网络
查询所有网络
[root@test ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
dd7e1b16bd7e bridge bridge local
a4e5b09d5de7 host host local
8ukl40z7lsbw ingress overlay swarm
9a052ca6827b none null local
[root@test ~]# yum -y install bridge-utils
Loaded plugins: fastestmirror, product-id, search-disabled-repos,
: subscription-manager
[root@test ~]# brctl show
bridge name bridge id STP enabled interfaces
br-5e09f0a7664c 8000.0242da00cccc no
docker0 8000.0242734aa827 no
docker_gwbridge 8000.024240ac7b91 no veth02042c3
veth3c4a351
veth9459602
[root@test ~]# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
link/ether 08:00:27:d2:51:7e brd ff:ff:ff:ff:ff:ff
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default
link/ether 02:42:73:4a:a8:27 brd ff:ff:ff:ff:ff:ff
4: docker_gwbridge: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default
link/ether 02:42:40🇦🇨7b:91 brd ff:ff:ff:ff:ff:ff
5: br-5e09f0a7664c: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default
link/ether 02:42:da:00🇨🇨cc brd ff:ff:ff:ff:ff:ff
11: veth3c4a351@if10: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker_gwbridge state UP mode DEFAULT group default
link/ether d2🇪🇪fc:13:cb:a6 brd ff:ff:ff:ff:ff:ff link-netnsid 1
17: veth02042c3@if16: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker_gwbridge state UP mode DEFAULT group default
link/ether 1a:08:e2:0e:ce:d3 brd ff:ff:ff:ff:ff:ff link-netnsid 3
19: veth9459602@if18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker_gwbridge state UP mode DEFAULT group default
link/ether 6a:d7:70:41:63:07 brd ff:ff:ff:ff:ff:ff link-netnsid 2
[root@test ~]# iptables -t nat -vnL
Chain PREROUTING (policy ACCEPT 89 packets, 5588 bytes)
pkts bytes target prot opt in out source destination
0 0 DOCKER-INGRESS all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
93 6828 PREROUTING_direct all -- * * 0.0.0.0/0 0.0.0.0/0
93 6828 PREROUTING_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0
93 6828 PREROUTING_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
1 60 DOCKER all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 170 packets, 12456 bytes)
pkts bytes target prot opt in out source destination
0 0 DOCKER-INGRESS all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
203 14819 OUTPUT_direct all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DOCKER all -- * * 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL
Chain POSTROUTING (policy ACCEPT 170 packets, 12456 bytes)
pkts bytes target prot opt in out source destination
0 0 MASQUERADE all -- * docker_gwbridge 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match src-type LOCAL
0 0 MASQUERADE all -- * !docker0 172.17.0.0/16 0.0.0.0/0
0 0 MASQUERADE all -- * !br-5e09f0a7664c 172.20.0.0/16 0.0.0.0/0
0 0 MASQUERADE all -- * !docker_gwbridge 172.19.0.0/16 0.0.0.0/0
203 14819 POSTROUTING_direct all -- * * 0.0.0.0/0 0.0.0.0/0
203 14819 POSTROUTING_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0
203 14819 POSTROUTING_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
Chain DOCKER (2 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- docker0 * 0.0.0.0/0 0.0.0.0/0
0 0 RETURN all -- br-5e09f0a7664c * 0.0.0.0/0 0.0.0.0/0
0 0 RETURN all -- docker_gwbridge * 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-INGRESS (2 references)
pkts bytes target prot opt in out source destination
0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 to:172.19.0.2:80
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT_direct (1 references)
pkts bytes target prot opt in out source destination
Chain POSTROUTING_ZONES (1 references)
pkts bytes target prot opt in out source destination
202 14759 POST_public all -- * enp0s3 0.0.0.0/0 0.0.0.0/0 [goto]
1 60 POST_public all -- * + 0.0.0.0/0 0.0.0.0/0 [goto]
Chain POSTROUTING_ZONES_SOURCE (1 references)
pkts bytes target prot opt in out source destination
Chain POSTROUTING_direct (1 references)
pkts bytes target prot opt in out source destination
Chain POST_public (2 references)
pkts bytes target prot opt in out source destination
203 14819 POST_public_log all -- * * 0.0.0.0/0 0.0.0.0/0
203 14819 POST_public_deny all -- * * 0.0.0.0/0 0.0.0.0/0
203 14819 POST_public_allow all -- * * 0.0.0.0/0 0.0.0.0/0
Chain POST_public_allow (1 references)
pkts bytes target prot opt in out source destination
Chain POST_public_deny (1 references)
pkts bytes target prot opt in out source destination
Chain POST_public_log (1 references)
pkts bytes target prot opt in out source destination
Chain PREROUTING_ZONES (1 references)
pkts bytes target prot opt in out source destination
93 6828 PRE_public all -- enp0s3 * 0.0.0.0/0 0.0.0.0/0 [goto]
0 0 PRE_public all -- + * 0.0.0.0/0 0.0.0.0/0 [goto]
Chain PREROUTING_ZONES_SOURCE (1 references)
pkts bytes target prot opt in out source destination
Chain PREROUTING_direct (1 references)
pkts bytes target prot opt in out source destination
Chain PRE_public (2 references)
pkts bytes target prot opt in out source destination
93 6828 PRE_public_log all -- * * 0.0.0.0/0 0.0.0.0/0
93 6828 PRE_public_deny all -- * * 0.0.0.0/0 0.0.0.0/0
93 6828 PRE_public_allow all -- * * 0.0.0.0/0 0.0.0.0/0
Chain PRE_public_allow (1 references)
pkts bytes target prot opt in out source destination
Chain PRE_public_deny (1 references)
pkts bytes target prot opt in out source destination
Chain PRE_public_log (1 references)
pkts bytes target prot opt in out source destination
上一篇 docker 学习笔记(三)
docker 学习笔记目录
下一篇 docker 学习笔记(五)
