10.k8s网络calico之ipinip模式
需要修改calico.yaml文件- name: CALICO_IPV4POOL_IPIPvalue: "Always" # 默认是always或者修改ippool yaml文件apiVersion: projectcalico.org/v3kind: IPPoolmetadata:name: ippool-ipip-1spec:cidr: 192.168.0.0/16ipipMode: Alwa
·
需要修改calico.yaml文件
- name: CALICO_IPV4POOL_IPIP
value: "Always" # 默认是always
或者修改ippool yaml文件
apiVersion: projectcalico.org/v3
kind: IPPool
metadata:
name: ippool-ipip-1
spec:
cidr: 192.168.0.0/16
ipipMode: Always
# 注意这里还有subnet模式,假设两个node 都在同一个网段,就会不封装,直接走网络bgp模式
# 如果不在同一个网段,就会使用ipInip模式
natOutgoing: true
看下三台主机的路由表
由master节点上面的10.244.219.64 ping node1 节点上面的10.244.166.141
在master节点上面抓包
# 先看路由表
# 先抓 tunl0
tcpdump -i tunl0 -nn host 10.244.166.141
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on tunl0, link-type RAW (Raw IP), capture size 262144 bytes
15:13:52.243553 IP 10.244.219.64 > 10.244.166.141: ICMP echo request, id 77, seq 45, length 64
15:13:52.243907 IP 10.244.166.141 > 10.244.219.64: ICMP echo reply, id 77, seq 45, length 64
15:13:53.243985 IP 10.244.219.64 > 10.244.166.141: ICMP echo request, id 77, seq 46, length 64
15:13:53.244233 IP 10.244.166.141 > 10.244.219.64: ICMP echo reply, id 77, seq 46, length 64
15:13:54.243602 IP 10.244.219.64 > 10.244.166.141: ICMP echo request, id 77, seq 47, length 64
15:13:54.244024 IP 10.244.166.141 > 10.244.219.64: ICMP echo reply, id 77, seq 47, length 64
15:13:55.244525 IP 10.244.219.64 > 10.244.166.141: ICMP echo request, id 77, seq 48, length 64
15:13:55.244806 IP 10.244.166.141 > 10.244.219.64: ICMP echo reply, id 77, seq 48, length 64
15:13:56.244596 IP 10.244.219.64 > 10.244.166.141: ICMP echo request, id 77, seq 49, length 64
15:13:56.245027 IP 10.244.166.141 > 10.244.219.64: ICMP echo reply, id 77, seq 49, length 64
# 在抓ens33
tcpdump -i ens33 -nn host 192.168.64.151
# 做了刷选,找出了两条比较重要的
15:14:31.266588 IP 192.168.64.150 > 192.168.64.151: IP 10.244.219.64 > 10.244.166.141: ICMP echo request, id 77, seq 84, length 64 (ipip-proto-4)
15:14:31.267136 IP 192.168.64.151 > 192.168.64.150: IP 10.244.166.141 > 10.244.219.64: ICMP echo reply, id 77, seq 84, length 64 (ipip-proto-4)
从上面抓包可以看出:ipinip做了层封装
再在node1上面进行抓包
# 在tunl0上面抓包
tcpdump -i tunl0 -nn host 10.244.219.64
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on tunl0, link-type RAW (Raw IP), capture size 262144 bytes
15:21:14.764929 IP 10.244.219.64 > 10.244.166.141: ICMP echo request, id 77, seq 487, length 64
15:21:14.764976 IP 10.244.166.141 > 10.244.219.64: ICMP echo reply, id 77, seq 487, length 64
15:21:15.766134 IP 10.244.219.64 > 10.244.166.141: ICMP echo request, id 77, seq 488, length 64
15:21:15.766192 IP 10.244.166.141 > 10.244.219.64: ICMP echo reply, id 77, seq 488, length 64
15:21:16.766671 IP 10.244.219.64 > 10.244.166.141: ICMP echo request, id 77, seq 489, length 64
15:21:16.766724 IP 10.244.166.141 > 10.244.219.64: ICMP echo reply, id 77, seq 489, length 64
15:21:17.767188 IP 10.244.219.64 > 10.244.166.141: ICMP echo request, id 77, seq 490, length 64
15:21:17.767224 IP 10.244.166.141 > 10.244.219.64: ICMP echo reply, id 77, seq 490, length 64
# 在ens33上面抓包
tcpdump -i ens33 -nn host 192.168.64.150
15:22:50.834149 IP 192.168.64.150 > 192.168.64.151: IP 10.244.219.64 > 10.244.166.141: ICMP echo request, id 77, seq 583, length 64 (ipip-proto-4)
15:22:50.834256 IP 192.168.64.151 > 192.168.64.150: IP 10.244.166.141 > 10.244.219.64: ICMP echo reply, id 77, seq 583, length 64 (ipip-proto-4)
由上面可以看出:IP in IP的链接方式为:
更多推荐
已为社区贡献11条内容
所有评论(0)