1. The main namespace is to achieve network isolation network protocol stack and network equipment
Usually a device belonging to a user space.
linux kernel-level device supports two analog
two-story three-tier equipment and devices
Layer device to simulate the use brctl
Use separate namespaces to implement a router. Because the linux kernel to simulate the router
Bridge: is the physical network card to use as a switch
nat network:
Container on the same host communicate
key a soft virtual switch on the host, so that the way each of two containers using pure software establishes a connection, half in the name space, half in the virtual switch to communicate with each other to achieve the two containers
but there are different conditions, such as the following
docker network
docker after installing automatically provides three kinds of network, using the default bridge (NAT Bridging) network, if the starting container, not specified = --network String, is to use the network bridge, using docker network ls can see these three network type
docker after the installation is complete, the machine automatically creates a soft switch (docker0), can play the second floor of the switch devices, you can also play the second floor of LAN equipment.
When we create the container, docker automatically creates two virtual NIC through software, a termination in the container, the other end on docker0 switch, so that if the container is connected to the switch.
bridge0 nat is a bridge, so after the docker starting container, iptables rules are automatically generated as a container