网络进阶管理
- 1. 链路聚合
- 2. 链路聚合配置

网络进阶管理

1. 链路聚合

网卡的链路聚合就是将多块网卡连接起来，当一块网卡损坏，网络依旧可以正常运行，可以有效的防止因为网卡损坏带来的损失，同时也可以提高网络访问速度。

网卡的链路聚合方式：

bond：最多可以添加两块网卡
team：最多可以添加八块网卡

bond的常用的2种模式：

bond0(balance-rr)
- bond0用于负载轮询（2个网单独都是100MB，聚合为1个网络传输带宽为200MB）
bond1(active-backup)
- bond1用于高可用，其中一条线若断线，其他线路将会自动备援

--> eth0 ----\ app --发送数据到--> bond0 <---> switch --> eth1 ----/

2. 链路聚合配置

2.1 Centos7/RHEL7配置bond聚合链路

2.1.1 Centos7/RHEL7配置bond0

[root@wangqing ~]# nmcli device DEVICE TYPE STATE CONNECTION eth0 ethernet connected eth0 eth1 ethernet disconnected -- lo loopback unmanaged -- //创建bond0, 模式为balance-rr [root@wangqing ~]# nmcli connection add type bond mode balance-rr con-name bond0 ifname bond0 ipv4.method manual ipv4.addresses 172.16.12.250/24 ipv4.gateway 172.16.12.2 ipv4.dns 172.16.12.2 Connection 'bond0' (83b7b2c9-fd9f-45e4-b6aa-512774cc6808) successfully added. //添加物理网卡连接至bond0 [root@wangqing ~]# nmcli connection add type bond-slave con-name bond-slave0 ifname eth0 master bond0 Connection 'bond-slave0' (5642affa-217d-4e48-ac6c-6043f1657361) successfully added. [root@wantqing ~]# nmcli connection add type bond-slave con-name bond-slave1 ifname eth1 master bond0 Connection 'bond-slave1' (1ef9017f-4b0d-46bf-95a1-f31be9353234) successfully added. //查看bond配置信息 [root@wangqing ~]# cat /proc/net/bonding/bond0 Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011) Bonding Mode: load balancing (round-robin) MII Status: up MII Polling Interval (ms): 100 Up Delay (ms): 0 Down Delay (ms): 0 Slave Interface: eth1 MII Status: up Speed: 1000 Mbps Duplex: full Link Failure Count: 0 Permanent HW addr: 00:0c:29:73:01:1a Slave queue ID: 0 //关闭eth0网卡, 测试bond0是否正常 [root@wangqing ~]# nmcli device disconnect eth0

2.1.2 Centos7/RHEL7配置bond1

[root@wangqing ~]# nmcli device DEVICE TYPE STATE CONNECTION eth0 ethernet connected eth0 eth1 ethernet disconnected -- lo loopback unmanaged -- //创建bond1，模式为active-backup [root@wangqing ~]# nmcli connection add type bond con-name bond1 ifname bond1 mode active-backup ipv4.method manual ipv4.addresses 172.16.12.250/24 ipv4.gateway 172.16.12.2 ipv4.dns 172.16.12.2 Connection 'bond1' (d1074330-476c-46d6-a378-f3efe73c0660) successfully added. //添加物理网卡连接至bond1 [root@wangqing ~]# nmcli connection add type bond-slave con-name bond-slave0 ifname eth0 master bond1 Connection 'bond-slave0' (be356c6f-f5d0-4231-a541-b1bfad60617b) successfully added. [root@wangqing ~]# nmcli connection add type bond-slave con-name bond-slave1 ifname eth1 master bond1 Connection 'bond-slave1' (c04a43ca-d8f1-4899-b2b5-ca7a4095c262) successfully added. //启用连接 [root@wangqing ~]# nmcli connection up bond1 Connection successfully activated (master waiting for slaves) (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/6) [root@wangqing ~]# nmcli connection up bond-slave0 Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/8) [root@wangqing ~]# nmcli connection up bond-slave1 Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/9) //验证 [root@wangqing ~]# cat /proc/net/bonding/bond1 Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011) Bonding Mode: fault-tolerance (active-backup) Primary Slave: None Currently Active Slave: eth0 MII Status: up MII Polling Interval (ms): 100 Up Delay (ms): 0 Down Delay (ms): 0 Slave Interface: eth0 MII Status: up Speed: 1000 Mbps Duplex: full Link Failure Count: 0 Permanent HW addr: 00:0c:29:73:01:10 Slave queue ID: 0 Slave Interface: eth1 MII Status: up Speed: 1000 Mbps Duplex: full Link Failure Count: 0 Permanent HW addr: 00:0c:29:73:01:1a Slave queue ID: 0 //停止eth0物理网卡设备 [root@wangqing ~]# nmcli device disconnect eth0 Device 'eth0' successfully disconnected. //eth1物理网卡设备会进行自动切换 [root@wangqing ~]# grep "Currently Active Slave" /proc/net/bonding/bond1 Currently Active Slave: eth1

2.2 Centos6/RHEL6配置bond聚合链路

适用于RedHat6以及CentOS6

系统	网卡	bond地址	bond模式	bond功能
Centos6.5	eth0: 172.16.12.128 eth1: 172.16.12.129	172.16.12.250	模式0	负载均衡

//1.创建绑定网卡配置文件 [root@wangqing ~]# cat /etc/sysconfig/network-scripts/ifcfg-bond0 DEVICE=bond0 TYPE=Ethernet ONBOOT=yes USERCTL=no BOOTPROTO=static IPADDR=172.16.12.250 NETMASK=255.255.255.0 GATEWAY=172.16.12.2 DNS1=172.16.12.2 BONDING_OPTS="mode=0 miimon=50" //如果使用模式1将mode修改为1即可 //2.修改eth0和eth1网卡配置文件 [root@wangqing ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE=eth0 TYPE=Ethernet ONBOOT=yes USERCTL=no BOOTPROTO=none MASTER=bond0 SLAVE=yes [root@wangqing ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth1 DEVICE=eth1 TYPE=Ethernet ONBOOT=yes USERCTL=no BOOTPROTO=none MASTER=bond0 SLAVE=yes //3.添加驱动支持bond0 [root@wangqing ~]# vim /etc/modprobe.d/bonding.conf alias bond0 bonding

2.3 Centos7/RHEL7配置team聚合链路

centos/rhce7使用teaming实现聚合链路,能够提供网卡绑定之后的网络吞吐性能,并且提供网卡的故障切换处理能力。
Team是基于一个小型内核驱动实现聚合链路，在用户层提供teamd命令实现链路管理。

teamd可以实现以下模式的聚合链路

broadcast 广播容错
roundrobin 负载轮询
activebackup 主备(必考)
loadbalance 负载均衡
lacp 需要交换机支持lacp协议

//请使用命令行配置，图形界面配置不稳定 [root@wangqing ~]# nmcli connection add type team con-name team0 ifname team0 config '{"runner":{"name":"activebackup"}}' ipv4.addresses 172.16.12.250/24 ipv4.gateway 172.16.12.2 ipv4.dns 172.16.12.2 ipv4.method manual Connection 'team0' (cd90d0ee-b65e-488c-8fd2-85facb1d6868) successfully added. //添加物理网卡连接至team0 [root@wangqing ~]# nmcli connection add type team-slave con-name team0-port1 ifname eth1 master team0 Connection 'team-slave0' (34873b23-60ff-42cf-bf65-77479bcd7369) successfully added. [root@wangqing ~]# nmcli connection add type team-slave con-name team0-port2 ifname eth2 master team0 Connection 'team-slave1' (3cfc524f-cbf8-4039-b511-830b90a23726) successfully added. //检查team0状态 [root@wangqing ~]# ping -I team0 172.16.12.128 [root@wangqing ~]# teamdctl team0 state //断掉后检测 [root@wangqing ~]# nmcli dev disconnect eth1 [root@wangqing ~]# teamdctl team0 state

动态修改team模式

// 导出配置进行修改 (man teamd.conf) [root@wangqing ~]# teamdctl team0 config dump > /tmp/team.conf [root@wangqing ~]# vim /tmp/team.conf //以最新修改的配置选项修改team0属性 [root@wangqing ~]# nmcli con mod team0 team.config /tmp/team.conf //修改之后需要重启team0 [root@wangqing ~]# nmcli connection down team0;nmcli connection up team0 [root@wangqing ~]# nmcli connection up team0-port1 [root@wangqing ~]# nmcli connection up team0-port2