1024programmer Blog Linux modify vlan sub-interface mac address, macvlan virtual interface_wb0r0r’s blog

Linux modify vlan sub-interface mac address, macvlan virtual interface_wb0r0r’s blog

author: admin Post: August 30, 2023 13read 0Comment

macvlan is a network card virtualization technology provided by the kernel, which can virtualize multiple interfaces from the network card (not necessarily a real physical network card, but virtual network cards such as virtio). This network card is called a master or parent interface. Communication between the virtual interface and the external environment is through the parent interface. If it works, for example, macvlan cni for k8s.

macvlan provides five modes: bridge, vepa, private, passthrough and source

private mode:

In this mode, sub-interfaces under the same parent interface are isolated from each other and cannot communicate. That is

The diversion from the external switch is received by the parent interface again, and it will also be ruthlessly discarded.

vepa mode:

In this mode, the communication traffic between sub-interfaces needs to be directed to external support

802.1Qbg/VPEA-enabled switch (which can be physical or virtual),

Forwarded through the external switch, and then looped back.

Note: The 802.1Qbg/VPEA function simply means that the switch must support hairpin

(hairpin) function, that is, the data packet can be thrown again after it is received from an interface

Go back.

bridge mode:

In this mode, the function of the Linux bridge is simulated, but it is better than the bridge

The point is that the MAC address of each interface is known and does not need to be learned. Therefore, this pattern

Under

, the sub-interfaces can directly communicate with each other.

passthru mode:

In this mode, only a single subinterface is allowed to connect to the parent interface.

source mode:

In this mode, only packets whose source mac is the specified mac address are received.

The picture below is a screenshot from the Internet, and how the data is forwarded in each mode. Regardless of the mode, the sub-interface cannot communicate with the parent interface.

a599d2a9a1ef

image.png

The following is the help information for creating a macvlan interface through the ip command

root@node2:~# ip link add link ens8 dev macvlan1 type macvlan help

Usage: … macvlan mode MODE [flag MODE_FLAG] MODE_OPTS

MODE: private | vepa | bridge | passthru | source

MODE_FLAG: null | nopromisc –>Only for passthru mode

MODE_OPTS: for mode “source”: –>only for source mode

macaddr { { add | del } | set [ [ … ] ] | flush }

There are two options to note:

a. nopromisc configuration is only for passthru mode

b. The option to add macaddr is only for source mode, so that in source mode, only the messages with the set values ​​of the source mac received from the outside are received

How to view the corresponding relationship between the parent interface and the sub-interface

a. If the sub-interface and the parent interface are both in the same namespace, for example, both are in the root namespace, you can check the link file under /sys/class/net/xxx/.

Pay attention to the two prefixes lower and upper. For macvlan, from a hierarchical point of view, the parent interface is a network card, and the sub-interface is virtual, so the parent interface is below and the sub-interface is above, so lower indicates the parent interface, and upper Indicates a subinterface.

#View the parent interface of the macvlan sub-interface (the parent interface of macvlan1 is ens8)

root@node2:~# ls -l /sys/class/net/macvlan1/lower*

lrwxrwxrwx 1 root root 0 Oct 27 13:55 /sys/class/net/macvlan1/lower_ens8 -> ../../../pci0000:00/0000:00:08.0/net/ens8

#View the macvlan sub-interface of the parent interface (ens8 has two sub-interfaces: macvlan1 and macvlan2)

root@node2:~# ls -l /sys/class/net/ens8/upper*

lrwxrwxrwx 1 root root 0 Oct 27 13:55 /sys/class/net/ens8/upper_macvlan1 -> ../../../../virtual/net/macvlan1

lrwxrwxrwx 1 root root 0 Oct 27 13:56 /sys/class/net/ens8/upper_macvlan2 -> ../../../../virtual/net/macvlan2

b. If the sub-interface and the parent interface are not in the same namespace, such as placing the sub-interface in another namespace, method a will not take effect. You can view the numbers behind the network card name @, such as macvlan1@if3 and macvlan2@if3 below, and the if3 after @ indicates the network card index corresponding to the root namespace, that is, the index number of ens8.

root@node2:~# ip netns exec test1 ip a

8308: macvlan1@if3: mtu 1500 qdisc noqueue state UP group default qlen 1000

link/ether ce:dc:2c:c2:e3:ca brd ff:ff:ff:ff:ff:ff link-netnsid 0

inet 1.1.1.3/24 scope global macvlan1

valid_lft forever preferred_lft fore

This article is from the internet and does not represent1024programmerPosition, please indicate the source when reprinting:https://www.1024programmer.com/linux-modify-vlan-sub-interface-mac-address-macvlan-virtual-interface_wb0r0rs-blog/
Reward
tag:

author: admin

Previous article
Next article

Related recommendations

Leave a Reply

Your email address will not be published. Required fields are marked *

Contact Us

Contact us

181-3619-1160

Online consultation: QQ交谈

E-mail: [email protected]

Working hours: Monday to Friday, 9:00-17:30, holidays off

Follow wechat
Scan wechat and follow us

Scan wechat and follow us

Follow Weibo
Back to top
首页
微信
电话
搜索