-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy path02-vxlan-point-to-point.txt
122 lines (91 loc) · 3.83 KB
/
02-vxlan-point-to-point.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
***************************************************************************************************************
Linux-Bridge & point-to-point VXLAN to isolate tenant traffic
This method will only support two nodes
2 nodes required
****************************************************************************************************************
# On node1
# Create a network namespace for both companies
ip netns add mcdonalds
ip netns add burgerking
# Create veth pairs for both companies
ip link add mdveth0 type veth peer name mdveth1
ip link add bkveth0 type veth peer name bkveth1
# Add veth1 to each company's namespace:
ip link set mdveth1 netns mcdonalds
ip link set bkveth1 netns burgerking
# Add the same ip to veth1 in both company namespaces
ip netns exec mcdonalds ip a add dev mdveth1 10.1.0.5/24
ip netns exec burgerking ip a add dev bkveth1 10.1.0.5/24
# Create a tenant-network linux bridge for each company
brctl addbr br-md
brctl addbr br-bk
# Add a veth pair to each company's linux bridge:
brctl addif br-md mdveth0
brctl addif br-bk bkveth0
# Create a point-to-point VXLAN interface for each company:
ip link add vxlan-10 type vxlan id 10 remote 10.0.2.8 dev eth1
ip link add vxlan-20 type vxlan id 20 remote 10.0.2.8 dev eth1
# Use the -d flag with ip link to show the VTEP (eth1) linked to the VXLAN interface:
ip -d link show vxlan-10
ip -d link show vxlan-20
# Add the point-to-point VXLAN interface to each company's tenant-network Linux bridge:
brctl addif br-md vxlan-10
brctl addif br-bk vxlan-20
# Bring up the veth pairs:
ip link set dev mdveth0 up
ip link set dev bkveth0 up
ip netns exec mcdonalds ip link set dev mdveth1 up
ip netns exec burgerking ip link set dev bkveth1 up
# Bring up the loopback adapter inside the namespaces:
ip netns exec mcdonalds ip link set dev lo up
ip netns exec burgerking ip link set dev lo up
# Bring up each company's tenant-network bridge:
ip link set dev br-md up
ip link set dev br-bk up
# Bring up the VXLAN interface for each company:
ip link set dev vxlan-10 up
ip link set dev vxlan-20 up
# On node2
# Create network namespace for both companies:
ip netns add mcdonalds
ip netns add burgerking
# Create veth pair for both companies:
ip link add mdveth0 type veth peer name mdveth1
ip link add bkveth0 type veth peer name bkveth1
# Add veth1 to each company's namespace:
ip link set mdveth1 netns mcdonalds
ip link set bkveth1 netns burgerking
# Add same ip to veth1 in both company's namespace:
ip netns exec mcdonalds ip a add dev mdveth1 10.1.0.6/24
ip netns exec burgerking ip a add dev bkveth1 10.1.0.6/24
# Create a tenant-network linux-bridge for each company:
brctl addbr br-md
brctl addbr br-bk
# Add veth pair to each company's linux-bridge
brctl addif br-md mdveth0
brctl addif br-bk bkveth0
# Create a point-to-point VXLAN interface for each company:
ip link add vxlan-10 type vxlan id 10 remote 10.0.2.9 dev eth1
ip link add vxlan-20 type vxlan id 20 remote 10.0.2.9 dev eth1
# Use the -d flag with ip link to show the VTEP (eth1) linked to the VXLAN interface
ip -d link show vxlan-10
ip -d link show vxlan-20
# Add the point-to-point VXLAN interface to each company's tenant-network linux- bridge:
brctl addif br-md vxlan-10
brctl addif br-bk vxlan-20
# Bring up the veth pairs:
ip link set dev mdveth0 up
ip link set dev bkveth0 up
ip netns exec mcdonalds ip link set dev mdveth1 up
ip netns exec burgerking ip link set dev bkveth1 up
# Bring up the loopback adapter inside the namespaces:
ip netns exec mcdonalds ip link set dev lo up
ip netns exec burgerking ip link set dev lo up
# Bring up each company's tenant-network bridge:
ip link set dev br-md up
ip link set dev br-bk up
# Bring up the VXLAN interface for each company:
ip link set dev vxlan-10 up
ip link set dev vxlan-20 up
# From the mcdonalds namespace, ping the 10.1.0.5 interface on the other node.
# You should receive a reply.