Test: 192.168.139.251 192.168.139.252 192.168.139.253
on three machines . Establish a namespace on each machine and connect it through vxlan. The vm built on any machine can communicate with the vm of other machines.
The corresponding intranet ip on each machine
192.168.139.251----namespace:10.1.0.5/24------------vm:10.3.0.11
192.168.139.252----namespace: 10.1.0.6/24------------vm:10.4.0.12
192.168.139.253----namespace:10.1.0.7/24
★★First step
zubo.sh
###### ###########
#!/bin/sh ip netns add zou ip link add zouveth0 type veth peer name zouveth1 ip link set zouveth1 netns zou #Change here, set the LAN ip in this namespace ip netns exec zou ip addr add 10.1.0.5/24 dev zouveth1 ip netns exec zou ip addr brctl addbr br-zou brctl addif br-zou zouveth0 #This is a single point setting, the remote corresponds to the ip address of the other party #ip link add vxlan-10 type vxlan id 10 remote 192.168.139.252 dev eth0 #The ip here is changed, set to your own, and the network card name with ip is set after dev ip link add vxlan-10 type vxlan id 10 group 239.1.1.1 local 192.168.139.251 dev eth0 brctl addif br-zou vxlan-10 ip -d link show vxlan-10 ip link set dev zouveth0 up ip netns exec zou ip link set dev zouveth1 up ip netns exec zou ip link set dev lo up ip link set dev br-zou up ip link set dev vxlan-10 up
################################### Modify the script at 192.168.139.252 192.168.139.253 in turn : ip netns exec zou ip addr add 10.1.0.5/24 dev zouveth1 Change the LAN ip 10.1.0.5/24 to 10.1.0.6/24 and 10.1.0.7/24 ip link add vxlan-10 type vxlan id 10 group 239.1.1.1 local 192.168.139.251 dev eth0 local 192.168.139.251 is changed to local 192.168.139.252 and local 192.168.139.253 test: Note here, if the order of executing the script is 251 , 252 , 253 # You need to ping the first two machines from 253, otherwise the ping will not work, because the execution of 251 When the data of 252 and 253 are not synchronized, how can they be synchronized? It seems that there is no recurrence after simple ip (there is ip on eth0). If it is a complex bridge, there will be similar problems. ip netns exec zou ping 10.1.0.5 ip netns exec zou ping 10.1.0.6 ★★★Second step test vm: start vm yes script
The content of qemu_net.sh is
##########################
#!/bin/sh brctl addbr br0 ip link set br0 up ip link set tap1 up brctl addif br0 tap1 ip addr add 10.3.0.1/24 dev br0 iptables -t nat -A POSTROUTING -s "10.3.0.0/24" ! -d "10.3.0.0/24" -j MASQUERADE
######################### Script delbr0.sh
when deleting vm ################# #####
#!/bin/sh ip link set br0 down brctl delbr br0
################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################## _
_ _
/usr/libexec/qemu-kvm -kernel bzImage -drive file=hda.img,if=ide,cache=none -append "console=ttyS0 root=/dev/sda rw rdinit=/sbin/init notsc=1" -nographic -boot order=dc,menu=on -net nic,vlan=0,macaddr=52:54:00:12:34:21,model=e1000,addr=08 -net tap,name=haha,ifname=tap1,script=qemu_net.sh,downscript=delbr0.sh
#############
ip netns exec zou ./qemu.sh
The vm is built on the namespace so that the content of the
script is built in the namespace
ip netns exec zou ip a
ip netns exec zou brctl show
and then Execute in vm:
##############
#!/bin/sh ip addr add 10.3.0.11/24 dev eth0 ip link set eth0 up ip route add default via 10.3.0.1
#################
Ping outside the vm
ping 10.3.0.1
ping 10.1.0.5
ping 10.1.0.6
ping 10.1.0.7 The
vm has been able to access the namespaces of the other two machines, but The other two namespaces cannot access this vm.
If the namespace of 192.168.139.252 wants to access vm:10.3.0.11
, it needs to operate on 192.168.139.252:
ip netns exec zou ip route add 10.3.0.0/24 via 10.1.0.5
ip netns exec zou ping 10.3.0.11
Similarly, create a vm of 10.4.0.12 on 192.168.139.252
qemu_net.sh
##################
#!/bin/sh brctl addbr br0 ip link set br0 up ip link set tap1 up brctl addif br0 tap1 ip addr add 10.4.0.2/24 dev br0 iptables -t nat -A POSTROUTING -s "10.4.0.0/24" ! -d "10.4.0.0/24" -j MASQUERADE
################################
Start vm:
pay attention to the change of the mac address, not the same as the one created
### #########
/usr/libexec/qemu-kvm -kernel bzImage -drive file=hda.img,if=ide,cache=none -append "console=ttyS0 root=/dev/sda rw rdinit=/sbin/init notsc=1" -nographic -boot order=dc,menu=on -net nic,vlan=0,macaddr=52:54:00:12:34:22,model=e1000,addr=08 -net tap,name=haha,ifname=tap1,script=qemu_net.sh,downscript=delbr0.sh
############
Then execute in vm:
##############
#!/bin/sh ip addr add 10.4.0.11/24 dev eth0 ip link set eth0 up ip route add default via 10.4.0.2
#################
In this vm, you can ping 10.3.0.11
because the vm's namespace has been ip routed.
If you want vm: 10.3.0.11 on 251, you can also ping If you pass vm on 252: 10.4.0.12
,
then execute
ip netns exec zou ip route add 10.4.0.0/24 via 10.1.0.6 on
251 to enter vm on 251: 10.3.0.11
ping 10.4.0.12, then it will pass.
★★★★★★★★★★★★★★★★★★★
###############################
_ ##
Test if it is point-to-point:
change the #ip
here, set it to your own, set the name of the network card with ip after dev
ip link add vxlan-10 type vxlan id 10 group 239.1.1.1 local 192.168.139.251 dev
eth0
ip link add vxlan-10 type vxlan id 10 remote 192.168.139.252 dev eth0
remote refers to the ip of the opposite node