网卡别名
将多个IP地址绑定到一个物理网卡,每个IP绑定到独立逻辑网卡,即网络别名。
CentOS6必须关闭NetworkManager
网卡别名必须是静态地址。
命名格式:ensX:Y ,如ens33:0、ens33:1
临时生效
使用命令临时配置,重启失效。
ifconfig实现
原网卡信息
[root@wenzi ~]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.28.20 netmask 255.255.255.0 broadcast 192.168.28.255
inet6 fe80::20c:29ff:fe28:cd91 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:28:cd:91 txqueuelen 1000 (Ethernet)...
新增一个网卡别名ens33:0,IP为192.168.28.50/24
[root@wenzi ~]# ifconfig ens33:0 192.168.28.50/24 up
[root@wenzi ~]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.28.20 netmask 255.255.255.0 broadcast 192.168.28.255
inet6 fe80::20c:29ff:fe28:cd91 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:28:cd:91 txqueuelen 1000 (Ethernet)
RX packets 225 bytes 22586 (22.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 319 bytes 82282 (80.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0ens33:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.28.50 netmask 255.255.255.0 broadcast 192.168.28.255
ether 00:0c:29:28:cd:91 txqueuelen 1000 (Ethernet)...
删除一个网卡别名,恢复原样
[root@wenzi ~]# ifconfig ens33:0 192.168.28.50 down
可以发现ens33和ens33:0用的是同一个MAC地址
ip实现
新增网卡别名
[root@wenzi ~]# ip a a 192.168.28.50/24 dev ens33 label ens33:0
[root@wenzi ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:28:cd:91 brd ff:ff:ff:ff:ff:ff
inet 192.168.28.20/24 brd 192.168.28.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 192.168.28.50/24 scope global secondary ens33:0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe28:cd91/64 scope link noprefixroute
valid_lft forever preferred_lft forever删除网卡别名
[root@wenzi ~]# ip a flush dev ens33 label ens33:0
永久生效
为每个设备别名生成独立的接口配置文件,格式:ifcfg-ensX:xxx
[root@wenzi network-scripts]# cp ifcfg-ens33 ifcfg-ens33:1
[root@wenzi network-scripts]# cat ifcfg-ens33:1
DEVICE=ens33:1
IPADDR=192.168.28.50
PREFIX=24
[root@wenzi network-scripts]# nmcli con reload && nmcli con up ens33
[root@wenzi network-scripts]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:28:cd:91 brd ff:ff:ff:ff:ff:ff
inet 192.168.28.20/24 brd 192.168.28.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 192.168.28.50/24 brd 192.168.28.255 scope global secondary noprefixroute ens33:1
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe28:cd91/64 scope link noprefixroute
valid_lft forever preferred_lft forever
多网卡bonding
介绍
bond聚合链路共7种模式。0-6 mode,常用的为0/1/3/6。1/6不需要交换机设置,0/3需需要配置交换机。
- mod=0
即:(balance-rr) Round-robin policy(轮询)聚合口数据报文按包轮询从物理接口转
发。
负载均衡:所有链路处于负载均衡状态,轮询方式往每条链路发送报文这模式的特点增加了带宽,
同时支持容错能力,当有链路出问题,会把流量切换到正常的链路上。
性能问题:一个连接或者会话的数据包如果从不同的接口发出的话,中途再经过不同的链路,在客
户端很有可能会出现数据包无序到达的问题,而无序到达的数据包需要重新要求被发送,这样网络
的吞吐量就会下降。Bond0在大压力的网络传输下,性能增长的并不是很理想。
需要交换机进行端口绑定
- mod=1
即: (active-backup) Active-backup policy(主-备份策略)只有Active状态的物理接口
才转发数据报文。
容错能力:只有一个slave是激活的(active)。也就是说同一时刻只有一个网卡处于工作状态,其他
的slave都处于备份状态,只有在当前激活的slave故障后才有可能会变为激活的(active)。
无负载均衡:此算法的优点是可以提供高网络连接的可用性,但是它的资源利用率较低,只有一个
接口处于工作状态,在有 N 个网络接口的情况下,资源利用率为1/N
- mod=3
即:broadcast(广播策略)这种模式的特点是一个报文会复制两份往bond下的两个接口分别发送出去,当有对端交换机失效,感觉不到任何downtime,但此法过于浪费资源;不过这种模式有很好的容错机制。此模式适用于金融行业,因为他们需要高可靠性的网络,不允许出现任何问题。
- mod=6
即:(balance-alb) Adaptive load balancing(适配器适应性负载均衡)
该模式包含了balance-tlb模式,同时加上针对IPV4流量的接收负载均衡,而且不需要任何switch(交换机)的支持。接收负载均衡是通过ARP协商实现的。bonding驱动截获本机发送的ARP应
答,并把源硬件地址改写为bond中某个物理接口的唯一硬件地址,从而使得不同的对端使用不同
的硬件地址进行通信。
mod=6与mod=0的区别:mod=6,先把eth0流量占满,再占eth1,….ethX;而mod=0的话,会
发现2个口的流量都很稳定,基本一样的带宽。而mod=6,会发现第一个口流量很高,第2个口只
占了小部分流量
实验
此实验通过vmware实现,已有网卡ens33,IP:192.168.28.20/24,用于远程连接。现通过vmware编辑配置增加两块网卡,要实现bond,需要新增三个网卡配置文件,其中两个为两块网卡各自的配置文件,第三个实现bond的网卡配置文件。
已有网卡ens33
[root@wenzi ~]# nmcli con show
NAME UUID TYPE DEVICE
ens33 039c247d-11cc-4cee-8562-01f309f0332a ethernet ens33
增加两块新网卡
[root@wenzi ~]# nmcli con show
NAME UUID TYPE DEVICE
Wired connection 1 f1dae0f1-4f4a-3846-99ca-47fe07f3c366 ethernet ens36
Wired connection 2 26a3351a-f2da-3bf1-945d-d1ce635280ea ethernet ens37
ens33 039c247d-11cc-4cee-8562-01f309f0332a ethernet ens33
[root@wenzi network-scripts]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:28:cd:91 brd ff:ff:ff:ff:ff:ff
inet 192.168.28.20/24 brd 192.168.28.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe28:cd91/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: ens36: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:28:cd:9b brd ff:ff:ff:ff:ff:ff
inet6 fe80::dbfd:7bfc:db95:521f/64 scope link noprefixroute
valid_lft forever preferred_lft forever
4: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:28:cd:a5 brd ff:ff:ff:ff:ff:ff
inet6 fe80::642:a4de:332c:551c/64 scope link noprefixroute
valid_lft forever preferred_lft forever
bond0网卡配置
[root@wenzi network-scripts]# cat ifcfg-bond0
NAME=bond0
DEVICE=bond0
TYPE=bond
BOOTPROTO=none
IPADDR=192.168.28.50
PREFIX=24
BONDING_OPTS="mode=1 miimon=100 fail_over_mac=1"
ens36网卡配置
[root@wenzi network-scripts]# cat ifcfg-ens36
NAME=ens36
DEVICE=ens36
BOOTPROTO=none
ONBOOT=yes
MASTER=bond0
SLAVE=yes
ens37网卡配置
[root@wenzi network-scripts]# cat ifcfg-ens37
NAME=ens37
DEVICE=ens37
ONBOOT=yes
BOOTPROTO=none
MASTER=bond0
SLAVE=yes
重新加载网卡配置
[root@wenzi network-scripts]# nmcli con reload
[root@wenzi network-scripts]# nmcli con show
NAME UUID TYPE DEVICE
Wired connection 1 f1dae0f1-4f4a-3846-99ca-47fe07f3c366 ethernet ens36
Wired connection 2 26a3351a-f2da-3bf1-945d-d1ce635280ea ethernet ens37
ens33 039c247d-11cc-4cee-8562-01f309f0332a ethernet ens33
bond0 ad33d8b0-1f7b-cab9-9447-ba07f855b143 bond bond0
ens36 418da202-9a8c-b73c-e8a1-397e00f3c6b2 ethernet --
ens37 4a5516a4-dfa4-24af-b1c4-e843e312e2fd ethernet --
启用ens36 ens37连接
[root@wenzi network-scripts]# nmcli con up ens36
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/30)
[root@wenzi network-scripts]# nmcli con up ens37
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/31)
[root@wenzi network-scripts]# nmcli con show
NAME UUID TYPE DEVICE
ens33 039c247d-11cc-4cee-8562-01f309f0332a ethernet ens33
bond0 ad33d8b0-1f7b-cab9-9447-ba07f855b143 bond bond0
ens36 418da202-9a8c-b73c-e8a1-397e00f3c6b2 ethernet ens36
ens37 4a5516a4-dfa4-24af-b1c4-e843e312e2fd ethernet ens37
Wired connection 1 f1dae0f1-4f4a-3846-99ca-47fe07f3c366 ethernet --
Wired connection 2 26a3351a-f2da-3bf1-945d-d1ce635280ea ethernet --
[root@wenzi network-scripts]# cat /proc/net/bonding/bond0
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
Bonding Mode: fault-tolerance (active-backup) (fail_over_mac active)
Primary Slave: None
Currently Active Slave: ens36 现在使用的是ens36,ens37是备用
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0
Slave Interface: ens36
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:28:cd:9b
Slave queue ID: 0
Slave Interface: ens37
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:28:cd:a5
Slave queue ID: 0
用其它机器测试
[root@centos8 ~]# ping 192.168.28.50
PING 192.168.28.50 (192.168.28.50) 56(84) bytes of data.
64 bytes from 192.168.28.50: icmp_seq=1 ttl=64 time=0.201 ms
64 bytes from 192.168.28.50: icmp_seq=2 ttl=64 time=0.272 ms
64 bytes from 192.168.28.50: icmp_seq=3 ttl=64 time=0.242 ms
...
模拟故障,删除ens36
[root@wenzi network-scripts]# nmcli con show
NAME UUID TYPE DEVICE
ens33 039c247d-11cc-4cee-8562-01f309f0332a ethernet ens33
bond0 ad33d8b0-1f7b-cab9-9447-ba07f855b143 bond bond0
ens37 4a5516a4-dfa4-24af-b1c4-e843e312e2fd ethernet ens37
ens36 418da202-9a8c-b73c-e8a1-397e00f3c6b2 ethernet --
Wired connection 2 26a3351a-f2da-3bf1-945d-d1ce635280ea ethernet --
[root@wenzi network-scripts]# cat /proc/net/bonding/bond0
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
Bonding Mode: fault-tolerance (active-backup) (fail_over_mac active)
Primary Slave: None
Currently Active Slave: ens37
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0
Slave Interface: ens37
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:28:cd:a5
Slave queue ID: 0
观察测试端ping信息,出现了短暂延时,但未丢包
64 bytes from 192.168.28.50: icmp_seq=52 ttl=64 time=0.350 ms
64 bytes from 192.168.28.50: icmp_seq=53 ttl=64 time=0.412 ms
64 bytes from 192.168.28.50: icmp_seq=54 ttl=64 time=1.11 ms
64 bytes from 192.168.28.50: icmp_seq=55 ttl=64 time=0.347 ms
64 bytes from 192.168.28.50: icmp_seq=56 ttl=64 time=0.299 ms
网桥
技术上使一台计算机实现交换机的功能。
原理
把一台机器上的若干个网络接口“连接”起来。其结果是,其中一个网口收到的报文会被复制给其
他网口并发送出去。以使得网口之间的报文能够互相转发。网桥就是这样一个设备,它有若干个网口,并且这些网口是桥接起来的。与网桥相连的主机就能通过交换机的报文转发而互相通信
实验
CentOS8用于模拟二层交换机,IP可有可无。
CentOS7的网卡是NAT模式,连接VMNet8。Ubuntu的网卡是仅主机模式,连接VMNet1.
[root@centos8 ~]# yum -y install epel-release && yum -y install bridge-utils.x86_64
已有网卡信息,ens160的地址是用来远程连接的
[root@centos8 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:3a:01:ff brd ff:ff:ff:ff:ff:ff
inet 192.168.28.10/24 brd 192.168.28.255 scope global noprefixroute ens160
valid_lft forever preferred_lft forever
inet6 fe80::b9d1:63f8:6e81:2a32/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: ens224: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:3a:01:09 brd ff:ff:ff:ff:ff:ff
建立网桥,模拟虚拟交换机br0
[root@centos8 ~]# brctl addbr br0
[root@centos8 ~]# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.000000000000 no
[root@centos8 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master br0 state UP group default qlen 1000
link/ether 00:0c:29:3a:01:ff brd ff:ff:ff:ff:ff:ff
inet 192.168.28.10/24 brd 192.168.28.255 scope global noprefixroute ens160
valid_lft forever preferred_lft forever
inet6 fe80::b9d1:63f8:6e81:2a32/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: ens224: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:3a:01:09 brd ff:ff:ff:ff:ff:ff
4: br0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 00:0c:29:3a:01:ff brd ff:ff:ff:ff:ff:ff
将ens160、ens224关联至br0
[root@centos8 ~]# brctl addif br0 ens160
[root@centos8 ~]# brctl addif br0 ens224
[root@centos8 ~]# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.000c293a0109 no ens160
ens224
激活网桥,由DOWN变为UP
[root@centos8 ~]# ip link set br0 up
[root@centos8 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master br0 state UP group default qlen 1000
link/ether 00:0c:29:3a:01:ff brd ff:ff:ff:ff:ff:ff
inet 192.168.28.10/24 brd 192.168.28.255 scope global noprefixroute ens160
valid_lft forever preferred_lft forever
inet6 fe80::b9d1:63f8:6e81:2a32/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: ens224: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master br0 state UP group default qlen 1000
link/ether 00:0c:29:3a:01:09 brd ff:ff:ff:ff:ff:ff
4: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:0c:29:3a:01:09 brd ff:ff:ff:ff:ff:ff
inet6 fe80::20c:29ff:fe3a:109/64 scope link
valid_lft forever preferred_lft forever
CentOS7和Ubuntu互相ping ,当网桥激活时,数据开始互通。
6万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
