virtual network switch - UnRAID · PDF filevirtual network switch NAT allows outbound VM...
-
Upload
doankhuong -
Category
Documents
-
view
314 -
download
2
Transcript of virtual network switch - UnRAID · PDF filevirtual network switch NAT allows outbound VM...
![Page 1: virtual network switch - UnRAID · PDF filevirtual network switch NAT allows outbound VM connections, but no inbound VM connections virbr0 vnet0 vnet1 vnet2 ... VyOS router with Internet](https://reader034.fdocuments.in/reader034/viewer/2022052120/5a7c93497f8b9ae9398cf797/html5/thumbnails/1.jpg)
virtual network switch
NAT allows outbound VM connections, but no inbound VM connections
virbr0
vnet0 vnet1 vnet2
virt host 1 virt host 2 virt host 3
virt NIC virt NIC virt NIC
eth0 NAT
iptables
192.168.122.xxx192.168.122.xxx192.168.122.xxx
local DNS & DHCP services provided
DNS & DHCP
switch
![Page 2: virtual network switch - UnRAID · PDF filevirtual network switch NAT allows outbound VM connections, but no inbound VM connections virbr0 vnet0 vnet1 vnet2 ... VyOS router with Internet](https://reader034.fdocuments.in/reader034/viewer/2022052120/5a7c93497f8b9ae9398cf797/html5/thumbnails/2.jpg)
unRAID v6.1 : bridging
unRAID v6.1: all available physical interfaces join the bridge
br0
vnet0 vnet1 vnet2
virt host 1 virt host 2 virt host 3
virt NIC virt NIC virt NIC
eth0
eth1
switch
potential loop when morethan one physical interfacejoins the bridge.requires STP to be enabled
![Page 3: virtual network switch - UnRAID · PDF filevirtual network switch NAT allows outbound VM connections, but no inbound VM connections virbr0 vnet0 vnet1 vnet2 ... VyOS router with Internet](https://reader034.fdocuments.in/reader034/viewer/2022052120/5a7c93497f8b9ae9398cf797/html5/thumbnails/3.jpg)
Use case: bridging
br0
vnet0 vnet1 vnet2
virt host 1 virt host 2 virt host 3
virt NIC virt NIC virt NIC
eth0
switch
![Page 4: virtual network switch - UnRAID · PDF filevirtual network switch NAT allows outbound VM connections, but no inbound VM connections virbr0 vnet0 vnet1 vnet2 ... VyOS router with Internet](https://reader034.fdocuments.in/reader034/viewer/2022052120/5a7c93497f8b9ae9398cf797/html5/thumbnails/4.jpg)
Use case: bonding + bridging
May require a switch with aggregation capabilities
vnet0 vnet1 vnet2
virt host 1 virt host 2 virt host 3
virt NIC virt NIC virt NIC
switch bond0
eth0
eth1br0
![Page 5: virtual network switch - UnRAID · PDF filevirtual network switch NAT allows outbound VM connections, but no inbound VM connections virbr0 vnet0 vnet1 vnet2 ... VyOS router with Internet](https://reader034.fdocuments.in/reader034/viewer/2022052120/5a7c93497f8b9ae9398cf797/html5/thumbnails/5.jpg)
Use case: physical segregation
br0 br1
vnet0 vnet1 vnet2
virt host 1 virt host 2 virt host 3
virt NIC virt NIC virt NIC
eth1
switch
switcheth0
A B
A B
![Page 6: virtual network switch - UnRAID · PDF filevirtual network switch NAT allows outbound VM connections, but no inbound VM connections virbr0 vnet0 vnet1 vnet2 ... VyOS router with Internet](https://reader034.fdocuments.in/reader034/viewer/2022052120/5a7c93497f8b9ae9398cf797/html5/thumbnails/6.jpg)
Use case: logical segregation
Requires a switch with trunking capabilities
vnet0 vnet1 vnet2
virt host 1 virt host 2 virt host 3
virt NIC virt NIC virt NIC
br0.2eth0
br0
switch
A
B
A B
![Page 7: virtual network switch - UnRAID · PDF filevirtual network switch NAT allows outbound VM connections, but no inbound VM connections virbr0 vnet0 vnet1 vnet2 ... VyOS router with Internet](https://reader034.fdocuments.in/reader034/viewer/2022052120/5a7c93497f8b9ae9398cf797/html5/thumbnails/7.jpg)
Use case: bonding + physical segregation
May require a switch with aggregation capabilities
vnet0 vnet1 vnet2
virt host 1 virt host 2 virt host 3
virt NIC virt NIC virt NIC
br0 eth2br2
switch
switchbond0
eth0
eth1
A B
A B
![Page 8: virtual network switch - UnRAID · PDF filevirtual network switch NAT allows outbound VM connections, but no inbound VM connections virbr0 vnet0 vnet1 vnet2 ... VyOS router with Internet](https://reader034.fdocuments.in/reader034/viewer/2022052120/5a7c93497f8b9ae9398cf797/html5/thumbnails/8.jpg)
Use case: bonding + logical segregation
Requires a switch with aggregation and trunking capabilities
bond0
vnet0 vnet1 vnet2
virt host 1 virt host 2 virt host 3
virt NIC virt NIC virt NIC
eth0
eth1
switch
A
B
A B
br0.2
br0
![Page 9: virtual network switch - UnRAID · PDF filevirtual network switch NAT allows outbound VM connections, but no inbound VM connections virbr0 vnet0 vnet1 vnet2 ... VyOS router with Internet](https://reader034.fdocuments.in/reader034/viewer/2022052120/5a7c93497f8b9ae9398cf797/html5/thumbnails/9.jpg)
VyOS router with Internet / LAN / DMZ
Requires a switch with trunking capabilities
br1
vnet1
eth1eth0
vnet2
br0.2
br0
vnet0
VyOSrouter
virt NIC
Inte
rnet
LAN
+ DM
Z
![Page 10: virtual network switch - UnRAID · PDF filevirtual network switch NAT allows outbound VM connections, but no inbound VM connections virbr0 vnet0 vnet1 vnet2 ... VyOS router with Internet](https://reader034.fdocuments.in/reader034/viewer/2022052120/5a7c93497f8b9ae9398cf797/html5/thumbnails/10.jpg)
Use case: v-switch passthrough
vnet0 vnet1 vnet2
virt host 1 virt host 2 virt host 3
virt NIC virt NIC virt NIC
eth1
switch eth0 br0
![Page 11: virtual network switch - UnRAID · PDF filevirtual network switch NAT allows outbound VM connections, but no inbound VM connections virbr0 vnet0 vnet1 vnet2 ... VyOS router with Internet](https://reader034.fdocuments.in/reader034/viewer/2022052120/5a7c93497f8b9ae9398cf797/html5/thumbnails/11.jpg)
Docker bridge mode
NAT allows outbound connections, but only port assigned inbound connectionsEach container can use any number for container ports; host ports must be unique
docker0
vethX vethX vethX
container container container
virt NIC virt NIC
eth0 NAT
iptables
172.17.0.xxx172.17.0.xxx172.17.0.xxx
local DNS & DHCP services provided
DNS & DHCP
switch
Containerport
Hostport
11
12
13
virt NIC
port 1 port 1 port 1
172.17.0.1
![Page 12: virtual network switch - UnRAID · PDF filevirtual network switch NAT allows outbound VM connections, but no inbound VM connections virbr0 vnet0 vnet1 vnet2 ... VyOS router with Internet](https://reader034.fdocuments.in/reader034/viewer/2022052120/5a7c93497f8b9ae9398cf797/html5/thumbnails/12.jpg)
Docker host mode
Containers have native access to the host network interfaceEach container must use unique host port numbers
docker
container container container
port 2 port 3
eth0
switch
port 1