热门标签
热门文章
- 1GFP-GAN论文阅读笔记
- 2OpenSora初体验_opensora环境配置
- 3LLMs:大型语言模型进化树结构图之模型(BERT-style/GPT-style)、数据(预训练数据/微调数据/测试数据)、NLP任务(五大任务+效率+可信度+基准指令调优+对齐)、三大类模型的使用_gpt进化树
- 4【机器学习基础】特征选择的Python实现(全)
- 5GCC编译输出中text,data,bss和dec的含义_text data bss dec
- 6【云原生之Docker实战】使用docker部署yesplaymusic个人音乐播放器_docker音乐播放器
- 7找工作经验贴之3_德州仪器 面试
- 8微信小程序routeDone错误问题_routedone with a webviewid 2 that is not the curre
- 9基于Vite4.x+Vue3+VEPlus+Pinia搭建轻量级管理后台模板ViteAdmin_ve-plus
- 10【鸿蒙应用开发系列】- 获取系统设备信息以及版本API兼容调用方式_鸿蒙 获取设备信息
当前位置: article > 正文
SDN手动实现DHCP和路由功能_电脑手动获取sdn
作者:花生_TL007 | 2024-03-24 20:37:03
赞
踩
电脑手动获取sdn
一 实验目的
本文旨在通过自己搭建类似neutron (openvswitch + gre) 实现SDN 的环境,学习了解其工作原理,模拟核心原理,比如:同一租户自定义网络 instance 互通,手动为instance 分配 floating ip 等相关内容。
二 实验原理图
三 实验要求
SDN手动实现DHCP和路由功能
四 DHCP配置
在network1节点上操作
1 添加一个namespace,dhcp01用于隔离租户网络
[root@computer1 ~]# ip netns add dhcp01
2 为私有网络192.168.1.0/24 ,在命名空间dhcp01 中 创建dhcp 服务
[root@network1 ~]# ovs-vsctl add-port br-int tapdhcp01 -- set interface tapdhcp01 type=internal
[root@network1 ~]# ovs-vsctl set port tapdhcp01 tag=100
[root@network1 ~]# ip link set tapdhcp01 netns dhcp01
[root@network1 ~]# ip netns exec dhcp01 ip addr add 192.168.1.2/24 dev tapdhcp01[root@network1 ~]# ip netns exec dhcp01 ip link set tapdhcp01 up
3 查看DHCP
4 检查网络是否连通,在dhcp01 namespace 访问instance1 和 instance2
[root@network1 ~]# ip netns exec dhcp01 ping 192.168.1.12
PING 192.168.1.12 (192.168.1.12) 56(84) bytes of data.
64 bytes from 192.168.1.12: icmp_seq=1 ttl=64 time=5.30 ms
64 bytes from 192.168.1.12: icmp_seq=2 ttl=64 time=0.629 ms
^C
--- 192.168.1.12 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1891ms
rtt min/avg/max/mdev = 0.629/2.965/5.302/2.337 ms
[root@network1 ~]# ip netns exec dhcp01 ping 192.168.1.11
PING 192.168.1.11 (192.168.1.11) 56(84) bytes of data.
64 bytes from 192.168.1.11: icmp_seq=1 ttl=64 time=2.61 ms
64 bytes from 192.168.1.11: icmp_seq=2 ttl=64 time=0.237 ms
64 bytes from 192.168.1.11: icmp_seq=3 ttl=64 time=0.205 ms
^C
--- 192.168.1.11 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2234ms
rtt min/avg/max/mdev = 0.205/1.018/2.612/1.127 ms
5 
五 路由功能
在network1节点上操作
1 添加br-ex
[root@network1 ~]# ovs-vsctl add-br br-ex
2 重新配置eth1 和 br-ex
vi /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
ONBOOT=yes
BOOTPROTO=none
PROMISC=yes
MTU=1546
vi /etc/sysconfig/network-scripts/ifcfg-br-ex
DEVICE=br-ex
TYPE=Bridge
ONBOOT=yes
BOOTPROTO=none
IPADDR0=172.16.0.201
PREFIX0=24
3 重新启动网络
[root@network1 ~]# ovs-vsctl add-port br-ex eth1 && service network restart
Shutting down interface br-ex: [ OK ]
Shutting down interface eth0: [ OK ]
Shutting down interface eth1: [ OK ]
Shutting down interface eth2: [ OK ]
Shutting down interface eth3: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0: Determining if ip address 10.20.0.201 is already in use for device eth0...
[ OK ]
Bringing up interface eth1: RTNETLINK answers: Invalid argument
[ OK ]
Bringing up interface eth2: Determining if ip address 192.168.4.201 is already in use for device eth2...
[ OK ]
Bringing up interface eth3:
Determining IP information for eth3... done.
[ OK ]
Bringing up interface br-ex: device br-ex already exists; can't create bridge with the same name
[FAILED]
4 给br-ex绑定一个IP
[root@network1 ~]# ip addr add 172.16.0.201/24 dev br-ex
5 检查是否可以ping通该IP
[root@network1 ~]# ping 172.16.0.201
PING 172.16.0.201 (172.16.0.201) 56(84) bytes of data.
64 bytes from 172.16.0.201: icmp_seq=1 ttl=64 time=0.019 ms
64 bytes from 172.16.0.201: icmp_seq=2 ttl=64 time=0.030 ms
^C
--- 172.16.0.201 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1841ms
rtt min/avg/max/mdev = 0.019/0.024/0.030/0.007 ms
6 添加一个namespace,router01 用于路由和floating ip 分配
[root@network1 ~]# ip netns add router01
7 在br-int添加一个接口,作为私有网络192.168.1.0/24的网关
[root@network1 ~]# ovs-vsctl add-port br-int qr01 -- set interface qr01 type=internal
ip link set lo up[root@network1 ~]# ovs-vsctl set port qr01 tag=100
[root@network1 ~]#
[root@network1 ~]# ip link set qr01 netns router01
[root@network1 ~]# ip netns exec router01 ip addr add 192.168.1.1/24 dev qr01
[root@network1 ~]# ip netns exec router01 ip link set qr01 up
[root@network1 ~]# ip netns exec router01 ip link set lo up
8 在br-ex中添加一个接口,用于私网192.168.1.0/24设置下一跳地址
[root@network1 ~]# ovs-vsctl add-port br-ex qg01 -- set interface qg01 type=internal
[root@network1 ~]# ip link set qg01 netns router01
[root@network1 ~]# ip netns exec router01 ip addr add 172.16.0.100/24 dev qg01
[root@network1 ~]# ip netns exec router01 ip link set qg01 up
[root@network1 ~]# ip netns exec router01 ip link set lo up
9 查看router01命名空间
10 router01命名空间下测试ping,私有网和外网分别ping
[root@network1 ~]# ip netns exec router01 ping 192.168.1.11
PING 192.168.1.11 (192.168.1.11) 56(84) bytes of data.
64 bytes from 192.168.1.11: icmp_seq=1 ttl=64 time=3.20 ms
64 bytes from 192.168.1.11: icmp_seq=2 ttl=64 time=0.280 ms
64 bytes from 192.168.1.11: icmp_seq=3 ttl=64 time=0.393 ms
^C
--- 192.168.1.11 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2026ms
rtt min/avg/max/mdev = 0.280/1.292/3.204/1.352 ms
[root@network1 ~]# ip netns exec router01 ping 192.168.1.12
PING 192.168.1.12 (192.168.1.12) 56(84) bytes of data.
64 bytes from 192.168.1.12: icmp_seq=1 ttl=64 time=1.36 ms
64 bytes from 192.168.1.12: icmp_seq=2 ttl=64 time=0.245 ms
^C
--- 192.168.1.12 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1894ms
rtt min/avg/max/mdev = 0.245/0.803/1.361/0.558 ms
[root@network1 ~]# ip netns exec router01 ping 172.16.0.202
PING 172.16.0.202 (172.16.0.202) 56(84) bytes of data.
64 bytes from 172.16.0.202: icmp_seq=1 ttl=64 time=2.40 ms
64 bytes from 172.16.0.202: icmp_seq=2 ttl=64 time=0.253 ms
64 bytes from 172.16.0.202: icmp_seq=3 ttl=64 time=0.612 ms
^C
--- 172.16.0.202 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2135ms
rtt min/avg/max/mdev = 0.253/1.088/2.400/0.939 ms
11 root命名空间ping router01命名空间中的IP
[root@network1 ~]# ping 172.16.0.100
PING 172.16.0.100 (172.16.0.100) 56(84) bytes of data.
64 bytes from 172.16.0.100: icmp_seq=1 ttl=63 time=3.00 ms
64 bytes from 172.16.0.100: icmp_seq=2 ttl=63 time=0.834 ms
^C
--- 172.16.0.100 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1927ms
rtt min/avg/max/mdev = 0.834/1.917/3.000/1.083 ms
12 模拟分配floating ip 访问instance1
为instance1 192.168.1.11 分配floating ip,172.16.0.101
[root@network1 ~]# ip netns exec router01 ip addr add 172.16.0.101/32 dev qg01
[root@network1 ~]# ip netns exec router01 iptables -t nat -A OUTPUT -d 172.16.0.101/32 -j DNAT --to-destination 192.168.1.11
at -A POSTROUTING -s 192.168.1.11/32 -j SNAT --to-source 172.16.0.101
ip netns exec router01 iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j SNAT --to-source 172.16.0.100[root@network92.168.1.11tns exec router01 iptables -t nat -A PREROUTING -d 172.16.0.101/32 -j DNAT --to-destination 1
[root@network1 ~]# ip netns exec router01 iptables -t nat -A POSTROUTING -s 192.168.1.11/32 -j SNAT --to-source 172.16.0.101
[root@network1 ~]# ip netns exec router01 iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j SNAT --to-source 172.16.0.100
13 查看路由
[root@network1 ~]# ip netns exec router01 iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DNAT all -- anywhere 172.16.0.101 to:192.168.1.11
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
SNAT all -- 192.168.1.11 anywhere to:172.16.0.101
SNAT all -- 192.168.1.0/24 anywhere to:172.16.0.100
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
DNAT all -- anywhere 172.16.0.101 to:192.168.1.11
14 测试
- [root@network1 ~]# ping 172.16.0.101
- PING 172.16.0.101 (172.16.0.101) 56(84) bytes of data.
- 64 bytes from 172.16.0.101: icmp_seq=1 ttl=62 time=2.12 ms
- 64 bytes from 172.16.0.101: icmp_seq=2 ttl=62 time=2.69 ms
- 64 bytes from 172.16.0.101: icmp_seq=3 ttl=62 time=1.13 ms
- 64 bytes from 172.16.0.101: icmp_seq=4 ttl=62 time=0.740 ms
- 64 bytes from 172.16.0.101: icmp_seq=5 ttl=62 time=1.45 ms
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/花生_TL007/article/detail/304716
推荐阅读
相关标签
