Shulou(Shulou.com)06/01 Report--

How to analyze macvlan network structure, for this problem, this article details the corresponding analysis and solution, hoping to help more small partners who want to solve this problem find a simpler and easier way.

Analysis of macvlan network structure

macvlan does not rely on Linux bridges, brctl show can confirm that no new bridges have been created.

Take a look at the network devices in container bbox1

In addition to lo, the container has only one eth0. Note the@if4 after eth0, which indicates that the interface has a corresponding interface with the global number 4. According to macvlan principles, we have reason to guess that this interface is the host enp0s9, confirmed as follows:

The eth0 of the container is the interface created by enp0s9 via macvlan. The interface of the container is directly connected to the NIC of the host. This scheme enables the container to communicate directly with the external network without NAT and port mapping (as long as there is a gateway), and is no different from other independent hosts on the network. The current network structure is shown in the figure below:

Implementation of multi-macvlan network with sub-interface

macvlan will monopolize the host network card, that is, a network card can only create a macvlan network, otherwise an error will be reported:

But the host network card number is limited, how to support more macvlan network?

Fortunately macvlan can connect not only to interfaces (such as enp0s9), but also to sub-interfaces (such as enp0s9.xxx).

VLAN is a network virtualization technology commonly used in modern networks. It can divide a physical Layer 2 network into up to 4094 logical networks. These logical networks are isolated on Layer 2. Each logical network (i.e. VLAN) is distinguished by VLAN ID, and VLAN ID values range from 1 to 4094.

Linux network cards can also support VLAN (apt-get install vlan), the same interface can send and receive multiple VLAN packets, but only if you want to create VLAN sub-interface.

For example, if you want enp0s9 to support both VLAN10 and VLAN20, you need to create sub-interfaces enp0s9.10 and enp0s9.20.

On the switch, if a port can only send and receive data from a single VLAN, the port is in Access mode. If it supports multiple VLANs, it is in Trunk mode. Therefore, the premise of the next experiment is:

ENP0S9 should be connected to the trunk port of the switch. However, we are using VirtualBox virtual machine, so no additional configuration is required.

If you want to learn more about Linux VLAN practices, see CloudMan's 5 Minutes a Day with OpenStack chapter.

The following demonstrates how to create macvlan networks on enp0s9.10 and enp0s9.20.

First edit/etc/network/interfaces for host1 and host2, configure sub-

auto enp0s9

iface enp0s9 inet manual

auto enp0s9.10

iface enp0s9.10 inet manual

vlan-raw-device enp0s9

auto enp0s9.20

iface enp0s9.20 inet manual

vlan-raw-device enp0s9

Then enable sub-interface:

ifup enp0s9.10

ifup enp0s9.20

Create macvlan network:

docker network create -d macvlan --subnet=172.16.10.0/24 --gateway=172.16.10.1 -o parent=enp0s9.10 mac_net10

docker network create -d macvlan --subnet=172.16.20.0/24 --gateway=172.16.20.1 -o parent=enp0s9.20 mac_net20

Run container in host1:

docker run -itd --name bbox1 --ip=172.16.10.10 --network mac_net10 busybox

docker run -itd --name bbox2 --ip=172.16.20.10 --network mac_net20 busybox

Run container in host2:

docker run -itd --name bbox3 --ip=172.16.10.11 --network mac_net10 busybox

docker run -itd --name bbox4 --ip=172.16.20.11 --network mac_net20 busybox

About how to carry out macvlan network structure analysis of the answer to the problem shared here, I hope the above content can be of some help to everyone, if you still have a lot of doubts not solved, you can pay attention to the industry information channel to learn more related knowledge.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.