Linux virtual network device --- use Veth pair to connect to linux bridge bridge

Enterprise 2023-06-21 21:17:06 views: null

This article directory

As shown in the figure below, in the previous article Linux virtual network device - detailed explanation of Veth pair , we introduced how to connect two namespaces through veth pair.
insert image description here
But in the usual configuration, generally speaking, there will be many namespaces on a physical host. If you want to use veth pair to connect directly, every two namespaces that need to communicate with each other need a pair of veth pair connections, which will be connected into spider web. Similar to the solution for connecting multiple hosts in the physical network (switch + network cable to form a star connection), we will use linux bridge + veth pair to build a star connection network to solve the multi-point communication problem (as shown in the figure below shown). As shown below, we will create a bridge br0 in the Linux host, and add the enp2s0 network card of the host to this bridge as a port of the bridge. Another Linnux host connects to the host through enp2s0, and then ns0 through veth0 -vethbr0 is connected to br0, ns1 is connected to br0 through veth1-vethbr1.

insert image description here

Before starting to connect namespaces, we can refer to the article Linux Bridge Introduction, Getting Started and Configuration to create a Linux bridge bridge in the physical host.

1. We can use the following command to create a veth pair: veth0----veth1

Create five virtual Ethernet device pairs of veth0—vethbr0, veth1—vethbr1, veth2—vethbr2, veth3—vethbr3, and veth4—vethbr4.

sudo ip link add veth0 type veth peer name vethbr0
sudo ip link add veth1 type veth peer name vethbr1
sudo ip link add veth2 type veth peer name vethbr2
sudo ip link add veth3 type veth peer name vethbr3
sudo ip link add veth4 type veth peer name vethbr4

2. After creating five namespaces, you can use the following command to move one end of the veth device pair into the namespaces namespace and enable veth

Create five namespaces named ns0, ns1, ns2, ns3, and ns4, and set veth0 as the network card of ns0, set veth1 as the network card of ns1, and so on.

sudo ip netns add ns0
sudo ip netns add ns1
sudo ip netns add ns2
sudo ip netns add ns3
sudo ip netns add ns4
sudo ip link set veth0 netns ns0
sudo ip link set veth1 netns ns1
sudo ip link set veth2 netns ns2
sudo ip link set veth3 netns ns3
sudo ip link set veth4 netns ns4
sudo ip netns exec ns0 ip link set veth0 up
sudo ip netns exec ns1 ip link set veth1 up
sudo ip netns exec ns2 ip link set veth2 up
sudo ip netns exec ns3 ip link set veth3 up
sudo ip netns exec ns4 ip link set veth4 up

2. Connect the other end of the veth device pair to the linux bridge, connect all namespaces to the Linux bridge bridge, and enable veth

sudo ip link set vethbr0 up
sudo ip link set vethbr1 up
sudo ip link set vethbr2 up
sudo ip link set vethbr3 up
sudo ip link set vethbr4 up
sudo brctl addif br0 vethbr0
sudo brctl addif br0 vethbr1
sudo brctl addif br0 vethbr2
sudo brctl addif br0 vethbr3
sudo brctl addif br0 vethbr4

3. View the veth in the five namespaces

Use the form of ip netns exec ns0 + the command to be executed to execute the specified command in ns0. The following is to execute the ip link show command to view the network link status in ns0.

sudo ip netns exec ns0 ip link show
sudo ip netns exec ns1 ip link show
sudo ip netns exec ns2 ip link show
sudo ip netns exec ns3 ip link show
sudo ip netns exec ns4 ip link show

4. Configure the network in the five namespaces

Use the form of ip netns exec ns0 + the command to be executed to execute the specified command in ns0. The following is to execute the ip addr add command to configure the IP address for veth0 in ns0. At the same time, operate ns1 accordingly. After the configuration is complete, default routes will be generated automatically under ns0 and ns1.

sudo ip netns exec ns0 ip addr add 192.168.0.2/24 dev veth0
sudo ip netns exec ns1 ip addr add 192.168.0.3/24 dev veth1
sudo ip netns exec ns2 ip addr add 192.168.0.4/24 dev veth2
sudo ip netns exec ns3 ip addr add 192.168.0.5/24 dev veth3
sudo ip netns exec ns4 ip addr add 192.168.0.6/24 dev veth4

5. View the ip addresses and routes of ns0 and ns1

We can see that the ip address of the veth0 network card in ns0 is 192.168.0.2, the ip address of the veth1 network card in ns1 is 192.168.0.3, and default routes are generated in both ns0 and ns1 namespaces.

sudo ip netns exec ns0 ip addr show
sudo ip netns exec ns1 ip addr show
sudo ip netns exec ns2 ip addr show
sudo ip netns exec ns3 ip addr show
sudo ip netns exec ns4 ip addr show
sudo ip netns exec ns0 ip route show
sudo ip netns exec ns1 ip route show
sudo ip netns exec ns2 ip route show
sudo ip netns exec ns3 ip route show
sudo ip netns exec ns4 ip route show

6. Verify network connectivity between ns3 and ns4

Use the form of ip netns exec ns3 + the command to be executed to execute the specified command in ns3. The following is to execute the ping command to check the connectivity of the ip network between ns3 and ns4.

xxx@xx-PC:~$ sudo ip netns exec ns3 ping 192.168.0.6
PING 192.168.0.3 (192.168.0.3) 56(84) bytes of data.
64 bytes from 192.168.0.3: icmp_seq=1 ttl=64 time=0.024 ms
64 bytes from 192.168.0.3: icmp_seq=2 ttl=64 time=0.030 ms
64 bytes from 192.168.0.3: icmp_seq=3 ttl=64 time=0.050 ms

7. Verify network connectivity between ns3 and external physical hosts

Use the form of ip netns exec ns3 + the command to be executed to execute the specified command in ns3. The following is to execute the ping command to check the connectivity of the ip network between ns3 and the external host 192.168.3.1 connected to the enps20 network card.

  • Add the default route first
sudo ip netns exec ns3 ip route add default dev veth3
  • Check the routing configuration of ns3, it can be seen that the message sent to 192.168.3.1 will be sent through the veth3 interface
xxx@xx-PC:~$ sudo ip netns exec ns3 ip route show
default dev veth3 scope link 
192.168.0.0/24 dev veth3 proto kernel scope link src 192.168.0.5
  • Check connectivity:
    After configuring the route to 192.168.0.5 (ns3) on the host connected to the bridge br0 through enp2s0, we use the following command to initiate a ping test in ns3.
xxx@xx-PC:~$ sudo ip netns exec ns3 ping 192.168.3.1
PING 192.168.3.1 (192.168.3.1) 56(84) bytes of data.
64 bytes from 192.168.3.1: icmp_seq=1 ttl=64 time=2.22 ms
64 bytes from 192.168.3.1: icmp_seq=2 ttl=64 time=2.33 ms
64 bytes from 192.168.3.1: icmp_seq=3 ttl=64 time=2.01 ms

Guess you like

Origin blog.csdn.net/meihualing/article/details/131156232
Recommended
Ranking
#2019110700005
What materials and procedures are required for patent transfer
What is the blockchain Ethereum triplet state root transaction root receipt root
Front-end study notes 04 --- About the insertion of html pictures and videos
Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries
2017 Qingdao-site tournament I The Squared Mosquito Coil
[BZOJ3165][HEOI2013]Segment (line segment tree without marking)
Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju
The latest tutorial on making framework for iOS
DAX Section 6: Statistical Functions
Daily
More
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)

Code World

© 2018 codetd.com