(Docker) (v0.5)

Mar. 2017

NAIM Networks, Inc.james@naimnetworks.com

2Copyright ⓒ 2016 by NAIM Networks, Inc. All rights reserved.

3Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

4Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

5Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

6Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

7Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

8Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

9Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

10Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

11Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

12Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

13Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

14Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

15Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

16Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

17Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

18Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

19Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

20Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

21Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

docker 0

22Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

Port 8080

Ping 8.8.8.8

23Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

24Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

25Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

26Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

27Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

28Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

29Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

30Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

31Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

32Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

33Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

34Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

35Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

36Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

37Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

38Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

39Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

40Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

41Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

42Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

43Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

44Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

45Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

46Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

47Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

48Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

49Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

50Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

51Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

52Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

53Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

# macvlan$ docker network create -d macvlan \

--subnet=192.168.0.0/16 \—-ip-range=192.168.41.0/24 \--aux-address="favorite_ip_ever=192.168.41.2" \--gateway=192.168.41.1 \-o parent=eth0.41 macnet41

# , aux

# macvlan$ docker run --net=macnet41 -it --rm alpine /bin/sh

# (Docker Host) Frontend / Backend / Credit Card parent

, VLAN ID .

54Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

55Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

56Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

57Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

58Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

59Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

60Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

61Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

62Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

63Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

64Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

65Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

66Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

67Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

68Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

69Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

70Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

71Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

72Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

73Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

74Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

75Copyright ⓒ 2015 by NAIM Networks, Inc. All rights reserved.

76Copyright ⓒ 2016 by NAIM Networks, Inc. All rights reserved.

77Copyright ⓒ 2016 by NAIM Networks, Inc. All rights reserved.

78Copyright ⓒ 2016 by NAIM Networks, Inc. All rights reserved.

79Copyright ⓒ 2016 by NAIM Networks, Inc. All rights reserved.

80Copyright ⓒ 2016 by NAIM Networks, Inc. All rights reserved.

81Copyright ⓒ 2016 by NAIM Networks, Inc. All rights reserved.

82Copyright ⓒ 2016 by NAIM Networks, Inc. All rights reserved.

83Copyright ⓒ 2016 by NAIM Networks, Inc. All rights reserved.

84Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

85Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

86Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

87Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

88Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

89Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

90Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

91Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

# ovs-vsctl add-br br0

# ovs-vsctl add-port br0 ovsbr0p1 -- set interface ovsbr0p1 type=internal

# ifconfig ovsbr0p1 192.168.50.1 netmask 255.255.255.0 up

# iptables -t nat -A POSTROUTING -s 192.168.50.0/24 -j MASQUERADE

# ovs-vsctl add-br br0

# ovs-vsctl add-port br0 ovsbr0p1 -- set interface ovsbr0p1 type=internal

# ifconfig ovsbr0p1 192.168.50.1 netmask 255.255.255.0 up

# iptables -t nat -A POSTROUTING -s 192.168.50.0/24 -j MASQUERADE

# docker run --name=c1 --net=none -d -i -t base /bin/bash# docker run --name=c1 --net=none -d -i -t base /bin/bash

92Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

# pid=`docker inspect --format '{{ .State.Pid }}' $1`

# ln -s /proc/$pid/ns/net /var/run/netns/c1

# pid=`docker inspect --format '{{ .State.Pid }}' $1`

# ln -s /proc/$pid/ns/net /var/run/netns/c1

# ip netns exec c1 ip link set dev peertapc1 name eth0

# ip netns exec c1 ip link set eth0 up

# ip netns exec c1 ip addr add 172.27.0.2/24 dev eth0

# ip netns exec c1 ip route add default via 172.27.0.1

# ip netns exec c1 ip link set dev peertapc1 name eth0

# ip netns exec c1 ip link set eth0 up

# ip netns exec c1 ip addr add 172.27.0.2/24 dev eth0

# ip netns exec c1 ip route add default via 172.27.0.1

# ip link add tapc1 type veth peer name peertapc1

# ip link set peertapc1 netns c1

# ip link add tapc1 type veth peer name peertapc1

# ip link set peertapc1 netns c1

# ifconfig tapc1 up

# ovs-vsctl add-port br0 tapc1

# ifconfig tapc1 up

# ovs-vsctl add-port br0 tapc1

93Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

94Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

95Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

96Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

ovs-vsctl add-br tech-br

ovs-vsctl add-port tech-brtep0 -- set interface tep0

type=internalovs-vsctl add-port sdn-br0 gre0 --

set interface gre0 type=greoptions:remote_ip:1.1.1.1

pipework sdn-br0 $container_id192.168.0.3/24

ovs-vsctl add-br sdn-br0

1.1.1.1/24 2.2.2.2/24

192.168.1.2/24

192.168.0.3/24192.168.0.2/24192.168.0.1/24 192.168.0.4/24

ifconfig tep0 192.168.1.1 netmask 255.255.255.0

pipework sdn-br0 $container_id192.168.0.4/24

192.168.1.1/24

ovs-vsctl set bridge sdn-br0 stp_enable=true

GRE /

97Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.

Copyright ⓒ 2015 by NAIM Networks, Inc. All rights reserved.

www.naimnetworks.comcontacts@naimnetworks.com+82-2-552-05555th Floor, Anam BLDG616 Yeondongdaero, Kanamgu, Seoul, Republic of Korea