`
haoningabc
  • 浏览: 1438809 次
  • 性别: Icon_minigender_1
  • 来自: 北京
社区版块
存档分类
最新评论

neutron基础二(namespace)

阅读更多
试验:
1.建立个namespace 名字为test
2.简历个veth peer,一个放入test里面
3.使test里面的网络能ping到外面的veth peer
4.设置ip route使test里面的网络能ping到外面的ip


创建一个namespace
[root@centos7 ~]# ip netns add test
[root@centos7 ~]# ip netns
test
[root@centos7 ~]# ip netns exec test ip a
1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00


[root@centos7 ~]# ip netns exec test bash
[root@centos7 ~]# ip a
1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
[root@centos7 ~]# ip netns identify $$
test
[root@centos7 ~]# exit
exit


在namespace里面使用普通linux网络命令
[root@centos7 ~]# ip netns exec test ip a
1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
[root@centos7 ~]# ip netns exec test ip link set dev lo up
[root@centos7 ~]# ip netns exec test ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever


ping
[root@centos7 ~]# ip netns exec test ping 127.0.0.1
PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.093 ms
64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.054 ms
^C
--- 127.0.0.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.054/0.073/0.093/0.021 ms


增加一对veth peer ,把veth1扔进namespace
[root@centos7 ~]# ip link add type veth
[root@centos7 ~]# 
[root@centos7 ~]# 
[root@centos7 ~]# ip link set veth1 netns test
[root@centos7 ~]# ip netns exec test ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
6: veth1@if5: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
    link/ether ba:3f:cf:12:23:5d brd ff:ff:ff:ff:ff:ff link-netnsid 0

查看配对的veth peer
[root@centos7 ~]# ethtool -S veth0
NIC statistics:
     peer_ifindex: 6
[root@centos7 ~]# ip netns exec test ethtool -S veth1
NIC statistics:
     peer_ifindex: 5


把namespace中的veth启动起来
[root@centos7 ~]# ip netns exec test ip link set veth1 up
[root@centos7 ~]# ip netns exec test ip a 
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
6: veth1@if5: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state LOWERLAYERDOWN qlen 1000
    link/ether ba:3f:cf:12:23:5d brd ff:ff:ff:ff:ff:ff link-netnsid 0


设置namespace里面的veth1的ip,和namespace外面的veth0的ip
[root@centos7 ~]# ip netns exec test ip addr add dev veth1 192.168.3.2/29
[root@centos7 ~]# ip route
default via 192.168.128.1 dev eth0 
192.168.122.0/24 dev virbr0  proto kernel  scope link  src 192.168.122.1 
192.168.128.0/20 dev eth0  proto kernel  scope link  src 192.168.139.55 
[root@centos7 ~]# ip addr add dev veth0 192.168.3.1/29
[root@centos7 ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 50:50:18:aa:80:17 brd ff:ff:ff:ff:ff:ff
    inet 192.168.139.55/20 brd 192.168.143.255 scope global dynamic eth0
       valid_lft 2823sec preferred_lft 2823sec
    inet6 fe80::5250:18ff:feaa:8017/64 scope link 
       valid_lft forever preferred_lft forever
3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN 
    link/ether 52:54:00:71:94:cc brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
4: virbr0-nic: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 500
    link/ether 52:54:00:71:94:cc brd ff:ff:ff:ff:ff:ff
5: veth0@if6: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
    link/ether be:ab:06:b0:59:fa brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 192.168.3.1/29 scope global veth0
       valid_lft forever preferred_lft forever


查看路由表
[root@centos7 ~]# ip route
default via 192.168.128.1 dev eth0 
192.168.122.0/24 dev virbr0  proto kernel  scope link  src 192.168.122.1 
192.168.128.0/20 dev eth0  proto kernel  scope link  src 192.168.139.55 


启动外面的veth0
[root@centos7 ~]# ip link set veth0 up
[root@centos7 ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 50:50:18:aa:80:17 brd ff:ff:ff:ff:ff:ff
    inet 192.168.139.55/20 brd 192.168.143.255 scope global dynamic eth0
       valid_lft 2788sec preferred_lft 2788sec
    inet6 fe80::5250:18ff:feaa:8017/64 scope link 
       valid_lft forever preferred_lft forever
3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN 
    link/ether 52:54:00:71:94:cc brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
4: virbr0-nic: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 500
    link/ether 52:54:00:71:94:cc brd ff:ff:ff:ff:ff:ff
5: veth0@if6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether be:ab:06:b0:59:fa brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 192.168.3.1/29 scope global veth0
       valid_lft forever preferred_lft forever
    inet6 fe80::bcab:6ff:feb0:59fa/64 scope link 
       valid_lft forever preferred_lft forever

再次查看路由表
[root@centos7 ~]# ip route
default via 192.168.128.1 dev eth0 
192.168.3.0/29 dev veth0  proto kernel  scope link  src 192.168.3.1 
192.168.122.0/24 dev virbr0  proto kernel  scope link  src 192.168.122.1 
192.168.128.0/20 dev eth0  proto kernel  scope link  src 192.168.139.55 
[root@centos7 ~]# ip netns exec test ip route
192.168.3.0/29 dev veth1  proto kernel  scope link  src 192.168.3.2 
[root@centos7 ~]# ping 192.168.3.2
PING 192.168.3.2 (192.168.3.2) 56(84) bytes of data.
64 bytes from 192.168.3.2: icmp_seq=1 ttl=64 time=0.091 ms
64 bytes from 192.168.3.2: icmp_seq=2 ttl=64 time=0.076 ms
^C
--- 192.168.3.2 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.076/0.083/0.091/0.011 ms


设置路由之后就通了
[root@centos7 ~]# 
[root@centos7 ~]# 
[root@centos7 ~]# ping 192.168.3.2
PING 192.168.3.2 (192.168.3.2) 56(84) bytes of data.
64 bytes from 192.168.3.2: icmp_seq=1 ttl=64 time=0.117 ms
64 bytes from 192.168.3.2: icmp_seq=2 ttl=64 time=0.073 ms
64 bytes from 192.168.3.2: icmp_seq=3 ttl=64 time=0.045 ms
64 bytes from 192.168.3.2: icmp_seq=4 ttl=64 time=0.050 ms
64 bytes from 192.168.3.2: icmp_seq=5 ttl=64 time=0.057 ms
^C
--- 192.168.3.2 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4000ms
rtt min/avg/max/mdev = 0.045/0.068/0.117/0.027 ms
[root@centos7 ~]# 


★★换另一个ssh终端

[root@centos7 ~]# ip netns exec test tcpdump -i veth1 -l
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on veth1, link-type EN10MB (Ethernet), capture size 65535 bytes
08:01:59.180834 IP 192.168.3.1 > centos7: ICMP echo request, id 4142, seq 1, length 64
08:01:59.180899 IP centos7 > 192.168.3.1: ICMP echo reply, id 4142, seq 1, length 64
08:02:00.181087 IP 192.168.3.1 > centos7: ICMP echo request, id 4142, seq 2, length 64
^C
10 packets captured
10 packets received by filter
0 packets dropped by kernel


[root@centos7 ~]# 
[root@centos7 ~]# 
[root@centos7 ~]# ip netns exec test ping 192.168.139.55
connect: Network is unreachable
[root@centos7 ~]# ip netns exec test ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
6: veth1@if5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether ba:3f:cf:12:23:5d brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 192.168.3.2/29 scope global veth1
       valid_lft forever preferred_lft forever
    inet6 fe80::b83f:cfff:fe12:235d/64 scope link 
       valid_lft forever preferred_lft forever



[root@centos7 ~]# ip netns exec test ip route
192.168.3.0/29 dev veth1  proto kernel  scope link  src 192.168.3.2 
[root@centos7 ~]# ip netns exec test ip route add default via 192.168.3.1
[root@centos7 ~]# 
[root@centos7 ~]# ip netns exec test ping 192.168.139.55
PING 192.168.139.55 (192.168.139.55) 56(84) bytes of data.
64 bytes from 192.168.139.55: icmp_seq=1 ttl=64 time=0.074 ms
^C
--- 192.168.139.55 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.074/0.074/0.074/0.000 ms
[root@centos7 ~]# 
分享到:
评论

相关推荐

Global site tag (gtag.js) - Google Analytics