Linux网络工具学习之:IP命令学习2
标签(空格分隔): 网络
本文旨在通过IP命令介绍和学习Linux网络的相关知识
1. 概述
2. ip link
2.1 概述
缩写:set、s
Usage: ip link add [link DEV] [ name ] NAME
[ txqueuelen PACKETS ]
[ address LLADDR ]
[ broadcast LLADDR ]
[ mtu MTU ]
[ numtxqueues QUEUE_COUNT ]
[ numrxqueues QUEUE_COUNT ]
type TYPE [ ARGS ]
ip link delete DEV type TYPE [ ARGS ]
ip link set { dev DEVICE | group DEVGROUP } [ { up | down } ]
[ arp { on | off } ]
[ dynamic { on | off } ]
[ multicast { on | off } ]
[ allmulticast { on | off } ]
[ promisc { on | off } ]
[ trailers { on | off } ]
[ txqueuelen PACKETS ]
[ name NEWNAME ]
[ address LLADDR ]
[ broadcast LLADDR ]
[ mtu MTU ]
[ netns PID ]
[ netns NAME ]
[ link-netnsid ID ]
[ alias NAME ]
[ vf NUM [ mac LLADDR ]
[ vlan VLANID [ qos VLAN-QOS ] ]
[ rate TXRATE ] ]
[ spoofchk { on | off} ] ]
[ query_rss { on | off} ] ]
[ state { auto | enable | disable} ] ]
[ master DEVICE ]
[ nomaster ]
[ addrgenmode { eui64 | none } ]
ip link show [ DEVICE | group GROUP ] [up]
TYPE := { vlan | veth | vcan | dummy | ifb | macvlan | can |
bridge | ipoib | ip6tnl | ipip | sit | vxlan |
gre | gretap | ip6gre | ip6gretap }
2.2 ip link show
2.2.1 简介
Displaying link layer characteristics with ip link show
2.2.2 例子
---------------------------------------------
ip link show [ DEVICE | group GROUP ] [up]
设备 设备组 只显示running状态的设备
---------------------------------------------
---------------------------------------------
example 1
---------------------------------------------
[root@10-10-229-73 ~]# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1454 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 52:54:00:e7:ae:ff brd ff:ff:ff:ff:ff:ff
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT
link/ether 02:42:c4:87:09:25 brd ff:ff:ff:ff:ff:ff
5: veth0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT qlen 1000
link/ether 92:57:fa:48:7c:b2 brd ff:ff:ff:ff:ff:ff
显示的信息:
设备名: <设备flags>, MTU, the active queueing mechanism (if any), queue size if there is a queue present.
第二行: type of link layer in use on the device, and link layer specific information. For Ethernet, the common case, the current hardware address and Ethernet broadcast address will be displayed.
---------------------------------------------
example 2
---------------------------------------------
[root@10-10-229-73 ~]# ip -s link show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1454 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 52:54:00:e7:ae:ff brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
9913236656 17997331 0 168 0 0
TX: bytes packets errors dropped carrier collsns
16696600379 17969943 0 0 0 0
---------------------------------------------
example 3
---------------------------------------------
[root@10-10-229-73 ~]# ip link show group 0
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT
link/ether 02:42:c4:87:09:25 brd ff:ff:ff:ff:ff:ff
5: veth0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT qlen 1000
link/ether 92:57:fa:48:7c:b2 brd ff:ff:ff:ff:ff:ff
在显示的信息中,每个引号之前的数字是一个接口索引,用于识别网络接口。
这个数字后面是网络接口的名字(例如:eth0、dummy等),它也和网络接口一一对
应。不过,在某些情况下,例如:驱动模块被卸载,对应的接口名就会从列表中消
失,而其它新创建的接口就会使用相同的名字。系统管理员可以ip link set
name修改接口的名字。
接口名可以是别的,或者是@NONE。这意味着这个设备被绑定到其它的设备,例
如数据包被发送到这个设备,由这个设备封装,并从master设备发出。如果设备名
字是NONE,就表示master设备是未知的。
接着,我们看到的是mtu(Maximal Transfer Unit,最大传输单元)。它决定这
个接口单个数据包能够传输多少数据。
qdisc(queuing discipline)显示这个网络接口使用的排队算法。noqueue表示
不对数据包进行排队;noop表示这个网络接口出于黑洞模式,也就是所有进入本网
络设备的数据会直接被丢弃。qlen是网络接口传输队列的默认长度。
网络接口可以有如下标志:
UP 这个设备处于运行状态,可以接收、发送数据包。
LOOPBACK 这个接口不能用于和其它的主机通讯,所有发送到这个接口的数据包都
会返回,而且这种接口只能接收反弹回来的数据包。
BROADCAST 这个设备具有把数据包发送到所有主机的能力。以太网连接是一个很典
型的例子。
POINTTOPOINT 两个节点之间是直接连接的。某个接点发出的所有数据包都会发到
对端节点,接收到的所有数据包也都是从对端节点发过来的。
MULTICAST 这个标志表示设备具有多播能力,能够把数据包发送到某些相邻的网络
节点。实际上,广播是多播的一个特例,它的多播组包括连接上的所有节点。
从定义上,POINTTOPOINT和BROADCAST连接都属于多播。
*如果网络接口的标志不属于LOOPBACK、BROADCAST和POINTTOPOINT的任何一个
,就假定是NMBA(Non-Broadcast Multi-Access)类型。这是最为普遍的一个标志。
PROMISC 设备处于混杂模式,接收连接上的所有数据,不管目的地址是否是自己。
通常,这种模式主要用于网桥和网络监视。
ALLMULTI 设备接收连接上的所有多播数据包,多播路由器(muliticast router)使
用这种模式。
NOARP 这个标志和其它的标志不同,它的含义和涉及的网络协议有关。它一般表示
这个设备无需地址解析,软件或者硬件不必借助于系统协议栈的帮助就知道如何把
数据包投递到目的地。
DYNAMIC 这个标志表示这个网络接口是动态建立和撤消的。
SLAVE 表示这个接口被绑定到其它的网络接口。
*除此之外,还有其它一些标志。这些标志或者已经过时(例如:NOTRAILERS)
,或者还没有实现(如:DEBUG),或者只是特定于某些设备(例如:MASTER、
AUTOMEDIA、PORTSEL)。因此,在此我们不作讨论。
*对于PROMISC和ALLMULTI标志,ifconfig和ip显示的值是不同的。ip link
ls命令显示的是设备的真正状态,而ifconfig显示的是自己设置的虚拟设备状态。
显示信息的第二行包含和链路层地址(MAC地址)相关的信息。其中,第一个词
(ether、sit)定义接口的硬件类型。而接口的硬件类型又决定MAC地址的格式和语
法。默认的格式是硬件的MAC地址和广播地址(如果是点对点连接方式,就是对端的
地址),地址是用冒号隔开的16进制数字。不过,默写类型的连接有其特定的地址
格式,例如:IP通道的地址格式是用点分开的IP地址。
NBMA(Non-Broadcast Multi-Access)连接没有明确定义的广播地址和对端地址
。不过,这个域包含一些有用的信息,例如:倚赖于ARP服务器的广播地址。
使用这个命令不会显示多播地址,需要使用ip maddr ls命令。详情请参考第
9节ip maddr ls。
统计信息
使用-statistics选项,ip命令会打印出网络接口的统计信息,例如:
kuznet@alisa:~ $ ip -s link ls eth0
3: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc cbq qlen 100
link/ether 00:a0:cc:66:18:78 brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
2449949362 2786187 0 0 0 0
TX: bytes packets errors dropped carrier collsns
178558497 1783946 332 0 332 35172
kuznet@alisa:~ $
RX:和TX:分别是接收和发送统计信息的开头。得到的统计信息包括:
bytes 网络接口发送或者收到的字节数。如果字节数超过数据类型能够表示的最大
数值,就会造成回卷。因此,你如果想连续监视这个指标,需要一个用户空间的监
控进程周期性地保存这个数据。
packets 网络接口收到或者发送的数据包个数。
errors 发生错误的次数。
dropped 由于系统资源限制,而丢弃数据包的数量。
overrun 由于发生堵塞,收到的数据包被丢弃的数量。如果接口发生堵塞,就意味
着内核或者你的机器太慢,无法处理收到的数据。
mcast 收到的多播数据包数量,只有很少的设备支持这个选项。
carrier 连接介质出现故障的次数,例如:网线接触不好。
collsns 以太网类型介质发生冲突的事件次数。
compressed 压缩数据包的总数。这个指标只适用于使用VJ头压缩的网络接口。
如果-s选项出现两次或者更多次,ip会输出更为详细的错误信息统计。
kuznet@alisa:~ $ ip -s -s link ls eth0
3: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc cbq qlen 100
link/ether 00:a0:cc:66:18:78 brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
2449949362 2786187 0 0 0 0
RX errors: length crc frame fifo missed
0 0 0 0 0
TX: bytes packets errors dropped carrier collsns
178558497 1783946 332 0 332 35172
TX errors: aborted fifo window heartbeat
0 0 0 332
kuznet@alisa:~ $
这些错误的名字是纯以太化的,对于其它种类的设备,这些域可能有不同的解
释。
2.2.3 相关知识:
- qdisc pfifo_fast –> 网络堆栈的排队机制(有很多翻译错误),原文
- Interface Flags –> Interface Flags
- Group –> Link group
- ip link show –> Output format
- 其他 –> ip-cref中文, 原文
2.3 ip link set
2.3.1 ip link set up/down
Deactivating/Activating a device with ip link set
ip link set { dev DEVICE | group DEVGROUP } [ { up | down } ]
---------------------------------------------
example 4
---------------------------------------------
[root@tristan]# ip link show dev eth0
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:80:c8:f8:4a:51 brd ff:ff:ff:ff:ff:ff
[root@tristan]# ip route show
192.168.99.0/24 dev eth0 proto kernel scope link src 192.168.99.35
127.0.0.0/8 dev lo scope link
default via 192.168.99.254 dev eth0
[root@tristan]# ip link set dev eth0 down
[root@tristan]# ip address show dev eth0
2: eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:80:c8:f8:4a:51 brd ff:ff:ff:ff:ff:ff
inet 192.168.99.35/24 brd 192.168.99.255 scope global eth0
[root@tristan]# ip route show
127.0.0.0/8 dev lo scope link
---------------------------------------------
example 5
---------------------------------------------
[root@tristan]# ip link show dev eth0
2: eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:80:c8:f8:4a:51 brd ff:ff:ff:ff:ff:ff
[root@tristan]# arping -D -I eth0 192.168.99.35
Interface "eth0" is down
[root@tristan]# ip link set dev eth0 up
[root@tristan]# ip address show dev eth0
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:80:c8:f8:4a:51 brd ff:ff:ff:ff:ff:ff
inet 192.168.99.35/24 brd 192.168.99.255 scope global eth0
[root@tristan]# ip route show
192.168.99.0/24 dev eth0 proto kernel scope link src 192.168.99.35
127.0.0.0/8 dev lo scope link
2.3.2 ip link set on/off
Changing link layer characteristics with ip link set
ip link set { dev DEVICE | group DEVGROUP } [ arp/dynamic/multicast/allmulticast/promisc/trailers { on | off } ]
---------------------------------------------
example 6
---------------------------------------------
[root@tristan]# ip link set dev eth0 promisc on
[root@tristan]# ip link show dev eth0
2: eth0: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:80:c8:f8:4a:51 brd ff:ff:ff:ff:ff:ff
[root@tristan]# ip link set dev eth0 multicast off promisc off
[root@tristan]# ip link show dev eth0
2: eth0: <BROADCAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:80:c8:f8:4a:51 brd ff:ff:ff:ff:ff:ff
[root@tristan]# ip link set arp off
Not enough of information: "dev" argument is required.
[root@tristan]# ip link set arp off dev eth0
[root@tristan]# ip link show dev eth0
2: eth0: <BROADCAST,NOARP,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:80:c8:f8:4a:51 brd ff:ff:ff:ff:ff:ff
[root@enclitic root]# ip link set dev eth0 arp on
[root@tristan root]# ip link show dev eth0
2: eth0: <BROADCAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:80:c8:f8:4a:51 brd ff:ff:ff:ff:ff:ff
----------------------------------------------------
#enable 或者 disable multicast on a device
ip link set docker0 multicast on = ifconfig docker0 multicast
ip link set docker0 multicast off = ifconfig docker0 -multicast
注意:ip不能修改PROMISC或者ALLMULTI选项。这两个选项已经比较陈旧,而 且也不应该随便修改。
2.3.3 txqueuelen NUMBER or txqlen NUMBER
change the transmit queue length of the device 改变设备传输队列的长度
2.3.4 name Name
change the name of the device. This operation is not recommended if the device is running or has some addresses already configured.
作用: The convenience of being able to rename devices can be substantial when you are managing many machines and want to use the same name on many different machines, which may have different hardware. Of course, by changing the name of the device, you may foil any scripts which assume conventional device names (eth0, eth1, ppp0).
2.3.5 address LLADDR, broadcast LLADDRESS
change the station address/broadcast address of the interface.修改网络设备的MAC地址 或 修改数据链路层广播地址
---------------------------------------------
example 7
---------------------------------------------
[root@tristan]# ip link set dev inside name eth0
[root@tristan]# ip link set dev eth0 address 00:80:c8:f8:be:ef
[root@tristan]# ip link show dev eth0
2: eth0: <BROADCAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:80:c8:f8:be:ef brd ff:ff:ff:ff:ff:ff
[root@tristan]# ip link set dev eth0 broadcast ff:ff:88:ff:ff:88
[root@tristan]# ip link show dev eth0
2: eth0: <BROADCAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:80:c8:f8:be:ef brd ff:ff:88:ff:ff:88
[root@tristan]# ping -c 1 -n 192.168.99.254 >/dev/null 2>&1 &
[root@tristan]# tcpdump -nnqtei eth0
tcpdump: listening on eth0
0:80:c8:f8:be:ef ff:ff:88:ff:ff:88 42: arp who-has 192.168.99.254 tell 192.168.99.35
0:80:c8:f8:be:ef ff:ff:88:ff:ff:88 42: arp who-has 192.168.99.254 tell 192.168.99.35
2.3.6 mtu MTU
change the MTU of the device
---------------------------------------------
example 8
---------------------------------------------
[root@tristan]# ip link show dev eth0
2: eth0: <BROADCAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:80:c8:f8:4a:51 brd ff:ff:ff:ff:ff:ff
[root@tristan]# # ip link set dev eth0 mtu 1412
[root@tristan]# ip link show dev eth0
2: eth0: <BROADCAST,UP> mtu 1412 qdisc pfifo_fast qlen 100
link/ether 00:80:c8:f8:4a:51 brd ff:ff:ff:ff:ff:ff
2.3.7 netns NETNSNAME | PID
move the device to the network namespace associated with the process PID
---------------------------------------------
example 9
---------------------------------------------
移动一个veth接口道blue名字空间中
ip link set veth1 netns blue
2.3.8 link-netnsid ID
et peer netnsid for a cross-netns interface
2.3.9 alias NAME
give the device a symbolic name for easy reference.
---------------------------------------------
example 10
---------------------------------------------
[root@10-10-229-73 ~]# ip link set docker0 alias dockeralias
[root@10-10-229-73 ~]# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT
link/ether 02:42:c4:87:09:25 brd ff:ff:ff:ff:ff:ff
alias dockeralias
5: veth0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT qlen 1000
link/ether 92:57:fa:48:7c:b2 brd ff:ff:ff:ff:ff:ff
2.3.10 vf NUM
specify a Virtual Function device to be configured. The associated PF device must be specified using the dev parameter.
---------------------------------------------
example 11
---------------------------------------------
[ vf NUM [ mac LLADDR ]
[ vlan VLANID [ qos VLAN-QOS ] ]
[ rate TXRATE ] ]
[ spoofchk { on | off} ] ]
[ query_rss { on | off} ] ]
[ state { auto | enable | disable} ] ]
参考1:VLAN 参考2:HowTo Set Virtual Network Attributes on a Virtual Function 参考3:Virtual networking in Linux 参考4:SR-IOV
2.3.11 master DEVICE/nomaster
set master device of the device (enslave device)/nset master device of the device (release device).
参考:创建和设置bridge的几种方式,使用iproute是其中一种方式,也可以使用brctl(常用)等其他工具来设置
Add an interface to bridge
ip link set dev ${interface name} master ${bridge name}
Examples:
ip link set dev eth0 master br0
Interface you added to a bridge becomes a virtual switch port. It operates only on datalink layer and ceases all network layer operation.
Remove interface from bridge
ip link set dev ${interface name} nomaster
Examples:
ip link set dev eth0 nomaster
2.3.11 addrgenmode eui64 or addrgenmode none
set IPv6 address generation mode
2.4 ip link add
add virtual link
支持的device类型包括vlan | veth | vcan | dummy | ifb | macvlan | can |bridge | ipoib | ip6tnl | ipip | sit | vxlan ; add的同时可以设置一些特性
|type|说明| |-|-| |bridge | Ethernet Bridge device 网桥 |bond | Bonding device can - Controller Area Network interface |dummy | Dummy network interface |hsr | High-availability Seamless Redundancy device |ifb | Intermediate Functional Block device |ipoib | IP over Infiniband device |macvlan | Virtual interface base on link layer address (MAC) |macvtap | Virtual interface based on link layer address(MAC) and TAP. |vcan |Virtual Controller Area Network interface |veth | Virtual ethernet interface |vlan | 802.1q tagged virtual LAN interface |vxlan |Virtual eXtended LAN |ip6tnl | Virtual tunnel interface IPv4|IPv6 over IPv6 |ipip | Virtual tunnel interface IPv4 over IPv4 |sit | Virtual tunnel interface IPv6 over IPv4 |gre | Virtual tunnel interface GRE over IPv4 |gretap | Virtual L2 tunnel interface GRE over IPv4 |ip6gre | Virtual tunnel interface GRE over IPv6 |ip6gretap | Virtual L2 tunnel interface GRE over IPv6 |vti | Virtual tunnel interface |nlmon | Netlink monitoring device |ipvlan | Interface for L3 (IPv6/IPv4) based VLANs |lowpan |Interface for 6LoWPAN (IPv6) over IEEE 802.15.4/ Bluetooth |geneve | GEneric NEtwork Virtualization Encapsulation
2.4.1 VLAN Type Support
Linux 的 VLAN 设备实现的是隔离功能
---------------------------------------------
example 12
---------------------------------------------
[root@10-9-151-160 ~]# ip link add link eth0 name eth0.8 type vlan id
[root@10-9-151-160 ~]# ip address add 192.168.10.100/24 dev eth0.8
[root@10-9-151-160 ~]# ip link set dev eth0.8 up
[root@10-9-151-160 ~]# ip -d link show eth0.8
9: eth0.8@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1454 qdisc noqueue state UP mode DEFAULT
link/ether 52:54:00:71:8e:42 brd ff:ff:ff:ff:ff:ff promiscuity 0
vlan protocol 802.1Q id 8 <REORDER_HDR>
[root@10-9-151-160 ~]# cat /proc/net/vlan/eth0.8
eth0.8 VID: 8 REORDER_HDR: 1 dev->priv_flags: 1
total frames received 0
total bytes received 0
Broadcast/Multicast Rcvd 0
total frames transmitted 13
total bytes transmitted 2131
Device: eth0
INGRESS priority mappings: 0:0 1:0 2:0 3:0 4:0 5:0 6:0 7:0
EGRESS priority mappings:
[root@10-9-151-160 ~]# ping -I eth0.8 192.168.10.101
[root@10-9-151-160 ~]# tcpdump -Uw - | tcpdump -i eth0 -en -r - vlan 8
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
reading from file -, link-type EN10MB (Ethernet)
11:30:49.249751 52:54:00:71:8e:42 > Broadcast, ethertype 802.1Q (0x8100), length 46: vlan 8, p 0, ethertype ARP, Request who-has 192.168.10.101 tell 192.168.10.100, length 28
11:30:50.249944 52:54:00:71:8e:42 > Broadcast, ethertype 802.1Q (0x8100), length 46: vlan 8, p 0, ethertype ARP, Request who-has 192.168.10.101 tell 192.168.10.100, length 28
11:30:51.251951 52:54:00:71:8e:42 > Broadcast, ethertype 802.1Q (0x8100), length 46: vlan 8, p 0, ethertype ARP, Request who-has 192.168.10.101 tell 192.168.10.100, length 28
11:30:53.250178 52:54:00:71:8e:42 > Broadcast, ethertype 802.1Q (0x8100), length 46: vlan 8, p 0, ethertype ARP, Request who-has 192.168.10.101 tell 192.168.10.100, length 28
11:30:54.251942 52:54:00:71:8e:42 > Broadcast, ethertype 802.1Q (0x8100), length 46: vlan 8, p 0, ethertype ARP, Request who-has 192.168.10.101 tell 192.168.10.100, length 28
# 这是一个简单的例子,可以结合docker(或者namespace)做一个验证隔离性的例子(见参考)
参考:使用Pipework做Docker容器的VLAN划分 参考:ifconfig vs ip:上面的很多命令用ifconfig也可以完成 serverfault: vconfig-not-tagging-outgoing-packets-with-vlan-tag-ubuntu 参考 : 动手实践 Linux VLAN - 每天5分钟玩转 OpenStack 参考:搭建网关系列 —— VLAN篇
2.4.2 VXLAN Type Support
Virtual Extensible LAN (VXLAN) is a network virtualization technology that attempts to improve the scalability problems associated with large cloud computing deployments.
参考 : VLAN VS VXLAN 参考 : VXLAN basics and use cases 参考 : VXLAN Series 1~5
2.4.3 GRE, IPIP, SIT Type Support
ip隧道技术
2.4.4 IP6GRE/IP6GRETAP Type Support
参考 : 网络虚拟化技术(二): TUN/TAP MACVLAN MACVTAP
2.4.5 IPoIB Type Support
2.4.6 GENEVE Type Support
Primarily, we wanted to combine the best of the current network virtualization encapsulations (VXLAN, NVGRE, and STT) into a single protocol that could do all the things that those protocols do, and more. We drew on our experience from many years of network virtualization development, and one thing that really stood out was the need for an extensible protocol
参考 : Geneve, VXLAN, and Network Virtualization Encapsulations 参考:draft-gross-geneve-00
2.4.7 MACVLAN and MACVTAP Type Support
参考:TUN/TAP MACVLAN MACVTAP Bridge vs Macvlan Macvlan and IPvlan basics
---------------------------------------------
example 12 模仿上面的实验的一个例子
---------------------------------------------
192.168.0.0/24
net1(.1) net2(.2)
| |
------------------
bridge
-----------------
#创建虚拟网络环境并且连接网线
ip netns add net1
ip netns add net2
ip link add type veth
ip link add type veth
ip link set dev veth1 name net1-bridge netns net1
ip link set dev veth3 name net2-bridge netns net2
ip link set dev veth0 name bridge-net1
ip link set dev veth2 name bridge-net2
#创建并且设置br设备
brctl addbr bridge
ip link set dev bridge up
ip link set dev bridge-net1 up
ip link set dev bridge-net2 up
brctl addif bridge bridge-net1
brctl addif bridge bridge-net2
ip addr add 192.168.0.3/24 dev bridge
# 配置两个虚拟环境的网卡
ip netns exec net1 ip link set dev net1-bridge up
ip netns exec net1 ip address add 192.168.0.1/24 dev net1-bridge
ip netns exec net2 ip link set dev net2-bridge up
ip netns exec net2 ip address add 192.168.0.2/24 dev net2-bridge
# 测试
ip netns exec net1 ping 192.168.0.2
ip netns exec net2 ping 192.168.0.1
ping 192.168.0.2
ping 192.168.0.1
2.5 ip link delete
ip link delete DEV type TYPE [ ARGS ]
> [root@10-9-151-160 ~]# ip link delete vxlan0
有用的参考: https://www.ibm.com/developerworks/cn/linux/1310_xiawc_networkdevice/ http://linux-ip.net/html/tools-ip-link.html http://baturin.org/docs/iproute2/ http://linux-ip.net/gl/ip-cref/ http://www.dsm.fordham.edu/cgi-bin/man-cgi.pl?topic=ip-link http://linux.vbird.org/linux_server/0250simple_firewall.php http://linux-ip.net/html/ http://blog.csdn.net/yeqihong/article/details/710873 [30/blog.kghost.info/2013/03/01/linux-network-emulator/
Share this post
Twitter
Google+
Facebook
Reddit
LinkedIn
StumbleUpon
Email