zoukankan      html  css  js  c++  java
  • Centos 7.x 双网卡绑定

    1. 前言

    关于双网卡绑定,前前后后踩过不少的坑,虽然这是 RHCE 中的一道题,但是在实践中碰到问题也够喝一壶的。

    在实践中,虚拟机、物理机都做过,但是不尽相同,大部分的坑也集中在这里,本文长期更新关于网卡绑定中遇到的问题及处理方法。

    现在的服务器默认都配备 4 张 千兆网卡,在生产环境中,无论遇到多大的困难,都必须做到双网卡绑定(至少要实现主备模式),最基本的主备这是基本原则。因此在前期的规划,网络设备(交换机)是必须要考虑到的。

    2. 概念

    概念性的东西的最容易遗忘的,这里得反复强调:

    链路聚合最常见的三种模式:

    • mode0(平衡负载模式):两张网卡同时均衡工作,且自动备援,但是需要在与服务器本地网卡相连的交换机设备上进行端口聚合来支持绑定技术。
    • mode1(自动备援模式):1张网卡工作,在工作网卡故障时,第二张网卡替换故障网卡,单纯的主备模式。
    • mode6(平衡负载模式):两张网卡均衡工作,且自动备援,无需交换机设备提供辅助支持。

    以上三种模式,最推荐的当然是 mode6 技能负载均衡又能主备切换,最最重要的是不用浪费时间去联系网络工程师。记住上面三种常见模式就够用了。

    3. 实践

    3.1 虚拟机网卡绑定

    环境介绍:

    虚拟化软件:VMware® Workstation 15 Pro

    虚拟机操作系统:CentOS Linux release 7.7.1908 (Core)

    在 Centos 7 中有两种技术来实现网卡绑定:teaming 和 bonding ,下面通过三种方式来实现网卡绑定:

    3.1.1 手动配置,使用 bond 技术

    查看物理网卡及连接状态

    [root@192.168.118.11 ~]#nmcli dev 
    DEVICE  TYPE      STATE      CONNECTION         
    eth0    ethernet  connected  System eth0        
    eth1    ethernet  connected  Wired connection 1 
    eth2    ethernet  connected  Wired connection 2 
    lo      loopback  unmanaged  --                 
    [root@192.168.118.11 ~]#nmcli con 
    NAME                UUID                                  TYPE      DEVICE 
    System eth0         078df8ff-b848-4c23-b212-3213a74bc5d5  ethernet  eth0   
    Wired connection 1  24d053c5-d908-3e0d-9e61-4d92efcd6f3b  ethernet  eth1   
    Wired connection 2  b4cea59c-59ea-3b6c-a343-e2578ede5034  ethernet  eth2
    

    通过上面的命令得知:该主机有3张网卡,1张本地回环lo 且 三张物理网卡都处于连接中,查看网卡配置文件:

    [root@192.168.118.11 ~]#ll  /etc/sysconfig/network-scripts/ifcfg-*
    -rw-r--r--  1 root root 259 Mar 30 19:21 /etc/sysconfig/network-scripts/ifcfg-eth0
    -rw-r--r--. 1 root root 254 Mar 29  2019 /etc/sysconfig/network-scripts/ifcfg-lo
    

    查看配置网卡配置文件却只有 eth0 的, eth1 和 eth2 没有。这里可以通过新建连接来生成配置文件,比自己手动编写方便太多了,建议使用。

    首先通过连接名 ‘Wired connection 1’  ‘Wired connection 2’ 删除连接

    [root@192.168.118.11 ~]#nmcli con
    NAME                UUID                                  TYPE      DEVICE 
    System eth0         078df8ff-b848-4c23-b212-3213a74bc5d5  ethernet  eth0   
    Wired connection 1  24d053c5-d908-3e0d-9e61-4d92efcd6f3b  ethernet  eth1   
    Wired connection 2  b4cea59c-59ea-3b6c-a343-e2578ede5034  ethernet  eth2   
    [root@192.168.118.11 ~]#nmcli con del 'Wired connection 1' 'Wired connection 2'
    Connection 'Wired connection 1' (24d053c5-d908-3e0d-9e61-4d92efcd6f3b) successfully deleted.
    Connection 'Wired connection 2' (b4cea59c-59ea-3b6c-a343-e2578ede5034) successfully deleted.
    [root@192.168.118.11 ~]#nmcli con
    NAME         UUID                                  TYPE      DEVICE 
    System eth0  078df8ff-b848-4c23-b212-3213a74bc5d5  ethernet  eth0
    

    然后在通过物理网卡 eth1 和 eth2 重建连接

    [root@192.168.118.11 ~]#nmcli con
    NAME         UUID                                  TYPE      DEVICE 
    System eth0  078df8ff-b848-4c23-b212-3213a74bc5d5  ethernet  eth0   
    [root@192.168.118.11 ~]#nmcli con add type ethernet ifname eth1 con-name eth1
    Connection 'eth1' (8c47d2f2-1373-425e-b6e2-fa5e6b9eb8f6) successfully added.
    [root@192.168.118.11 ~]#nmcli con add type ethernet ifname eth2 con-name eth2
    Connection 'eth2' (5d8dc9b0-3b4f-4c6d-919b-a7754d86b1f8) successfully added.
    [root@192.168.118.11 ~]#nmcli con
    NAME         UUID                                  TYPE      DEVICE 
    System eth0  078df8ff-b848-4c23-b212-3213a74bc5d5  ethernet  eth0   
    eth1         8c47d2f2-1373-425e-b6e2-fa5e6b9eb8f6  ethernet  eth1   
    eth2         5d8dc9b0-3b4f-4c6d-919b-a7754d86b1f8  ethernet  eth2   
    [root@192.168.118.11 ~]#ll /etc/sysconfig/network-scripts/ifcfg-*
    -rw-r--r--  1 root root 259 Mar 30 19:21 /etc/sysconfig/network-scripts/ifcfg-eth0
    -rw-r--r--  1 root root 278 May 21 22:58 /etc/sysconfig/network-scripts/ifcfg-eth1
    -rw-r--r--  1 root root 278 May 21 22:58 /etc/sysconfig/network-scripts/ifcfg-eth2
    -rw-r--r--. 1 root root 254 Mar 29  2019 /etc/sysconfig/network-scripts/ifcfg-lo
    

    新建网卡连接命令:

    nmcli con add type ethernet ifname eth2 con-name eth2
    

    ifname : 物理网卡名,通过 nmcli dev 查看

    con-name:网卡配置文件名,逻辑网卡名

    通过上面的配置已得到三张网卡的配置文件,接下来进行配置文件的修改实现网卡绑定

    ----------------------eth1----------------------
    
    [root@192.168.118.11 /etc/sysconfig/network-scripts]#vim ifcfg-eth1 
    
    TYPE=Ethernet
    PROXY_METHOD=none
    BROWSER_ONLY=no
    BOOTPROTO=none
    DEFROUTE=yes
    IPV4_FAILURE_FATAL=no
    NAME=eth1
    UUID=8c47d2f2-1373-425e-b6e2-fa5e6b9eb8f6
    DEVICE=eth1
    ONBOOT=yes
    MASTER=bond6
    SLAVE=yes
    
    ----------------------eth2----------------------
    [root@192.168.118.11 /etc/sysconfig/network-scripts]#vim ifcfg-eth2 
    
    TYPE=Ethernet
    PROXY_METHOD=none
    BROWSER_ONLY=no
    BOOTPROTO=none
    DEFROUTE=yes
    IPV4_FAILURE_FATAL=no
    NAME=eth2
    UUID=5d8dc9b0-3b4f-4c6d-919b-a7754d86b1f8
    DEVICE=eth2
    ONBOOT=yes
    MASTER=bond6
    SLAVE=yes
    

    修改及添加的部分用黄(和谐)色标注,新增 ifcfg-bond6 配置文件如下:

    [root@192.168.118.11 /etc/sysconfig/network-scripts]#vim ifcfg-bond6 
    
    TYPE=Bond
    BOOTPROTO=none
    DEVICE=bond6
    ONBOOT=yes
    IPADDR=192.168.1.100
    NETMASK=255.255.255.0
    GATEWAY=192.168.1.1
    DNS1=114.114.114.114
    BONDING_OPTS='miimon=100 mode=6 fail_over_mac=1'
    

    这里需要特别注意的地方:BONDING_OPTS='miimon=100 mode=6 fail_over_mac=1'  ,如果是虚拟机,fail_over_mac=1 是必须要带上的,否则vmware会出现告警信息,配置起来能正常用,但是在进行准备切换时,是无法进行的。切记!

     

    vmware 出现这样的提示基本可以确定 fail_over_mac 没有生效,所配置的网卡也无法做到故障切换。

    注意:在vmware 虚拟机环境中,常用的三种方式(mode-0 mode-1 mode-6) 只有 mode 1 实现了故障切换。

    mode 1  - ifcfg-bond6 配置如下:

    [root@192.168.118.11 /etc/sysconfig/network-scripts]#vim ifcfg-bond6 
    
    TYPE=Bond
    BOOTPROTO=none
    DEVICE=bond6
    ONBOOT=yes
    IPADDR=192.168.1.100
    NETMASK=255.255.255.0
    GATEWAY=192.168.1.1
    DNS1=114.114.114.114
    BONDING_OPTS="miimon=100 mode=1 fail_over_mac=1"
    

    bond 配置文件中可以通过 mode = 模式号  来进行切换,这里修改为 mode-1 模式,查看配置信息:

    [root@192.168.118.11 /etc/sysconfig/network-scripts]#cat /proc/net/bonding/bond6 
    Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
    
    Bonding Mode: fault-tolerance (active-backup) (fail_over_mac active)
    Primary Slave: None
    Currently Active Slave: eth1
    MII Status: up
    MII Polling Interval (ms): 100
    Up Delay (ms): 0
    Down Delay (ms): 0
    
    Slave Interface: eth1
    MII Status: up
    Speed: 1000 Mbps
    Duplex: full
    Link Failure Count: 0
    Permanent HW addr: 00:0c:29:f4:f4:0f
    Slave queue ID: 0
    
    Slave Interface: eth2
    MII Status: up
    Speed: 1000 Mbps
    Duplex: full
    Link Failure Count: 0
    Permanent HW addr: 00:0c:29:f4:f4:19
    Slave queue ID: 0
    
    [root@192.168.118.11 /etc/sysconfig/network-scripts]#ethtool bond6
    Settings for bond6:
    	Supported ports: [ ]
    	Supported link modes:   Not reported
    	Supported pause frame use: No
    	Supports auto-negotiation: No
    	Supported FEC modes: Not reported
    	Advertised link modes:  Not reported
    	Advertised pause frame use: No
    	Advertised auto-negotiation: No
    	Advertised FEC modes: Not reported
    	Speed: 1000Mb/s
    	Duplex: Full
    	Port: Other
    	PHYAD: 0
    	Transceiver: internal
    	Auto-negotiation: off
    	Link detected: yes
    

    可以看到橙色部分:

    Bonding Mode: fault-tolerance (active-backup) (fail_over_mac active) 说明这里 fail_over_mac 生效了。
    Currently Active Slave: eth1 当前活动的网卡是第一张网卡,也就是当第一张网卡 down,就会切换到 eth2

    进行网卡故障切换,虚拟机可以通过 ifdown / ifup 来实现

    3.1.2 通过 nmcli 命令实现网卡绑定,使用技术:bonding

    网卡信息及连接状态如下:

    [root@192.168.118.11 ~]#nmcli dev 
    DEVICE  TYPE      STATE         CONNECTION  
    eth0    ethernet  connected     System eth0 
    eth1    ethernet  disconnected  --          
    eth2    ethernet  disconnected  --          
    lo      loopback  unmanaged     --          
    [root@192.168.118.11 ~]#nmcli con 
    NAME         UUID                                  TYPE      DEVICE 
    System eth0  078df8ff-b848-4c23-b212-3213a74bc5d5  ethernet  eth0
    

    目前只有 eth0 网卡连接网络

    通过nmcli 创建 bond1

    [root@192.168.118.11 ~]#nmcli con add type bond ifname bond1 con-name bond1 mode 1 ipv4.method manual ipv4.address 192.168.1.100/24 ipv4.gateway 192.168.1.1 ipv4.dns 114.114.114.114
    Connection 'bond1' (f922008c-75b1-4f5e-a27d-d3e054acde0d) successfully added.
    [root@192.168.118.11 ~]#nmcli con add type bond-slave ifname eth1 con-name bond1-port1 master bond1
    Connection 'bond1-port1' (06489850-82d7-4827-bb16-13d5abb84c58) successfully added.
    [root@192.168.118.11 ~]#nmcli con add type bond-slave ifname eth2 con-name bond1-port2 master bond1
    Connection 'bond1-port2' (80f43a85-32cc-4302-b0f1-8cb87e9e3e17) successfully added.
    [root@192.168.118.11 ~]#ll /etc/sysconfig/network-scripts/ifcfg-*
    -rw-r--r--  1 root root 399 May 21 23:50 /etc/sysconfig/network-scripts/ifcfg-bond1
    -rw-r--r--  1 root root 119 May 21 23:50 /etc/sysconfig/network-scripts/ifcfg-bond1-port1
    -rw-r--r--  1 root root 119 May 21 23:50 /etc/sysconfig/network-scripts/ifcfg-bond1-port2
    -rw-r--r--  1 root root 259 Mar 30 19:21 /etc/sysconfig/network-scripts/ifcfg-eth0
    -rw-r--r--. 1 root root 254 Mar 29  2019 /etc/sysconfig/network-scripts/ifcfg-lo
    [root@192.168.118.11 ~]#nmcli con 
    NAME         UUID                                  TYPE      DEVICE 
    System eth0  078df8ff-b848-4c23-b212-3213a74bc5d5  ethernet  eth0   
    bond1        f922008c-75b1-4f5e-a27d-d3e054acde0d  bond      bond1  
    bond1-port2  80f43a85-32cc-4302-b0f1-8cb87e9e3e17  ethernet  eth2   
    bond1-port1  06489850-82d7-4827-bb16-13d5abb84c58  ethernet  -- 
    

    创建 bond1 并将 两张物理网卡添加到 bond1 , 查看配置文件已经生成。

    注意:在虚拟机环境中一定要加上 fail_over_mac = 1

    sed -i '/BONDING_OPTS/d' ifcfg-bond1
    echo 'BONDING_OPTS="miimon=100 mode=1 fail_over_mac=1"' >> ifcfg-bond1
    

    重启网络

    [root@192.168.118.11 /etc/sysconfig/network-scripts]#systemctl restart network 
    [root@192.168.118.11 /etc/sysconfig/network-scripts]#cat /proc/net/bonding/bond1 
    Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
    
    Bonding Mode: fault-tolerance (active-backup) (fail_over_mac active)
    Primary Slave: None
    Currently Active Slave: eth1
    MII Status: up
    MII Polling Interval (ms): 100
    Up Delay (ms): 0
    Down Delay (ms): 0
    
    Slave Interface: eth1
    MII Status: up
    Speed: 1000 Mbps
    Duplex: full
    Link Failure Count: 0
    Permanent HW addr: 00:0c:29:f4:f4:0f
    Slave queue ID: 0
    
    Slave Interface: eth2
    MII Status: up
    Speed: 1000 Mbps
    Duplex: full
    Link Failure Count: 0
    Permanent HW addr: 00:0c:29:f4:f4:19
    Slave queue ID: 0
    

    成功实现了虚拟机装网卡绑定,测试和前一种方式一样。

    3.1.3 通过 nmcli 命令实现网卡绑定,使用技术:team [ 在Centos 7 之后的版本推荐使用这种方式 ]

    网卡信息及连接状态如下:

    [root@192.168.118.11 ~]#nmcli dev 
    DEVICE  TYPE      STATE         CONNECTION  
    eth0    ethernet  connected     System eth0 
    eth1    ethernet  disconnected  --          
    eth2    ethernet  disconnected  --          
    lo      loopback  unmanaged     --          
    [root@192.168.118.11 ~]#nmcli con 
    NAME         UUID                                  TYPE      DEVICE 
    System eth0  078df8ff-b848-4c23-b212-3213a74bc5d5  ethernet  eth0
    

    目前只有eth0 建立连接,通过nmcli 添加 team1

    [root@192.168.118.11 ~]#nmcli con add type team ifname team1 con-name team1 config '{"runner":{"name":"activebackup", "hwaddr_policy":"by_active"}}' 
    ipv4.method manual ipv4.address 192.168.1.100/24 ipv4.gateway 192.168.1.1 ipv4.dns 114.114.114.114 Connection 'team1' (25434d73-0224-47e1-80f4-bbb3faae53fe) successfully added. [root@192.168.118.11 ~]#nmcli con add type team-slave ifname eth1 con-name team1-port1 master team1 Connection 'team1-port1' (c9e216c2-7668-487b-b6cd-e67631b8a3f9) successfully added. [root@192.168.118.11 ~]#nmcli con add type team-slave ifname eth2 con-name team1-port2 master team1 Connection 'team1-port2' (cf8d3150-b3e0-433c-8c4e-ba4feaa4bd6d) successfully added.

    配置完毕,在虚拟机环境中一定要注意:"hwaddr_policy":"by_active"   这个参数意义和 fail_over_mac =1 是一致的,在虚拟机环境中必须添加上,否则网卡高可用失败。

    查看网卡连接状态和绑定状态:

    [root@192.168.118.11 ~]#nmcli con
    NAME         UUID                                  TYPE      DEVICE 
    System eth0  078df8ff-b848-4c23-b212-3213a74bc5d5  ethernet  eth0   
    team1        25434d73-0224-47e1-80f4-bbb3faae53fe  team      team1  
    team1-port1  c9e216c2-7668-487b-b6cd-e67631b8a3f9  ethernet  eth1   
    team1-port2  cf8d3150-b3e0-433c-8c4e-ba4feaa4bd6d  ethernet  eth2   
    [root@192.168.118.11 ~]#teamdctl team1 st
    setup:
      runner: activebackup
    ports:
      eth1
        link watches:
          link summary: up
          instance[link_watch_0]:
            name: ethtool
            link: up
            down count: 0
      eth2
        link watches:
          link summary: up
          instance[link_watch_0]:
            name: ethtool
            link: up
            down count: 0
    runner:
      active port: eth1
    

    本次创建, 网卡直接建立了连接如果没有建立连接,也就是 nmcli con 查看 DEVICE 项没有物理网卡连接,则执行如下:

    [root@192.168.118.11 ~]#nmcli con up team1-port1
    Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/74)
    [root@192.168.118.11 ~]#nmcli con up team1-port2
    Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/75)
    [root@192.168.118.11 ~]#nmcli con up team1
    Connection successfully activated (master waiting for slaves) (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/76)
    

    做完了如上配置,建议直接重启网卡查看是否有报错,或者无法连接的情况:

    测试

    直接通过 ifdown 掉正在使用的 eth1 网络仅仅延迟了不到1ms的时间就恢复了正常,现在查看网络绑定状态:

    [root@192.168.118.11 ~]#teamdctl team1 st
    setup:
      runner: activebackup
    ports:
      eth2
        link watches:
          link summary: up
          instance[link_watch_0]:
            name: ethtool
            link: up
            down count: 0
    runner:
      active port: eth2
    

    活动网卡已经切换到 eth2 ,重启 eth1

    [root@192.168.118.11 ~]#ifup eth1
    Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/87)
    [root@192.168.118.11 ~]#teamdctl team1 st
    setup:
      runner: activebackup
    ports:
      eth1
        link watches:
          link summary: up
          instance[link_watch_0]:
            name: ethtool
            link: up
            down count: 0
      eth2
        link watches:
          link summary: up
          instance[link_watch_0]:
            name: ethtool
            link: up
            down count: 0
    runner:
      active port: eth2
    

    启动 eth1 以后,活动网卡依然是 eth2 ,而 eth1 则成为备用网卡。

    3.1.4 总结

    三种方式:

    • 手动配置 - bonding
    • nmcli 配置 - bonding
    • nmcli 配置 - team

    在 Centos 7 以后的版本建议使用  nmcli - team 的方式,简便,更易管理和查看。

    在虚拟机的环境中,使用 bond 和 team 都只能实现 mode-1模式的故障切换。

    • bond 虚拟机中必要参数: fail_over_mac=1
    • team 虚拟机中必要参数:"hwaddr_policy":"by_active"

    3.2 物理机网卡绑定

     [此部分在真机测试后补充...]

  • 相关阅读:
    5js
    4js
    3js
    2js
    1js
    7css
    6css
    5css
    Django高级项目实战-开发企业级问答网站,学Django就这了
    Java日志第27天 2020.8.1
  • 原文地址:https://www.cnblogs.com/hukey/p/12931673.html
Copyright © 2011-2022 走看看