Kubernetes Notes
  • README
  • 序:Kubernetes之道
  • 搭建开发环境
    • 搭建本地开发测试环境
  • 基本概念
    • Workloads
      • StatefulSet
    • 认证鉴权
      • 理解证书
      • Kubelet配置
    • 垃圾回收
    • Service
  • 基础组件
    • Scheduler
    • 自动扩缩容(HPA)
  • 容器运行时(Container Runtime)
    • CRI
    • Docker
      • 安装配置Docker
      • Docker FAQ
    • Containerd
  • 资源隔离与限制
    • 基础知识
      • Cgroup
      • Namespaces
    • CPU
    • Memory
    • 网络出/入带宽
    • GPU
    • Container
    • FAQ
  • 网络
    • 基础知识
      • Linux network interfaces
      • Iptables
      • Overlay network
    • CNI
    • Flannel
      • Flannel原理
      • host-gw
      • vxlan
      • ipip
    • Calico
    • Cilium
  • Service Mesh
    • Istio
  • 扩展Kubernetes
    • Admission controller
    • Custom resource definition(CRD)
    • Scheduler extender
    • 扩展资源维度
    • Kubectl plugin
    • Aggregator
    • Device plugin
  • 现网问题
    • Kubernetes
    • ETCD
    • Docker
  • 最佳实践
    • 各组件参数配置调优
    • 各大公司生产环境实践
    • 如何打造一个Kubernetes平台
  • 生产力小工具
    • 生成特定权限和配额的kubeconfig
  • 社区贡献
  • 学习资料
  • 附录:RTFSC
    • Informer
    • Pod deletion
Powered by GitBook
On this page
  • Bridge
  • Tunnel
  • 参考资料

Was this helpful?

  1. 网络
  2. 基础知识

Linux network interfaces

Bridge

Linux bridge is a layer 2 virtual device that on its own cannot receive or transmit anything unless you bind one or more real devices to it. 

It forwards packets between interfaces that are connected to it. It’s usually used for forwarding packets on routers, on gateways, or between VMs and network namespaces on a host. It also supports STP, VLAN filter, and multicast snooping.

在bridge中,有一个组件叫MAC learning database(也叫FDB),当一个网络包经过bridge的时候,它会做两件事:1. 将这个网络包的mac地址和bridge端口的对应关系记录到FDB里(如果不存在)2.从FDB里查找目的mac地址对应的bridge端口,如果找到了,则从那个端口将包转发出去,如果没有,则向除源端口外的其他端口都发送这个网络包。

查看FDB表的内容的命令为:bridge fdb show(e.g. bridge fdb show br0)或brctl showmacs(e.g. brctl showmacs br0)

创建bridge相关的命令:

# ip link add br0 type bridge
# ip link set eth0 master br0  //将eth0绑定到br0上

Tunnel

TUN/TAP provides packet reception and transmission for user space programs. 
It can be seen as a simple Point-to-Point or Ethernet device, which,
instead of receiving packets from physical media, receives them from 
user space program and instead of sending packets via physical media 
writes them to the user space program.

参考资料

  • Bridge:

  • TUN/TAP:

Previous基础知识NextIptables

Last updated 6 years ago

Was this helpful?

Introduction to Linux interfaces for virtual networking:

Understanding Linux Internet working:

Linux Bridge - how it works:

TUN/TAP内核文档:

Network Tunnels with Linux:

https://developers.redhat.com/blog/2018/10/22/introduction-to-linux-interfaces-for-virtual-networking
https://www.actualtechmedia.com/wp-content/uploads/2018/01/CUMULUS-Understanding-Linux-Internetworking.pdf
https://goyalankit.com/blog/linux-bridge
https://www.kernel.org/doc/Documentation/networking/tuntap.txt
https://www.jumpingbean.co.za/blogs/mark/linux-network-tunnels