Original link: https://zdyxry.github.io/2023/08/06/Weekly-Issue-2023-08-06/
Article link to title Technology link to title Overlay container network that does not require encapsulation | Oilbeater’s self-study room Layer IP and Mac are impossible to omit as the identification of real communication, but some fields in the IP Header, such as DSCP and ID, are very rarely used. If these two fields can be used to encode the information of the inner layer, then we can not use the layer of container IP and Mac in the inner layer. Here you can imagine that using iptables to do nat actually maps the source IP and port to the target IP and port, which can also be understood as a coding mapping relationship.
The author caches the Mac and IP information of the container network through the eBPF Map in the kernel, and generates a key corresponding to each group of IP and Mac. In this way, when the container conducts cross-host network communication, it can directly modify the target address to the address of the corresponding host, and at the same time write this key into the specified reserved field in the IP. After the data packet arrives at the peer end, the peer end can use this key to query the local cache and restore the address of the data packet to the address of the container. In this way, no additional encapsulation is required, and the cross-host Overlay network is completed by directly replacing the IP and Mac headers.
Live Links to Title Bay Area vs. Indie Development – laike9m’s blog
“Half-lying and half-rolling”, “rolling” and “lying” are completely different lifestyles, and there is no distinction between superior and inferior. But if we continue to dig, we will find that the core contradiction is still those two words: independence.
7.30 Beijing 7.30 rainstorm K1178 was trapped for 72 hours personal record – know almost
This article is transferred from: https://zdyxry.github.io/2023/08/06/Weekly-Issue-2023-08-06/
This site is only for collection, and the copyright belongs to the original author.