29 openEuler管理网络-配置网络绑定
29.1 使用nmcli
-
创建名为bond0的绑定,使用示例如下:
[root@superman-21 ~]# nmcli con add type bond con-name bond0 ifname bond0 mode active-backup 连接 "bond0" (180f0202-eb66-4530-a0d0-17a4860abfe6) 已成功添加。 [root@superman-21 ~]# -
添加从属接口,使用示例如下:
[root@superman-21 ~]# nmcli con add type bond-slave ifname ens33 master bond0 连接 "bond-slave-ens33" (530e5a4d-9bf5-4151-97a7-5fc34790f610) 已成功添加。 [root@superman-21 ~]#要添加其他从属接口,重复上一个命令,并在命令中使用新的接口,使用示例如下:
[root@superman-21 ~]# nmcli con add type bond-slave ifname ens36 master bond0 连接 "bond-slave-ens36" (006f3c08-ffd7-45ab-8f8b-2b79dbb640da) 已成功添加。 [root@superman-21 ~]# -
要启动绑定,则必须首先启动从属接口,使用示例如下:
[root@superman-21 ~]# nmcli con up bond-slave-ens33 Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/7) [root@superman-21 ~]#[root@superman-21 ~]# nmcli con up bond-slave-ens36 Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/8) [root@superman-21 ~]#现在可以启动绑定,使用示例如下:
[root@superman-21 ~]# nmcli con up bond0 Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/9) [root@superman-21 ~]# -
bond0状态示例如下:
[root@superman-21 ~]# cat /proc/net/bonding/bond0 Ethernet Channel Bonding Driver: v5.10.0-60.18.0.50.oe2203.x86_64 Bonding Mode: fault-tolerance (active-backup) Primary Slave: None Currently Active Slave: ens36 MII Status: up MII Polling Interval (ms): 100 Up Delay (ms): 0 Down Delay (ms): 0 Peer Notification Delay (ms): 0 Slave Interface: ens36 MII Status: up Speed: 1000 Mbps Duplex: full Link Failure Count: 0 Permanent HW addr: 00:0c:29:96:c9:e1 Slave queue ID: 0 Slave Interface: ens33 MII Status: up Speed: 1000 Mbps Duplex: full Link Failure Count: 0 Permanent HW addr: 00:0c:29:96:c9:d7 Slave queue ID: 0 [root@superman-21 ~]#
29.2 使用命令行
29.2.1 检查是否已安装Bonding内核模块
在系统中默认已加载相应模块。要载入绑定模块,可在root权限下使用如下命令:
[root@compute ~]# modprobe --first-time bonding
[root@compute ~]#
显示该模块的信息,可在root权限下使用如下命令:
[root@superman-21 ~]# modinfo bonding
filename: /lib/modules/5.10.0-60.18.0.50.oe2203.x86_64/kernel/drivers/net/bonding/bonding.ko
author: Thomas Davis, tadavis@lbl.gov and many others
description: Ethernet Channel Bonding Driver
license: GPL
alias: rtnl-link-bond
srcversion: 567375FF5BBB59184962A66
depends:
retpoline: Y
intree: Y
name: bonding
vermagic: 5.10.0-60.18.0.50.oe2203.x86_64 SMP mod_unload modversions
sig_id: PKCS#7
signer: openEuler kernel signing key
sig_key: 62:1D:B6:4C:CD:82:A9:3E:3B:55:8A:80:AE:2F:A5:A0:40:94:0E:F5
sig_hashalgo: sha256
signature: 18:23:5D:42:90:11:E1:9D:E1:69:5E:C4:BB:71:33:2D:74:FF:FD:42:
46:8C:26:6C:02:A5:06:92:58:F4:B1:02:AB:45:01:80:2F:3B:E7:77:
A1:AD:DF:C5:5D:12:0A:8F:D5:03:10:DE:45:FB:E8:8A:1F:87:86:13:
16:5F:1D:51:A5:E3:85:B7:9F:6C:94:A1:35:00:13:CB:D5:3A:FF:AA:
89:E2:03:92:1D:45:00:27:2C:B3:5A:BC:E2:F2:12:12:4E:64:8C:6A:
A8:D9:C2:93:28:CB:F7:E4:05:4C:43:31:5E:9D:53:C6:D7:B0:78:E1:
F2:75:86:C6:18:40:21:1A:E3:0F:14:D3:EF:5B:E6:08:49:C0:32:40:
FF:B4:30:EE:D1:7B:8A:86:F4:C4:EF:65:A9:6B:45:48:75:2A:E5:E9:
1E:E9:AB:88:96:ED:0B:87:0E:F4:78:5A:BD:A9:90:4D:24:C5:DA:12:
C0:34:0F:13:43:BD:1F:46:DF:38:AC:0E:5A:CB:40:AD:48:55:4F:40:
27:F3:8C:D5:6D:3D:66:27:5F:2D:3D:0F:DB:4B:34:08:0E:8E:DF:7D:
1E:46:C7:35:AB:12:9A:33:BC:61:35:64:29:EB:22:12:F9:BD:D8:FA:
F0:E8:33:6D:98:E5:52:4A:64:82:57:02:90:5F:B7:3D:87:67:A7:E5:
9D:8C:F2:36:04:AB:80:CC:D6:72:AE:F9:69:F3:79:D5:50:7C:90:76:
BC:DA:B3:51:21:B6:30:9D:46:B7:C0:D9:6C:B8:BF:CF:39:3F:8A:36:
0B:7F:E5:4C:F2:87:FC:8F:0D:D9:11:2B:B7:1C:EE:44:03:67:C1:81:
81:A5:5A:7C:10:09:C7:37:F2:2D:11:EE:0D:63:4D:AC:55:25:F3:39:
3E:B5:37:51:AF:9B:EA:FB:0B:66:2D:25:5C:8F:1F:6F:F6:18:E5:D5:
C1:44:E7:EE:2E:23:CA:D4:F5:B2:FC:A6:94:2D:8F:BA:0F:F6:AD:0A:
BA:44:AB:DC:28:A1:58:B9:0B:81:CE:59:C5:78:36:8F:DB:2D:07:2A:
82:24:DA:F1:E1:E7:4C:E1:FD:D8:8D:5F:BE:A9:64:1B:B0:38:86:59:
09:AD:D6:EC:FF:74:FF:A1:B6:B9:18:84:BA:F8:CD:E5:E5:BD:F1:A6:
5D:E6:80:2C:64:56:21:52:A0:5A:CC:48:D2:8B:10:08:ED:E2:FF:1F:
FA:9E:26:60:63:B0:92:19:02:5B:51:A7:38:0D:35:BC:02:60:E6:8F:
CD:B9:D6:BF:5F:B4:BA:96:34:DC:24:DA:BC:B8:A4:C8:4A:81:58:4C:
42:89:E7:4C:64:F4:87:D4:A0:C2:0E:59
parm: max_bonds:Max number of bonded devices (int)
parm: tx_queues:Max number of transmit queues (default = 16) (int)
parm: num_grat_arp:Number of peer notifications to send on failover event (alias of num_unsol_na) (int)
parm: num_unsol_na:Number of peer notifications to send on failover event (alias of num_grat_arp) (int)
parm: miimon:Link check interval in milliseconds (int)
parm: updelay:Delay before considering link up, in milliseconds (int)
parm: downdelay:Delay before considering link down, in milliseconds (int)
parm: use_carrier:Use netif_carrier_ok (vs MII ioctls) in miimon; 0 for off, 1 for on (default) (int)
parm: mode:Mode of operation; 0 for balance-rr, 1 for active-backup, 2 for balance-xor, 3 for broadcast, 4 for 802.3ad, 5 for balance-tlb, 6 for balance-alb (charp)
parm: primary:Primary network device to use (charp)
parm: primary_reselect:Reselect primary slave once it comes up; 0 for always (default), 1 for only if speed of primary is better, 2 for only on active slave failure (charp)
parm: lacp_rate:LACPDU tx rate to request from 802.3ad partner; 0 for slow, 1 for fast (charp)
parm: ad_select:802.3ad aggregation selection logic; 0 for stable (default), 1 for bandwidth, 2 for count (charp)
parm: min_links:Minimum number of available links before turning on carrier (int)
parm: xmit_hash_policy:balance-alb, balance-tlb, balance-xor, 802.3ad hashing method; 0 for layer 2 (default), 1 for layer 3+4, 2 for layer 2+3, 3 for encap layer 2+3, 4 for encap layer 3+4 (charp)
parm: arp_interval:arp interval in milliseconds (int)
parm: arp_ip_target:arp targets in n.n.n.n form (array of charp)
parm: arp_validate:validate src/dst of ARP probes; 0 for none (default), 1 for active, 2 for backup, 3 for all (charp)
parm: arp_all_targets:fail on any/all arp targets timeout; 0 for any (default), 1 for all (charp)
parm: fail_over_mac:For active-backup, do not set all slaves to the same MAC; 0 for none (default), 1 for active, 2 for follow (charp)
parm: all_slaves_active:Keep all frames received on an interface by setting active flag for all slaves; 0 for never (default), 1 for always. (int)
parm: resend_igmp:Number of IGMP membership reports to send on link failure (int)
parm: packets_per_slave:Packets to send per slave in balance-rr mode; 0 for a random slave, 1 packet per slave (default), >1 packets per slave. (int)
parm: lp_interval:The number of seconds between instances where the bonding driver sends learning packets to each slaves peer switch. The default is 1. (uint)
[root@superman-21 ~]#
更多命令请在root权限下使用modprobe --help查看。
29.2.2 创建频道绑定接口
要创建绑定接口,可在root权限下通过在 /etc/sysconfig/network-scripts/ 目录中创建名为 ifcfg-bondN 的文件(使用接口号码替换 N,比如 0)。
根据要绑定接口类型的配置文件来编写相应的内容,比如网络接口。接口配置文件示例如下:
[root@superman-21 ~]# cat /etc/sysconfig/network-scripts/ifcfg-bond0
DEVICE=bond0
NAME=bond0
TYPE=Bond
BONDING_MASTER=yes
IPADDR=192.168.0.21
PREFIX=24
ONBOOT=yes
BOOTPROTO=none
BONDING_OPTS="=mode=active-backup"
[root@superman-21 ~]#
29.2.3 创建从属接口
创建频道绑定接口后,必须在从属接口的配置文件中添加 MASTER 和 SLAVE 指令。
例如将两个网络接口enp3s0 和 enp4s0 以频道方式绑定,其配置文件示例分别如下:
[root@superman-21 ~]# cat /etc/sysconfig/network-scripts/ifcfg-bond-slave-ens33
TYPE=Ethernet
NAME=bond-slave-ens33
UUID=530e5a4d-9bf5-4151-97a7-5fc34790f610
DEVICE=ens33
ONBOOT=yes
MASTER=bond0
SLAVE=yes
[root@superman-21 ~]#
[root@superman-21 ~]# cat /etc/sysconfig/network-scripts/ifcfg-bond-slave-ens36
TYPE=Ethernet
NAME=bond-slave-ens36
UUID=006f3c08-ffd7-45ab-8f8b-2b79dbb640da
DEVICE=ens36
ONBOOT=yes
MASTER=bond0
SLAVE=yes
[root@superman-21 ~]#
29.2.4 激活频道绑定
要激活绑定,则需要启动所有从属接口。请在root权限下,运行以下命令:
[root@superman-21 ~]# ifup ens33
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/7)
[root@superman-21 ~]#
[root@superman-21 ~]# ifup ens36
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/8)
[root@superman-21 ~]#
说明: 对于已经处于“up”状态的接口,请首先使用“ifdown ens33 ”命令修改状态为down,其中 ens36 为实际网卡名称。
完成后,启动所有从属接口以便启动绑定(不将其设定为 “down”)。
要让 NetworkManager 感知到系统所做的修改,在每次修改后,请在root权限下,运行以下命令:
[root@superman-21 ~]# nmcli con load /etc/sysconfig/network-scripts/ifcfg-device
[root@superman-21 ~]#
查看绑定接口的状态,请在root权限下运行以下命令:
[root@superman-21 ~]# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: ens33: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc fq_codel master bond0 state UP mode DEFAULT group default qlen 1000
link/ether 00:0c:29:96:c9:e1 brd ff:ff:ff:ff:ff:ff permaddr 00:0c:29:96:c9:d7
altname enp2s1
3: ens36: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc fq_codel master bond0 state UP mode DEFAULT group default qlen 1000
link/ether 00:0c:29:96:c9:e1 brd ff:ff:ff:ff:ff:ff
altname enp2s4
4: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
link/ether 00:0c:29:96:c9:e1 brd ff:ff:ff:ff:ff:ff
5: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default qlen 1000
link/ether 52:54:00:bc:bb:cd brd ff:ff:ff:ff:ff:ff
6: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc fq_codel master virbr0 state DOWN mode DEFAULT group default qlen 1000
link/ether 52:54:00:bc:bb:cd brd ff:ff:ff:ff:ff:ff
[root@superman-21 ~]#
29.2.5 创建多个绑定
系统会为每个绑定创建一个频道绑定接口,包括 BONDING_OPTS 指令。使用这个配置方法可让多个绑定设备使用不同的配置。请按照以下操作创建多个频道绑定接口:
- 创建多个 ifcfg-bondN 文件,文件中包含 BONDING_OPTS 指令,让网络脚本根据需要创建绑定接口。
- 创建或编辑要绑定的现有接口配置文件,添加 SLAVE 指令。
- 使用 MASTER 指令工具在频道绑定接口中分配要绑定的接口,即从属接口。
以下是频道绑定接口配置文件示例:
DEVICE=bondN
NAME=bondN
TYPE=Bond
BONDING_MASTER=yes
IPADDR=192.168.0.21
PREFIX=24
ONBOOT=yes
BOOTPROTO=none
BONDING_OPTS="bonding parameters separated by spaces"
在这个示例中,使用绑定接口的号码替换 N。例如要创建两个接口,则需要使用正确的 IP 地址创建两个配置文件 ifcfg-bond0 和 ifcfg-bond1。
