網絡的路由配置以及Centos7的網絡組實現
路由是互聯網絡的核心,沒有路由的網絡如同一座孤島,掌握路由的配置是IT人員的必備技能。下面是本站小編精心為大家整理的網絡的路由配置以及Centos7的網絡組實現,希望對大家有幫助,更多內容請關注應屆畢業生網!
1、路由配置
路由是互聯網絡的核心,沒有路由的網絡如同一座孤島,掌握路由的配置是IT人員的`必備技能。
例如:現在有三台主機需要通信,其中A和B在同一網段,C在另一網段,這兩個網段有三個路由相隔,如何實現他們之間的通信呢?
主機A:IP=
主機B:IP=
主機C:IP=
R1的接口0:IP=,接口1:IP=
R2的接口0:IP=,接口1:IP=
R3的接口0:IP=,接口1:IP=
通過分析上面的網絡環境,可以得到R1,R2和R3的路由信息,這裏我們指定每一個路由的靜態路由表
R1:路由表
網段 網關接口
eth0
eth1
eth1
eth1
eth1
R2:路由表
網段 網關接口
eth0
eth0
eth1
eth1
外網IP(這裏不寫)
R3:路由表
網段 網關接口
eth0
eth0
eth0
eth1
eth0
這裏用3台centos系統作為路由
用node1主機來做route1
[root@node1~]#ipaddrshowdeveth1
3:eth1:mtu1500qdiscpfifo_faststateUPqlen1000
link/ether00:0c:29:e2:96:7cbrdff:ff:ff:ff:ff:ff
inet6fe80::20c:29ff:fee2:967c/64scopelink
valid_lftforeverpreferred_lftforever
[root@node1~]#ipaddrshowdeveth2
4:eth2:mtu1500qdiscpfifo_faststateUPqlen1000
link/ether00:0c:29:e2:96:86brdff:ff:ff:ff:ff:ff
inet6fe80::20c:29ff:fee2:9686/64scopelink
valid_lftforeverpreferred_lftforever
[root@node1~]#
[root@node1~]#route-n
KernelIProutingtable
DestinationGatewayGenmaskFlagsMetricRefUseIface
U000eth1
U000eth2
UG000eth2
UG000eth2
U000eth0
U10020
[root@node1~]#echo1>/proc/sys/net/ipv4/ip_forward
note2用來做route2
[root@node2~]#
[root@node2~]#
[root@node2~]#ipaddrshowdeveth1
3:eth1:mtu1500qdiscpfifo_faststateUPqlen1000
link/ether00:0c:29:00:90:24brdff:ff:ff:ff:ff:ff
inet6fe80::20c:29ff:fe00:9024/64scopelink
valid_lftforeverpreferred_lftforever
[root@node2~]#ipaddrshowdeveth2
4:eth2:mtu1500qdiscpfifo_faststateUPqlen1000
link/ether00:0c:29:00:90:2ebrdff:ff:ff:ff:ff:ff
inet6fe80::20c:29ff:fe00:902e/64scopelink
valid_lftforeverpreferred_lftforever
[root@node2~]#route-n
KernelIProutingtable
DestinationGatewayGenmaskFlagsMetricRefUseIface
U000eth1
U000eth2
U000eth0
U100200eth0
U100300eth1
[root@node2~]#
[root@node2~]#
[root@node2~]#route-n
KernelIProutingtable
DestinationGatewayGenmaskFlagsMetricRefUseIface
UG000eth1
U000eth1
UG000eth2
U000eth2
U000eth0
U100200eth0
U100300eth1
[root@node2~]#echo1>/proc/sys/net/ipv4/ip_forward
note3用來做route3
[root@node3~]#
[root@node3~]#
[root@node3~]#ipaddrshowdeveth1
3:eth1:mtu1500qdiscpfifo_faststateUPqlen1000
link/ether00:0c:29:47:d8:e1brdff:ff:ff:ff:ff:ff
inet6fe80::20c:29ff:fe47:d8e1/64scopelink
valid_lftforeverpreferred_lftforever
[root@node3~]#ipaddrshowdeveth2
4:eth2:mtu1500qdiscpfifo_faststateUPqlen1000
link/ether00:0c:29:47:d8:ebbrdff:ff:ff:ff:ff:ff
inet6fe80::20c:29ff:fe47:d8eb/64scopelink
valid_lftforeverpreferred_lftforever
[root@node3~]#
[root@node3~]#route-n
KernelIProutingtable
DestinationGatewayGenmaskFlagsMetricRefUseIface
UG000eth1
UG000eth1
U000eth2
U000eth1
U000eth0
U100200eth0
U100300eth1
[root@node3~]#echo1>/proc/sys/net/ipv4/ip_forward
主機A:
[root@host1~]#
[root@host1~]#
[root@host1~]#ipaddrshowdeveno33554984
3:eno33554984:mtu1500qdiscpfifo_faststateUPqlen1000
link/ether00:0c:29:2b:82:a6brdff:ff:ff:ff:ff:ff
valid_lftforeverpreferred_lftforever
inet6fe80::20c:29ff:fe2b:82a6/64scopelink
valid_lftforeverpreferred_lftforever
[root@host1~]#route-n
-bash:route:commandnotfound
[root@host1~]#iprouteshow
deveno33554984
主機B:
[root@host2~]#ipaddrshowdeveno33554984
3:eno33554984:mtu1500qdiscpfifo_faststateUPqlen1000
link/ether00:0c:29:aa:22:47brdff:ff:ff:ff:ff:ff
valid_lftforeverpreferred_lftforever
inet6fe80::20c:29ff:feaa:2247/64scopelink
valid_lftforeverpreferred_lftforever
[root@host2~]#route-n
KernelIProutingtable
DestinationGatewayGenmaskFlagsMetricRefUseIface
U10000eno16777736
U000eno33554984
UGH000eno33554984
主機C:
root@debian:~#ipaddrshowdeveth1
3:eth1:mtu1500qdiscpfifo_faststateUPgroupdefaultqlen1000
link/ether00:0c:29:f1:04:08brdff:ff:ff:ff:ff:ff
valid_lftforeverpreferred_lftforever
root@debian:~#route-n
KernelIProutingtable
DestinationGatewayGenmaskFlagsMetricRefUseIface
U000eth0
U000eth1
UGH000eth1
root@debian:~#
至此所有配置已經結束,關閉所有主機的網關和selinux
測試:
在主機C上:
root@debian:~#
()eth1:56(84)bytesofdata.
:icmp_seq=1ttl=62time=0.691ms
:icmp_seq=2ttl=62time=1.17ms
^C
pingstatistics---
2packetstransmitted,2received,0%packetloss,time1000ms
rttmin/avg/max/mdev=0.691/0.931/1.171/0.240ms
root@debian:~#
()eth1:56(84)bytesofdata.
:icmp_seq=1ttl=61time=1.22ms
:icmp_seq=2ttl=61time=0.927ms
^C
pingstatistics---
2packetstransmitted,2received,0%packetloss,time1001ms
rttmin/avg/max/mdev=0.927/1.074/1.221/0.147ms
root@debian:~#
()eth1:56(84)bytesofdata.
:icmp_seq=1ttl=61time=1.21ms
:icmp_seq=2ttl=61time=1.78ms
^C
pingstatistics---
2packetstransmitted,2received,0%packetloss,time1001ms
rttmin/avg/max/mdev=1.214/1.497/1.780/0.283ms
root@debian:~#
在主機A上:
[root@host1~]#
()eno33554984:56(84)bytesofdata.
:icmp_seq=1ttl=61time=0.985ms
:icmp_seq=2ttl=61time=1.09ms
:icmp_seq=3ttl=61time=1.89ms
:icmp_seq=4ttl=61time=2.00ms
^C
pingstatistics---
4packetstransmitted,4received,0%packetloss,time3005ms
rttmin/avg/max/mdev=0.985/1.493/2.008/0.459ms
[root@host1~]#
在主機B上:
[root@host2~]#
()eno33554984:56(84)bytesofdata.
:icmp_seq=1ttl=61time=1.15ms
:icmp_seq=2ttl=61time=1.93ms
:icmp_seq=3ttl=61time=0.979ms
^C
pingstatistics---
3packetstransmitted,3received,0%packetloss,time2003ms
rttmin/avg/max/mdev=0.979/1.355/1.930/0.412ms
[root@host2~]#
()eno33554984:56(84)bytesofdata.
:icmp_seq=1ttl=62time=0.751ms
:icmp_seq=2ttl=62time=0.807ms
:icmp_seq=3ttl=62time=1.33ms
^C
pingstatistics---
3packetstransmitted,3received,0%packetloss,time2000ms
rttmin/avg/max/mdev=0.751/0.964/1.335/0.264ms
[root@host2~]####不知道為啥ping不通
()eno33554984:56(84)bytesofdata.
icmp_seq=1DestinationHostUnreachable
icmp_seq=2DestinationHostUnreachable
icmp_seq=3DestinationHostUnreachable
^C
pingstatistics---
5packetstransmitted,0received,+3errors,100%packetloss,time4002ms
pipe4
[root@host2~]#
()eno33554984:56(84)bytesofdata.
:icmp_seq=1ttl=63time=0.556ms
:icmp_seq=2ttl=63time=2.15ms
:icmp_seq=3ttl=63time=0.972ms
^C
pingstatistics---
3packetstransmitted,3received,0%packetloss,time2002ms
rttmin/avg/max/mdev=0.556/1.228/2.157/0.678ms
[root@host2~]#
()eno33554984:56(84)bytesofdata.
:icmp_seq=1ttl=64time=0.282ms
:icmp_seq=2ttl=64time=0.598ms
:icmp_seq=3ttl=64time=0.367ms
^C
pingstatistics---
3packetstransmitted,3received,0%packetloss,time2000ms
rttmin/avg/max/mdev=0.282/0.415/0.598/0.135ms
[root@host2~]#
os7的網絡組實現
網絡組類似於centos6的bond,都是多個網卡使用一個IP,是增強網絡健壯性的一個手段
網絡組:是將多個網卡聚合在一起方法,從而實現宂錯和提高吞吐量
網絡組不同於舊版中bonding技術,提供更好的性能和擴展性
網絡組由內核驅動和teamd守護進程實現.包名是teamd
啟動網絡組接口不會自動啟動網絡組中的port接口啟動網絡組接口中的port接口不會自動啟動網絡組接口禁用網絡組接口會自動禁用網絡組中的port接口沒有port接口的網絡組接口可以啟動靜態IP連接啟用DHCP連接時,沒有port接口的網絡組會等待port接口的加入
具體的runner方式可以查看man 5 幫助
創建網絡組接口:
[root@linux~]#nmcliconaddtypeteamcon-nametestifnameteam0config'{"runner":{"name":"activebackup"}}'
Connection'test'(5a3bfb26-993f-45ad-add6-246ff419e7bd)successfullyadded.
此時在網絡配置目錄下生成了一個文件
[root@linux~]#ls/etc/sysconfig/network-scripts/ifcfg-test
/etc/sysconfig/network-scripts/ifcfg-test
[root@linux~]#nmclidevshowteam0
CE:team0
:team
DR:82:D0:69:2C:48:6E
E:70(connecting(gettingIPconfiguration))
ECTION:test
-PATH:/org/freedesktop/NetworkManager/ActiveConnection/3
[root@linux~]#nmcliconshow
NAMEUUIDTYPEDEVICE
eno33554984fb67dbad-ec81-39b4-42b1-ebf975c3ff13802-3-etherneteno33554984
eno16777736d329fbf7-4423-4a10-b097-20b266c26768802-3-etherneteno16777736
eno50332208d2665055-8e83-58f1-e9e3-49a5fb133641802-3-etherneteno50332208
test5a3bfb26-993f-45ad-add6-246ff419e7bdteamteam0
給team0設置靜態IP和開機自啟動
[root@linux~]#esses""connectyes
[root@linux~]#cat/etc/sysconfig/network-scripts/ifcfg-test
DEVICE=team0
TEAM_CONFIG="{"runner":{"name":"activebackup"}}"
DEVICETYPE=Team
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
NAME=test
UUID=5a3bfb26-993f-45ad-add6-246ff419e7bd
ONBOOT=yes
IPADDR=
PREFIX=16
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
[root@linux~]#
創建兩個port接口
[root@linux~]#nmcliconaddtypeteam-slavecon-nametest-1ifnameeno33554984masterteam0
Connection'test-1'(234c3e91-d90d-421c-ae88-133deddfce94)successfullyadded.
[root@linux~]#nmcliconaddtypeteam-slavecon-nametest-2ifnameeno50332208masterteam0
Connection'test-2'(116ef596-d983-456c-a6ae-a74a4f8c03dc)successfullyadded.
[root@linux~]#
[root@linux~]#cat/etc/sysconfig/network-scripts/ifcfg-test-1
NAME=test-1
UUID=234c3e91-d90d-421c-ae88-133deddfce94
DEVICE=eno33554984
ONBOOT=yes
TEAM_MASTER=team0
DEVICETYPE=TeamPort
[root@linux~]#cat/etc/sysconfig/network-scripts/ifcfg-test-2
NAME=test-2
UUID=116ef596-d983-456c-a6ae-a74a4f8c03dc
DEVICE=eno50332208
ONBOOT=yes
TEAM_MASTER=team0
DEVICETYPE=TeamPort
查看網絡組狀態:
[root@linux~]#teamdctlteam0stat
setup:
runner:activebackup
runner:
activeport:
發現port端口均沒有開啟
開啟port端口
[root@linux~]#nmcliconuptest-1
Connectionsuccessfullyactivated(D-Busactivepath:/org/freedesktop/NetworkManager/ActiveConnection/5)
[root@linux~]#nmcliconuptest-2
Connectionsuccessfullyactivated(D-Busactivepath:/org/freedesktop/NetworkManager/ActiveConnection/7)
[root@linux~]#teamdctlteam0stat
setup:
runner:activebackup
ports:
eno33554984
linkwatches:
linksummary:up
instance[link_watch_0]:
name:ethtool
link:up
downcount:0
eno50332208
linkwatches:
linksummary:up
instance[link_watch_0]:
name:ethtool
link:up
downcount:0
runner:
activeport:eno33554984
可以看到端口開啟成功
[root@linux~]#
()team0:56(84)bytesofdata.
:icmp_seq=1ttl=64time=0.500ms
:icmp_seq=2ttl=64time=0.804ms
^C
pingstatistics---
2packetstransmitted,2received,0%packetloss,time1001ms
rttmin/avg/max/mdev=0.500/0.652/0.804/0.152ms
[root@linux~]#
配置成功,可以看到當前活動的是eno33554984,測試禁用後能否成功
[root@linux~]#nmclidevicedisconnecteno33554984
Device'eno33554984'successfullydisconnected.
[root@linux~]#
()team0:56(84)bytesofdata.
測試不成功,通過查找資料瞭解到當使用activebackup的runner時,必須加上一個參數
[root@linux~]#ig'{"runner":{"name":"activebackup","hwaddr_policy":"by_active"}}'
[root@linux~]#cat/etc/sysconfig/network-scripts/ifcfg-test
DEVICE=team0
TEAM_CONFIG="{"runner":{"name":"activebackup","hwaddr_policy":"by_active"}}"
DEVICETYPE=Team
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
NAME=test
UUID=5a3bfb26-993f-45ad-add6-246ff419e7bd
ONBOOT=yes
IPADDR=
PREFIX=16
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes