linux - advanced network configuration

1. Network Bridging

Experimental environment: real host

1. NAT network configuration

1. Original gateway

2. Modify configuration

[root@foundation77 network-scripts]# mv ifcfg-br0 ifcfg-p4p2 /mnt/   将网卡和桥接配置文件备份
[root@foundation77 network-scripts]# vim ifcfg-p4p2  编辑网卡配置
DEVICE=p4p2
ONBOOT=yes
BOOTPROTO=none
IPADDR=172.25.254.77
PREFIX=24

3. Create a new virtual machine, you can see that the virtual network is configured in NAT mode

2. Bridge configuration

Network bridging Using a network bridge to achieve shared Internet access between hosts and clients, in addition to using software, you can also use the network bridge that comes with the system to establish a connection. Use a machine with dual network cards as the host
1. Open the br0 bridge port for the network card

[root@foundation77 network-scripts]# vim ifcfg-p4p2 
DEVICE=p4p2
ONBOOT=yes
BOOTPROTO=none
BRIDGE=br0     控制设备的网卡p4p2开启br0接口

2. br0 interface settings

[root@foundation77 network-scripts]# vim ifcfg-br0 
DEVICE=br0
ONBOOT=yes
BOOTPROTO=none
IPADDR0=172.25.254.77
NETMASK=255.255.255.0
TYPE=Bridge          ！！！！桥接  如果不写表示以太网

3. Reset the network

4. Check the bridge

[root@foundation77 network-scripts]# brctl show
bridge name bridge id       STP enabled interfaces
br0     8000.847beb2656ef   no      p4p2
virbr0      8000.525400663632   yes     virbr0-nic

5. Create a new virtual machine and check that the network interface is in br0 mode.

6. System restore

[root@foundation77 network-scripts]# rm -fr ifcfg-br0 ifcfg-p4p2 
[root@foundation77 network-scripts]# mv /mnt/ifcfg-* .
[root@foundation77 network-scripts]# ls
ifcfg-1803               ifdown-ippp      ifup-bnep    ifup-Team
ifcfg-br0                ifdown-ipv6      ifup-eth     ifup-TeamPort
ifcfg-etho               ifdown-isdn      ifup-ib      ifup-tunnel
ifcfg-Hotspot            ifdown-post      ifup-ippp    ifup-wireless
ifcfg-lo                 ifdown-ppp       ifup-ipv6    init.ipv6-global
ifcfg-p4p2               ifdown-routes    ifup-isdn    keys-1803

3. Temporary network bridge settings (virtual machine)

[root@foundation178 ~]# brctl show               查看网桥
[root@foundation178 ~]# brctl addbr br0          添加网桥
[root@foundation178 ~]# ifconfig br0 172.25.254.178/24    配置网桥
[root@foundation178~]# brctl addif br0 eth0       配置网桥接口的网卡
[root@foundation178 ~]# ifconfig br0 down         停止网桥（网桥工作状态下不能进行删除操作）
[root@foundation178 ~]# brctl delif br0 eth0     删除网桥接口
[root@foundation178 ~]# brctl delbr br0     删除网桥

2. Link aggregation: bond interface and team interface

1. bond network

bond network: redhat allows administrators to bond multiple network interfaces to a channel using bonding, a kernel module and a special network interface called a channel bonding interface. Depending on the bonding mode chosen, channel bonding enables two or more Multiple network interfaces are used as one network interface, thereby increasing the bandwidth and
1, mode 0 balance-rr (balanced polling)-polling strategy, all interfaces use polling mode to transmit packets in all slaves, any slave can accept
2 , mode 1, active-backup (active-backup) - fault tolerance, only one slave interface can be used at a time, but if the interface fails, another slave will take over the work
3, mode 2, broadcast (broadcast) - fault tolerance, all packets All broadcast
monitoring :watch -n 1 cat /proc/net/bonding/nm-bond

nmcli connection add con-name bond0 type bond mode active-backup ip4 ip地址/24    新建bond接口，网卡阵列类型为主备式

2. Network card array

1. Add two network cards to the bond0 array

[root@foundation178 ~]# nmcli connection add con-name eth0 ifname eth0 type bond-slave master bond0     
[root@foundation178 ~]# nmcli connection add con-name eth1 ifname eth1 type bond-slave master bond0

At this time
, eth0 is working. When eth0 is destroyed, eth1 can take over immediately.
Destruction ifdown eth0

2. Delete bond

nmcli connection delete eth0
nmcli connection delete eth1
nmcli connection delete bond0

2. Team network interface configuration

1. The function of team interface
is similar to that of bond. Team does not need to be manually added to the corresponding kernel module. Team has stronger scalability and supports 8 fast network cards
. 2. The types of teams are:

broadcast (broadcast fault tolerance) roundrobin (polling) activebackup (active backup) loadbalance (load balancing)
3. Create a new team network interface

nmcli connection add con-name team0 ifname team0 type team config '{"runner":{"name":"activebackup"}}' ip4 ip地址/24  建立一个接口工作模式为主备式的team网络接口

4. Network card array
Add two network cards to the team

nmcli connection add con-name eth0 ifname eth0 type team-slave master team0
nmcli connection add con-name eth1 ifname eth1 type team-slave master team0

Check the status of the team interface. teamctl team0 stat

At this time, eth1 is working. After destroying eth1, eth0 immediately takes over the working

bond and team network interface. After adding a network card, the network is smooth. The experimental environment is active and standby. The same is true for other working modes.