19,613
社区成员
发帖
与我相关
我的任务
分享
[root@container01 /]# ip link add br0 type bridge
[root@container01 /]# ip tuntap add dev tun0 mode tun
[root@container01 /]# ip l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: tun0: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN mode DEFAULT qlen 500
link/none
26: eth0@if27: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT
link/ether 02:42:c0:a8:0b:01 brd ff:ff:ff:ff:ff:ff link-netnsid 0
[root@container01 /]# ip addr add 192.168.1.2 dev tun0
[root@container01 /]# ip link set tun0 up
[root@container01 /]# tcpdump -i eth0
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
在宿主机里[root@host ~]# route add -host 192.168.1.2 gw 192.168.2.254
[root@host ~]# ping 192.168.1.2
PING 192.168.1.2 (192.168.1.2 ) 56(84) bytes of data.
64 bytes from 192.168.1.2: icmp_seq=1 ttl=64 time=0.058 ms
64 bytes from 192.168.1.2: icmp_seq=2 ttl=64 time=0.061 ms
路由从eth0走,在container01里tcpdump能够捕获报文,也不用设置为promisc模式。
但是如果仅仅是共用网桥,不设置为promisc是抓不住包的。