 1: lo: LOOPBACK mtu 65536 qdisc noop state DOWN group default qlen 1link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 9: veth-ns3if8: BROADCAST,MULTICAST mtu 1500 qdisc noop state DOWN group default qlen 1000link/ether ca:f2:a3:de:a3:d5 brd ff:ff:ff:ff:ff:ff link-netnsid 0inet 192.168.1.3/24 scope global veth-ns3valid_lft forever preferred_lft forever启动veth rooti-pvirg1hu:/etc/apt# ip link set virtual-bridge up rooti-pvirg1hu:/etc/apt# ip link set veth-ns1-br up rooti-pvirg1hu:/etc/apt# ip link set veth-ns2-br up rooti-pvirg1hu:/etc/apt# ip link set veth-ns3-br up rooti-pvirg1hu:/etc/apt# ip -n ns1 link set veth-ns1 up rooti-pvirg1hu:/etc/apt# ip -n ns2 link set veth-ns2 up rooti-pvirg1hu:/etc/apt# ip -n ns3 link set veth-ns3 up测试 [rooti-pvirg1hu ~]# ip netns exec ns1 ping 192.168.1.2 PING 192.168.1.2 (192.168.1.2) 56(84) bytes of data. 64 bytes from 192.168.1.2: icmp_seq1 ttl64 time0.083 ms 64 bytes from 192.168.1.2: icmp_seq2 ttl64 time0.050 ms 64 bytes from 192.168.1.2: icmp_seq3 ttl64 time0.048 ms 64 bytes from 192.168.1.2: icmp_seq4 ttl64 time0.058 ms 64 bytes from 192.168.1.2: icmp_seq5 ttl64 time0.055 ms下面仔细看一下网络报文是怎么转发的同一个网段通过二层进行通信也就是使用mac地址互相访问。但是每个ns并不知道其他ns的mac地址应用程序还是用的ip进行通信。所以建立网络连接的第一步是解析mac地址。下面通过抓包来看看这个过程先到ns1~ns3 删除之前已有的arp缓存下面以ns1为例ns2,ns3也要做类似操作就不具体举例了。 [rooti-pvirg1hu ~]# ip netns exec ns1 ip neigh show dev veth-ns1 192.168.1.2 lladdr 7a:49:04:82:5c:65 STALE [rooti-pvirg1hu ~]# ip netns exec ns1 ip neigh del 192.168.1.2 dev veth-ns1 [rooti-pvirg1hu ~]# ip netns exec ns1 ip neigh show dev veth-ns1 [rooti-pvirg1hu ~]#然后到ns2和ns3启动tcpdump -i {device} -nelns1 ping ns3 , 查看具体传输的报文 ns1: [rooti-pvirg1hu ~]# ip netns exec ns1 ping -c 1 192.168.1.3 PING 192.168.1.3 (192.168.1.3) 56(84) bytes of data. 64 bytes from 192.168.1.3: icmp_seq1 ttl64 time0.087 ms--- 192.168.1.3 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev 0.087/0.087/0.087/0.000 ms抓包结果如下 ns2: [rooti-pvirg1hu ~]# tcpdump -i veth-ns2 -nel dropped privs to tcpdump tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on veth-ns2, link-type EN10MB (Ethernet), capture size 262144 bytes 15:42:49.908862 b2:58:ab:9c:8b:03 33:33:00:00:00:02, ethertype IPv6 (0x86dd), length 70: fe80::b058:abff:fe9c:8b03 ff02::2: ICMP6, router solicitation, length 16 15:43:03.240818 42:17:f1:4d:8a:0d Broadcast, ethertype ARP (0x0806), length 42: Request who-has 192.168.1.3 tell 192.168.1.1, length 28ns3: [rooti-pvirg1hu ~]# tcpdump -i veth-ns3 -nel dropped privs to tcpdump tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on veth-ns3, link-type EN10MB (Ethernet), capture size 262144 bytes 15:42:49.908815 b2:58:ab:9c:8b:03 33:33:00:00:00:02, ethertype IPv6 (0x86dd), length 70: fe80::b058:abff:fe9c:8b03 ff02::2: ICMP6, router solicitation, length 16 15:43:03.240802 42:17:f1:4d:8a:0d Broadcast, ethertype ARP (0x0806), length 42: Request who-has 192.168.1.3 tell 192.168.1.1, length 28 15:43:03.240815 b2:58:ab:9c:8b:03 42:17:f1:4d:8a:0d, ethertype ARP (0x0806), length 42: Reply 192.168.1.3 is-at b2:58:ab:9c:8b:03, length 28 15:43:03.240830 42:17:f1:4d:8a:0d b2:58:ab:9c:8b:03, ethertype IPv4 (0x0800), length 98: 192.168.1.1 192.168.1.3: ICMP echo request, id 7675, seq 1, length 64 15:43:03.240840 b2:58:ab:9c:8b:03 42:17:f1:4d:8a:0d, ethertype IPv4 (0x0800), length 98: 192.168.1.3 192.168.1.1: ICMP echo reply, id 7675, seq 1, length 64 15:43:08.340788 b2:58:ab:9c:8b:03 42:17:f1:4d:8a:0d, ethertype ARP (0x0806), length 42: Request who-has 192.168.1.1 tell 192.168.1.3, length 28 15:43:08.340837 42:17:f1:4d:8a:0d b2:58:ab:9c:8b:03, ethertype ARP (0x0806), length 42: Reply 192.168.1.1 is-at 42:17:f1:4d:8a:0d, length 28从上面可以看到初始情况ns1要通过arp广播(地址是ff:ff:ff:ff:ff:ff)解析192.168.1.3对应的mac地址相当于到一个微信群里面所有人谁的ip是192.168.1.3。所以ns2和ns3都收到了同样的广播报文但是只有ns3通过单播相当于微信的私聊做了回复目标mac是ns1的mac地址。下面看看这个过程中交换机做了什么。到switch上可以查看交换机的fdb表在物理交换机叫mac-address table [rooti-pvirg1hu ~]# bridge fdb show br virtual-bridge 33:33:00:00:00:01 dev dev virtual-bridge self permanent 01:00:5e:00:00:01 dev dev virtual-bridge self permanent 33:33:ff:ba:35:ad dev dev virtual-bridge self permanent 42:17:f1:4d:8a:0d dev dev veth-ns1-br master virtual-bridge 5e:09:23:ba:35:ad dev dev veth-ns1-br vlan 1 master virtual-bridge permanent 5e:09:23:ba:35:ad dev dev veth-ns1-br master virtual-bridge permanent 33:33:00:00:00:01 dev dev veth-ns1-br self permanent 01:00:5e:00:00:01 dev dev veth-ns1-br self permanent 33:33:ff:ba:35:ad dev dev veth-ns1-br self permanent 7a:49:04:82:5c:65 dev dev veth-ns2-br master virtual-bridge a2:b4:56:53:f6:f2 dev dev veth-ns2-br vlan 1 master virtual-bridge permanent a2:b4:56:53:f6:f2 dev dev veth-ns2-br master virtual-bridge permanent 33:33:00:00:00:01 dev dev veth-ns2-br self permanent 01:00:5e:00:00:01 dev dev veth-ns2-br self permanent 33:33:ff:53:f6:f2 dev dev veth-ns2-br self permanent b2:58:ab:9c:8b:03 dev dev veth-ns3-br master virtual-bridge ea:71:03:73:3c:6e dev dev veth-ns3-br vlan 1 master virtual-bridge permanent ea:71:03:73:3c:6e dev dev veth-ns3-br master virtual-bridge permanent 33:33:00:00:00:01 dev dev veth-ns3-br self permanent 01:00:5e:00:00:01 dev dev veth-ns3-br self permanent 33:33:ff:73:3c:6e dev dev veth-ns3-br self permanent包含 permanent 的表示bridge和端口的物理地址 # 其中 227/227 表示最近一次的”使用时间/更新时间“单位是秒 [rooti-pvirg1hu ~]# bridge -statistics fdb show br virtual-bridge | grep -v perman 7a:49:04:82:5c:65 dev dev veth-ns2-br used 227/227 master virtual-bridge它表示目标是7a:49:04:82:5c:65的报文发到 veth-ns2-br端口也就是mac和端口的映射关系。初始状态的交换机这个表项是空白的通过arp泛洪学习的机制来创建在端口收到报文时记录源mac地址和当前时间到fdb表如果报文的目标mac能在fdb表中能查到则转发给对应端口如果报文的目标mac是广播地址未知单播或者组播又叫BUM(broadcast unknown-unicast multicast)发到所有端口fdb表记录的时间超过老化时间后通常是5分钟自动删除记录上面例子的 used 227/227 表示这个mac地址上次学习到的时间是72秒前。只要持续有流量转发就会不断重置时间。三层网络拓扑如下 route: default gw 192.168.1.1 route: default gw 192.168.2.1(VM1) (VM2) ------------------ ------------------ ------------------ ------------------ | | | | | | | | | | | | | | | | | | | | | | | | | ns1 | | ns2 | | ns1 | | ns2 | | | | | | | | | | | | | | | | | | | | | | | | | | 192.168.1.2/24 | | 192.168.1.3/24 | | 192.168.2.2/24 | | 192.168.2.3/24 | ---(veth-ns1)--- ---(veth-ns2)--- ---(veth-ns1)--- ---(veth-ns2)--- | | | || | | | -(veth-ns1-br)-----------(veth-ns2-br)- -(veth-ns1-br)-----------(veth-ns2-br)- | | | | | Linux bridge | | Linux bridge | | | | | -----------------(br0)--------------------- -----------------(br0)---------------------| || || | -----------------(br0)--------------------- -----------------(br0)--------------------- | 192.168.1.1/24 | | 192.168.2.1/24 | | default network namespace | | default network namespace | | (Linux Kernel IP Forwarding) | | (Linux Kernel IP Forwarding) | | | | | | 172.16.0.3 | | 172.16.0.2 | -----------------(eth0)-------------------- -----------------(eth0)-------------------- | route: 192.168.2.0/24 via 172.16.0.2 | route: 192.168.1.0/24 via 172.16.0.3| || || |-------------------------------------------------------------- 配置 vm1配置 rooti-pvirg1hu:~# ip netns add ns1 rooti-pvirg1hu:~# ip netns add ns2 rooti-pvirg1hu:~# ip link add veth-ns1 type veth peer name veth-ns1-br rooti-pvirg1hu:~# ip link add veth-ns2 type veth peer name veth-ns2-br rooti-pvirg1hu:~# ip link set veth-ns1 netns ns1 rooti-pvirg1hu:~# ip link set veth-ns2 netns ns2 rooti-pvirg1hu:~# brctl addbr br0 rooti-pvirg1hu:~# brctl addif br0 veth-ns1-br rooti-pvirg1hu:~# brctl addif br0 veth-ns2-b # 设置ip rooti-pvirg1hu:~# ip -n ns1 a a 192.168.1.2/24 dev veth-ns1 rooti-pvirg1hu:~# ip -n ns2 a a 192.168.1.3/24 dev veth-ns2 rooti-pvirg1hu:~# ip a a 192.168.1.1/24 dev br0 # up rooti-pvirg1hu:~# ip link set br0 up rooti-pvirg1hu:~# ip link set veth-ns1-br up rooti-pvirg1hu:~# ip link set veth-ns2-br up rooti-pvirg1hu:~# ip -n ns1 link set veth-ns1 up rooti-pvirg1hu:~# ip -n ns2 link set veth-ns2 up # 配置默认路由 rooti-pvirg1hu:~# ip -n ns1 route add default via 192.168.1.1 rooti-pvirg1hu:~# ip -n ns2 route add default via 192.168.1.1vm2配置 rooti-pvirg1hu:~# ip netns add ns1 rooti-pvirg1hu:~# ip netns add ns2 rooti-pvirg1hu:~# ip link add veth-ns1 type veth peer name veth-ns1-br rooti-pvirg1hu:~# ip link add veth-ns2 type veth peer name veth-ns2-br rooti-pvirg1hu:~# ip link set veth-ns1 netns ns1 rooti-pvirg1hu:~# ip link set veth-ns2 netns ns2 rooti-pvirg1hu:~# brctl addbr br0 rooti-pvirg1hu:~# brctl addif br0 veth-ns1-br rooti-pvirg1hu:~# brctl addif br0 veth-ns2-b # 设置ip rooti-pvirg1hu:~# ip -n ns1 a a 192.168.2.2/24 dev veth-ns1 rooti-pvirg1hu:~# ip -n ns2 a a 192.168.2.3/24 dev veth-ns2 rooti-pvirg1hu:~# ip a a 192.168.2.1/24 dev br0 # up rooti-pvirg1hu:~# ip link set br0 up rooti-pvirg1hu:~# ip link set veth-ns1-br up rooti-pvirg1hu:~# ip link set veth-ns2-br up rooti-pvirg1hu:~# ip -n ns1 link set veth-ns1 up rooti-pvirg1hu:~# ip -n ns2 link set veth-ns2 up # 配置默认路由 rooti-pvirg1hu:~# ip -n ns1 route add default via 192.168.2.1 rooti-pvirg1hu:~# ip -n ns2 route add default via 192.168.2.1这个时候vm1和vm2各自的ns1和ns2是通的同时ns各自到主机的网络也是通的 # 到本机ns2 rooti-pvirg1hu:~# ip netns exec ns1 ping 192.168.1.3 PING 192.168.1.3 (192.168.1.3) 56(84) bytes of data. 64 bytes from 192.168.1.3: icmp_seq1 ttl64 time0.053 ms 64 bytes from 192.168.1.3: icmp_seq2 ttl64 time0.052 ms # 到本机 rooti-pvirg1hu:~# ip netns exec ns1 ping 172.16.0.3 PING 172.16.0.3 (172.16.0.3) 56(84) bytes of data. 64 bytes from 172.16.0.3: icmp_seq1 ttl64 time0.038 ms 64 bytes from 172.16.0.3: icmp_seq2 ttl64 time0.046 ms但是vm1到vm2是不通的我们需要最后在主机上配置路由来联通两个vm # 在vm1上 rooti-pvirg1hu:~# ip route add 192.168.2.0/24 via 172.16.0.2 # 在vm2上 rooti-pvirg1hu:~# ip route add 192.168.1.0/24 via 172.16.0.3测试 # vm1 rooti-pvirg1hu:~# ip netns exec ns1 ping 192.168.2.2 PING 192.168.2.2 (192.168.2.2) 56(84) bytes of data. 64 bytes from 192.168.2.2: icmp_seq1 ttl62 time0.310 ms 64 bytes from 192.168.2.2: icmp_seq2 ttl62 time0.275 ms # vm2 rooti-pvirg1hu:~# ip netns exec ns1 ping 192.168.1.2 PING 192.168.1.2 (192.168.1.2) 56(84) bytes of data. 64 bytes from 192.168.1.2: icmp_seq1 ttl62 time0.223 ms 64 bytes from 192.168.1.2: icmp_seq2 ttl62 time0.266 ms我们看到ttl62代表经历了两次路由到达对端我们做一下路由追踪 rooti-pvirg1hu:~# ip netns exec ns1 traceroute 192.168.2.2 traceroute to 192.168.2.2 (192.168.2.2), 30 hops max, 60 byte packets1 192.168.1.1 (192.168.1.1) 0.030 ms 0.007 ms 0.005 ms2 172.16.0.2 (172.16.0.2) 0.254 ms 0.231 ms 0.220 ms3 192.168.2.2 (192.168.2.2) 0.212 ms 0.243 ms 0.239 ms1、ns1向外发送一个ICMP数据包源地址为192.168.1.2目的地址为192.168.2.2 2、因为目的地址192.168.2.2和源地址192.168.1.2不在同一子网上因此数据包被发送到缺省网关192.168.1.1也就是Linux bridge内部的自带网卡br0 3、 br0收到该数据包后主机根据路由条目192.168.2.0/24 via 172.16.0.2判断应该将该数据包发送到对端网卡上对端根据本地路由将数据包发送给br0 4、 br0将数据包送到目的地址192.168.2.2

http://www.dnsts.com.cn/news/17460.html

相关文章：

广州网站设计服务商东莞常平招聘网最新招聘信息

做网站背景企业网络安全管理制度和应急预案

检查网站打开速度怎么自己做网站地图

官方网站下载cad后台很慢wordpress

新乡微网站建设百度指数明星人气榜

虹口免费网站制作注册新公司流程

nas做流媒体网站网站搜索功能模块

婚纱摄影网站的设计与实现论文河南智慧团建网站登录

joomla做类似赶集网的网站陕西营销型手机网站

网站设计规划书怎么写公司网站的具体步骤

温州建设局网站wordpress+adsense主题

山东建设和城乡建设厅注册中心网站首页dedecms网站如何上线

做的网站缩小内容就全乱了网页制作基础考什么

自己做网站模版做网站应该学什么语言

网站建设鼠标商务网站如何推广

南充市住房建设局网站青岛新公司网站建设推广

企业网站怎么注册官网十堰网站建设专家

网站开发后端有哪些网页版淘宝网登录入口

网站开发多语言成都网站关键词优化

无锡网站制作网站哪家好

网站备案能查到什么建设网站用英文怎么说

南京做网站建设有哪些网站建设内部需求调查表

微信电脑网站是什么原因主页值得是网站的主要内容所在页

伍佰亿网站怎么做深圳快速网站制作服

网站短信验证码怎么做小鱼儿外贸建站

宁夏网站设计联系电话设计效果图制作软件

什么样的网页设计好阳江优化网站排名

旅游网站建设经济评价jp域名

网站分析该怎么做免费域名申请国外

苏州网站设计公司兴田德润i简介电商网站制作设计