Upload
doankhuong
View
312
Download
2
Embed Size (px)
Citation preview
virtual network switch
NAT allows outbound VM connections, but no inbound VM connections
virbr0
vnet0 vnet1 vnet2
virt host 1 virt host 2 virt host 3
virt NIC virt NIC virt NIC
eth0 NAT
iptables
192.168.122.xxx192.168.122.xxx192.168.122.xxx
local DNS & DHCP services provided
DNS & DHCP
switch
unRAID v6.1 : bridging
unRAID v6.1: all available physical interfaces join the bridge
br0
vnet0 vnet1 vnet2
virt host 1 virt host 2 virt host 3
virt NIC virt NIC virt NIC
eth0
eth1
switch
potential loop when morethan one physical interfacejoins the bridge.requires STP to be enabled
Use case: bridging
br0
vnet0 vnet1 vnet2
virt host 1 virt host 2 virt host 3
virt NIC virt NIC virt NIC
eth0
switch
Use case: bonding + bridging
May require a switch with aggregation capabilities
vnet0 vnet1 vnet2
virt host 1 virt host 2 virt host 3
virt NIC virt NIC virt NIC
switch bond0
eth0
eth1br0
Use case: physical segregation
br0 br1
vnet0 vnet1 vnet2
virt host 1 virt host 2 virt host 3
virt NIC virt NIC virt NIC
eth1
switch
switcheth0
A B
A B
Use case: logical segregation
Requires a switch with trunking capabilities
vnet0 vnet1 vnet2
virt host 1 virt host 2 virt host 3
virt NIC virt NIC virt NIC
br0.2eth0
br0
switch
A
B
A B
Use case: bonding + physical segregation
May require a switch with aggregation capabilities
vnet0 vnet1 vnet2
virt host 1 virt host 2 virt host 3
virt NIC virt NIC virt NIC
br0 eth2br2
switch
switchbond0
eth0
eth1
A B
A B
Use case: bonding + logical segregation
Requires a switch with aggregation and trunking capabilities
bond0
vnet0 vnet1 vnet2
virt host 1 virt host 2 virt host 3
virt NIC virt NIC virt NIC
eth0
eth1
switch
A
B
A B
br0.2
br0
VyOS router with Internet / LAN / DMZ
Requires a switch with trunking capabilities
br1
vnet1
eth1eth0
vnet2
br0.2
br0
vnet0
VyOSrouter
virt NIC
Inte
rnet
LAN
+ DM
Z
Use case: v-switch passthrough
vnet0 vnet1 vnet2
virt host 1 virt host 2 virt host 3
virt NIC virt NIC virt NIC
eth1
switch eth0 br0
Docker bridge mode
NAT allows outbound connections, but only port assigned inbound connectionsEach container can use any number for container ports; host ports must be unique
docker0
vethX vethX vethX
container container container
virt NIC virt NIC
eth0 NAT
iptables
172.17.0.xxx172.17.0.xxx172.17.0.xxx
local DNS & DHCP services provided
DNS & DHCP
switch
Containerport
Hostport
11
12
13
virt NIC
port 1 port 1 port 1
172.17.0.1
Docker host mode
Containers have native access to the host network interfaceEach container must use unique host port numbers
docker
container container container
port 2 port 3
eth0
switch
port 1