一、CentOS localback config
/etc/rc.d/rc.local.spineleaf
ip link set lo up
ip address add 10.30.112.59/32 dev lo
ip route replace default src 10.30.112.59 nexthop via 10.31.119.238二、Centos 7 Bond4 config
# 加载bonding模块
modprobe bonding
lsmod |grep bonding
/etc/modprobe.d/bond.conf
alias enp60s0f0 enp60s0f1 bond0 bonding
ifenslave bond4 enp60s0f0 enp60s0f1
/etc/sysconfig/network-scripts/ifcfg-enp60s0f0
TYPE=Ethernet
BOOTPROTO=none
NAME=enp59s0f0
DEVICE=enp59s0f0
ONBOOT=yes
NM_CONTROLLED=no
USERCTL=no
MASTER=bond0
SLAVE=yes
/etc/sysconfig/network-scripts/ifcfg-ens120f1
TYPE=Ethernet
BOOTPROTO=none
NAME=enp59s0f1
DEVICE=enp59s0f1
ONBOOT=yes
NM_CONTROLLED=no
USERCTL=no
MASTER=bond0
SLAVE=yes
/etc/sysconfig/network-scripts/ifcfg-bond0
DEVICE=bond0
TYPE=Bond
ONBOOT=yes
BOOTPROTO=static
NM_CONTROLLED=no
USERCTL=no
BONDING_OPTS="mode=4 miimon=100 ad_select=1 updelay=200 xmit_hash_policy=2"
IPADDR=10.100.19.35
NETMASK=255.255.255.240
GATEWAY=10.100.19.46
# 重启服务,使配置生效:
systemctl status NetworkManager firewalld
systemctl network restart
# bonding状态查看:
cat /proc/net/bonding/三、CentOS 8 Bond4 config
nmcli con add type bond ifname bond0 con-name bond0 mode 802.3ad
nmcli con add type bond-slave ifname ens120f0 master bond0
nmcli con add type bond-slave ifname ens120f1 master bond0
nmcli con modify bond0 ipv4.address 10.30.117.1/24 ipv4.gateway 10.30.117.254 ipv4.method manual ipv6.method ignore
nmcli c reload
nmcli c up bond0
vi /etc/sysconfig/network-scripts/ifcfg-ib0
# 调整meric优先级 以及 ip route
# 或删除网关地址
------------------------------------------------------------------------------------
NetworkManager有2个基本的概念:连接(Connection)和设备(Device)。
Device是操作系统层面能够识别到的网卡设备,如本地回环lo、本地网卡eth0(nmcli d命令可以查看到)。
Connection可以认为是Device对应的配置文件,也就是说一个Device可以对应多个Connection。
同一时间只有一个Connection是处于**状态的(nmcli c命令输出结果中绿色的行)。
使用NetworkManager配置bond 0
假设机器上目前有2个物理网卡ens33/ens36
# nmcli con add type bond ifname bond0 con-name bond0 mode balance-rr
# nmcli con add type bond-slave ifname ens33 master bond0
# nmcli con add type bond-slave ifname ens36 master bond0
# nmcli con modify bond0 ipv4.address 192.168.1.100/24 ipv4.gateway 192.168.1.254 ipv4.dns 114.114.114.114 ipv4.method manual ipv6.method ignore
使用NetworkManager配置vlan
# nmcli con add type bond ifname bond0 con-name bond0 mode balance-rr ipv4.method disabled ipv6.method ignore
# nmcli con add type bond-slave ifname ens33 master bond0
# nmcli con add type bond-slave ifname ens36 master bond0
# nmcli con add type vlan con-name bond0.101 ifname bond0.101 dev bond0 id 101 ipv4.addresses 192.168.1.100/24 ipv4.gateway 192.168.1.254 ipv4.dns 114.114.114.114 ipv4.method disabled ipv6.method ignore
使用NetworkManager配置单网卡多IP
先正常配置一个Connection:
# nmcli con add type ethernet ifname ens33 con-name ens33 ipv4.addresses 192.168.1.100/24 ipv4.gateway 192.168.1.254 ipv4.method disabled ipv6.method ignore
再按如下格式修改/etc/sysconfig/network-scripts/中的配置文件,然后nmcli con up ens33-1一下使之生效。四、CentOS 8 IB 配置
TYPE=InfiniBand
BOOTPROTO=static
NAME=ib0
DEVICE=ib0
ONBOOT=yes
IPADDR=10.103.117.12
#NETMASK=255.255.0.0
GATEWAY=10.103.255.254
METRIC=200
#nmcli c reload
#nmcli c up ib0五、IPTABLES 模板
*filter
:INPUT DROP [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
# -A INPUT -s 127.0.0.1/32 -d 127.0.0.1/32 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p udp -m udp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -p udp -m udp --dport 443 -j ACCEPT
# -A INPUT -s 192.168.131.10/32 -p tcp -m tcp --dport 20 -j ACCEPT
# -A INPUT -s 211.137.201.243 -p udp -m udp --dport 443 -j ACCEPT
-A INPUT -j DROP
-A FORWARD -j ACCEPT
-A OUTPUT -j ACCEPT
COMMIT作者:admin 创建时间:2023-04-27 13:38
最后编辑:admin 更新时间:2024-07-17 15:26
最后编辑:admin 更新时间:2024-07-17 15:26
