方法一、使用ifconfig命令
# 在eth0网卡上创建一个叫eth0:0的虚拟网卡,虚拟网卡的地址是:192.168.10.10 ifconfig eth0:0 192.168.10.10 up # 可以使用如下命令删除该网卡 sudo ifconfig eth0:0 down # 当然,这属于临时配置,重启之后,前面的配置就消失了。如果要持久化配置,需要修改相应的网 # 络配置文件。配置文件的格式与路径因发行版的不同而异。不再展开说明。 # 比如:Debian修改/etc/network/interfaces配置文件。
这种方法有一个问题:网卡的MAC地址是相同的。即,不能为eth0和eth0:0设置不同的MAC地址。
方法二、使用TUN/TAP
# 安装uml-utilities工具 apt-get install uml-utilities # 创建虚拟网卡 eth2 tunctl -t eth2 # 为虚拟网卡eth2固定一个MAC地址 ifconfig eth2 down ifconfig eth2 hw ether 00:11:22:33:44:55 # 启用虚拟网卡eth2 ifconfig eth2 up
注意,这种虚拟网卡是不能绑定物理网卡的(也就是说不能通过该网卡访问外部网络),是在隧道技术中使用的虚拟网卡。以下的一段话引用子stackoverflow的“which physical interface tun/tap device attached to”问题,该问题解释了原因:
There is no inherent relation.
It is important to understand that neither TUN/TAP nor any other device does routing. Internet Protocol (IP) routing is handled by the IP stack, and it can’t really tell the difference between a TAP interface and a real Ethernet interface. Packets received by the IP stack from TUN/TAP interfaces are generated by a program on that same machine, and when the IP stack routes packets out a TUN or TAP interface they are received only by the software that opened the interface. Think of them as Ethernet ports that are wired to software instead of a real Ethernet network.
You seem to grasp the example you quoted well enough. Vtun (the software) opens both the tap0 interface and a socket that is then routed like any other IP traffic. Vtun takes packets it receives on tap0 and encapsulates them with encryption and compression and pushes them out the socket. Another instance of Vtun on the other end of that socket (probably running on a different machine) decapsulates the packets from the socket and pushes them out its TAP interface to be processed by its kernel’s networking layer.
But the socket isn’t part of TAP at all, and how it is routed is up to the IP stack. If both instances of Vtun run on the same system, the socket would not need to route out a physical interface. And in such a use case, the socket (and encryption and compression) can be removed entirely. You could have a single program dumbly copying data between two TAP interfaces. There is nothing in the TUN/TAP spec that requires a socket or physical interfaces; the example socket is incidental, a feature introduced by the nature of the Vtun program.
So your question about three physical connections to the internet is not related to TUN/TAP, but is about general IP routing instead. The answer there is highly dependent on your specific configuration.
方法三、使用Dummy
#!/bin/bash # 检查是否加载了dummy内核模块,执行如下命令,看是否有输出 lsmod | grep dummy # 启动dummy内核模块 modprobe dummy # 添加虚拟网卡 ip link add dummy0 type dummy ip link add dummy1 type dummy # 查看网卡 ip link list
有关的Dummy网卡的作用可以参考下面的说明,引自:http://www.tldp.org/LDP/nag/node72.html
The Dummy Interface
The dummy interface is really a little exotic, but rather useful nevertheless. Its main benefit is with standalone hosts, and machines whose only IP network connection is a dial-up link. In fact, the latter are standalone hosts most of the time, too.
The dummy interface is really a little exotic, but rather useful nevertheless. Its main benefit is with standalone hosts, and machines whose only IP network connection is a dial-up link. In fact, the latter are standalone hosts most of the time, too.
The dilemma with standalone hosts is that they only have a single network device active, the loopback device, which is usually assigned the address 127.0.0.1. On some occasions, however, you need to send data to the `official’ IP address of the local host. For instance, consider the laptop vlite, that has been disconnected from any network for the duration of this example. An application on vlite may now want to send some data to another application on the same host. Looking up vlite in /etc/hosts yields an IP-address of 191.72.1.65, so the application tries to send to this address. As the loopback interface is currently the only active interface on the machine, the kernel has no idea that this address actually refers to itself! As a consequence, the kernel discards the datagram, and returns an error to the application.
This is where the dummy device steps in. It solves the dilemma by simply serving as the alter ego of the loopback interface. In the case of vlite, you would simply give it the address 191.72.1.65 and add a host route pointing to it. Every datagram for 191.72.1.65 would then be delivered locally. The proper invocation is:
# ifconfig dummy vlite
# route add vlite
# route add vlite
Andrew Anderson
Thu Mar 7 23:22:06 EST 1996
Thu Mar 7 23:22:06 EST 1996
MACVLAN(推荐)
参考 MACVLAN and IPVLAN/MACVLAN 笔记。
参考文献
Configuring virtual network interfaces in Linux
How can I create a virtual ethernet interface on a machine without a physical adapter?
which physical interface tun/tap device attached to?
Ubuntu 12.04 LTS 添加虚拟网卡设置硬件MAC地址
Linux下Tun/Tap设备通信原理