You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
1. 创建一个命名空间。必须root用户。
$ ip netns add test0
查看命名空间
$ ip netns show
test0
查看命名空间下的设备,目前只有回环地址。
$ip netns exec test0 ip addr show
1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2. 创建Veth设备对。
$ ip link add veth0 type veth peer name veth1
查看Veth设备对,成功创建了一对Veth。
$ ip link show
84: veth1@veth0: <BROADCAST,MULTICAST,M-DOWN> mtu 1500 qdisc noop state DOWN mode DEFAULT qlen 1000
link/ether ce:47:38:33:e6:91 brd ff:ff:ff:ff:ff:ff
85: veth0@veth1: <BROADCAST,MULTICAST,M-DOWN> mtu 1500 qdisc noop state DOWN mode DEFAULT qlen 1000
link/ether 72:cf:5b:14:f0:b5 brd ff:ff:ff:ff:ff:ff
3. 将其中的一个Veth设置到另个命名空间。
$ ip link set veth1 netns test0
再观察发现少了一组Veth设备
$ ip link show
85: veth0@if84: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT qlen 1000
link/ether 72:cf:5b:14:f0:b5 brd ff:ff:ff:ff:ff:ff
4. 设置ip并启动
设置命名空间test0的
$ ip netns exec test0 /bin/bash
$ ip link show
84: veth1@if85: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT qlen 1000
link/ether ce:47:38:33:e6:91 brd ff:ff:ff:ff:ff:ff
$ ip addr add 192.168.5.3/24 dev veth1
$ ip link set dev veth1 up
$ ip addr show
84: veth1@if85: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state LOWERLAYERDOWN qlen 1000
link/ether ce:47:38:33:e6:91 brd ff:ff:ff:ff:ff:ff
inet 192.168.5.3/24 scope global veth1
valid_lft forever preferred_lft forever
设置默认命名空间的
$ ip addr add 192.168.5.2/24 dev veth0
$ ip link set veth0 up
$ ip addr show
85: veth0@if84: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
link/ether 72:cf:5b:14:f0:b5 brd ff:ff:ff:ff:ff:ff
inet 192.168.5.2/24 scope global veth0
valid_lft forever preferred_lft forever
inet6 fe80::70cf:5bff:fe14:f0b5/64 scope link
valid_lft forever preferred_lft forever
$ ping 192.168.5.3
PING 192.168.5.3 (192.168.5.3) 56(84) bytes of data.
64 bytes from 192.168.5.3: icmp_seq=1 ttl=64 time=0.084 ms
64 bytes from 192.168.5.3: icmp_seq=2 ttl=64 time=0.044 ms
The text was updated successfully, but these errors were encountered:
为了支持网络协议栈的多个实例,linux在网络协议栈引入了网络命名空间,这些独立的协议栈被隔离到不同 的命名空间中,处于不同的命名空间的网络协议栈事完全隔离的,彼此之间无法通信。docker 就是通过这种实现了不同容器之间的隔离。Veth这个设备对可以联通两个不同的命名空间,使得两个命名空间可以通信。
下面来模拟实现一下:
The text was updated successfully, but these errors were encountered: