当前位置: 文江博客 话题详情

Mac OS X 中的虚拟网络接口

发布于 2024-07-04 10:15:24 字数 507 浏览 6 评论 0 原文

我知道您可以在 Windows 中创建虚拟网络接口(请参阅此处)和 Linux 中使用 ip 别名也很容易,但是 Mac OS X 是否存在类似的东西? 我一直在寻找环回适配器、虚拟接口,但找不到好的解决方案。

您可以在网络面板中基于现有接口创建一个新接口,但它不会充当真正的全功能接口(如果原始接口处于非活动状态,则派生接口也处于非活动状态)。

在完全断开连接的情况下工作时需要这种情况。 即便如此,在 VMWare 安装中运行服务器时拥有网络功能还是有意义的。 这些虚拟机可以通过其 IP 地址访问,但不能通过其 DNS 名称访问,即使我在其中一台虚拟机中运行 DNS 服务器也是如此。 通过配置一个接口来使用虚拟 DNS 服务器,我想我可以测试一些 DNS 场景。 不幸的是,如果没有一个接口处于非活动状态,则没有接口可以解析 DNS 名称...

原文

I know that you can make a virtual network interface in Windows (see here), and in Linux it is also pretty easy with ip-aliases, but does something similar exist for Mac OS X? I've been looking for loopback adapters, virtual interfaces and couldn't find a good solution.

You can create a new interface in the networking panel, based on an existing interface, but it will not act as a real fully functional interface (if the original interface is inactive, then the derived one is also inactive).

This scenario is needed when working in a completely disconnected situation. Even then, it makes sense to have networking capabilities when running servers in a VMWare installation. Those virtual machines can be reached by their IP address, but not by their DNS name, even if I run a DNS server in one of those virtual machines. By configuring an interface to use the virtual DNS server, I thought I could test some DNS scenario's. Unfortunately, no interface is resolving DNS names if none of them are inactive...

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(12

中二柚 2024-07-11 10:15:24

其他一些人似乎暗示了这一点,但以下演示了使用 ifconfig 创建 VLAN 并在虚拟接口上测试 DNS(使用 minidns):

$ sw_vers -productVersion
10.9.5
$ sudo ifconfig vlan169 create && echo vlan169 created
vlan169 created
$ sudo ifconfig vlan169 inet 169.254.169.254 netmask 255.255.255.255 && echo vlan169 configured
vlan169 configured
$ sudo ./minidns.py 169.254.169.254 &
[1] 35125
$ miniDNS :: * 60 IN A 169.254.169.254


$ dig @169.254.169.254 +short test.host
Request: test.host. -> 169.254.169.254
Request: test.host. -> 169.254.169.254
169.254.169.254
$ sudo kill 35125
$ 
[1]+  Exit 143                sudo ./minidns.py 169.254.169.254
$ sudo ifconfig vlan169 destroy && echo vlan169 destroyed
vlan169 destroyed

A few others seemed to hint at this, but the following demonstrates using ifconfig to create a vlan and test DNS on the virtual interface (using minidns) on OS X 10.9.5:

$ sw_vers -productVersion
10.9.5
$ sudo ifconfig vlan169 create && echo vlan169 created
vlan169 created
$ sudo ifconfig vlan169 inet 169.254.169.254 netmask 255.255.255.255 && echo vlan169 configured
vlan169 configured
$ sudo ./minidns.py 169.254.169.254 &
[1] 35125
$ miniDNS :: * 60 IN A 169.254.169.254


$ dig @169.254.169.254 +short test.host
Request: test.host. -> 169.254.169.254
Request: test.host. -> 169.254.169.254
169.254.169.254
$ sudo kill 35125
$ 
[1]+  Exit 143                sudo ./minidns.py 169.254.169.254
$ sudo ifconfig vlan169 destroy && echo vlan169 destroyed
vlan169 destroyed
回复 原文
走过海棠暮 2024-07-11 10:15:24

你是什​​么意思

“但它不会充当真正的全功能接口(如果原始接口处于非活动状态,则派生接口也处于非活动状态”

我可以创建一个新接口,将其基于现有接口,然后禁用现有接口并创建第二个接口仍然有效,但是不会创建真正的接口(当您使用 ifconfig 检查时),它只会将第二个 IP 分配给已经存在的接口(但是,这个接口可以是 DHCP,而第一个接口是 DHCP)例如,硬编码)。

那么我是否理解正确,您想要创建一个不绑定到任何实际接口的接口?例如,如果您断开所有 WLAN 并拔出所有网络电缆,那么该接口将在哪里使用?这个接口发送流量到,如果你发送流量到它?也许你的问题有点不清楚,如果重新表述它可能会有很大帮助,所以一旦你有了这个“虚拟接口”,你就清楚你实际上想用它做什么正如

您在问题中提到的“别名 IP”,这意味着别名接口。 但别名接口始终绑定到真实接口。 不同之处在于,在 Linux 中,这样的接口实际上是一个接口(例如 eth0 的别名接口可能是 eth1),而在 Mac 上,没有创建真正的接口,而是创建了一个接口。创建虚拟接口,可以独立配置和使用,但物理上它仍然是相同的接口,因此不会生成新的命名接口(您只有两个接口,实际上都是 en0,但都可以启用/禁用,并且独立配置)。

What do you mean by

"but it will not act as a real fully functional interface (if the original interface is inactive, then the derived one is also inactive"

?

I can make a new interface, base it on an already existing one, then disable the existing one and the new one still works. Making a second interface does however not create a real interface (when you check with ifconfig), it will just assign a second IP to the already existing one (however, this one can be DHCP while the first one is hard coded for example).

So did I understand you right, that you want to create an interface, not bound to any real interface? How would this interface then be used? E.g. if you disconnect all WLAN and pull all network cables, where would this interface send traffic to, if you send traffic to it? Maybe your question is a bit unclear, it might help a lot if rephrase it, so it's clear what you are actually trying to do with this "virtual interface" once you have it.

As you mentioned "alias IP" in your question, this would mean an alias interface. But an alias interface is always bound to a real interface. The difference is in Linux such an interface really IS an interface (e.g. an alias interface for eth0 could be eth1), while on Mac, no real interface is created, instead a virtual interface is created, that can configured and used independently, but it is still the same interface physically and thus no new named interface is generated (you just have two interfaces, that are both in fact en0, but both can be enabled/disabled and configured independently).

回复 原文
烟沫凡尘 2024-07-11 10:15:24

关于 @bmasterswizzle精彩答案 - 更具体地说 - 给 @DanRamos ' 关于如何强制新接口的链接状态为“up”的问题。我使用这个脚本,我不记得其来源,但它的工作效果非常好(与 @bmasterswizzles“蒙娜丽莎”的答案)...

#!/bin/zsh

[[ "$UID" -ne "0" ]] && echo "You must be root. Goodbye..." && exit 1
echo "starting"
exec 4<>/dev/tap0
ifconfig tap0 10.10.10.1 10.10.10.255
ifconfig tap0 up
ping -c1 10.10.10.1
echo "ending"
export PS1="tap interface>"
dd of=/dev/null <&4 & # continuously reads from buffer and dumps to null

我不太确定我理解最后提示的更改,或者...

dd of=/dev/null <&4 & # 连续从缓冲区读取并转储为空

但无论如何。 有用。 链接灯

In regards to @bmasterswizzle's BRILLIANT answer - more specifically - to @DanRamos' question about how to force the new interface's link-state to "up".. I use this script, of whose origin I cannot recall, but which works fabulously (in coordination with @bmasterswizzles "Mona Lisa" of answers)...

#!/bin/zsh

[[ "$UID" -ne "0" ]] && echo "You must be root. Goodbye..." && exit 1
echo "starting"
exec 4<>/dev/tap0
ifconfig tap0 10.10.10.1 10.10.10.255
ifconfig tap0 up
ping -c1 10.10.10.1
echo "ending"
export PS1="tap interface>"
dd of=/dev/null <&4 & # continuously reads from buffer and dumps to null

I am NOT quite sure I understand the alteration to the prompt at the end, or...

dd of=/dev/null <&4 & # continuously reads from buffer and dumps to null

but WHATEVER. it works. link light????: green✅. loves it????.

enter image description here

回复 原文
绿萝 2024-07-11 10:15:24

特别回复:

您可以在网络面板中基于现有接口创建一个新接口,但它不会充当真正的全功能接口(如果原始接口处于非活动状态,则派生接口也处于非活动状态)。

这可以通过使用 psv141 建议的 Tun/Tap 设备来实现,并操作 /Library/Preferences/SystemConfiguration/preferences.plist 文件来添加基于 tun 或 tap 接口的 NetworkService。 Mac OS X 不允许创建基于虚拟网络接口的 NetworkService,但可以直接操作 preferences.plist 文件来手动添加 NetworkService。 基本上,您可以在 Xcode 中打开 preferences.plist 文件(或直接编辑 XML,但 Xcode 可能更简单),然后从现有以太网接口复制配置。 创建新 NetworkService 的位置位于“NetworkServices”下,如果您的 Mac 有以太网设备,则 NetworkService 配置文件也将在此属性条目下。 以太网条目几乎可以逐字复制,您实际要更改的唯一字段是:

  • UUID
  • UserDefinedName
  • IPv4 配置并将接口设置为 tun 或 tap 设备(即 tun0 或 tap0)。
  • DNS 服务器(如果需要)。

然后,您还可以操纵您想要此 NetworkService 的特定位置(请记住,Mac OS X 可以根据您的“位置”配置所有网络接口)。 默认位置UUID可以在PropertyList的根中作为键“CurrentSet”获得。 确定所需的位置(或集)后,展开 Set 属性,并在 Global/IPv4/ServiceOrder 下添加具有新 NetworkService 的 UUID 的条目。 另外,在 Set 属性下,您需要展开 Service 属性,并将 UUID 添加为字典,其中包含一个字符串条目,键为 __LINK__,值作为 UUID(使用其他接口作为示例)。

修改 preferences.plist 文件后,只需重新启动,NetworkService 将在 SystemPreferences->Network 下可用。 请注意,我们模仿了以太网设备,因此 Mac OS X 网络层会注意到“电缆已拔出”,并且不会让您通过 GUI 激活接口。 但是,由于底层设备是 tun/tap 设备并且具有 IP 地址,因此接口将变为活动状态,并且将在 BSD 级别添加正确的路由。

作为参考,它用于执行特殊的路由魔法。

如果您到目前为止遇到了麻烦,您必须通过打开 /dev/ 下的设备之一来创建 tun/tap 设备。 您可以使用任何程序来执行此操作,但我本人是老式 C 的粉丝:

#include <stdio.h>
#include <fcntl.h>
#include <unistd.h>
int main()
{
   int fd = open("/dev/tun0", O_RDONLY);
   if (fd < 0)
   {
      printf("Failed to open tun/tap device. Are you root? Are the drivers installed?\n");
      return -1;
   }
   while (1)
   {
      sleep(100000);
   }
   return 0;
}

Replying in particular to:

You can create a new interface in the networking panel, based on an existing interface, but it will not act as a real fully functional interface (if the original interface is inactive, then the derived one is also inactive).

This can be achieved using a Tun/Tap device as suggested by psv141, and manipulating the /Library/Preferences/SystemConfiguration/preferences.plist file to add a NetworkService based on either a tun or tap interface. Mac OS X will not allow the creation of a NetworkService based on a virtual network interface, but one can directly manipulate the preferences.plist file to add the NetworkService by hand. Basically you would open the preferences.plist file in Xcode (or edit the XML directly, but Xcode is likely to be more fool-proof), and copy the configuration from an existing Ethernet interface. The place to create the new NetworkService is under "NetworkServices", and if your Mac has an Ethernet device the NetworkService profile will also be under this property entry. The Ethernet entry can be copied pretty much verbatim, the only fields you would actually be changing are:

  • UUID
  • UserDefinedName
  • IPv4 configuration and set the interface to your tun or tap device (i.e. tun0 or tap0).
  • DNS server if needed.

Then you would also manipulate the particular Location you want this NetworkService for (remember Mac OS X can configure all network interfaces dependent on your "Location"). The default location UUID can be obtained in the root of the PropertyList as the key "CurrentSet". After figuring out which location (or set) you want, expand the Set property, and add entries under Global/IPv4/ServiceOrder with the UUID of the new NetworkService. Also under the Set property you need to expand the Service property and add the UUID here as a dictionary with one String entry with key __LINK__ and value as the UUID (use the other interfaces as an example).

After you have modified your preferences.plist file, just reboot, and the NetworkService will be available under SystemPreferences->Network. Note that we have mimicked an Ethernet device so Mac OS X layer of networking will note that "a cable is unplugged" and will not let you activate the interface through the GUI. However, since the underlying device is a tun/tap device and it has an IP address, the interface will become active and the proper routing will be added at the BSD level.

As a reference this is used to do special routing magic.

In case you got this far and are having trouble, you have to create the tun/tap device by opening one of the devices under /dev/. You can use any program to do this, but I'm a fan of good-old-fashioned C myself:

#include <stdio.h>
#include <fcntl.h>
#include <unistd.h>
int main()
{
   int fd = open("/dev/tun0", O_RDONLY);
   if (fd < 0)
   {
      printf("Failed to open tun/tap device. Are you root? Are the drivers installed?\n");
      return -1;
   }
   while (1)
   {
      sleep(100000);
   }
   return 0;
}
回复 原文
夏有森光若流苏 2024-07-11 10:15:24

环回适配器始终处于运行状态。

ifconfig lo0 alias 172.16.123.1 将向环回适配器添加别名 IP 172.16.123.1

ifconfig lo0 -alias 172.16.123.1 将删除它

The loopback adapter is always up.

ifconfig lo0 alias 172.16.123.1 will add an alias IP 172.16.123.1 to the loopback adapter

ifconfig lo0 -alias 172.16.123.1 will remove it

回复 原文
莫多说 2024-07-11 10:15:24

可以使用 TUN/TAP 设备。
http://tuntaposx.sourceforge.net/

It's possible to use TUN/TAP device.
http://tuntaposx.sourceforge.net/

回复 原文
一紙繁鸢 2024-07-11 10:15:24

如果您位于开发环境中并且想要访问已在本地主机/主机上运行的某些服务。 在 docker for mac 中,您还有另一个选择。在 docker 容器中使用 docker.for.mac.localhost 而不是 localhost。
应使用 docker.for.mac.host.internal 代替 Docker Community Edition 17.12.0-ce-mac46 2018-01-09 中的 docker.for.mac.localhost。
这允许您从 docker 容器内连接到 mac 上运行的服务。请参阅下面的链接

了解 docker.for.mac.localhost 行为

发行说明

if you are on a dev environment and want access some service already running on localhost/host machine. in docker for mac you have another option.use docker.for.mac.localhost instead of localhost in docker container.
docker.for.mac.host.internal should be used instead of docker.for.mac.localhost from Docker Community Edition 17.12.0-ce-mac46 2018-01-09.
this allows you to connect to service running on your on mac from within a docker container.please refer below links

understanding the docker.for.mac.localhost behavior

release notes

回复 原文
意犹 2024-07-11 10:15:24

转到网络首选项。

在网络适配器列表的底部,单击 + 图标

选择要进行 arp 处理的现有接口(例如以太网 1),并为新端口提供所需的服务名称(例如以太网 1.1),然后按创建。

现在您在 GUI 中拥有了新的虚拟接口,并且可以以正常方式管理 IP 地址等。

ifconfig -a 将确认接口上有多个 IP,并且在您重新启动时这些 IP 仍然存在。

它是一台Mac。 不要对抗它,用简​​单的方法来做。

Go to Network Preferences.

At the bottom of the list of network adapters, click the + icons

Select the existing interface that you want to arp (say Ethernet 1), and give the Service Name that you want for the new port (say Ethernet 1.1) then press create.

Now you have the new virtual interface in the gui and can manage IP addresses etc it in the normal way.

ifconfig -a will confirm that you have multiple IPs on the interface, and these will still be there when you reboot.

Its a Mac. Don't fight it, do it the easy way.

回复 原文
雅心素梦 2024-07-11 10:15:24

我求助于运行 PFSense,一个基于 BSD 的路由器/防火墙来实现这个目标……。

为什么? 因为 OS X Server 在没有静态 IP 的情况下变得如此怪异……

所以在与它搏斗了几天以制作 NAT、DHCP 和防火墙之后……

我正在尝试这是并行的……

会让你知道它是如何进行的……

i have resorted to running PFSense, a BSD based router/firewall to achieve this goal….

why? because OS X Server gets so FREAKY without a Static IP…

so after wrestling with it for DAYS to make NAT and DHCP and firewall and …

I'm trying this is parallels…

will let ya know how it goes...

回复 原文
霊感 2024-07-11 10:15:24

看看这个教程,它适用于 FreeBSD,但也适用于 OS X。 http:// /people.freebsd.org/~arved/vlan/vlan_en.html

Take a look at this tutorial, it's for FreeBSD but also applies to OS X. http://people.freebsd.org/~arved/vlan/vlan_en.html

回复 原文
月寒剑心 2024-07-11 10:15:24

ifconfig interfacename create 将创建一个虚拟接口,

ifconfig interfacename create will create a virtual interface,

回复 原文
狼性发作 2024-07-11 10:15:24

这是一个很好的指南:https://web.archive.org/web/20160301104014/http://gerrydevstory.com/2012/08/20/how-to-create- virtual-network-interface-on-mac-os-x/

基本上,您在系统首选项的“网络”窗格中选择一个网络适配器,然后单击“复制服务”齿轮。 复制服务后,您可以手动分配私有地址范围之一中的 IP。 然后对其进行 ping 操作以确保;)

Here's a good guide: https://web.archive.org/web/20160301104014/http://gerrydevstory.com/2012/08/20/how-to-create-virtual-network-interface-on-mac-os-x/

Basically you select a network adapter in the Networks pane of system preferences, then click the gear to "Duplicate Service". After the service is duplicated, you manually assign an IP in one of the private address ranges. Then ping it to make sure ;)

回复 原文
~没有更多了~

关于作者

茶底世界

暂无简介

0 文章
0 评论
22 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

qq_otekVRB4

文章 0 评论 0

阿杰

文章 0 评论 0

姐不稀罕

文章 0 评论 0

qq_pphr7

文章 0 评论 0

━╋う一瞬間旳綻放

文章 0 评论 0

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文