From f0afc5bd815e0af40e4928f7b830c54e20f53d11 Mon Sep 17 00:00:00 2001 From: yanfeizhang Date: Sun, 14 Nov 2021 09:25:45 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E6=B7=BB=E5=8A=A0=E5=AE=B9=E5=99=A8?= =?UTF-8?q?=E7=BD=91=E7=BB=9C=E5=A4=96=E9=83=A8=E9=80=9A=E4=BF=A1=E5=AE=9E?= =?UTF-8?q?=E9=AA=8C=E6=BA=90=E7=A0=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 4 ++- tests/network/index.md | 8 +++-- tests/network/test07/Makefile | 40 ++++++++++++++++++++++++ tests/network/test07/index.md | 57 +++++++++++++++++++++++++++++++++++ 4 files changed, 105 insertions(+), 4 deletions(-) create mode 100644 tests/network/test07/Makefile create mode 100644 tests/network/test07/index.md diff --git a/README.md b/README.md index 7f8307a..2f268ba 100644 --- a/README.md +++ b/README.md @@ -47,7 +47,9 @@ **1.8 电子书** - [🔥开发内功修炼网络篇电子书出炉!!!](https://mp.weixin.qq.com/s/kE8y9em9a0Xv80YaQqPbRg) -## 二、硬盘篇 +## 二、硬盘篇 +- [经典,Linux文件系统十问](https://mp.weixin.qq.com/s/pOKjwl3ONPMPSRF6RSmvaw) + **2.1 硬件工作原理** - [磁盘开篇:扒开机械硬盘坚硬的外衣!](https://mp.weixin.qq.com/s/OqhwSI4WsEyZlBhkFGPUlg) - [磁盘分区也是隐含了技术技巧的](https://mp.weixin.qq.com/s/4HwUxy-4FClgIIei6JAzqw) diff --git a/tests/network/index.md b/tests/network/index.md index 96635b1..e3188ad 100644 --- a/tests/network/index.md +++ b/tests/network/index.md @@ -1,6 +1,8 @@ -- [通过多 IP 达成单机百万连接](tests/network/test02) -- [通过端口重用达成单机百万连接](tests/network/test03) +- [PHP单语言的百万连接测试源码](tests/network/test01) +- [通过多 IP 达成单机百万连接(支持c、java、php三种语言)](tests/network/test02) +- [通过端口重用达成单机百万连接(支持c、java、php三种语言)](tests/network/test03) - [一个模拟 tcpdump 的简单抓包程序](tests/network/test04) - [用 bridge 连接本机上的多组 veth,使其可以互相通信](tests/network/test05) -- [命令行使用 namespace 的简单实验](tests/network/test06) \ No newline at end of file +- [命令行使用 namespace 的简单实验](tests/network/test06) +- [手工模拟实现一个可以和外部通信的容器网络](tests/network/test07) \ No newline at end of file diff --git a/tests/network/test07/Makefile b/tests/network/test07/Makefile new file mode 100644 index 0000000..1a54105 --- /dev/null +++ b/tests/network/test07/Makefile @@ -0,0 +1,40 @@ +.PHONY: create-net1 +create-net1: + ip netns add net1 + ip link add veth1 type veth peer name veth1_p + ip link set veth1 netns net1 + ip netns exec net1 ip addr add 192.168.0.2/24 dev veth1 # IP + ip netns exec net1 ip link set veth1 up + ip netns exec net1 ip link list + ip netns exec net1 ifconfig + ip netns exec net1 route add default gw 192.168.0.1 veth1 # 默认网关 + ip netns exec net1 route -n + +.PHONY: create-br +create-br: + brctl addbr br0 + ip addr add 192.168.0.1/24 dev br0 + ip link set dev veth1_p master br0 + ip link set veth1_p up + ip link set br0 up + brctl show + +.PHONY: create-nat +create-nat: + sysctl net.ipv4.conf.all.forwarding=1 + iptables -P FORWARD ACCEPT + iptables -t nat -A POSTROUTING -s 192.168.0.0/24 ! -o br0 -j MASQUERADE + iptables -t nat -A PREROUTING ! -i br0 -p tcp -m tcp --dport 8088 -j DNAT --to-destination 192.168.0.2:80 + iptables-save + +.PHONY: clean +clean: + ip link delete br0 + ip link delete veth1_p + ip link list + ip netns del net1 + ip netns list + iptables -t nat -L -n --line-numbers + iptables -t nat -D PREROUTING 1 # TODO:待优化 + iptables -t nat -D POSTROUTING 1 # TODO:待优化 + iptables-save diff --git a/tests/network/test07/index.md b/tests/network/test07/index.md new file mode 100644 index 0000000..fb3ef16 --- /dev/null +++ b/tests/network/test07/index.md @@ -0,0 +1,57 @@ + +## 准备工作 + +创建一个虚拟网络环境 + +```sh +# make create-net1 +``` + +创建一个 bridge,并和刚才的创建的 veth 建立连接 + +```sh +# make create-br +``` + +进行 nat 配置 + +```sh +# make create-nat +``` + + +## 访问外部网络 + +选择一个母机能 ping 同的 ip,ping 之 + +``` +# ip netns exec net1 ping 10.\*.\*.\* +``` +访问外网,要保证这个 ip 用母机能 ping + +```sh +PING 10.\*.\*.\* (10.\*.\*.\*) 56(84) bytes of data. +64 bytes from 10.\*.\*.\*: icmp_seq=1 ttl=57 time=2.12 ms +64 bytes from 10.\*.\*.\*: icmp_seq=2 ttl=57 time=1.76 ms +``` + +## 提供服务给外网调用 + +使用 nc 命令在虚拟网络中监听一个服务 +``` +# ip netns exec net1 nc -lp 80 +``` + +在另外一台机器上使用 telnent 连接这台机器上的 8088 端口。 + +**注意**, telnet 需要指定的是容器所在的母机的 ip,但 8088 这个端口上的服务是由虚拟容器网络提供的。 + +```c +# telnet 10.\*.\*.\* 8088 +Trying 10.\*.\*.\*... +Connected to 10.\*.\*.\*. +Escape character is '^]'. +...... +``` + +