[svc]linux下网桥-docker网桥
网桥和交换机
2口交换机=网桥
交换机: 工作在数据链路层,根据源mac学习(控制层),目的mac转发(数据层).
linux的网卡
vmware workstation中的桥接
参考: http://blog.daocloud.io/docker-bridge/
docker0的桥接
参考: http://blog.daocloud.io/docker-bridge/
网桥操作工具
yum install bridge-utils -y
如果需要使用网桥模式,需要关掉NetworkManager服务
systemctl stop NetworkManager
systemctl disable NetworkManager
两张网卡放在一个bro下
我们已经知道了br网卡是虚拟网桥,相当于一个交换机,可以把eth0接入 eth1接入
实现如图
方法1: 命令行配置
- 添加br0
brctl addbr br0
- 将eth0连到br0
brctl addif br0 eth0
brctl addif br0 eth1
- 清理eth0的地址-这里有点问题吧
ifconfig eth0 0.0.0.0
- 配置br0的地址
ifconfig br0 192.168.1.10 netmask 255.255.255.0 up # 我发现这样可以添加回环口
brctl addif br0 ath0
方法2: 持久化配置
参考: http://www.solutionsatexperts.com/how-to-create-a-bridge-interface-on-rhelcentos/
- 规划
Combine eth1 and eth2 physical interfaces and create a virtual interface br0, assign IP to it.
eth1 : No IP
eth2 : No IP
Note: eth1 and eth2 connect to same physical layer / media.
br0 – > eth1
– > eth2
Note: br0 is a virtual interface mapped to eth0 and eth1
br0 – > 192.168.1.10
Netmask – > 255.255.255.0
Gateway – > 192.168.1.1
DNS – > 8.8.8.8
- 操作步骤
Step 1: Disable Network Manager
Step 2: Create virtual interface br0
Step 3: Configure Physcial interfaces eth1 and eth2
Step 4: Restart network service and verify network settings
Step 1: Disable Network Manager
systemctl stop NetworkManager # 网卡开启桥接模式需要关掉NetworkManager
Step 2: Create virtual interface br0
Add ifcfg-br0 file under /etc/sysconfig/network-script/
#vi /etc/sysconfig/network-scripts/ifcfg-br0
DEVICE=br0
TYPE=Bridge
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.1.10
NETMASK=255.255.254.0
GATEWAY=192.168.1.1
DNS1=114.114.114.114
DNS2=8.8.8.8
Save & Exit(:wq)
Step 3: Configure Physcial interfaces eth1 and eth2
vi /etc/sysconfig/network-script/ifcfg-eth1
DEVICE=eth1
BOOTPROTO=static
ONBOOT=yes
BRIDGE=br0
TYPE=Ethernet
Save & Exit (:wq)
Step 4: Restart network service and verify network settings
Restart the network services
# systemctl restart network
Verify network settings
# ifconfig -a
需求一台pc要通过另一台两口的linux上网
这里要理解,两个网桥之间交互数据: 查路由表(或者nat)
思路其实很简单:
- 1.就是将虚拟出一个bridge口
- 2.将对应的有线LAN和无线LAN都绑定在这个虚拟bridge口上,并给这个bridge口分配一个地址
- 3.其他子网微机配置网关为bridge口的地址便可以了。
- 4.当然,因为是设备是网关模式,路由和nat也是必须的了。
源地址转换
iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to 192.168.1.10
brctl命令
$ docker run -itd --name=b1 busybox
$ brctl show
bridge name bridge id STP enabled interfaces
docker0 8000.0242fb188161 no veth0a226d0
$ docker run -itd --name=b2 busybox
$ brctl show
bridge name bridge id STP enabled interfaces
docker0 8000.0242fb188161 no veth0a226d0
vethd9de1b2
$ brctl show
show showmacs showstp
- 看到容器的mac地址,docker0这个交换机下接了2个
$ brctl showmacs docker0
port no mac addr is local? ageing timer
1 02:42:ac:11:00:02 no 2.36
$ docker exec -it b1 ip ad
14: eth0@if15: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:11:00:02
linux下回环口的配置
参考: 虚拟网卡添加: http://blog.csdn.net/yydcj/article/details/8447567
http://www.centoscn.com/image-text/config/2016/1113/8145.html
也可以只通过添加br0并给设置地址的方式,设置回环口.
ifconfig lo 130.0.0.1