组网图:
组网脚本:
1 # Create logical switch dmz 2 ovn-nbctl ls-add dmz 3 ovn-nbctl lsp-add dmz dmz-vm10 4 ovn-nbctl lsp-set-addresses dmz-vm10 "02:ac:10:ff:01:30 172.16.255.130" 5 ovn-nbctl lsp-set-port-security dmz-vm10 "02:ac:10:ff:01:30 172.16.255.130" 6 7 # Create set dhcp service 8 dmzDhcp="$(ovn-nbctl create DHCP_Options cidr=172.16.255.128/26 9 options=""server_id"="172.16.255.129" "server_mac"="02:ac:10:ff:01:29" 10 "lease_time"="3600" "router"="172.16.255.129"")" 11 ovn-nbctl lsp-set-dhcpv4-options dmz-vm10 $dmzDhcp 12 13 # Create logical router 14 ovn-nbctl lr-add tenant1 15 ovn-nbctl lrp-add tenant1 tenant1-dmz 02:ac:10:ff:01:29 172.16.255.129/26 16 ovn-nbctl lsp-add dmz dmz-tenant1 17 ovn-nbctl lsp-set-type dmz-tenant1 router 18 ovn-nbctl lsp-set-addresses dmz-tenant1 02:ac:10:ff:01:29 19 ovn-nbctl lsp-set-options dmz-tenant1 router-port=tenant1-dmz 20 ovn-nbctl set Logical_Router tenant1 options:chassis=$chassis_id 21 22 # Creaet instance in namespace 23 ovs-vsctl add-port br-int vm10 -- set interface vm10 type=internal 24 ip link set vm10 address 02:ac:10:ff:01:30 25 ip netns add vm10 26 ip link set vm10 netns vm10 27 ovs-vsctl set Interface vm10 external_ids:iface-id=dmz-vm10 28 ip netns exec vm10 dhclient vm10 29 ip netns exec vm10 ip addr show vm10 30 ip netns exec vm10 ip route show 31 32 # Create outside switch connecting tenant1 router 33 ovn-nbctl lrp-add tenant1 tenant1-outside 02:0a:7f:00:01:29 192.168.80.100/24 34 ovn-nbctl ls-add outside 35 ovn-nbctl lsp-add outside outside-tenant1 36 ovn-nbctl lsp-set-type outside-tenant1 router 37 ovn-nbctl lsp-set-addresses outside-tenant1 02:0a:7f:00:01:29 38 ovn-nbctl lsp-set-options outside-tenant1 router-port=tenant1-outside 39 40 # Create provider bridge attached eth1 41 ovs-vsctl add-br br-eth1 42 ovs-vsctl add-port br-eth1 eth1 43 44 # Create bridge mapping for eth1. map network name "dataNet" to br-eth1 45 ovs-vsctl set Open_vSwitch . external-ids:ovn-bridge-mappings=dataNet:br-eth1 46 47 # Create localnet port on 'outside'. set the network name to "dataNet" 48 ovn-nbctl lsp-add outside outside-localnet 49 ovn-nbctl lsp-set-addresses outside-localnet unknown 50 ovn-nbctl lsp-set-type outside-localnet localnet 51 ovn-nbctl lsp-set-options outside-localnet network_name=dataNet 52 53 # Create NAT rule 54 ovn-nbctl -- --id=@nat create nat type="snat" logical_ip=172.16.255.128/26 external_ip=192.168.80.100 -- add logical_router tenant1 nat @nat