# create namespace
ip netns add ns1

# create veth link
ip link add veth1 type veth peer name vpeer1
ip link set veth1 up

# add peers to ns
ip link set vpeer1 netns ns1

# setup loopback interface
ip netns exec ns1 ip link set lo up

# setup peer ns interface
ip netns exec ns1 ip link set vpeer1 up

# assign ip address to ns interfaces
ip netns exec ns1 ip addr add 10.10.0.10/24 dev vpeer1


# setup bridge
ip link add br0 type bridge
ip link set br0 up

# add veth1 into bridge
ip link set veth1 master br0

# setup bridge ip
ip addr add 10.10.0.1/24 dev br0

# add default routes for ns
ip netns exec ns1 ip route add default via 10.10.0.1

#  have a try
ip netns exec ns1 ping 10.10.0.1

# enable ip forwarding
bash -c 'echo 1 > /proc/sys/net/ipv4/ip_forward'
iptables -t nat -A POSTROUTING -s 10.10.0.1/24 ! -o br0 -j MASQUERADE

# check the network interfaces in the container
--net=host, bridge 
docker run --net=host -it --rm alpine ip addr
docker network create foo

参考文档

linux-networking-bridge-iptables-and-docker

Posted in: Linux