\u4e92\u8054\u7f51\u4e0a\u5e38\u7528\u7684\u8def\u7531\u534f\u8bae BGP \u662f\u8fd9\u6837\u5de5\u4f5c\u7684\uff1a<\/p>\n
\u5728\u8fd9\u79cd\u60c5\u51b5\u4e2d\uff0c\u53ea\u6709\u4e00\u53f0\u670d\u52a1\u5668\u5ba3\u5e03\u81ea\u5df1\u662f 172.22.76.104\/29 \u7684\u300c\u6e90\u5934\u300d\u3002\u8fd9\u5c31\u662f\u5355\u64ad\uff08Unicast\uff09\u3002\u800c\u4efb\u64ad\uff0c\u5373 Anycast\uff0c\u5c31\u662f\u6211\u5728\u591a\u53f0\u670d\u52a1\u5668\uff08\u5b9e\u9645\u4e2d\u5f80\u5f80\u5728\u4e0d\u540c\u5730\u7406\u4f4d\u7f6e\uff0c\u6bd4\u5982\u4e2d\u56fd\u9999\u6e2f\u3001\u7f8e\u56fd\u6d1b\u6749\u77f6\u3001\u6cd5\u56fd\u5df4\u9ece\u7b49\uff09\u4e0a\u90fd\u5ba3\u544a\u81ea\u5df1\u6709 172.22.76.104\/29\uff0c\u5176\u4f59\u670d\u52a1\u5668\u4ecd\u7136\u6570\u683c\u5b50\u5c06\u6570\u636e\u53d1\u9001\u5230\u6700\u8fd1\u7684\u670d\u52a1\u5668\u3002\u8fd9\u6837\uff0c\u4e2d\u56fd\u5927\u9646\u7684\u7528\u6237\u66f4\u53ef\u80fd\u5c06\u6570\u636e\u53d1\u9001\u5230\u4e2d\u56fd\u9999\u6e2f\u7684\u670d\u52a1\u5668\uff0c\u56e0\u4e3a\u4e00\u822c\u800c\u8a00\u4ece\u4e2d\u56fd\u5927\u9646\u5230\u9999\u6e2f\u7684\u300c\u683c\u5b50\u300d\u8981\u6bd4\u5230\u5176\u5b83\u5730\u533a\u5c11\u5f88\u591a\uff1b\u540c\u7406\uff0c\u5fb7\u56fd\u7684\u7528\u6237\u4f1a\u8bf7\u6c42\u6cd5\u56fd\u5df4\u9ece\u670d\u52a1\u5668\uff0c\u7f8e\u56fd\u829d\u52a0\u54e5\u7684\u7528\u6237\u4f1a\u8bf7\u6c42\u6d1b\u6749\u77f6\u7684\u670d\u52a1\u5668\u3002<\/p>\n
\uff08\u6ce8\uff1a\u4ee5\u4e0a\u8bf4\u660e\u76f8\u5bf9\u771f\u5b9e\u60c5\u51b5\u505a\u4e86\u7b80\u5316\uff1b\u771f\u5b9e\u60c5\u51b5\u4e0b BGP \u7684\u9009\u62e9\u8def\u5f84\u6d41\u7a0b\u66f4\u52a0\u590d\u6742\u3002\uff09<\/p>\n
\u5728\u4ee5\u4e0a\u914d\u7f6e\u4e2d\uff0c\u6240\u6709\u670d\u52a1\u5668\u90fd\u5171\u4eab\u4e86\u540c\u4e00\u4e2a\u7f51\u6bb5\uff0c\u6700\u7ec8\u4e92\u8054\u7f51\u7528\u6237\u53ea\u8981\u8bbf\u95ee\u8fd9\u4e2a\u7f51\u6bb5\u4e2d\u7684 IP \u5730\u5740\uff0c\u5c31\u4f1a\u88ab\u81ea\u52a8\u5bfc\u5230\u8f83\u8fd1\u7684\u670d\u52a1\u5668\u4e0a\uff0c\u65e0\u9700\u5ba2\u6237\u7aef\u8f6f\u4ef6\u7684\u652f\u6301\u3002<\/p>\n
\u4e0d\u8fc7\uff0cAnycast \u4e5f\u6709\u5b83\u7684\u5c40\u9650\u6027\uff1a\u6bcf\u53f0\u670d\u52a1\u5668\u4ecd\u7136\u662f\u72ec\u7acb\u7684\u670d\u52a1\u5668\uff0c\u5b83\u4eec\u4e4b\u95f4\u7684\u7f51\u7edc\u8fde\u63a5\u72b6\u6001\u5f80\u5f80\u662f\u4e0d\u5171\u4eab\u7684\u3002\u800c\u4e92\u8054\u7f51\u4e0a\u7684\u8def\u7531\u5343\u53d8\u4e07\u5316\uff0c\u6bcf\u4e2a\u7528\u6237\u90fd\u6709\u53ef\u80fd\u5728\u4e0b\u4e00\u523b\u88ab\u5206\u914d\u5230\u53e6\u4e00\u53f0\u670d\u52a1\u5668\uff0c\u800c\u8fd9\u4e00\u5207\u90fd\u5728\u7f51\u7edc\u5c42\uff08L3\uff09\u5b8c\u6210\uff0c\u5e94\u7528\u5c42\uff08L7\uff09\u7684\u8f6f\u4ef6\u5e76\u4e0d\u77e5\u60c5\u3002\u8fd9\u5c31\u610f\u5473\u7740\u57fa\u4e8e\u6709\u72b6\u6001\u534f\u8bae\u7684\u670d\u52a1\uff08\u4f8b\u5982 TCP\uff09\u8f83\u96be\u7a33\u5b9a\u5de5\u4f5c\u3002\u56e0\u6b64\uff0c\u73b0\u5728 Anycast \u6700\u5e38\u7528\u5728 DNS \u7b49\u65e0\u72b6\u6001\u534f\u8bae\u670d\u52a1\u4e0a\u3002<\/p>\n
\u4e00\u4e9b\u989d\u5916\u7684\u8981\u6c42\uff1a\u670d\u52a1\u90e8\u7f72\u5fc5\u987b\u4f7f\u7528 Docker\u3002<\/p>\n
\u7f51\u7edc\u4e0a\u5e38\u89c1\u51e0\u79cd\u65b9\u6848\uff0c\u90fd\u5b58\u5728\u4e00\u4e9b\u95ee\u9898\uff1a<\/p>\n
\u8fd9\u4e24\u4e2a\u65b9\u6848\u8fd8\u6709\u4e00\u4e2a\u5171\u540c\u7684\u7f3a\u70b9\uff1a\u4e0d\u652f\u6301 Docker\u3002<\/p>\n
\u6211\u6700\u7ec8\u91c7\u53d6\u7684\u65b9\u6848\u662f\uff0c\u5728 Docker \u5bb9\u5668\u5185\u6dfb\u52a0 IP\uff0c\u5e76\u5b89\u88c5 Bird \u901a\u8fc7 OSPF \u534f\u8bae\u4e0e\u4e3b\u7cfb\u7edf\u7684 Bird \u901a\u4fe1\uff0c\u8fdb\u884c\u5ba3\u544a\u3002\u5982\u679c\u5bb9\u5668\u6302\u6389\u4e86\uff0c\u5ba3\u544a\u4f1a\u81ea\u52a8\u505c\u6b62\u3002\u6b64\u65f6\u4e3b\u7cfb\u7edf\u4e0a\u6ca1\u6709\u8fd9\u4e2a IP\uff0c\u5c31\u4f1a\u6b63\u5e38\u8f6c\u53d1\u6570\u636e\uff0c\u800c\u4e0d\u4f1a\u534a\u8def\u62e6\u622a\u3002<\/p>\n
Docker \u9ed8\u8ba4\u7684\u7f51\u7edc\u9a71\u52a8 bridge \u4f1a\u5728\u4e3b\u7cfb\u7edf\u521b\u5efa\u4e00\u5f20\u865a\u62df\u7f51\u5361\uff0c\u5e76\u4e14\u6dfb\u52a0\u4e00\u4e2a\u7f51\u6bb5\uff0c\u8ba9\u8fd9\u4e2a\u7f51\u6bb5\u90fd\u4ece\u8fd9\u5f20\u7f51\u5361\u8d70\u3002\u4f46\u5982\u679c\u8fd9\u6837\u914d\u7f6e\uff0c\u4e3b\u7cfb\u7edf\u4f1a\u4e00\u76f4\u6709\u4e00\u6761\u5c06\u8fd9\u4e2a IP \u6bb5\u6307\u5411\u865a\u62df\u7f51\u5361\u7684\u8def\u7531\uff0c\u5bfc\u81f4\u7ecf\u8fc7\u8fd9\u91cc\u7684\u8bf7\u6c42\u5931\u8d25\u3002\u56e0\u6b64\uff0c\u6211\u4eec\u9700\u8981\u4e00\u4e2a\u548c\u4e3b\u7cfb\u7edf\u9694\u7edd\u7684\u7f51\u7edc\u3002<\/p>\n
\u5728 Docker \u4e2d\uff0c\u5728\u521b\u5efa\u7f51\u7edc\u65f6\u4f7f\u7528 macvlan \u9a71\u52a8\uff0c\u5e76\u4e14\u5f00\u542f internal \u9009\u9879\uff0c\u5c31\u53ef\u4ee5\u521b\u5efa\u4e00\u4e2a\u9694\u79bb\u7684\u7f51\u7edc\u3002<\/p>\n
networks:\r\n anycast_ip:\r\n driver: macvlan\r\n internal: true\r\n enable_ipv6: true\r\n ipam:\r\n config:\r\n - subnet: 172.22<\/span>.76.104<\/span>\/29<\/span>\r\n - subnet: fdbc:f9dc:67<\/span>ad:2547<\/span>::\/64<\/span>\r\n<\/code><\/pre>\n\u8fd9\u4e2a\u7f51\u7edc\u53ea\u8d1f\u8d23\u7ed9\u5bb9\u5668\u6dfb\u52a0 IP \u7528\uff0c\u4e92\u8054\u7f51\u8bbf\u95ee\u4ecd\u7136\u662f\u8d70 Docker \u9ed8\u8ba4\u7684 bridge \u7f51\u7edc\u3002\u56e0\u6b64\uff0c\u5728\u5bb9\u5668\u4e2d\u8981\u8fd9\u6837\u914d\u7f6e\uff1a<\/p>\n
services:\r\n dnsmasq:\r\n image: xddxdd\/dnsmasq-bird\r\n [...]\r\n networks:\r\n default:\r\n ipv4_address: 172.18<\/span>.1.53<\/span>\r\n ipv6_address: fcf9:a876:ed8b:c606:ba01::53<\/span>\r\n anycast_ip:\r\n ipv4_address: 172.22<\/span>.76.110<\/span>\r\n ipv6_address: fdbc:f9dc:67<\/span>ad:2547<\/span>::53<\/span>\r\n<\/code><\/pre>\n\u4e0a\u4f8b\u4e2d 172.18.1.53 \u662f\u5bb9\u5668\u5728 bridge \u7f51\u7edc\u7684 IP\uff0c172.22.76.110 \u662f\u5bb9\u5668\u5206\u914d\u5230\u7684 Anycast IP \u5730\u5740\u3002<\/p>\n
\u542f\u52a8\u5bb9\u5668\u540e\uff0c\u53ef\u4ee5\u770b\u5230\u5bb9\u5668\u5206\u914d\u5230\u4e86\u4e24\u4e2a IP \u5730\u5740\uff1a<\/p>\n
# docker exec -it dnsmasq ip addr<\/span>\r\n[...]\r\n391: eth1@if302: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP\r\n link<\/span>\/ether 02:42:ac:16:4c:6e brd ff:ff:ff:ff:ff:ff\r\n inet 172.22.76.110\/29 brd 172.22.76.111 scope global eth1\r\n valid_lft forever preferred_lft forever\r\n inet6 fdbc:f9dc:67ad:2547::53\/64 scope global flags 02\r\n valid_lft forever preferred_lft forever\r\n392: eth0@if393: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP\r\n link<\/span>\/ether 02:42:ac:12:01:35 brd ff:ff:ff:ff:ff:ff\r\n inet 172.18.1.53\/24 brd 172.18.1.255 scope global eth0\r\n valid_lft forever preferred_lft forever\r\n inet6 fcf9:a876:ed8b:c606:ba01::53\/80 scope global flags 02\r\n valid_lft forever preferred_lft forever\r\n<\/code><\/pre>\n\u5e76\u4e14\u5bb9\u5668\u9ed8\u8ba4\u4ecd\u7136\u8d70 bridge \u7f51\u7edc\uff0c\u5916\u7f51\u8bbf\u95ee\u6ca1\u6709\u53d7\u5230\u5f71\u54cd\uff1a<\/p>\n
# docker exec -it dnsmasq ip route<\/span>\r\ndefault via 172.18.1.1 dev eth0\r\n172.18.1.0\/24 dev eth0 scope link<\/span> src 172.18.1.53\r\n172.22.76.104\/29 dev eth1 scope link<\/span> src 172.22.76.110\r\n<\/code><\/pre>\n\u5bb9\u5668\u5ba3\u544a IP<\/h2>\n