Linux-网络进阶管理
链路聚合
链路聚合的产生
由于在企业网络中,核心层负责数据的高速转发,极其容易引发链路阻塞。所以在核心层部署链路聚合可以整体提升网络的数据吞吐量,解决链路拥塞的问题。
什么是链路聚合
链路聚合是把两台设备之间的链路聚集在一块,当做一条逻辑链路使用。网卡的链路聚合就是将多块网卡连接起来,当一块网卡损坏,网络依旧可以正常运行,可以有效的防止因为网卡损坏带来的损失,同时也可以提高网络访问速度。
链路聚合带来的好处
- 链路聚合可以提高链路的带宽。理论上,通过链路聚合,可使一个聚合端口的带宽最大为所有成员端口的带宽总和。
- 链路聚合可以提高网络的可靠性。配置了链路聚合的端口,若其中一端口出现故障,则该成员端口的流量就会切换到成员链路中去。保障了网络传输的可靠性。
- 链路聚合还可以实现流量的负载均衡。把流量平均分到所有成员链路中去。使得每个成员链路最低限度的降低产生流量阻塞链路的风险
网卡的链路聚合方式
- bond:最多可以添加两块网卡
- team:最多可以添加八块网卡
bond的常用的2种模式
- bond0(balance-rr)
- bond0用于负载轮询(2个网单独都是100MB,聚合为1个网络传输带宽为200MB)
- bond1(active-backup)
- bond1用于高可用,其中一条线若断线,其他线路将会自动备援
--> eth0 ----
app --发送数据到--> bond0 <---> switch
--> eth1 ----/
链路聚合配置
配置bond聚合链路
bond0(balance-rr)
bond0用于负载轮询(2个网单独都是100MB,聚合为1个网络传输带宽为200MB)
//添加两块网卡后需要把配置文件删掉才能开始配置(确保是空的)
[root@localhost ~]# nmcli device
DEVICE TYPE STATE CONNECTION
eth0 ethernet connected eth0
eth1 ethernet connected Wired connection 1
eth2 ethernet connected Wired connection 2
lo loopback unmanaged --
[root@localhost ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0
[root@localhost ~]# nmcli con del "Wired connection 1"
Connection 'Wired connection 1' (5306e351-645e-3e72-9be3-c700e5afefd6) successfully deleted.
[root@localhost ~]# nmcli con del "Wired connection 2"
Connection 'Wired connection 2' (f5e09beb-d6e5-3f06-adc2-1d3107addd72) successfully deleted.
[root@localhost ~]# nmcli dev
DEVICE TYPE STATE CONNECTION
eth0 ethernet connected eth0
eth1 ethernet disconnected --
eth2 ethernet disconnected --
lo loopback unmanaged --
//添加bond0;创建bond0, 模式为balance-rr
[root@localhost ~]# nmcli con add type bond mode balance-rr con-name bond0 ifname bond0 ipv4.method manual ipv4.addresses 192.168.21.250/24 ipv4.gateway 192.168.21.2 ipv4.dns 114.114.114.114
Connection 'bond0' (233f81d5-ff1e-44c1-9b7b-aef672658194) successfully added.
[root@localhost ~]# nmcli con add type bond-slave con-name slave1 ifname eth0 master bond0
Connection 'slave1' (23f3273e-b3fa-4e05-8bc3-1691a3bd0ae8) successfully added.
//添加slave;添加物理网卡连接至bond0
[root@localhost ~]# nmcli con add type bond-slave con-name slave1 ifname eth1 master bond0
Connection 'slave1' (3c81e86a-cd9b-4635-a289-b83f90e50e20) successfully added.
[root@localhost ~]# nmcli con add type bond-slave con-name slave2 ifname eth2 master bond0
Connection 'slave2' (6745dfc9-de92-4175-96a6-2bb8c33091a8) successfully added.
[root@localhost ~]# nmcli con
NAME UUID TYPE DEVICE
eth0 fc4f871d-b3be-4934-9e8e-7b6b2ea7ae81 ethernet eth0
bond0 233f81d5-ff1e-44c1-9b7b-aef672658194 bond bond0
slave1 3c81e86a-cd9b-4635-a289-b83f90e50e20 ethernet eth1
slave2 6745dfc9-de92-4175-96a6-2bb8c33091a8 ethernet eth2
//查看bond配置信息
[root@localhost ~]# cat /proc/net/bonding/bond0
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
Bonding Mode: load balancing (round-robin)
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0
Peer Notification Delay (ms): 0
Slave Interface: eth1
MII Status: up
Speed: 10000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:c8:3e:d2
Slave queue ID: 0
Slave Interface: eth2
MII Status: up
Speed: 10000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:c8:3e:dc
Slave queue ID: 0
//停止eth1物理网卡设备
[root@localhost ~]# nmcli dev disconnect eth1
Device 'eth1' successfully disconnected.
[root@localhost ~]# cat /proc/net/bonding/bond0
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
Bonding Mode: load balancing (round-robin)
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0
Peer Notification Delay (ms): 0
Slave Interface: eth2
MII Status: up
Speed: 10000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:c8:3e:dc
Slave queue ID: 0
//启用eth1物理网卡设备
[root@localhost ~]# nmcli dev connect eth1
Device 'eth1' successfully activated with '3c81e86a-cd9b-4635-a289-b83f90e50e20'.
[root@localhost ~]# cat /proc/net/bonding/bond0
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
Bonding Mode: load balancing (round-robin)
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0
Peer Notification Delay (ms): 0
Slave Interface: eth2
MII Status: up
Speed: 10000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:c8:3e:dc
Slave queue ID: 0
Slave Interface: eth1
MII Status: up
Speed: 10000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:c8:3e:d2
Slave queue ID: 0
bond1(active-backup)
bond1用于高可用,其中一条线若断线,其他线路将会自动备援
//添加bond1;创建bond1,模式为active-backup
[root@localhost ~]# nmcli dev
DEVICE TYPE STATE CONNECTION
eth0 ethernet connected eth0
eth1 ethernet disconnected --
eth2 ethernet disconnected --
lo loopback unmanaged --
[root@localhost ~]# nmcli con add type bond mode active-backup con-name bond1 ifname bond1 ipv4.method manual ipv4.addresses 192.168.21.200/24 ipv4.gateway 192.168.21.2 ipv4.dns 114.114.114.114
Connection 'bond1' (f94cd40d-dc90-454d-8efa-d5fa9baf2bb1) successfully added.
//添加slave;添加物理网卡连接至bond1
[root@localhost ~]# nmcli con add type bond-slave con-name slave1 ifname eth1 master bond1
Connection 'slave1' (74adf485-34c1-46ae-a329-ea48219fd767) successfully added.
[root@localhost ~]# nmcli con add type bond-slave con-name slave2 ifname eth2 master bond1
Connection 'slave2' (7088beac-f91c-4153-83d1-aa74caa9c3c2) successfully added.
[root@localhost ~]# nmcli con
NAME UUID TYPE DEVICE
eth0 fc4f871d-b3be-4934-9e8e-7b6b2ea7ae81 ethernet eth0
bond1 f94cd40d-dc90-454d-8efa-d5fa9baf2bb1 bond bond1
slave1 74adf485-34c1-46ae-a329-ea48219fd767 ethernet eth1
slave2 7088beac-f91c-4153-83d1-aa74caa9c3c2 ethernet eth2
//查看bond配置信息
[root@localhost ~]# cat /proc/net/bonding/bond1
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
Bonding Mode: fault-tolerance (active-backup)
Primary Slave: None
Currently Active Slave: eth1
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0
Peer Notification Delay (ms): 0
Slave Interface: eth1
MII Status: up
Speed: 10000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:c8:3e:d2
Slave queue ID: 0
Slave Interface: eth2
MII Status: up
Speed: 10000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:c8:3e:dc
Slave queue ID: 0
//停止eth1物理网卡设备
[root@localhost ~]# nmcli dev disconnect eth1
Device 'eth1' successfully disconnected.
[root@localhost ~]# cat /proc/net/bonding/bond1
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
Bonding Mode: fault-tolerance (active-backup)
Primary Slave: None
Currently Active Slave: eth2
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0
Peer Notification Delay (ms): 0
Slave Interface: eth2
MII Status: up
Speed: 10000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:c8:3e:dc
Slave queue ID: 0
//启用eth1物理网卡设备
[root@localhost ~]# nmcli dev connect eth1
Device 'eth1' successfully activated with '74adf485-34c1-46ae-a329-ea48219fd767'.
[root@localhost ~]# cat /proc/net/bonding/bond1
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
Bonding Mode: fault-tolerance (active-backup)
Primary Slave: None
Currently Active Slave: eth2
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0
Peer Notification Delay (ms): 0
Slave Interface: eth2
MII Status: up
Speed: 10000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:c8:3e:dc
Slave queue ID: 0
Slave Interface: eth1
MII Status: up
Speed: 10000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00
Centos6/RHEL6配置bond聚合链路
| 系统 | 网卡 | bond地址 | bond模式 | bond功能 |
|---|---|---|---|---|
| Centos6.5 | eth0: 192.168.1.10 eth1: 172.16.1.20 | 192.168.1.250 | 模式0 | 负载均衡 |
//创建绑定网卡配置文件
[root@wangqing ~]# cat /etc/sysconfig/network-scripts/ifcfg-bond0
DEVICE=bond0
TYPE=Ethernet
ONBOOT=yes
USERCTL=no
BOOTPROTO=static
IPADDR=192.168.1.250
PREFIX=24
GATEWAY=192.168.1.2
DNS1=114.114.114.114
BONDING_OPTS="mode=0 miimon=50" //如果使用模式1将mode修改为1即可
//修改eth0和eth1网卡配置文件
[root@wangqing ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
TYPE=Ethernet
ONBOOT=yes
USERCTL=no
BOOTPROTO=none
MASTER=bond0
SLAVE=yes
[root@wangqing ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
TYPE=Ethernet
ONBOOT=yes
USERCTL=no
BOOTPROTO=none
MASTER=bond0
SLAVE=yes
//添加驱动支持bond0
[root@wangqing ~]# vi /etc/modprobe.d/bonding.conf
alias bond0 bonding
配置team聚合链路
使用teaming实现聚合链路,能够提供网卡绑定之后的网络吞吐性能,并且提供网卡的故障切换处理能力。
Team是基于一个小型内核驱动实现聚合链路,在用户层提供teamd命令实现链路管理。
teamd可以实现以下模式的聚合链
- broadcast 广播容错
- roundrobin 负载轮询
- activebackup 主备(必考)
- loadbalance 负载均衡
- lacp 需要交换机支持lacp协议
//添加team;创建team
[root@localhost ~]# nmcli dev
DEVICE TYPE STATE CONNECTION
eth0 ethernet connected eth0
eth1 ethernet disconnected --
eth2 ethernet disconnected --
lo loopback unmanaged --
[root@localhost ~]# nmcli con add type team con-name team ifname team config '{"runner":{"name":"activebackup"}}' ipv4.addresses 192.168.21.245/24 ipv4.gateway 192.168.21.2 ipv4.dns 114.114.114.114 ipv4.method manual
Connection 'team' (eb65ce8c-87ec-4ae3-b330-211a206fd7ca) successfully added.
//添加slave;添加物理网卡连接至team
[root@localhost ~]# nmcli con add type team-slave con-name slave1 ifname eth1 master team
Connection 'slave1' (bcee179e-7de3-47dc-9c07-2ecf0e0c1418) successfully added.
[root@localhost ~]# nmcli con add type team-slave con-name slave2 ifname eth2 master team
Connection 'slave2' (8be2f64e-2e21-4bcd-adb9-ff9181336fe0) successfully added.
[root@localhost ~]# nmcli con
NAME UUID TYPE DEVICE
eth0 fc4f871d-b3be-4934-9e8e-7b6b2ea7ae81 ethernet eth0
team eb65ce8c-87ec-4ae3-b330-211a206fd7ca team team
slave1 bcee179e-7de3-47dc-9c07-2ecf0e0c1418 ethernet eth1
slave2 8be2f64e-2e21-4bcd-adb9-ff9181336fe0 ethernet eth2
//检查team状态
[root@localhost ~]# teamdctl team state
setup:
runner: activebackup
ports:
eth1
link watches:
link summary: up
instance[link_watch_0]:
name: ethtool
link: up
down count: 0
eth2
link watches:
link summary: up
instance[link_watch_0]:
name: ethtool
link: up
down count: 0
runner:
active port: eth1
//停止eth1物理网卡设备
[root@localhost ~]# nmcli dev disconnect eth1
Device 'eth1' successfully disconnected.
[root@localhost ~]# teamdctl team state
setup:
runner: activebackup
ports:
eth2
link watches:
link summary: up
instance[link_watch_0]:
name: ethtool
link: up
down count: 0
runner:
active port: eth2
//启用eth1物理网卡设备
[root@localhost ~]# nmcli dev connect eth1
Device 'eth1' successfully activated with 'bcee179e-7de3-47dc-9c07-2ecf0e0c1418'.
[root@localhost ~]# teamdctl team state
setup:
runner: activebackup
ports:
eth1
link watches:
link summary: up
instance[link_watch_0]:
name: ethtool
link: up
down count: 0
eth2
link watches:
link summary: up
instance[link_watch_0]:
name: ethtool
link: up
down count: 0
runner:
active port: eth2
动态修改team模式
问:如何把activebackup模式改为roundrobin模式?
//导出配置进行修改
[root@localhost ~]# teamdctl team config dump > /tmp/team.conf
[root@localhost ~]# vi /tmp/team.conf
{
"device": "team",
"mcast_rejoin": {
"count": 1
},
"notify_peers": {
"count": 1
},
"ports": {
"eth1": {
"link_watch": {
"name": "ethtool"
}
},
"eth2": {
"link_watch": {
"name": "ethtool"
}
}
},
"runner": {
"name": "roundrobin" //此处activebackup改为roundrobin
}
}
//以最新修改的配置选项修改team属性
[root@localhost ~]# nmcli con mod team team.config /tmp/team.conf
//修改之后需要重启team0
[root@localhost ~]# nmcli con down team;nmcli con up team
Connection 'team' successfully deactivated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/2)
Connection successfully activated (master waiting for slaves) (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/6)
[root@localhost ~]# teamdctl team state
setup:
runner: roundrobin
ports:
eth1
link watches:
link summary: up
instance[link_watch_0]:
name: ethtool
link: up
down count: 0
eth2
link watches:
link summary: up
instance[link_watch_0]:
name: ethtool
link: up
down count: 0