本期重点 ipip 技术
确认内核模块加载
[root@kuberspary ~]# modprobe ipip [root@kuberspary ~]# lsmod |grep ipip ipip 13465 0 tunnel4 13252 1 ipip ip_tunnel 25163 1 ipip
添加两个 ns
ip netns add ns1
ip netns add ns2
添加 2对 veth 并设置ip
ip link add v1 type veth peer name v1_p1 ip link add v2 type veth peer name v2_p1 ip a ip addr add 10.0.10.1/24 dev v1 ip addr add 10.0.20.1/24 dev v2 ip link set v1 up
ip link set v2 up ip addr add 10.0.20.2/24 dev v2_p1 ip addr add 10.0.10.2/24 dev v1_p1 ip link set v1_p1 netns ns1 ip link set v2_p1 netns ns2
ip link set v1_p1 up
ip link set v2_p1 up
添加静态路由
ip netns exec ns2 route add -net 10.0.10.0 netmask 255.255.255.0 gateway 10.0.20.1 ip netns exec ns1 route add -net 10.0.20.0 netmask 255.255.255.0 gateway 10.0.10.1 ip netns exec ns1 route -n ip netns exec ns1 ping 10.0.20.2 ip netns exec ns1 ping 10.0.20.1
添加隧道
ip netns exec ns1 ip tunnel add ip netns exec ns1 ip tunnel add tun1 mode ipip remote 10.0.20.2 local 10.0.10.2 ip netns exec ns1 ip link set tun1 up ip netns exec ns1 ip addr add 10.0.100.10 peer 10.0.200.10 dev tun1 ip netns exec ns2 ip tunnel add tun2 mode ipip remote 10.0.10.2 local 10.0.20.2 ip netns exec ns2 ip link set tun2 up ip netns exec ns2 ip addr add 10.0.200.10 peer 10.0.100.10 dev tun2 ip netns exec ns2 ping 10.0.100.10