- 添加两个平行空间
[root@Docker1 ~]# ip netns add namespaceA
[root@Docker1 ~]# ip netns add namespaceB
#注释:
#ip netns add为固定的添加格式
#namespaceA/namespace为平行空间的名称
- 开启平行空间的lo网卡
[root@Docker1 ~]# ip netns exec namespaceA ip link set dev lo up
[root@Docker1 ~]# ip netns exec namespaceB ip link set dev lo up
#验证以下有没有开启成功
#验证namespaceA是否开启成功
[root@Docker1 ~]# ip netns exec namespaceA ping 127.0.0.1
PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.071 ms
64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.031 ms
64 bytes from 127.0.0.1: icmp_seq=3 ttl=64 time=0.030 ms
--- 127.0.0.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.030/0.044/0.071/0.019 ms
#验证namespaceB是否开启成功
[root@Docker1 ~]# ip netns exec namespaceB ping 127.0.0.1
PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.069 ms
64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.031 ms
64 bytes from 127.0.0.1: icmp_seq=3 ttl=64 time=0.030 ms
--- 127.0.0.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 0.030/0.043/0.069/0.018 ms
- 创建两对网卡
#将veth0和veth1连接
[root@Docker1 ~]# ip link add veth0 type veth peer name veth1
#将veth2和veth3连接
[root@Docker1 ~]# ip link add veth2 type veth peer name veth3
#查看有没有成功
[root@Docker1 ~]# ip a
……
link/ether 52:54:00:a1:e1:bf brd ff:ff:ff:ff:ff:ff
5: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:6a:5a:9a:ba brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
6: veth1@veth0: <BROADCAST,MULTICAST,M-DOWN> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 42:3d:23:0b:6d:d3 brd ff:ff:ff:ff:ff:ff
7: veth0@veth1: <BROADCAST,MULTICAST,M-DOWN> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 16:7b:1b:ef:3a:04 brd ff:ff:ff:ff:ff:ff
8: veth3@veth2: <BROADCAST,MULTICAST,M-DOWN> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 2a:02:be:39:19:ac brd ff:ff:ff:ff:ff:ff
9: veth2@veth3: <BROADCAST,MULTICAST,M-DOWN> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 3e:eb:80:06:b7:57 brd ff:ff:ff:ff:ff:ff
- 将网卡添加到平行空间中
#将veth1添加到namespaceA中
[root@Docker1 ~]# ip link set veth1 netns namespaceA
#将veth3添加到namespaceB中
[root@Docker1 ~]# ip link set veth3 netns namespaceB
#验证是否成功
#验证namespaceA是否添加成功
[root@Docker1 ~]# ip netns exec namespaceA ip a
……
6: veth1@if7: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 42:3d:23:0b:6d:d3 brd ff:ff:ff:ff:ff:ff link-netnsid 0
#验证namespaceB是否添加成功
[root@Docker1 ~]# ip netns exec namespaceB ip a
……
8: veth3@if9: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 2a:02:be:39:19:ac brd ff:ff:ff:ff:ff:ff link-netnsid 0
- 给这两对网卡分别设置IP、网关
#####给物理机的两个网卡设置分别设置IP#####
[root@Docker1 ~]# ifconfig veth0 10.1.1.1/24
[root@Docker1 ~]# ifconfig veth2 20.1.1.1/24
#验证IP是否设置成功
#验证veth0的IP
[root@Docker1 ~]# ip a | grep veth0
7: veth0@if6: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state LOWERLAYERDOWN group default qlen 1000
inet 10.1.1.1/24 brd 10.1.1.255 scope global veth0
#验证veth2的IP
[root@Docker1 ~]# ip a | grep veth2
9: veth2@if8: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state LOWERLAYERDOWN group default qlen 1000
inet 20.1.1.1/24 brd 20.1.1.255 scope global veth2
#####给两个平行空间设置IP#####
[root@Docker1 ~]# ip netns exec namespaceA ifconfig veth1 10.1.1.2/24 up
[root@Docker1 ~]# ip netns exec namespaceB ifconfig veth3 20.1.1.2/24 up
#验证平行空间的IP是否设置成功
#验证namespaceA平行空间中的veth1的IP是否成功
[root@Docker1 ~]# ip netns exec namespaceA ip a | grep veth1
6: veth1@if7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
inet 10.1.1.2/24 brd 10.1.1.255 scope global veth1
#验证namespaceB平行空间中的veth3的IP是否成功
[root@Docker1 ~]# ip netns exec namespaceB ip a | grep veth3
8: veth3@if9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
inet 20.1.1.2/24 brd 20.1.1.255 scope global veth3
#####给两个平行空间设置网关#####
[root@Docker1 ~]# ip netns exec namespaceA route add default gw 10.1.1.1
[root@Docker1 ~]# ip netns exec namespaceB route add default gw 20.1.1.1
#验证平行空间中的网关是否这只成功
#验证namespaceA平行空间中的网关是否设置成功
[root@Docker1 ~]# ip netns exec namespaceA route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.1.1.1 0.0.0.0 UG 0 0 0 veth1
10.1.1.0 0.0.0.0 255.255.255.0 U 0 0 0 veth1
#验证namespaceB平行空间中的网关是否设置成功
[root@Docker1 ~]# ip netns exec namespaceB route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 20.1.1.1 0.0.0.0 UG 0 0 0 veth3
20.1.1.0 0.0.0.0 255.255.255.0 U 0 0 0 veth3
- 在物理机中添加路由转发规则
[root@Docker1 ~]# vim /etc/sysctl.conf
#末行处添加路由转发规则
net.ipv4.ip_forward = 1
[root@Docker1 ~]# sysctl -p #让路由转发规则生效
net.ipv4.ip_forward = 1
- 验证
#验证namespaceA平行空间是否能ping通namespaceB平行空间的IP
[root@Docker1 ~]# ip netns exec namespaceA ping 20.1.1.2
PING 20.1.1.2 (20.1.1.2) 56(84) bytes of data.
64 bytes from 20.1.1.2: icmp_seq=1 ttl=63 time=0.187 ms
64 bytes from 20.1.1.2: icmp_seq=2 ttl=63 time=0.048 ms
64 bytes from 20.1.1.2: icmp_seq=3 ttl=63 time=0.049 ms
--- 20.1.1.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 0.048/0.094/0.187/0.066 ms
#验证namespaceB平行空间是否能ping通namespaceA平行空间的IP
[root@Docker1 ~]# ip netns exec namespaceB ping 10.1.1.2
PING 10.1.1.2 (10.1.1.2) 56(84) bytes of data.
64 bytes from 10.1.1.2: icmp_seq=1 ttl=63 time=0.078 ms
64 bytes from 10.1.1.2: icmp_seq=2 ttl=63 time=0.050 ms
64 bytes from 10.1.1.2: icmp_seq=3 ttl=63 time=0.051 ms
--- 10.1.1.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.050/0.059/0.078/0.015 ms
版权声明:本文为m0_47338241原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接和本声明。