[svc]linux下网桥-docker网桥

网桥和交换机

2口交换机=网桥

交换机: 工作在数据链路层,根据源mac学习(控制层),目的mac转发(数据层).

linux的网卡

vmware workstation中的桥接

参考: http://blog.daocloud.io/docker-bridge/

docker0的桥接

参考: http://blog.daocloud.io/docker-bridge/

网桥操作工具

yum install bridge-utils -y

如果需要使用网桥模式,需要关掉NetworkManager服务

systemctl stop NetworkManager
systemctl disable NetworkManager

两张网卡放在一个bro下

我们已经知道了br网卡是虚拟网桥,相当于一个交换机,可以把eth0接入 eth1接入

实现如图

方法1: 命令行配置

- 添加br0
brctl addbr br0

- 将eth0连到br0
brctl addif br0 eth0
brctl addif br0 eth1

- 清理eth0的地址-这里有点问题吧
ifconfig eth0  0.0.0.0

- 配置br0的地址
ifconfig br0 192.168.1.10 netmask 255.255.255.0 up   # 我发现这样可以添加回环口

brctl addif br0 ath0

方法2: 持久化配置

参考: http://www.solutionsatexperts.com/how-to-create-a-bridge-interface-on-rhelcentos/

- 规划
Combine eth1 and eth2 physical interfaces and create a virtual interface br0, assign IP to it.
eth1       : No IP
eth2       : No IP

Note: eth1 and eth2 connect to same physical layer / media.
br0        – > eth1
           – > eth2

Note: br0 is a virtual interface mapped to eth0 and eth1

br0        – > 192.168.1.10
Netmask    – > 255.255.255.0
Gateway    – > 192.168.1.1
DNS        – > 8.8.8.8

- 操作步骤
Step 1:  Disable Network Manager
Step 2:  Create virtual interface br0
Step 3:  Configure Physcial interfaces eth1 and eth2
Step 4:  Restart network service and verify network settings

Step 1:  Disable Network Manager
systemctl stop NetworkManager    # 网卡开启桥接模式需要关掉NetworkManager

Step 2:  Create virtual interface br0
Add ifcfg-br0 file under /etc/sysconfig/network-script/

#vi /etc/sysconfig/network-scripts/ifcfg-br0
DEVICE=br0
TYPE=Bridge
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.1.10
NETMASK=255.255.254.0
GATEWAY=192.168.1.1
DNS1=114.114.114.114
DNS2=8.8.8.8

Save & Exit(:wq)

Step 3:  Configure Physcial interfaces eth1 and eth2
vi /etc/sysconfig/network-script/ifcfg-eth1
DEVICE=eth1
BOOTPROTO=static
ONBOOT=yes
BRIDGE=br0
TYPE=Ethernet

Save & Exit (:wq)

Step 4:  Restart network service and verify network settings
Restart the network services
# systemctl restart network

Verify network settings
# ifconfig -a

需求一台pc要通过另一台两口的linux上网

这里要理解,两个网桥之间交互数据: 查路由表(或者nat)

思路其实很简单：

• 1.就是将虚拟出一个bridge口
• 2.将对应的有线LAN和无线LAN都绑定在这个虚拟bridge口上，并给这个bridge口分配一个地址
• 3.其他子网微机配置网关为bridge口的地址便可以了。
• 4.当然，因为是设备是网关模式，路由和nat也是必须的了。

源地址转换

iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to 192.168.1.10

brctl命令

$ docker run -itd --name=b1 busybox

$ brctl show
bridge name	bridge id		STP enabled	interfaces
docker0		8000.0242fb188161	no		veth0a226d0

$ docker run -itd --name=b2 busybox
$ brctl show
bridge name	bridge id		STP enabled	interfaces
docker0		8000.0242fb188161	no		veth0a226d0
                                        vethd9de1b2

$ brctl show
show      showmacs  showstp

- 看到容器的mac地址,docker0这个交换机下接了2个
$ brctl showmacs docker0
port no	mac addr		is local?	ageing timer
  1	02:42:ac:11:00:02	no		   2.36

$ docker exec -it b1 ip ad
14: eth0@if15: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
    link/ether 02:42:ac:11:00:02

linux下回环口的配置

参考: 虚拟网卡添加: http://blog.csdn.net/yydcj/article/details/8447567

http://www.centoscn.com/image-text/config/2016/1113/8145.html

也可以只通过添加br0并给设置地址的方式,设置回环口.

ifconfig lo 130.0.0.1