Linux 7/Centos 7实现双网卡绑定—team方式

原创 Leo 2022-12-18

4598

文档课题：Linux 7实现双网卡绑定—team方式.
实验目标：实现网络高可用，防止一条网线或交换机故障影响物理机的数据交互.
系统：centos 7.9 64位
环境介绍：vmware虚拟机+网卡为桥接模式.
team四种模式：broadcast(广播模式)、activebackup(主备模式)、roundrobin(轮训模式)、loadbalance(负载均衡)，此次测试主备模式与负载均衡模式.
1、添加网卡

添加2块桥接模式的网卡，加上此前网卡共3块网卡.

[root@liujun ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
     valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:98:c5:5f brd ff:ff:ff:ff:ff:ff
    inet 192.168.133.120/24 brd 192.168.133.255 scope global noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::7a67:bcbd:74f5:a64a/64 scope link noprefixroute
       valid_lft forever preferred_lft forever
3: ens37: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:98:c5:69 brd ff:ff:ff:ff:ff:ff
    inet 192.168.3.26/24 brd 192.168.3.255 scope global noprefixroute dynamic ens37
       valid_lft 83304sec preferred_lft 83304sec
    inet6 fe80::670f:4bc0:dd2b:86ab/64 scope link noprefixroute
       valid_lft forever preferred_lft forever
4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 52:54:00:a8:7c:6f brd ff:ff:ff:ff:ff:ff
  inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
5: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000
    link/ether 52:54:00:a8:7c:6f brd ff:ff:ff:ff:ff:ff
6: ens38: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:98:c5:73 brd ff:ff:ff:ff:ff:ff
    inet 192.168.3.27/24 brd 192.168.3.255 scope global noprefixroute dynamic ens38
       valid_lft 86086sec preferred_lft 86086sec
    inet6 fe80::46fe:1c1:a824:9da9/64 scope link noprefixroute
       valid_lft forever preferred_lft forever
注意：此时ens37、ens38 mac地址不同.
2、网卡绑定
2.1、主备模式
主备模式表示一个网卡处于活跃状态，另一个处于备份状态，所有流量都在主链路上处理，当活跃网卡down掉时，启用备用网卡.此处测试将ens37、ens38绑定为team0.
2.1.1、创建team0网卡
[root@liujun ~]# nmcli con add type team con-name team0 ifname team0 config '{"runner":{"name":"activebackup"}}'
Connection 'team0' (9923e4b2-afc7-448b-8bf5-b043813bfc94) successfully added.
[root@liujun ~]# teamdctl team0 state
setup:
runner: activebackup
runner:
active port:
说明：后续以activebackup模式添加物理网卡ens37、ens38到team0.
2.1.2、添加IP

[root@liujun ~]# nmcli con modify team0 ipv4.address 192.168.3.30/24 ipv4.gateway 192.168.3.1 ipv4.dns 192.168.3.1 ipv4.method manual
2.1.3、添加网卡
--添加物理网卡到team0.
[root@liujun ~]# nmcli con add type team-slave con-name team0-port1 ifname ens37 master team0
Connection 'team0-port1' (93359cca-dff5-4521-941d-0454cfc1a071) successfully added.
[root@liujun ~]# nmcli con add type team-slave con-name team0-port2 ifname ens38 master team0
Connection 'team0-port2' (c2c99e42-c296-4641-ab67-d80ac23258a9) successfully added.
2.1.4、启动服务
--启动相关服务,查team0状态.
[root@liujun ~]# teamdctl team0 state
setup:
runner: activebackup
runner:
active port:
--重启team0网卡、network、networkmanager服务
[root@liujun ~]# nmcli connection down team0 && nmcli connection up team0
[root@liujun ~]# systemctl restart NetworkManager
[root@liujun ~]# service network restart
Restarting network (via systemctl):                        [ OK ]
[root@liujun ~]# teamdctl team0 state
setup:
runner: activebackup
ports:
ens37
    link watches:
      link summary: up
    instance[link_watch_0]:
        name: ethtool
        link: up
        down count: 0
ens38
    link watches:
      link summary: up
      instance[link_watch_0]:
        name: ethtool
        link: up
        down count: 0
runner:
active port: ens37
说明：ens37、ens38状态正常.
2.1.5、故障验证
2.1.5.1、ens37故障
--模拟ens37故障.
[root@liujun ~]# ifdown ens37
Device 'ens37' successfully disconnected.
[root@liujun ~]# teamdctl team0 state
setup:
runner: activebackup
ports:
ens38
    link watches:
      link summary: up
      instance[link_watch_0]:
        name: ethtool
        link: up
        down count: 0
runner:
active port: ens38
[root@liujun ~]# nmcli con show
NAME         UUID                                  TYPE      DEVICE
ens33       c96bc909-188e-ec64-3a96-6a90982b08ad ethernet ens33
team0       2e074b83-f936-4ca8-ac31-42b9f3127cef team      team0
virbr0       6cf3fcdb-eb07-479c-96eb-c657057841ec bridge    virbr0
team0-port2 8f3cc66a-9ecb-49a7-a1db-46437dec6667 ethernet ens38
team0-port1 da213943-8cdf-43a7-b469-84e7ba9c54df ethernet --
--windows端测互通性.
C:\Users\Administrator>ping 192.168.3.30 -t

正在 Ping 192.168.3.30 具有 32 字节的数据:
来自 192.168.3.30 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.3.30 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.3.30 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.3.30 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.3.30 的回复: 字节=32 时间<1ms TTL=64
说明：可以看到即使ens37发生故障，网络依然能ping通.
2.1.5.2、ens38故障
--模拟ens38故障.
[root@liujun ~]# ifup ens37
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/10)
[root@liujun ~]# nmcli con show
NAME         UUID                                  TYPE      DEVICE
ens33       c96bc909-188e-ec64-3a96-6a90982b08ad ethernet ens33
team0       2e074b83-f936-4ca8-ac31-42b9f3127cef team      team0
virbr0       6cf3fcdb-eb07-479c-96eb-c657057841ec bridge    virbr0
team0-port1 da213943-8cdf-43a7-b469-84e7ba9c54df ethernet ens37
team0-port2 8f3cc66a-9ecb-49a7-a1db-46437dec6667 ethernet ens38
[root@liujun ~]# ifdown ens38
Device 'ens38' successfully disconnected.
[root@liujun ~]# teamdctl team0 stat
setup:
runner: activebackup
ports:
ens37
    link watches:
      link summary: up
      instance[link_watch_0]:
        name: ethtool
        link: up
        down count: 0
runner:
active port: ens37
--windows端测互通性.
C:\Users\Administrator>ping 192.168.3.30 -t

正在 Ping 192.168.3.30 具有 32 字节的数据:
来自 192.168.3.30 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.3.30 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.3.30 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.3.30 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.3.30 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.3.30 的回复: 字节=32 时间<1ms TTL=64
说明：可以看到即使ens38发生故障，网络依然能ping通.
2.1.6、相关信息
[root@liujun ~]# ifup ens38
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/11)
[root@liujun ~]# teamdctl team0 stat
setup:
runner: activebackup
ports:
ens37
    link watches:
      link summary: up
      instance[link_watch_0]:
        name: ethtool
        link: up
        down count: 0
ens38
    link watches:
      link summary: up
      instance[link_watch_0]:
        name: ethtool
        link: up
        down count: 0
runner:
active port: ens37 --当前活动网卡
--IP地址信息.
[root@liujun ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:98:c5:5f brd ff:ff:ff:ff:ff:ff
    inet 192.168.133.120/24 brd 192.168.133.255 scope global noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::7a67:bcbd:74f5:a64a/64 scope link noprefixroute
       valid_lft forever preferred_lft forever
3: ens37: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master team0 state UP group default qlen 1000
    link/ether 00:0c:29:98:c5:69 brd ff:ff:ff:ff:ff:ff
4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 52:54:00:a8:7c:6f brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
5: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000
    link/ether 52:54:00:a8:7c:6f brd ff:ff:ff:ff:ff:ff
6: ens38: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master team0 state UP group default qlen 1000
    link/ether 00:0c:29:98:c5:69 brd ff:ff:ff:ff:ff:ff
11: team0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:0c:29:98:c5:69 brd ff:ff:ff:ff:ff:ff
    inet 192.168.3.30/24 brd 192.168.3.255 scope global noprefixroute team0
       valid_lft forever preferred_lft forever
    inet6 fe80::7ffa:6330:9d17:a628/64 scope link noprefixroute
       valid_lft forever preferred_lft forever
注意：team0、ens37、ens38在绑定后，mac地址都变为00:0c:29:98:c5:69.
--网卡信息.
[root@liujun network-scripts]# cat ifcfg-team0
TEAM_CONFIG="{\"runner\": {\"name\": \"activebackup\", \"tx_hash\": [\"eth\", \"ipv4\", \"ipv6\"]}}"
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=team0
UUID=0c3e3560-4e90-4f3b-8a44-d1efbad948f5
DEVICE=team0
ONBOOT=yes
DEVICETYPE=Team
IPADDR=192.168.3.30
PREFIX=24
GATEWAY=192.168.3.1
DNS1=192.168.3.1
[root@liujun network-scripts]# cat ifcfg-team0-port1
NAME=team0-port1
UUID=93359cca-dff5-4521-941d-0454cfc1a071
DEVICE=ens37
ONBOOT=yes
TEAM_MASTER=team0
DEVICETYPE=TeamPort
[root@liujun network-scripts]# cat ifcfg-team0-port2
NAME=team0-port2
UUID=c2c99e42-c296-4641-ab67-d80ac23258a9
DEVICE=ens38
ONBOOT=yes
TEAM_MASTER=team0
DEVICETYPE=TeamPort
2.2、负载均衡模式
2.2.1、解绑
--配置team0负载均衡模式前解除此前测试的主备模式team0网卡绑定.
[root@liujun network-scripts]# rm -rf ifcfg-team0
[root@liujun network-scripts]# rm -rf ifcfg-team0-port1
[root@liujun network-scripts]# rm -rf ifcfg-team0-port2
[root@liujun network-scripts]# service network restart
Restarting network (via systemctl):                        [ OK ]
[root@liujun ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:98:c5:5f brd ff:ff:ff:ff:ff:ff
    inet 192.168.133.120/24 brd 192.168.133.255 scope global noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::7a67:bcbd:74f5:a64a/64 scope link noprefixroute
       valid_lft forever preferred_lft forever
3: ens37: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:98:c5:69 brd ff:ff:ff:ff:ff:ff
    inet 192.168.3.29/24 brd 192.168.3.255 scope global noprefixroute dynamic ens37
       valid_lft 86396sec preferred_lft 86396sec
    inet6 fe80::670f:4bc0:dd2b:86ab/64 scope link noprefixroute
       valid_lft forever preferred_lft forever
4: ens38: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:98:c5:73 brd ff:ff:ff:ff:ff:ff
    inet 192.168.3.27/24 brd 192.168.3.255 scope global noprefixroute dynamic ens38
       valid_lft 86396sec preferred_lft 86396sec
    inet6 fe80::46fe:1c1:a824:9da9/64 scope link noprefixroute
       valid_lft forever preferred_lft forever
5: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 52:54:00:a8:7c:6f brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
6: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000
link/ether 52:54:00:a8:7c:6f brd ff:ff:ff:ff:ff:ff
说明：网卡恢复绑定前状态，ens37、ens38均有各自的mac地址.
2.2.2、创建team0网卡
--以loadbalance模式创建team0网卡.
[root@liujun ~]# nmcli con add type team con-name team0 ifname team0 config '{"runner":{"name":"loadbalance"}}'
Connection 'team0' (0c3e3560-4e90-4f3b-8a44-d1efbad948f5) successfully added.
2.2.3、添加ip
[root@liujun ~]# nmcli con modify team0 ipv4.address 192.168.3.30/24 ipv4.gateway 192.168.3.1 ipv4.dns 192.168.3.1 ipv4.method manual
2.2.4、添加网卡
[root@liujun ~]# nmcli con add type team-slave con-name team0-port1 ifname ens37 master team0
Connection 'team0-port1' (7e13151e-7ae7-4c9f-9a6f-cb8c687d2edb) successfully added.
[root@liujun ~]# nmcli con add type team-slave con-name team0-port2 ifname ens38 master team0
Connection 'team0-port2' (4dcf19af-a2f5-4708-a029-2b43003533e9) successfully added.
2.2.5、启动服务
[root@liujun ~]# nmcli connection down team0 && nmcli connection up team0
[root@liujun ~]# systemctl restart network
[root@liujun ~]# teamdctl team0 stat
setup:
runner: loadbalance
ports:
ens37
    link watches:
      link summary: up
      instance[link_watch_0]:
        name: ethtool
        link: up
        down count: 0
ens38
    link watches:
      link summary: up
      instance[link_watch_0]:
        name: ethtool
        link: up
        down count: 0
2.2.6、故障验证
--分别模拟ens37和ens38故障.
[root@liujun ~]# ifdown ens37
Device 'ens37' successfully disconnected.
[root@liujun ~]# ifup ens37
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/22)
[root@liujun ~]# ifdown ens38
Device 'ens38' successfully disconnected.
[root@liujun ~]# ifup ens38
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/23)
--windows端在分别关闭开启ens37、ens38期间均能ping通服务器.
C:\Users\Administrator>ping 192.168.3.30 -t

正在 Ping 192.168.3.30 具有 32 字节的数据:
来自 192.168.3.30 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.3.30 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.3.30 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.3.30 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.3.30 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.3.30 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.3.30 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.3.30 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.3.30 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.3.30 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.3.30 的回复: 字节=32 时间<1ms TTL=64
2.2.7、相关信息
[root@liujun network-scripts]# cat ifcfg-team0
TEAM_CONFIG="{\"runner\": {\"name\": \"loadbalance\", \"tx_hash\": [\"eth\", \"ipv4\", \"ipv6\"]}}"
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=team0
UUID=0c3e3560-4e90-4f3b-8a44-d1efbad948f5
DEVICE=team0
ONBOOT=yes
DEVICETYPE=Team
IPADDR=192.168.3.30
PREFIX=24
GATEWAY=192.168.3.1
DNS1=192.168.3.1
[root@liujun network-scripts]# cat ifcfg-team0-port1
NAME=team0-port1
UUID=7e13151e-7ae7-4c9f-9a6f-cb8c687d2edb
DEVICE=ens37
ONBOOT=yes
TEAM_MASTER=team0
DEVICETYPE=TeamPort
[root@liujun network-scripts]# cat ifcfg-team0-port2
NAME=team0-port2
UUID=4dcf19af-a2f5-4708-a029-2b43003533e9
DEVICE=ens38
ONBOOT=yes
TEAM_MASTER=team0
DEVICETYPE=TeamPort
3、补充知识
[root@liujun ~]# nmcli dev dis ens37 --关闭绑定状态
[root@liujun ~]# nmcli dev con ens37 --恢复绑定状态

参考网址：
https://blog.csdn.net/weixin_51173317/article/details/124166915
https://blog.csdn.net/xjjj064/article/details/121779866

网络安全

「喜欢这篇文章，您的关注和赞赏是给作者最好的鼓励」

关注作者

Linux 7/Centos 7实现双网卡绑定—team方式

1、添加网卡

2、网卡绑定

2.1、主备模式

2.1.1、创建team0网卡

2.1.2、添加IP

2.1.3、添加网卡

2.1.4、启动服务

2.1.5、故障验证

2.1.5.1、ens37故障

2.1.5.2、ens38故障

2.1.6、相关信息

2.2、负载均衡模式

2.2.1、解绑

2.2.2、创建team0网卡

2.2.3、添加ip

2.2.4、添加网卡

2.2.5、启动服务

2.2.6、故障验证

2.2.7、相关信息

3、补充知识

评论