root@node-wrk-1-ubuntu24-684f7d8fd6-2zncq:/workspace# nc node-wrk-2-ubuntu24.wrk-2 9999
asdfasdfasdfasd
+```
+
+#
+
+```shell
+root@node-wrk-1-ubuntu24-684f7d8fd6-2zncq:/workspace# sleep 3000
+
+```
+
+#
+
+```shell
+
+root@node-1:~# ip netns list
+36322294-9a3a-47fd-8be4-6530f0123581 (id: 2)
+5b58d4f1-eb3e-4cb7-b823-bbb08ee37b18 (id: 1)
+02aa7ed5-2d8b-44ff-9865-d1b2ef17665c
+dbe865d4-e332-40cc-8d95-459445ff6574
+a300e0fa-b79e-48b5-aabf-bd8bbcebc428
+
+
+```
+```shell
+
+root@node-1:~# ip netns exec 5b58d4f1-eb3e-4cb7-b823-bbb08ee37b18 ip a
+1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
+ link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
+ inet 127.0.0.1/8 scope host lo
+ valid_lft forever preferred_lft forever
+ inet6 ::1/128 scope host
+ valid_lft forever preferred_lft forever
+8: eth0@if9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1460 qdisc noqueue state UP group default qlen 1000
+ link/ether 4e:e0:85:d5:68:f9 brd ff:ff:ff:ff:ff:ff link-netns 02aa7ed5-2d8b-44ff-9865-d1b2ef17665c
+ inet 10.0.1.15/32 scope global eth0
+ valid_lft forever preferred_lft forever
+ inet6 fe80::4ce0:85ff:fed5:68f9/64 scope link
+ valid_lft forever preferred_lft forever
+```
+
+```shell
+
+root@node-1:~# ip netns exec 5b58d4f1-eb3e-4cb7-b823-bbb08ee37b18 ps aux | grep sleep
+root 85586 0.0 0.0 2696 1380 pts/1 S+ 00:41 0:00 sleep 3000
+```
+
+#
+
+```shell
+
+root@node-1:~# ip netns exec 5b58d4f1-eb3e-4cb7-b823-bbb08ee37b18 ip route
+default via 10.0.1.49 dev eth0 mtu 1410
+10.0.1.49 dev eth0 scope link
+
+```
+
+#
+
+```shell
+root@node-1:~# ip -d link show
+...
+9: lxc7dc050ebabd6@if8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1460 qdisc noqueue state UP mode DEFAULT group default qlen 1000
+ link/ether a6:8a:15:36:dc:cb brd ff:ff:ff:ff:ff:ff link-netns 5b58d4f1-eb3e-4cb7-b823-bbb08ee37b18 promiscuity 0 allmulti 0 minmtu 68 maxmtu 65535
+ veth addrgenmode eui64 numtxqueues 2 numrxqueues 2 gso_max_size 65536 gso_max_segs 65535 tso_max_size 524280 tso_max_segs 65535 gro_max_size 65536
+11: lxc1e0b7c2c5527@if10: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1460 qdisc noqueue state UP mode DEFAULT group default qlen 1000
+ link/ether 0e:9c:2c:8c:64:77 brd ff:ff:ff:ff:ff:ff link-netns 36322294-9a3a-47fd-8be4-6530f0123581 promiscuity 0 allmulti 0 minmtu 68 maxmtu 65535
+ veth addrgenmode eui64 numtxqueues 2 numrxqueues 2 gso_max_size 65536 gso_max_segs 65535 tso_max_size 524280 tso_max_segs 65535 gro_max_size 65536
+
+root@node-1:~# ip netns list
+36322294-9a3a-47fd-8be4-6530f0123581 (id: 2)
+5b58d4f1-eb3e-4cb7-b823-bbb08ee37b18 (id: 1)
+....
+
+
+```
+#
+
+```shell
+
+root@node-1:~# tshark -i lxc7dc050ebabd6
+Running as user "root" and group "root". This could be dangerous.
+Capturing on 'lxc7dc050ebabd6'
+ 1 0.000000000 10.0.1.15 → 10.96.0.10 DNS 109 Standard query 0x262f A node-wrk-2-ubuntu24.wrk-2.wrk-1.svc.cluster.local
+ 2 0.000122975 10.0.1.15 → 10.96.0.10 DNS 109 Standard query 0xf132 AAAA node-wrk-2-ubuntu24.wrk-2.wrk-1.svc.cluster.local
+ 3 0.001248872 10.96.0.10 → 10.0.1.15 DNS 202 Standard query response 0xf132 No such name AAAA node-wrk-2-ubuntu24.wrk-2.wrk-1.svc.cluster.local SOA ns.dns.cluster.local
+ 4 0.001283013 10.96.0.10 → 10.0.1.15 DNS 202 Standard query response 0x262f No such name A node-wrk-2-ubuntu24.wrk-2.wrk-1.svc.cluster.local SOA ns.dns.cluster.local
+ 5 0.001410506 10.0.1.15 → 10.96.0.10 DNS 103 Standard query 0x76e7 A node-wrk-2-ubuntu24.wrk-2.svc.cluster.local
+ 6 0.001456907 10.0.1.15 → 10.96.0.10 DNS 103 Standard query 0x67e4 AAAA node-wrk-2-ubuntu24.wrk-2.svc.cluster.local
+ 7 0.001863086 10.96.0.10 → 10.0.1.15 DNS 196 Standard query response 0x67e4 AAAA node-wrk-2-ubuntu24.wrk-2.svc.cluster.local SOA ns.dns.cluster.local
+ 8 0.001984626 10.96.0.10 → 10.0.1.15 DNS 162 Standard query response 0x76e7 A node-wrk-2-ubuntu24.wrk-2.svc.cluster.local A 10.105.134.33
+ 9 0.091833823 10.0.1.15 → 10.105.134.33 TCP 74 38430 → 9999 [SYN] Seq=0 Win=64390 Len=0 MSS=1370 SACK_PERM TSval=167971729 TSecr=0 WS=128
+ 10 0.092468056 10.105.134.33 → 10.0.1.15 TCP 74 9999 → 38430 [SYN, ACK] Seq=0 Ack=1 Win=65184 Len=0 MSS=1370 SACK_PERM TSval=2085648661 TSecr=167971729 WS=128
+ 11 0.092505544 10.0.1.15 → 10.105.134.33 TCP 66 38430 → 9999 [ACK] Seq=1 Ack=1 Win=64512 Len=0 TSval=167971730 TSecr=2085648661
+
+```
+#
+
+```shell
+
+root@node-1:~# iptables -t nat -L -v | grep "10.105.134.33"
+ 0 0 KUBE-SVC-IWPXKGE4TAJJE4GD tcp -- any any anywhere 10.105.134.33 /* wrk-2/node-wrk-2-ubuntu24:tcp-9999 cluster IP */ tcp dpt:9999
+ 0 0 KUBE-SVC-HX23KANCFUYJINGR udp -- any any anywhere 10.105.134.33 /* wrk-2/node-wrk-2-ubuntu24:udp-9999 cluster IP */ udp dpt:9999
+ 0 0 KUBE-MARK-MASQ udp -- any any !10.10.0.0/16 10.105.134.33 /* wrk-2/node-wrk-2-ubuntu24:udp-9999 cluster IP */ udp dpt:9999
+ 0 0 KUBE-MARK-MASQ tcp -- any any !10.10.0.0/16 10.105.134.33 /* wrk-2/node-wrk-2-ubuntu24:tcp-9999 cluster IP */ tcp dpt:9999
+
+```
+
+```shell
+Chain KUBE-SVC-IWPXKGE4TAJJE4GD (1 references)
+ pkts bytes target prot opt in out source destination
+ 0 0 KUBE-MARK-MASQ tcp -- any any !10.10.0.0/16 10.105.134.33 /* wrk-2/node-wrk-2-ubuntu24:tcp-9999 cluster IP */ tcp dpt:9999
+ 0 0 KUBE-SEP-FXHI2MOU7V5XIHJD all -- any any anywhere anywhere /* wrk-2/node-wrk-2-ubuntu24:tcp-9999 -> 10.0.2.215:9999 */
+
+```
+#
+
+```shell
+root@node-1:~/bpftool/src# bpftool link
+2: tcx prog 572
+ ifindex cilium_vxlan(5) attach_type tcx_ingress
+3: tcx prog 571
+ ifindex cilium_vxlan(5) attach_type tcx_egress
+4: tcx prog 657
+ ifindex cilium_host(4) attach_type tcx_ingress
+5: tcx prog 652
+ ifindex cilium_host(4) attach_type tcx_egress
+6: tcx prog 664
+ ifindex cilium_net(3) attach_type tcx_ingress
+7: tcx prog 674
+ ifindex ens4(2) attach_type tcx_ingress
+8: tcx prog 600
+ ifindex lxc_health(7) attach_type tcx_ingress
+9: tcx prog 681
+ ifindex lxc7dc050ebabd6(9) attach_type tcx_ingress
+10: tcx prog 694
+ ifindex lxc1e0b7c2c5527(11) attach_type tcx_ingress
+```
+
+#
+
+```shell
+
+root@node-1:~# tshark -i cilium_vxlan
+Running as user "root" and group "root". This could be dangerous.
+Capturing on 'cilium_vxlan'
+...
+ 3 0.153379717 10.0.1.15 → 10.0.2.17 DNS 109 Standard query 0x69a9 A node-wrk-2-ubuntu24.wrk-2.wrk-1.svc.cluster.local
+ 4 0.153453149 10.0.1.15 → 10.0.2.17 DNS 109 Standard query 0x71b4 AAAA node-wrk-2-ubuntu24.wrk-2.wrk-1.svc.cluster.local
+ 5 0.154519494 10.0.2.17 → 10.0.1.15 DNS 202 Standard query response 0x69a9 No such name A node-wrk-2-ubuntu24.wrk-2.wrk-1.svc.cluster.local SOA ns.dns.cluster.local
+ 6 0.156446844 10.0.2.17 → 10.0.1.15 DNS 202 Standard query response 0x71b4 No such name AAAA node-wrk-2-ubuntu24.wrk-2.wrk-1.svc.cluster.local SOA ns.dns.cluster.local
+ 7 0.156651889 10.0.1.15 → 10.0.2.17 DNS 103 Standard query 0x0fd2 A node-wrk-2-ubuntu24.wrk-2.svc.cluster.local
+ 8 0.156713018 10.0.1.15 → 10.0.2.17 DNS 103 Standard query 0xf8cf AAAA node-wrk-2-ubuntu24.wrk-2.svc.cluster.local
+ 9 0.157366940 10.0.2.17 → 10.0.1.15 DNS 196 Standard query response 0xf8cf AAAA node-wrk-2-ubuntu24.wrk-2.svc.cluster.local SOA ns.dns.cluster.local
+ 10 0.157367119 10.0.2.17 → 10.0.1.15 DNS 162 Standard query response 0x0fd2 A node-wrk-2-ubuntu24.wrk-2.svc.cluster.local A 10.105.134.33
+ 11 0.247844051 10.0.1.15 → 10.0.2.215 TCP 74 41208 → 9999 [SYN] Seq=0 Win=64390 Len=0 MSS=1370 SACK_PERM TSval=168433304 TSecr=0 WS=128
+ 12 0.248302570 10.0.2.215 → 10.0.1.15 TCP 74 9999 → 41208 [SYN, ACK] Seq=0 Ack=1 Win=65184 Len=0 MSS=1370 SACK_PERM TSval=2086110236 TSecr=168433304 WS=128
+ 13 0.248397099 10.0.1.15 → 10.0.2.215 TCP 66 41208 → 9999 [ACK] Seq=1 Ack=1 Win=64512 Len=0 TSval=168433305 TSecr=2086110236
+...
+
+```
+
+#
+
+```shell
+root@node-1:~# iptables -t nat -L -v | grep 10.0.2.215
+ 0 0 KUBE-MARK-MASQ all -- any any 10.0.2.215 anywhere /* wrk-2/node-wrk-2-ubuntu24:tcp-9999 */
+ 0 0 DNAT tcp -- any any anywhere anywhere /* wrk-2/node-wrk-2-ubuntu24:tcp-9999 */ tcp to:10.0.2.215:9999
+ 0 0 KUBE-MARK-MASQ all -- any any 10.0.2.215 anywhere /* wrk-2/node-wrk-2-ubuntu24:udp-9999 */
+ 0 0 DNAT udp -- any any anywhere anywhere /* wrk-2/node-wrk-2-ubuntu24:udp-9999 */ udp to:10.0.2.215:9999
+ 0 0 KUBE-SEP-VWQM2HSDJBARAX5I all -- any any anywhere anywhere /* wrk-2/node-wrk-2-ubuntu24:udp-9999 -> 10.0.2.215:9999 */
+ 0 0 KUBE-SEP-FXHI2MOU7V5XIHJD all -- any any anywhere anywhere /* wrk-2/node-wrk-2-ubuntu24:tcp-9999 -> 10.0.2.215:9999 */
+
+```
+
+#
+
+
+```shell
+
+root@node-1:~# tshark -i ens4 -f udp
+Running as user "root" and group "root". This could be dangerous.
+Capturing on 'ens4'
+ 1 0.000000000 10.168.0.4 → 10.168.0.5 UDP 159 45304 → 8472 Len=117
+ 2 0.000026094 10.168.0.4 → 10.168.0.5 UDP 159 45304 → 8472 Len=117
+ 3 0.000787520 10.168.0.5 → 10.168.0.4 UDP 252 45292 → 8472 Len=210
+ 4 0.000879542 10.168.0.5 → 10.168.0.4 UDP 252 45292 → 8472 Len=210
+ 5 0.001084107 10.168.0.4 → 10.168.0.5 UDP 153 59946 → 8472 Len=111
+ 6 0.001121632 10.168.0.4 → 10.168.0.5 UDP 153 59946 → 8472 Len=111
+ 7 0.001991176 10.168.0.5 → 10.168.0.4 UDP 246 56913 → 8472 Len=204
+ 8 0.003240963 10.168.0.5 → 10.168.0.4 UDP 212 56913 → 8472 Len=170
+ 9 0.091070101 10.168.0.4 → 10.168.0.5 UDP 124 32918 → 8472 Len=82
+ 10 0.091373667 10.168.0.5 → 10.168.0.4 UDP 124 43769 → 8472 Len=82
+ 11 0.091482484 10.168.0.4 → 10.168.0.5 UDP 116 32918 → 8472 Len=74
+
+```
+
+#
+
+
+```shell
+
+root@node-2:~# tshark -i ens4 -f udp
+Running as user "root" and group "root". This could be dangerous.
+Capturing on 'ens4'
+ 1 0.000000000 10.168.0.4 → 10.168.0.5 UDP 159 54392 → 8472 Len=117
+ 2 0.000000394 10.168.0.4 → 10.168.0.5 UDP 159 54392 → 8472 Len=117
+ 3 0.000924839 10.168.0.5 → 10.168.0.4 UDP 252 33949 → 8472 Len=210
+ 4 0.001091915 10.168.0.5 → 10.168.0.4 UDP 252 33949 → 8472 Len=210
+ 5 0.090827819 10.168.0.4 → 10.168.0.5 UDP 124 46625 → 8472 Len=82
+ 6 0.091005902 10.168.0.5 → 10.168.0.4 UDP 124 39053 → 8472 Len=82
+ 7 0.091299352 10.168.0.4 → 10.168.0.5 UDP 116 46625 → 8472 Len=74
+```
+
+#
+
+```shell
+
+root@node-2:~# tshark -i cilium_vxlan -f "tcp port 9999"
+Running as user "root" and group "root". This could be dangerous.
+Capturing on 'cilium_vxlan'
+ 1 0.000000000 10.0.1.15 → 10.0.2.215 TCP 74 40686 → 9999 [SYN] Seq=0 Win=64390 Len=0 MSS=1370 SACK_PERM TSval=166156308 TSecr=0 WS=128
+ 2 0.000242183 10.0.2.215 → 10.0.1.15 TCP 74 9999 → 40686 [SYN, ACK] Seq=0 Ack=1 Win=65184 Len=0 MSS=1370 SACK_PERM TSval=2083833240 TSecr=166156308 WS=128
+ 3 0.000623879 10.0.1.15 → 10.0.2.215 TCP 66 40686 → 9999 [ACK] Seq=1 Ack=1 Win=64512 Len=0 TSval=166156309 TSecr=2083833240
+
+```
+
+#
+
+```shell
+
+root@node-2:~# ip route
+...
+10.0.2.0/24 via 10.0.2.244 dev cilium_host proto kernel src 10.0.2.244
+...
+```
+
+```shell
+
+root@node-2:~# ip netns list
+47f92595-eb21-46c7-b0ac-5efbf1cd4d59 (id: 2)
+ceb7eaea-1923-4233-9253-9b7d25a9fb93 (id: 1)
+fe1dc96d-ef17-4afd-a1f7-4b65bdd64bd0
+c686294b-4802-4767-9057-69c83626a5ee
+477ebbff-90d2-43f3-9e8f-15dbac6501f2
+```
+
+```shell
+root@node-2:~# ip netns exec ceb7eaea-1923-4233-9253-9b7d25a9fb93 ip a
+...
+8: eth0@if9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1460 qdisc noqueue state UP group default qlen 1000
+ link/ether 92:42:dd:7b:6f:be brd ff:ff:ff:ff:ff:ff link-netns fe1dc96d-ef17-4afd-a1f7-4b65bdd64bd0
+ inet 10.0.2.215/32 scope global eth0
+ valid_lft forever preferred_lft forever
+ inet6 fe80::9042:ddff:fe7b:6fbe/64 scope link
+ valid_lft forever preferred_lft forever
+```
+
+```shell
+
+root@node-2:~# ip netns exec ceb7eaea-1923-4233-9253-9b7d25a9fb93 ps aux | grep nc
+...
+root 39372 0.0 0.1 14912 5548 pts/0 S+ May21 0:00 nc -l 0.0.0.0 9999
+
+```
+```shell
+
+root@node-2:~# ip -d link show
+...
+9: lxc3afb1f126f2c@if8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1460 qdisc noqueue state UP mode DEFAULT group default qlen 1000
+ link/ether 52:17:b0:95:31:94 brd ff:ff:ff:ff:ff:ff link-netns ceb7eaea-1923-4233-9253-9b7d25a9fb93 promiscuity 0 allmulti 0 minmtu 68 maxmtu 65535
+ veth addrgenmode eui64 numtxqueues 2 numrxqueues 2 gso_max_size 65536 gso_max_segs 65535 tso_max_size 524280 tso_max_segs 65535 gro_max_size 65536
+11: lxc3fe8b5095c99@if10: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1460 qdisc noqueue state UP mode DEFAULT group default qlen 1000
+ link/ether 72:15:1d:3a:ad:d0 brd ff:ff:ff:ff:ff:ff link-netns 47f92595-eb21-46c7-b0ac-5efbf1cd4d59 promiscuity 0 allmulti 0 minmtu 68 maxmtu 65535
+ veth addrgenmode eui64 numtxqueues 2 numrxqueues 2 gso_max_size 65536 gso_max_segs 65535 tso_max_size 524280 tso_max_segs 65535 gro_max_size 65536
+...
+```
+
+#
+
+```shell
+root@node-2:~# tshark -i lxc3afb1f126f2c
+Running as user "root" and group "root". This could be dangerous.
+Capturing on 'lxc3afb1f126f2c'
+ 1 0.000000000 10.0.1.15 → 10.0.2.215 TCP 74 50210 → 9999 [SYN] Seq=0 Win=64390 Len=0 MSS=1370 SACK_PERM TSval=173851431 TSecr=0 WS=128
+ 2 0.000035143 10.0.2.215 → 10.0.1.15 TCP 74 9999 → 50210 [SYN, ACK] Seq=0 Ack=1 Win=65184 Len=0 MSS=1370 SACK_PERM TSval=2091528363 TSecr=173851431 WS=128
+ 3 0.000359301 10.0.1.15 → 10.0.2.215 TCP 66 50210 → 9999 [ACK] Seq=1 Ack=1 Win=64512 Len=0 TSval=173851431 TSecr=2091528363
+
```
\ No newline at end of file
projects / linuxyz.git / commitdiff