文章概述
传统的网络已经无法满足业务快速扩张的需求,这些业务急需更加灵活,可扩展性更好以及操作更加简单的网络架构,在这样的网络大背景下,分段路由(Segment Routing,SR)应运而生,本文是利用LXD容器搭建OSPF协议控制下的SR路由网络拓扑
LXD
LXD可以看作是LXC的升级版。LXD的管理命令和LXC的管理命令大多相同。LXC起源于cgroup和namespaces,使得进程之间相互隔离,即进程虚拟化。LXC有一些缺点,比如无法有效支持跨主机之间的容器迁移、管理复杂。而LXD很好地解决了这些问题。LXC/LXD和docker不同的地方在于LXC/LXD中包含完整的操作系统。
SR路由器设置
SR路由
SR(Segment Routing),分段路由,是一种源路由技术,控制平面基于IGP路由协议扩展实现,转发层面基于MPLS转发网络实现,解决传统IP转发和MPLS转发的问题。SR路由基于现有协议进行扩展:扩展后的IGP/BGP具有标签分发能力,因此网络中无需其他任何标签分发协议,实现协议简化。通过设置SID,标记转发路径,指引报文的转发路径
网络拓扑图
要实现的网络拓扑图如下
配置网络拓扑
创建容器
创建所有的十四个容器
sudo lxc copy LxcMould LxcR1
sudo lxc copy LxcMould LxcR2
……
sudo lxc copy LxcMould LxcR14
查看当前的所有容器
lxc list
![[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-2hzcZXgE-1676454477191)(C:\Users\29973\AppData\Roaming\Typora\typora-user-images\image-20230109144951396.png)]](https://img-blog.csdnimg.cn/672cb8fb0c9f413b97a202d0c02d3767.png)
为了方便一键 启动/关闭 所有的容器,创建脚本
# 创建启动脚本
sudo vi StartAllLxc.sh
# 设置开启
lxc start LxcR1;
lxc start LxcR2;
lxc start LxcR3;
lxc start LxcR4;
lxc start LxcR5;
lxc start LxcR6;
lxc start LxcR7;
lxc start LxcR8;
lxc start LxcR9;
lxc start LxcR10;
lxc start LxcR11;
lxc start LxcR12;
lxc start LxcR13;
lxc start LxcR14;
创建关闭脚本
# 创建关机脚本
sudo vi StopAllLxc.sh
# 设置关闭
lxc stop LxcR1;
lxc stop LxcR2;
lxc stop LxcR3;
lxc stop LxcR4;
lxc stop LxcR5;
lxc stop LxcR6;
lxc stop LxcR7;
lxc stop LxcR8;
lxc stop LxcR9;
lxc stop LxcR10;
lxc stop LxcR11;
lxc stop LxcR12;
lxc stop LxcR13;
lxc stop LxcR14;
通过命令运行脚本来控制容器的开启和关闭
sudo bash StartAllLxc.sh
创建网桥
闯将网桥,注意要添加子网掩码
# r1的连接
lxc network create r1r2 ipv6.address=none ipv4.address=192.168.1.1/24;
lxc network create r1r3 ipv6.address=none ipv4.address=192.168.2.1/24;
lxc network create r1r4 ipv6.address=none ipv4.address=192.168.4.1/24;
# r2的连接
lxc network create r2r3 ipv6.address=none ipv4.address=192.168.3.1/24;
lxc network create r2r8 ipv6.address=none ipv4.address=192.168.9.1/24;
# r3的连接
lxc network create r3r6 ipv6.address=none ipv4.address=192.168.6.1/24;
# r4的连接
lxc network create r4r5 ipv6.address=none ipv4.address=192.168.5.1/24;
lxc network create r4r9 ipv6.address=none ipv4.address=192.168.11.1/24;
# r5的连接
lxc network create r5r6 ipv6.address=none ipv4.address=192.168.7.1/24;
lxc network create r5r7 ipv6.address=none ipv4.address=192.168.8.1/24;
# r6的连接
lxc network create r6r11 ipv6.address=none ipv4.address=192.168.13.1/24;
lxc network create r6r13 ipv6.address=none ipv4.address=192.168.17.1/24;
# r7的连接
lxc network create r7r8 ipv6.address=none ipv4.address=192.168.10.1/24;
# r8的连接
lxc network create r8r10 ipv6.address=none ipv4.address=192.168.12.1/24;
# r9的连接
lxc network create r9r12 ipv6.address=none ipv4.address=192.168.15.1/24;
lxc network create r9r14 ipv6.address=none ipv4.address=192.168.19.1/24;
# r10的连接
lxc network create r10r11 ipv6.address=none ipv4.address=192.168.14.1/24;
lxc network create r10r12 ipv6.address=none ipv4.address=192.168.16.1/24;
lxc network create r10r14 ipv6.address=none ipv4.address=192.168.20.1/24;
# r11被全部连接在其他路由器上
# r12的连接
lxc network create r12r13 ipv6.address=none ipv4.address=192.168.18.1/24;
# r13的连接
lxc network create r13r14 ipv6.address=none ipv4.address=192.168.21.1/24;
# r14被全部连接在其他路由器上
创建完毕即可查看当前所有网桥
ifconfig
![[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-aNIP0sog-1676454477192)(C:\Users\29973\AppData\Roaming\Typora\typora-user-images\image-20230109095237775.png)]](https://img-blog.csdnimg.cn/278979e32a6844c48da78b30822a005d.png)
连通网桥
将路由器之间通过网桥连通
# r1的连接
lxc network attach r1r2 LxcR1 eth0;
lxc network attach r1r3 LxcR1 eth1;
lxc network attach r1r4 LxcR1 eth2;
# r2的连接
lxc network attach r1r2 LxcR2 eth0;
lxc network attach r2r3 LxcR2 eht1;
lxc network attach r2r8 LxcR2 eth2;
# r3的连接
lxc network attach r1r3 LxcR3 eth0;
lxc network attach r2r3 LxcR3 eth1;
lxc network attach r3r6 LxcR3 eth2;
# r4的连接
lxc network attach r1r4 LxcR4 eth0;
lxc network attach r4r5 LxcR4 eth1;
lxc network attach r4r9 LxcR4 eth2;
# r5的连接
lxc network attach r4r5 LxcR5 eth0;
lxc network attach r5r6 LxcR5 eth1;
lxc network attach r5r7 LxcR5 eth2;
# r6的连接
lxc network attach r3r6 LxcR6 eth0;
lxc network attach r5r6 LxcR6 eth1;
lxc network attach r6r11 LxcR6 eth2;
lxc network attach r6r13 LxcR6 eth3;
# r7的连接
lxc network attach r5r7 LxcR7 eth0;
lxc network attach r7r8 LxcR7 eth1;
# r8的连接
lxc network attach r2r8 LxcR8 eth0;
lxc network attach r7r8 LxcR8 eth1;
lxc network attach r8r10 LxcR8 eth2;
# r9的连接
lxc network attach r4r9 LxcR9 eth0;
lxc network attach r9r12 LxcR9 eth1;
lxc network attach r9r14 LxcR9 eth2;
# r10的连接
lxc network attach r8r10 LxcR10 eth0;
lxc network attach r10r11 LxcR10 eth1;
lxc network attach r10r12 LxcR10 eth2;
lxc network attach r10r14 LxcR10 eth3;
# r11的连接
lxc network attach r6r11 LxcR11 eth0;
lxc network attach r10r11 LxcR11 eth1;
# r12的连接
lxc network attach r9r12 LxcR12 eth0;
lxc network attach r10r12 LxcR12 eth1;
lxc network attach r12r13 LxcR12 eth2;
# r13的连接
lxc network attach r6r13 LxcR13 eth0;
lxc network attach r12r13 LxcR13 eth1;
lxc network attach r13r14 LxcR13 eth2;
# r14的连接
lxc network attach r9r14 LxcR14 eth0;
lxc network attach r10r14 LxcR14 eth1;
lxc network attach r13r14 LxcR14 eth2;
分配地址及启动网卡
进入每个容器
lxc exec LxcR1 bash;
设置网卡ip,但由于eth0是默认网卡,我们需要先关闭,设置完毕之后再重新启动
# r1的连接
ip link set eth0 down;
ip addr add 192.168.1.1/24 dev eth0;
ip addr add 192.168.2.1/24 dev eth1;
ip addr add 192.168.4.1/24 dev eth2;
ip link set eth0 up;
ip link set eth1 up;
ip link set eth2 up;
其余容器仿照即可
固定IP地址
修改每个容器的相关配置文件,配置固定的IP地址
查看LxcR1容器中的起始网络配置内容
cat /etc/netplan/10-lxc.yaml
内容如下:
network:
version: 2
ethernets:
eth0:
dhcp4: true
dhcp-identifier: mac
修改相关配置文件
/etc/netplan/10-lxc.yaml
添加如下内容
# r1容器
network:
version: 2
ethernets:
eth0:
dhcp4: false
addresses: [192.168.1.1/24]
eth1:
dhcp4: false
addresses: [192.168.2.1/24]
eth2:
dhcp4: false
addresses: [192.168.4.1/24]
执行如下代码让网络生效
sudo netplan apply
其余容器仿照即可,至此,配置好了所有的网卡和接口,查看如下
293
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
