Skip to content
Snippets Groups Projects
Commit 4e5c6510 authored by timbastin's avatar timbastin
Browse files

Changed port

parent 62b2357e
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
prak/pr02/miniserver/Dockerfile
+ 1
1
View file @ 4e5c6510
......@@ -10,6 +10,6 @@ FROM gcr.io/distroless/base
COPY --from=builder /usr/app/ /usr/app/
WORKDIR /usr/app
EXPOSE 3000
EXPOSE 80
CMD ["./miniserver"]
prak/pr02/miniserver/main.go
+ 1
1
View file @ 4e5c6510
......@@ -66,5 +66,5 @@ func main() {
}
http.HandleFunc("/", webHandlerFactory(tmpl))
log.Println("started web server")
http.ListenAndServe(":3000", nil)
http.ListenAndServe(":80", nil)
}
prak/pr04/README.md
+ 315
0
View file @ 4e5c6510
......@@ -10,4 +10,319 @@ docker build -t docker.fslab.de/tbasti2s/servmgmt-ss22 .
```
docker run -p 20411:3000 docker.fslab.de/tbasti2s/servmgmt-ss22
```
## f)
Das Deployment war sehr einfach. Ich denke die Konfiguration könnte dahingehend vereinfacht werden, dass kein separates Netzwerk erstellt wird.
# Aufgabe 2
## a)
|Containername|IP-Adresse|Netzmaske|Gateway|
|:------------|:---------|:---------|:------|
|pr04-miniwhoami_20412-1|172.18.0.3|255.255.0.0|172.18.0.1|
|pr04-miniwhoami_20413-1|172.18.0.2|255.255.0.0|172.18.0.1|
|peaceful_galileo|172.17.0.2|255.255.0.0|172.17.0.1|
Das Interface `eth0` ist das Netzwerkinterface des Containers. Es besitzt keine IPv6 Adresse.
## b)
```
NETWORK ID NAME DRIVER SCOPE
406fbef57498 bridge bridge local
62325a2b1ac5 host host local
4597d12b21e9 none null local
112c694020b4 pr04_mynetwork bridge local
```
Mit dem Kommando: `docker inspect 31d072cf33a4 -f "{{json .NetworkSettings.Networks }}"` können die Netzwerke des Containers aufgelistet werden.
Die Container, die mit der docker-compose deployed wurden, sind nur mit dem `pr04_mynetwork` verbunden
Der Container `peaceful_galileo` ist ausschließlich mit dem Bridge-Netzwerk verbunden.
```json
{
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "406fbef57498092c168313625a3e69d7bdd26a9576ae5ce6b15802c369f1c33d",
"EndpointID": "9f901e4378d81af1c92a9942a077ef5c830a30cdaf096d8f816bc2aad2f9e01b",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02",
"DriverOpts": null
}
}
```
## c)
Alle Container sind mit dem Internet verbunden.
## d)
Es findet eine Weiterleitung vom Host-Server statt. Die Hostserver Adresse ist unter IPv6 erreichbar. Erreichen Anfragen den Hostserver, routet Docker diese an die dazugehörigen Container.
## e)
Der Container lässt sich ausschließlich über ide IP-Adresse anpingen.
## f)
Die Container lassen sich über die IP-Adresse und den Servicenamen anpingen.
## g)
```
dig miniwhoami_20413
; <<>> DiG 9.16.27 <<>> miniwhoami_20413
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41929
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;miniwhoami_20413. IN A
;; ANSWER SECTION:
miniwhoami_20413. 600 IN A 172.18.0.2
;; Query time: 0 msec
;; SERVER: 127.0.0.11#53(127.0.0.11)
;; WHEN: Tue May 03 12:32:31 UTC 2022
;; MSG SIZE rcvd: 66
```
# Aufgabe 3
## a)
```
2001:638:408:200:fe10::/80
2001:638:408:200:fe11::/80
2001:638:408:200:fe12::/80
2001:638:408:200:fe13::/80
```
Der Default-Bridge wird das neue Subnetz zugewiesen.
## b)
### 1.
Die IP-Adresse: `2001:638:408:200:fe11:242:ac11:2/80` wurde dem Container zugewiesen. Die Adresse wird aus dem Subnetz und der MAC-Adresse des Containers gebildet. Das Interface `eth0` besitzt die genannte Adresse.
### 2.
Die IP-Adresse kann von keinem Container aus erreicht werden. Ausschließlich der Hostserver erreicht mit einem Ping den Container.
### 3.
```
2001:638:408:200:fe11::/80 dev eth0 proto kernel metric 256 pref medium
fe80::/64 dev eth0 proto kernel metric 256 pref medium
default via 2001:638:408:200:fe11::1 dev eth0 metric 1024 pref medium
```
Es fehlt eine Neigbour-Discovery.
### 4.
### 5.
NDP muss für die Adresse eingerichtet sein.
# Aufgabe 4
## a)
```
sudo sysctl net.ipv6.conf.ens18.proxy_ndp=1 && \
sudo ip -6 neigh add proxy 2001:638:408:200:fe11:242:ac11:2 dev ens18
```
## b)
```
# route-ttl <integer> (NEW)
# This tells 'ndppd' how often to reload the route file /proc/net/ipv6_route.
# Default value is '30000' (30 seconds).
route-ttl 30000
# proxy <interface>
# This sets up a listener, that will listen for any Neighbor Solicitation
# messages, and respond to them according to a set of rules (see below).
# <interface> is required. You may have several 'proxy' sections.
proxy ens18 {
# router <yes|no|true|false>
# This option turns on or off the router flag for Neighbor Advertisement
# messages. Default value is 'true'.
router yes
# timeout <integer>
# Controls how long to wait for a Neighbor Advertisment message before
# invalidating the entry, in milliseconds. Default value is '500'.
timeout 500
# ttl <integer>
# Controls how long a valid or invalid entry remains in the cache, in
# milliseconds. Default value is '30000' (30 seconds).
ttl 30000
# rule <ip>[/<mask>]
# This is a rule that the target address is to match against. If no netmask
# is provided, /128 is assumed. You may have several rule sections, and the
# addresses may or may not overlap.
rule 2001:638:408:200:fe11:: {
# Only one of 'static', 'auto' and 'interface' may be specified. Please
# read 'ndppd.conf' manpage for details about the methods below.
# 'auto' should work in most cases.
# static (NEW)
# 'ndppd' will immediately answer any Neighbor Solicitation Messages
# (if they match the IP rule).
# iface <interface>
# 'ndppd' will forward the Neighbor Solicitation Message through the
# specified interface - and only respond if a matching Neighbor
# Advertisement Message is received.
# auto (NEW)
# Same as above, but instead of manually specifying the outgoing
# interface, 'ndppd' will check for a matching route in /proc/net/ipv6_route.
auto
# Note that before version 0.2.2 of 'ndppd', if you didn't choose a
# method, it defaulted to 'static'. For compatibility reasons we choose
# to keep this behavior - for now (it may be removed in a future version).
}
}
```
`proxy ens18` welches Interface weitergeleitet werden soll.
`rule 2001:638:408:200:fe11::` Für welches Subnetz die Neighbor-Discovery ausgeführt werden soll.
# Aufgabe 5
## a)
Das Subnetz enthält `4,294,967,296` IPv6 Adressen. Das sollte ausreichend sein ;-)
## b)
```
docker network create --subnet="2001:638:408:200:fe10:cafe::/96" --gateway="2001:638:408:200:fe10:cafe::1" --ipv6 my_ipv6
```
## c)
```
# route-ttl <integer> (NEW)
# This tells 'ndppd' how often to reload the route file /proc/net/ipv6_route.
# Default value is '30000' (30 seconds).
route-ttl 30000
# proxy <interface>
# This sets up a listener, that will listen for any Neighbor Solicitation
# messages, and respond to them according to a set of rules (see below).
# <interface> is required. You may have several 'proxy' sections.
proxy ens18 {
# router <yes|no|true|false>
# This option turns on or off the router flag for Neighbor Advertisement
# messages. Default value is 'true'.
router yes
# timeout <integer>
# Controls how long to wait for a Neighbor Advertisment message before
# invalidating the entry, in milliseconds. Default value is '500'.
timeout 500
# ttl <integer>
# Controls how long a valid or invalid entry remains in the cache, in
# milliseconds. Default value is '30000' (30 seconds).
ttl 30000
# rule <ip>[/<mask>]
# This is a rule that the target address is to match against. If no netmask
# is provided, /128 is assumed. You may have several rule sections, and the
# addresses may or may not overlap.
rule 2001:638:408:200:fe11::/80 {
# Only one of 'static', 'auto' and 'interface' may be specified. Please
# read 'ndppd.conf' manpage for details about the methods below.
# 'auto' should work in most cases.
# static (NEW)
# 'ndppd' will immediately answer any Neighbor Solicitation Messages
# (if they match the IP rule).
# iface <interface>
# 'ndppd' will forward the Neighbor Solicitation Message through the
# specified interface - and only respond if a matching Neighbor
# Advertisement Message is received.
# auto (NEW)
# Same as above, but instead of manually specifying the outgoing
# interface, 'ndppd' will check for a matching route in /proc/net/ipv6_route.
auto
# Note that before version 0.2.2 of 'ndppd', if you didn't choose a
# method, it defaulted to 'static'. For compatibility reasons we choose
# to keep this behavior - for now (it may be removed in a future version).
}
rule 2001:638:408:200:fe10:cafe::/96 {
# Only one of 'static', 'auto' and 'interface' may be specified. Please
# read 'ndppd.conf' manpage for details about the methods below.
# 'auto' should work in most cases.
# static (NEW)
# 'ndppd' will immediately answer any Neighbor Solicitation Messages
# (if they match the IP rule).
# iface <interface>
# 'ndppd' will forward the Neighbor Solicitation Message through the
# specified interface - and only respond if a matching Neighbor
# Advertisement Message is received.
# auto (NEW)
# Same as above, but instead of manually specifying the outgoing
# interface, 'ndppd' will check for a matching route in /proc/net/ipv6_route.
auto
# Note that before version 0.2.2 of 'ndppd', if you didn't choose a
# method, it defaulted to 'static'. For compatibility reasons we choose
# to keep this behavior - for now (it may be removed in a future version).
}
}
```
\ No newline at end of file
prak/pr04/docker-compose.yaml
+ 2
2
View file @ 4e5c6510
......@@ -4,14 +4,14 @@ services:
miniwhoami_20412:
image: docker.fslab.de/tbasti2s/servmgmt-ss22
ports:
- "20412:3000"
- "20412:80"
networks:
- mynetwork
miniwhoami_20413:
image: docker.fslab.de/tbasti2s/servmgmt-ss22
ports:
- "20413:3000"
- "20413:80"
networks:
- mynetwork
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment