nmcli&&bond接口绑定

5042 字
25 分钟
nmcli&&bond接口绑定

nmcli&&bond接口绑定#

[TOC]


nmcli命令添加网络#

image-20260403140615314
image-20260403140615314

Terminal window
[root@Rocky10 ~]#ip a
........
4: ens256: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:46:d3:bf brd ff:ff:ff:ff:ff:ff
altname enp27s0
altname enx000c2946d3bf
# 多了一张网卡!ens256,这个时候我们仍然可以用nmtui命令进行添加网卡!
'但是他毕竟是图形化,速度挺慢的!'
[root@Rocky10 ~]#nmcli con add type ethernet ifname ens256 con-name my_net
Connection 'my_net' (e99de75f-71b3-4533-801a-421c97e3ff87) successfully added.
部分说明
nmcliNetworkManager 的命令行工具,用于管理网络连接
connection add表示要添加一个新的网络连接配置
type ethernet指定连接类型为 以太网(Ethernet)、其他类型包括 wifi、bond、bridge 等
ifname ens256指定该连接将绑定到名为 ens256 的网络接口(即物理或虚拟网卡) ⚠️ 注意:该接口必须存在(可通过 ip addr show 查看)
con-name my_net自定义连接名称,这里是 my_net、这个名称用于后续管理(如修改、激活、删除等),不等于接口名

✅ 执行后会发生什么?

  • 创建一个连接配置文件 会在 /etc/NetworkManager/system-connections/ 目录下生成一个名为 my_net.nmconnection 的配置文件
Terminal window
[root@Rocky10 ~]#ll /etc/NetworkManager/system-connections/
....
-rw------- 1 root root 184 Mar 10 21:04 my_net.nmconnection
  • 默认使用 DHCP ⚠️ 注意:上述命令没有指定 IP 配置方式,因此默认会启用 DHCP 自动获取 IP 地址
Terminal window
[root@Rocky10 ~]#grep -A 1 'ipv4' /etc/NetworkManager/system-connections/my_net.nmconnection
[ipv4]
method=auto
  • 连接不会自动激活 新建的连接默认不会立即生效,需要手动激活(除非系统设置为自动连接)。
Terminal window
[root@Rocky10 ~]#nmcli con show | grep my_net
NAME UUID TYPE DEVICE
my_net e99de75f-71b3-4533-801a-421c97e3ff87 ethernet --
'后面是两个--'
后面固定IP后再手动激活

🛠 如何设置为静态 IP

  • con modify (修改)
Terminal window
nmcli connection modify my_net \
ipv4.method manual \
ipv4.addresses 192.168.1.100/24 \
ipv4.gateway 192.168.1.2 \
ipv4.dns 114.114.114.114 \
connection.autoconnect yes
参数作用说明
nmcli connection modify my_net修改名为 my_net 的连接配置(必须已存在,有相应的配置文件!)
ipv4.method manual关键设置:将 IPv4 获取方式从默认的 auto(即 DHCP)改为 手动(静态 IP)
ipv4.addresses 192.168.1.100/24设置本机 IPv4 地址为 192.168.1.100,子网掩码为 255.255.255.0(即 /24)、⚠️ 注意:地址格式必须包含 CIDR 前缀(如 /24),否则会报错
ipv4.gateway 192.168.1.2指定默认网关为 192.168.1.2
ipv4.dns 114.114.114.114✅ 可指定多个 DNS,用逗号分隔,例如: ipv4.dns "114.114.114.114,8.8.8.8"
connection.autoconnect yes开启 开机自动激活 此连接
Terminal window
[root@Rocky10 ~]# nmcli connection modify my_net \
> ipv4.method manual \
> ipv4.addresses 192.168.1.100/24 \
> ipv4.gateway 192.168.1.2 \
> ipv4.dns 114.114.114.114 \
> connection.autoconnect yes
[root@Rocky10 ~]# nmcli con up my_net
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/14)
[root@Rocky10 ~]# nmcli con show
NAME UUID TYPE DEVICE
my_net e99de75f-71b3-4533-801a-421c97e3ff87 ethernet ens256
[root@Rocky10 ~]# cat /etc/NetworkManager/system-connections/my_net.nmconnection
'cat查看一下,可以和前面的配置文件对比一下!!'
[connection]
id=my_net
# 自定义名称!
uuid=e99de75f-71b3-4533-801a-421c97e3ff87
type=ethernet
interface-name=ens256
# 不能乱改!
[ethernet]
[ipv4]
address1=192.168.1.100/24
dns=114.114.114.114;
gateway=192.168.1.2
method=manual
[ipv6]
addr-gen-mode=default
method=auto
[proxy]

device VS connection#

  • nmcli connection(或简写为 nmcli con) 管理的是 连接配置 ,也就是网络连接的“配置文件” 每个连接可以包含 IP 设置、DNS、网关、是否 自动连接 等信息 一个设备 device(如 eth0)==可以绑定多个连接配置,但同一时间只能激活其中一个==
Terminal window
`查看所有连接配置`
[root@Rocky10 ~]# nmcli con show
NAME UUID TYPE DEVICE
ens160 7ca842f6-eea7-3c7d-a423-4a26177e6ec0 ethernet ens160
ens224 2e11b9ec-ec6f-4d2b-8e38-167639c7b70d ethernet ens224
my_net e99de75f-71b3-4533-801a-421c97e3ff87 ethernet ens256
lo 8fa2e1a3-296d-45c6-8fdd-3f10e3fddfb7 loopback lo
NAME:'连接配置(自定义)'
DEVICE:'设备名称(固定)'
--------------------------------------
如果你修改了连接配置(比如 IP 地址)
必须用 nmcli connection up 重新激活才能生效
--------------------------------------
# 可以删除一个连接配置:
nmcli connection delete "连接名称"
  • nmcli device(或简写为 nmcli dev) 显示的是系统中的 物理或虚拟网络设备(Devices),比如:
    • eth0(有线网卡)
    • wlan0(无线网卡)
    • lo(回环设备)
    • docker0(Docker 虚拟网桥)等
Terminal window
'查看所有网络设备及其状态:'
[root@Rocky10 ~]# nmcli device status
DEVICE TYPE STATE CONNECTION
ens160 ethernet connected ens160
ens224 ethernet connected ens224
ens256 ethernet connected my_net
lo loopback connected (externally) lo
# 这里第一个是设备名!后面是连接的配置名!
[root@Rocky10 ~]# nmcli device down ens256
Device 'ens256' successfully disconnected.
# 关闭了这个网卡设备
[root@Rocky10 ~]# nmcli device status
DEVICE TYPE STATE CONNECTION
.....
ens256 ethernet disconnected --
[root@Rocky10 ~]# nmcli device up ens256
Device 'ens256' successfully activated with 'e99de75f-71b3-4533-801a-421c97e3ff87'.
# 激活设备!

修改网卡名称#

创建 systemd .link 文件

.link 文件是 systemd 提供的网卡重命名机制,优先级高于 udev rules,是现代 Linux 的标准做法

创建 10-rename-ens1.link(ens1 → ens0)

Terminal window
vim 20-rename-ens2.link
[Match]
MACAddress=52:54:00:1c:80:ad
[Link]
Name=ens2
vim 00-rename-ens0.link
[Match]
MACAddress=52:54:00:ce:3f:af
[Link]
Name=ens0
Terminal window
cat > /etc/systemd/network/10-rename-ens1.link << 'EOF'
[Match]
MACAddress=52:54:00:d6:98:ee
[Link]
Name=ens0
EOF
Note

命名规则.link 文件按数字前缀排序加载,数字越小优先级越高

  • 别忘记修改 NetworkManager 中的配置文件📄
  • 运行时连接(存放在 /run/,重启丢失),需要克隆为持久化配置

克隆配置文件#

nmcli con clone 命令用于克隆(复制)一个现有的网络连接配置文件

Terminal window
nmcli connection clone <con-name> [<new-name>]
# <con-name>:必填参数。这是你要克隆的源连接的名称(或 UUID)
Tip

💡 注意事项

  • 克隆的是配置,不是状态:克隆操作只会复制连接的配置参数
    • 新连接默认处于==未激活状态==
  • UUID 会重新生成:虽然配置被复制了,但新连接会被分配一个全新的 UUID,以确保与原连接区分开

bond配置#

image-20260311181555873
image-20260311181555873

Terminal window
[root@R39 ~]# ip a
..........
3: ens256: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:32:84:54 brd ff:ff:ff:ff:ff:ff
altname enp27s0
altname enx000c29328454
4: ens224: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:32:84:4a brd ff:ff:ff:ff:ff:ff
altname enp19s0
altname enx000c2932844a
# 于是就多了两张网卡!
'ens256、ens224'
(1)创建主bond配置:
# 把多张网卡,加到一张网卡上!
root@A:~# nmcli connection add type bond ifname bond0 con-name bond0
Connection 'bond0' (95338b60-a706-4a25-8305-2bf68bb5aac2) successfully added.
[root@R39 ~]# ll /etc/NetworkManager/system-connections/bond0.nmconnection
-rw------- 1 root root 190 Mar 11 18:18 /etc/NetworkManager/system-connections/bond0.nmconnection
# 添加完,会有相应的配置文件!
[root@R39 system-connections]# cat bond0.nmconnection
[connection]
id=bond0
# nmcli中的name就是它!
uuid=48108391-4171-4bd3-a515-4401138de20a
type=bond
# 类型bond
interface-name=bond0
# 虚拟网卡!
[bond]
mode=balance-rr
# 默认是轮询
-----------------------------------
'mode=0(balance-rr / 轮询模式)按顺序轮流使用每个slave接口发送数据包'
'mode=1(active-backup / 主备模式)只有一个主接口处于活动状态,其余为备用;当主接口故障时,自动切换到备用接口'
其他模式还有:
mode=2(balance-xor)
mode=3(broadcast)
mode=4(802.3ad / LACP)
mode=5(balance-tlb)
mode=6(balance-alb)
-----------------------------------
[ipv4]
method=auto
# 自动获取ipv4的地址!
[ipv6]
addr-gen-mode=default
method=auto
# 这个ipv6也是自动获取,可以关闭或者忽略!
[proxy]
[root@R39 ~]# nmcli connection show | grep bond0
bond0 48108391-4171-4bd3-a515-4401138de20a bond bond0
(2)添加两张网卡到bond0:
'网卡类型:type bond-slave'
'从'
# master是bond0
[root@R39 ~]# nmcli con add type ethernet ifname ens224 con-name bond-ens224 port-type bond controller bond0
Connection 'bond-ens224' (59178a23-45e3-4b24-894b-93225c5b85f8) successfully added.
----------------------------
老版本命令:nmcli connection add type bond-slave ifname ens224 master bond0
# 一般有问题!
----------------------------
[root@R39 ~]# nmcli con add type ethernet ifname ens256 con-name bond-ens256 port-type bond controller bond0
Connection 'bond-ens256' (22889ff1-cf31-4bf5-89e1-8479aa3a34cd) successfully added.
# 创建后,con-name为bond-slave-ensxxx
'用于nmcli con 管理'
# 类型都是ethernet
[root@R39 ~]# nmcli connection show | grep bond
bond0 48108391-4171-4bd3-a515-4401138de20a bond bond0
bond-slave-ens224 95bf4543-955a-4a65-80b1-7d32c044d6ce ethernet ens224
bond-slave-ens256 e19c5461-2649-4f77-b066-7f5548e97a07 ethernet ens256
[root@R39 ~]# ll /etc/NetworkManager/system-connections/bond*
-rw------- 1 root root 190 Mar 11 18:18 /etc/NetworkManager/system-connections/bond0.nmconnection
-rw------- 1 root root 169 Mar 11 18:23 /etc/NetworkManager/system-connections/bond-slave-ens224.nmconnection
-rw------- 1 root root 169 Mar 11 18:22 /etc/NetworkManager/system-connections/bond-slave-ens256.nmconnection
# 同样有了slave接口的配置文件!
[root@R39 ~]# cat /etc/NetworkManager/system-connections/bond-slave-ens224.nmconnection
# slave接口bond配置文件
[connection]
id=bond-slave-ens224
uuid=95bf4543-955a-4a65-80b1-7d32c044d6ce
type=ethernet
# 类型以太网卡
controller=bond0
# 被bond0控制,虚拟网卡(device)
'此字段将本接口“绑定”到 bond0'
interface-name=ens224
# 具体物理网卡名称
port-type=bond
# 明确声明该连接作为端口(port)的角色类型
'设为 `bond` 表示它是 bond 接口的一个 slave 成员'
注意:controller + port-type=bond 是将一个以太网接口配置为 bond slave 的核心组合
[ethernet]
'以太网特定配置:留空'
# 可以配mac-address
[bond-port]
'Bond 端口高级选项:留空'
总结:这个配置文件的作用
1.将物理网卡 ens224 作为 slave 成员加入到名为 bond0 bond 接口中,并采用 bond 的默认行为(如主备或轮询等,由 bond0 的配置决定)
2.它本身不配置 IP 地址、不启动 DHCP,在bond0中配置IP地址!
[root@R39 ~]# nmcli con reload
# 使配置文件生效!
[root@R39 ~]# nmcli con up bond0
Connection successfully activated (controller waiting for ports) (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/6)
# 开始bond0
[root@R39 ~]# ip a sh bond0
5: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:0c:29:32:84:54 brd ff:ff:ff:ff:ff:ff
inet 192.168.179.152/24 brd 192.168.179.255 scope global dynamic noprefixroute bond0
valid_lft 1763sec preferred_lft 1763sec
inet6 fe80::af1e:defc:ca88:d4a0/64 scope link noprefixroute
valid_lft forever preferred_lft forever
# 可以查看bond0的ip地址!这里是自动分配的
'当然也可以改为静态!修改的是bond0的配置文件!'
3: ens256: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq master bond0 state UP group default qlen 1000
link/ether 00:0c:29:32:84:54 brd ff:ff:ff:ff:ff:ff
altname enp27s0
altname enx000c29328454
4: ens224: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq master bond0 state UP group default qlen 1000
link/ether 00:0c:29:32:84:54 brd ff:ff:ff:ff:ff:ff permaddr 00:0c:29:32:84:4a
altname enp19s0
altname enx000c2932844a
'这两张网卡,并没有IP地址!'
[root@R39 system-connections]# cat /proc/net/bonding/bond0
'查看 bond0 状态'
Ethernet Channel Bonding Driver: v6.12.0-124.8.1.el10_1.x86_64
Bonding Mode: load balancing (round-robin)
# 默认轮询
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0
Peer Notification Delay (ms): 0
Slave Interface: ens256
'slave接口'
MII Status: up
Speed: 10000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:32:84:54
Slave queue ID: 0
Slave Interface: ens224
'slave接口'
MII Status: up
Speed: 10000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:32:84:4a
Slave queue ID: 0
[root@R39 ~]# nmcli connection show bond0 | grep -i mode
ipv6.addr-gen-mode: default
bond.options: mode=balance-rr

主备切换#

Terminal window
[root@R101 ~]# nmcli con sho
NAME UUID TYPE DEVICE
eth0 030f55ac-9e82-3307-947c-9564675ea467 ethernet eth0
lo 9d7f205b-2f2e-4fc4-bcb9-b5a61aa9bf1f loopback lo
[root@R101 ~]# nmcli device status
DEVICE TYPE STATE CONNECTION
eth0 ethernet connected eth0
lo loopback connected (externally) lo
eth1 ethernet disconnected --
eth2 ethernet disconnected --
"上面两张网卡都是!LAN区段!"
[root@R101 ~]# nmcli con add type bond ifname bond0 con-name bond0 mode active-backup
'这个模式是主备切换模式!'
Connection 'bond0' (9e4471c0-d6a3-4f44-80ad-cf2be3dfce79) successfully added.
[root@R101 ~]# nmcli con show
NAME UUID TYPE DEVICE
eth0 030f55ac-9e82-3307-947c-9564675ea467 ethernet eth0
bond0 9e4471c0-d6a3-4f44-80ad-cf2be3dfce79 bond bond0
lo 9d7f205b-2f2e-4fc4-bcb9-b5a61aa9bf1f loopback lo
配置两个子接口!
[root@R101 ~]# nmcli con add type ethernet ifname eth1 con-name bond0-eth1 port-type bond controller bond0
Connection 'bond0-eth1' (e0e0efde-86ac-4984-b93e-35c78fb8e8b7) successfully added.
[root@R101 ~]# nmcli con add type ethernet ifname eth2 con-name bond0-eth2 port-type bond controller bond0
Connection 'bond0-eth2' (30328f42-bcb6-46b1-9597-5c48329cd755) successfully added.
[root@R101 ~]# nmcli con show
eth0 030f55ac--9564675ea467 ethernet eth0
bond0-eth1 e0e0efde--35c78fb8e8b7 ethernet eth1
bond0-eth2 30328f42--5c48329cd755 ethernet eth2
bond0 9e4471c0--cf2be3dfce79 bond bond0
lo 9d7f205b--b5a61aa9bf1f loopback lo
[root@R101 ~]# ip a
3: eth1: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc fq_codel master bond0 state UP group default qlen 1000
link/ether 00:0c:29:e9:26:ac brd ff:ff:ff:ff:ff:ff
altname enp11s0
altname ens192
altname enx000c29e926ac
4: eth2: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc fq_codel master bond0 state UP group default qlen 1000
link/ether 00:0c:29:e9:26:ac brd ff:ff:ff:ff:ff:ff permaddr 00:0c:29:e9:26:b6
altname enp27s0
altname ens256
altname enx000c29e926b6
6: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:0c:29:e9:26:ac brd ff:ff:ff:ff:ff:ff
inet6 fe80::8507:9b54:8a8a:7b61/64 scope link noprefixroute
valid_lft forever preferred_lft forever
我们的eth1和eth2都没有IP地址!,因为我们还没有给他们IP地址!!
[root@R101 ~]# nmcli con modify bond0-eth1 ipv4.method manual connection.autoconnect yes ipv4.addresses 192.168.88.101/24
Error: invalid or not allowed setting 'ipv4': port connections cannot have IP configuration.
# 我刚开始试着去给bond0-eth1子接口一个IP地址,其实最后才发现,压根不对!!
=================================
绑定接口 (bond0):这是逻辑上的虚拟网卡,所有网络流量通过这个接口进出,IP地址、网关、DNS等都应该配置在这个接口上。
绑定端口 (bond0-eth1):这是物理网卡(如 eth1)在绑定中的角色,它只是绑定接口的一个“通道”,不需要也不应该配置任何IP信息
=================================
'不应该给bond0-eth1它IP地址,应该给bond0IP地址的!'
[root@R101 system-connections]# nmcli con modify bond0 ipv4.method manual connection.autoconnect yes ipv4.addresses 192.168.88.101/24
'给bond-0一个IP地址!!'
[root@R101 system-connections]# ip a
3: eth1: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc fq_codel master bond0 state UP group default qlen 1000
link/ether 00:0c:29:e9:26:ac brd ff:ff:ff:ff:ff:ff
'eth1的mac地址: 00:0c:29:e9:26:ac'
4: eth2: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc fq_codel master bond0 state UP group default qlen 1000
link/ether 00:0c:29:e9:26:ac brd ff:ff:ff:ff:ff:ff permaddr 00:0c:29:e9:26:b6
'eth2的mac地址: 00:0c:29:e9:26:ac'
===✅️真实的mac地址: 00:0c:29:e9:26:b6===
13: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:0c:29:e9:26:ac brd ff:ff:ff:ff:ff:ff
inet 192.168.88.101/24 brd 192.168.88.255 scope global noprefixroute bond0
'bond0的mac地址: 00:0c:29:e9:26:ac'
你可以把 Bond 接口想象成一个团队,而物理网卡是团队里的成员
他们只认准团队的“统一招牌”(Bond 接口的 MAC 地址)
统一的工作地址 (link/ether):
bond0: 00:0c:29:e9:26:ac
eth1: 00:0c:29:e9:26:ac
eth2: 00:0c:29:e9:26:ac
结论:三者完全一致,说明 eth1 eth2 已经成功成为了 bond0 的“小弟”,对外统一使用这个 MAC 地址收发数据
⚠️物理网卡的真实身份 (permaddr):
注意看 eth2 的输出中有一项:permaddr 00:0c:29:e9:26:b6
这个才是eth2的真实的mac地址!被隐藏了!

测试#

Terminal window
[root@R101 system-connections]# cat /proc/net/bonding/bond0
Ethernet Channel Bonding Driver: v6.12.0-124.8.1.el10_1.x86_64
Bonding Mode: fault-tolerance (active-backup)
Primary Slave: None
Currently Active Slave: eth1
'主备活跃的接口是eth1'
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0
Peer Notification Delay (ms): 0
Slave Interface: eth1
MII Status: up
Speed: 10000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:e9:26:ac
Slave queue ID: 0
Slave Interface: eth2
MII Status: up
Speed: 10000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:e9:26:b6
Slave queue ID: 0
'ping测试!'
[root@R102 ~]# ping 192.168.88.101
PING 192.168.88.101 (192.168.88.101) 56(84) bytes of data.
64 bytes from 192.168.88.101: icmp_seq=1 ttl=64 time=0.601 ms
64 bytes from 192.168.88.101: icmp_seq=2 ttl=64 time=0.279 ms
[root@R102 ~]# arp -n
192.168.88.101 ether 00:0c:29:e9:26:ac
# 它现在对外呈现的mac是ac也就是eth1的mac地址!
[root@R101 ~]# nmcli con down bond0-eth1
# 来到服务端,把eth1关闭,
[root@R102 ~]# ping -c2 -W1 192.168.88.101
PING 192.168.88.101 (192.168.88.101) 56(84) bytes of data.
'100%丢包,ping不通了!'
--- 192.168.88.101 ping statistics ---
2 packets transmitted, 0 received, 100% packet loss
[root@R101 ~]# ip a
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:e9:26:ac brd ff:ff:ff:ff:ff:ff
4: eth2: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc fq_codel master bond0 state UP group default qlen 1000
link/ether 00:0c:29:e9:26:ac brd ff:ff:ff:ff:ff:ff permaddr 00:0c:29:e9:26:b6
13: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:0c:29:e9:26:ac brd ff:ff:ff:ff:ff:ff
inet 192.168.88.101/24 brd 192.168.88.255 scope global noprefixroute bond0
"这个bond0对外呈现的是eht1的mac地址,但是eth1已经被down掉了!"
所以ping不通!!
[root@R101 ~]# nmcli con up bond0
# 重新up一下!
eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:e9:26:ac brd ff:ff:ff:ff:ff:ff
altname enp11s0
altname ens192
altname enx000c29e926ac
4: eth2: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc fq_codel master bond0 state UP group default qlen 1000
link/ether 00:0c:29:e9:26:b6 brd ff:ff:ff:ff:ff:ff
altname enp27s0
altname ens256
altname enx000c29e926b6
13: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:0c:29:e9:26:b6 brd ff:ff:ff:ff:ff:ff
inet 192.168.88.101/24 brd 192.168.88.255 scope global noprefixroute bond0
'bond网卡的mac地址已经变为了eth2的mac地址!!'
[root@R102 ~]# ping -c2 -W1 192.168.88.101
PING 192.168.88.101 (192.168.88.101) 56(84) bytes of data.
64 bytes from 192.168.88.101: icmp_seq=1 ttl=64 time=0.288 ms
64 bytes from 192.168.88.101: icmp_seq=2 ttl=64 time=0.242 ms
'这样就ping通了!'
[root@R102 ~]# arp -n
192.168.88.101 ether 00:0c:29:e9:26:b6
# mac地址表也发生了改变!
Terminal window
那么如何避免了!!
nmcli con mod bond0 bond.options "mode=active-backup,primary=eth1,fail_over_mac=active"
# 主备模式
primary: 手动指定活跃的网卡!
fail_over_mac: 故障切换时的 MAC 地址策略
# 默认情况:Bond 接口的 MAC 地址通常固定不变
fail_over_mac=active:Bond 接口的 MAC 地址会跟随当前活跃的物理网卡
也就是说,如果主网卡是 eth1,Bond MAC 就等于 eth1 MAC;
如果切换到了 eth2,Bond MAC 就会变成 eth2 MAC
=================================
[root@R101 ~]# nmcli con mod bond0 bond.options "mode=active-backup,primary=eth1,fail_over_mac=active"
[root@R101 ~]# nmcli con up bond0
[root@R101 ~]# nmcli con up bond0-eth1
[root@R101 ~]# nmcli con up bond0-eth2
[root@R101 ~]# ip a
3: eth1: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc fq_codel master bond0 state UP group default qlen 1000
link/ether '00:0c:29:e9:26:ac' brd ff:ff:ff:ff:ff:ff
4: eth2: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc fq_codel master bond0 state UP group default qlen 1000
link/ether '00:0c:29:e9:26:b6' brd ff:ff:ff:ff:ff:ff
13: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether '00:0c:29:e9:26:ac' brd ff:ff:ff:ff:ff:ff
inet 192.168.88.101/24 brd 192.168.88.255 scope global noprefixroute bond0
'现在没有统一对外显示一致的mac地址!'
[root@R101 ~]# cat /proc/net/bonding/bond0
Ethernet Channel Bonding Driver: v6.12.0-124.8.1.el10_1.x86_64
Bonding Mode: fault-tolerance (active-backup) (fail_over_mac active)✅️
Primary Slave: eth1 (primary_reselect always)✅️
Currently Active Slave: eth1
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0
Peer Notification Delay (ms): 0
Slave Interface: eth1
MII Status: up
Speed: 10000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:e9:26:ac
Slave queue ID: 0
Slave Interface: eth2
MII Status: up
Speed: 10000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:e9:26:b6
Slave queue ID: 0
Terminal window
[root@R102 ~]# ping -c2 -W1 192.168.88.101
PING 192.168.88.101 (192.168.88.101) 56(84) bytes of data.
64 bytes from 192.168.88.101: icmp_seq=1 ttl=64 time=0.364 ms
64 bytes from 192.168.88.101: icmp_seq=2 ttl=64 time=0.316 ms
[root@R102 ~]# arp -n
192.168.88.101 ether 00:0c:29:e9:26:ac
=================================
[root@R101 ~]# nmcli con down bond0-eth1
即使eth1挂了,也可以ping通
=================================
[root@R102 ~]# ping -c2 -W1 192.168.88.101
PING 192.168.88.101 (192.168.88.101) 56(84) bytes of data.
64 bytes from 192.168.88.101: icmp_seq=1 ttl=64 time=0.307 ms
64 bytes from 192.168.88.101: icmp_seq=2 ttl=64 time=0.254 ms
[root@R102 ~]# arp -n
192.168.88.101 ether 00:0c:29:e9:26:b6
# mac地址也会发生相应的切换!!

网桥配置#

image-20260312091554386
image-20260312091554386

  • VMware 运行 Rocky Linux 虚拟机

  • 在这个 Rocky Linux 虚拟机内部:

    • 运行了一个 KVM 虚拟机(即:在虚拟机里再开一个虚拟机,属于“嵌套虚拟化”)
    • KVM 虚拟机通过 网桥(Bridge) 连接到 ens224 网卡
    • ens224 是 Rocky Linux 虚拟机的网络接口,是 VMware 分配给它的虚拟网卡
    • 网桥 是 Rocky Linux 中的一个虚拟交换设备,用于连接 KVM 虚拟机与 ens224

总结

网桥就是虚拟交换机,KVM 虚拟机通过它上网,而 ens224 只负责转发,网络由网桥统一管理

Terminal window
# 创建网桥
使用ens224作为网桥的接口,可以先删除之前的bond0和slave接口配置!
[root@R39 ~]# nmcli con delete bond0
Connection 'bond0' (029240d2-0248-4aca-9168-7a1879c64e21) successfully deleted.
[root@R39 ~]# nmcli con delete bond-ens224
Connection 'bond-ens224' (59178a23-45e3-4b24-894b-93225c5b85f8) successfully deleted.
[root@R39 ~]# nmcli con delete bond-ens256
Connection 'bond-ens256' (22889ff1-cf31-4bf5-89e1-8479aa3a34cd) successfully deleted.
# 把这些都给删除了!
[root@R39 ~]# nmcli con show
NAME UUID TYPE DEVICE
ens160 7ca842f6-eea7-3c7d-a423-4a26177e6ec0 ethernet ens160
lo b4a55905-3862-4dd1-8e9b-0ea7a2b49c2a loopback lo
# 只剩这两个!
(1)创建网桥br0:
[root@R39 ~]# nmcli con add type bridge ifname br0 con-name br0
Connection 'br0' (c57f4a54-dd3d-4d75-9df4-8a944babf1a6) successfully added.
[root@R39 ~]# nmcli con add type ethernet ifname ens224 con-name br0-ens224 port-type bridge controller br0
Connection 'br0-ens224' (e97e3210-8c22-4000-84fc-9948b1fa5b3a) successfully added.
----------------------------
旧版写法: nmcli connection add type bridge-slave ifname ens224 master br0
----------------------------
[root@R39 ~]# nmcli con up br0
Connection successfully activated (controller waiting for ports) (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/8)
[root@R39 ~]# nmcli con show
NAME UUID TYPE DEVICE
ens160 7ca842f6-eea7-3c7d-a423-4a26177e6ec0 ethernet ens160
br0 c57f4a54-dd3d-4d75-9df4-8a944babf1a6 bridge br0
br0-ens224 e97e3210-8c22-4000-84fc-9948b1fa5b3a ethernet ens224
lo b4a55905-3862-4dd1-8e9b-0ea7a2b49c2a loopback lo
# 刚开始颜色不太对!等一会他就自动起来了!
# 我们没有固定网桥的IP地址,可以给它静态的IP地址!
nmcli connection modify br0 ipv4.method manual connection.autoconnect yes ipv4.addresses xxx
-----------------------------------
[root@R39 ~]# ip a show br0
6: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:0c:29:32:84:54 brd ff:ff:ff:ff:ff:ff
inet 192.168.179.152/24 brd 192.168.179.255 scope global dynamic noprefixroute br0
valid_lft 1362sec preferred_lft 1362sec
inet6 fe80::482f:eff5:db4d:36e8/64 scope link noprefixroute
valid_lft forever preferred_lft forever
'br0是有IP地址的,但是ens224是没有ip地址的!'
'br0的IP地址是ens224仅主机自动分配的IP地址!'
[root@R39 ~]# ip a s ens224
4: ens224: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master br0 state UP group default qlen 1000
link/ether 00:0c:29:32:84:54 brd ff:ff:ff:ff:ff:ff
altname enp19s0
altname enx000c29328454

综合实验#

✅ 目标拓扑结构

Terminal window
br0 (bridge)
└── bond0 (bond)
├── ens224 (ethernet slave)
└── ens256 (ethernet slave)
  • 我先还原老师图形化的操作过程!

🙉 命令行 我迟迟实现不了!!!br0-bond的网络类型有问题!

Terminal window
[root@R39 ~]# nmcli device status
DEVICE TYPE STATE CONNECTION
ens160 ethernet connected ens160
lo loopback connected (externally) lo
ens224 ethernet disconnected --
ens256 ethernet disconnected --
'现在是两张网卡!'

image-20260312094409195
image-20260312094409195

image-20260312094533372
image-20260312094533372

image-20260312094730416
image-20260312094730416

image-20260312094857445
image-20260312094857445

image-20260312095010358
image-20260312095010358

image-20260312095049332
image-20260312095049332

image-20260312095116982
image-20260312095116982

image-20260312095356597
image-20260312095356597

Terminal window
[root@R39 ~]# nmcli connection show
NAME UUID TYPE DEVICE
br0 fffe619d-9cf8-4af4-83c6-09b538c02967 bridge br0
bond0-ens224 590a1e39-7d71-4416-a8d6-383c38b32e24 ethernet ens224
bond0-ens256 de9b35fb-fdb4-4bd5-ac39-6d5f96baf57b ethernet ens256
br0-bond0 66cb5165-0d7e-479f-8867-d803953eb301 bond bond0
'有用的就这4个'
[root@R39 ~]# ll /etc/NetworkManager/system-connections/
total 20
-rw------- 1 root root 181 Mar 12 09:51 bond0-ens224.nmconnection
-rw------- 1 root root 181 Mar 12 09:51 bond0-ens256.nmconnection
-rw------- 1 root root 201 Mar 12 09:51 br0-bond0.nmconnection
-rw------- 1 root root 193 Mar 12 09:51 br0.nmconnection
# 对应四个配置文件!
[root@R39 system-connections]# cat bond0-ens224.nmconnection
'bond0的slave接口'
[connection]
id=bond0-ens224
uuid=590a1e39-7d71-4416-a8d6-383c38b32e24
type=ethernet
controller=bond0
interface-name=ens224
port-type=bond
[ethernet]
mac-address=00:0C:29:32:84:54
'没什么特别的,就是多了个mac地址而已!'
[root@R39 system-connections]# cat bond0-ens256.nmconnection
# 和上面一样!
'平平无奇'
# 只不过多了两个设置,controller,port-type
[connection]
id=bond0-ens256
uuid=de9b35fb-fdb4-4bd5-ac39-6d5f96baf57b
type=ethernet
controller=bond0
interface-name=ens256
port-type=bond
[ethernet]
mac-address=00:0C:29:32:84:4A
[root@R39 system-connections]# cat br0.nmconnection
# 网桥的配置!
'和我们上面单独配置的网桥没什么特别的地方!'
[connection]
id=br0
uuid=fffe619d-9cf8-4af4-83c6-09b538c02967
type=bridge
interface-name=br0
[ethernet]
[bridge]
[ipv4]
method=auto
[ipv6]
addr-gen-mode=stable-privacy
method=auto
[proxy]
[root@R39 system-connections]# cat br0-bond0.nmconnection
# 抓重点,多了controller=br0,port-type=bridge
[connection]
id=br0-bond0
uuid=66cb5165-0d7e-479f-8867-d803953eb301
type=bond
controller=br0
# 被br0控制
interface-name=bond0
port-type=bridge
# 类型是bridge
[bond]
downdelay=0
miimon=1
mode=balance-rr
updelay=0
# 这些是bond的一些设置
[bridge-port]

命令行实现#

Terminal window
上面的配置文件看起来也没什么呀!
用命令再试一试!
[root@R39 ~]# nmcli device status
DEVICE TYPE STATE CONNECTION
ens160 ethernet connected ens160
lo loopback connected (externally) lo
ens224 ethernet disconnected --
ens256 ethernet disconnected --
[root@R39 ~]# nmcli con add type bond ifname bond0 con-name bond0
Connection 'bond0' (396a1a14-d6ef-46a1-ac74-da5267a585d1) successfully added.
[root@R39 ~]# nmcli con add type ethernet ifname ens224 con-name bond0-ens224 port-type bond controller bond0
Connection 'bond0-ens224' (f0f69164-5037-4372-9b2d-6b5793431d59) successfully added.
[root@R39 ~]# nmcli con add type ethernet ifname ens256 con-name bond0-ens256 port-type bond controller bond0
Connection 'bond0-ens256' (4512ead3-803e-44db-b077-744d74beb0c4) successfully added.
[root@R39 ~]# nmcli con sho
NAME UUID TYPE DEVICE
ens160 7ca842f6-eea7-3c7d-a423-4a26177e6ec0 ethernet ens160
bond0 396a1a14-d6ef-46a1-ac74-da5267a585d1 bond bond0
bond0-ens224 f0f69164-5037-4372-9b2d-6b5793431d59 ethernet ens224
bond0-ens256 4512ead3-803e-44db-b077-744d74beb0c4 ethernet ens256
lo b4a55905-3862-4dd1-8e9b-0ea7a2b49c2a loopback lo
[root@R39 ~]# ip a s bond0
5: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:0c:29:32:84:54 brd ff:ff:ff:ff:ff:ff
inet 172.31.31.25/24 brd 172.31.31.255 scope global dynamic noprefixroute bond0
valid_lft 86393sec preferred_lft 86393sec
inet6 fe80::d37c:a4c5:1acb:cfcc/64 scope link noprefixroute
valid_lft forever preferred_lft forever
------------------------------------
# 一直到这和上面创建bond一模一样!!
------------------------------------
[root@R39 ~]# nmcli con add type bridge ifname br0 con-name br0
Connection 'br0' (17ae3943-eedb-46fb-b32c-634c79291fea) successfully added.
[root@R39 ~]# nmcli con add type bond ifname bond0 con-name br0-bond0 port-type bridge controller br0
Connection 'br0-bond0' (f9e0803a-664a-4b32-be25-c2c5dac22e1f) successfully added.
------------------------------------
主要就是这个命令,必须手动指定类型是bond,老版的命令有问题,大家AI出来的:
nmcli con add type bridge-slave con-name br0-port-bond0 ifname bond0 master br0
[root@R39 ~]# nmcli con show | grep br0-port-bond0
br0-port-bond0 c7f1d20a-5989-4c7e-8c44-d59a63a6906a ethernet --
'它的网络类型是Ethernet'
# 它是错的❌️!!!
------------------------------------
[root@R39 ~]# nmcli con show
NAME UUID TYPE DEVICE
ens160 7ca842f6-eea7-3c7d-a423-4a26177e6ec0 ethernet ens160
bond0 396a1a14-d6ef-46a1-ac74-da5267a585d1 bond bond0
bond0-ens224 f0f69164-5037-4372-9b2d-6b5793431d59 ethernet ens224
bond0-ens256 4512ead3-803e-44db-b077-744d74beb0c4 ethernet ens256
br0 17ae3943-eedb-46fb-b32c-634c79291fea bridge br0
lo b4a55905-3862-4dd1-8e9b-0ea7a2b49c2a loopback lo
br0-bond0 f9e0803a-664a-4b32-be25-c2c5dac22e1f bond --
[root@R39 ~]# nmcli con up br0-bond0
Connection successfully activated (controller waiting for ports) (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/10)
[root@R39 ~]# nmcli con show
NAME UUID TYPE DEVICE
ens160 7ca842f6-eea7-3c7d-a423-4a26177e6ec0 ethernet ens160
bond0-ens224 f0f69164-5037-4372-9b2d-6b5793431d59 ethernet ens224
bond0-ens256 4512ead3-803e-44db-b077-744d74beb0c4 ethernet ens256
br0-bond0 f9e0803a-664a-4b32-be25-c2c5dac22e1f bond bond0
br0 17ae3943-eedb-46fb-b32c-634c79291fea bridge br0
lo b4a55905-3862-4dd1-8e9b-0ea7a2b49c2a loopback lo
bond0 396a1a14-d6ef-46a1-ac74-da5267a585d1 bond --
'等会就都变绿了!!!'

文章分享

如果这篇文章对你有帮助,欢迎分享给更多人!

nmcli&&bond接口绑定
https://www.kpyun.fun/posts/basics/extension/extension03/
作者
久棹
发布于
2025-09-09
许可协议
CC BY-NC-SA 4.0
Profile Image of the Author
久棹
只要胆子大,天天寒暑假!
公告
欢迎来到久棹的技术小站!本站专注 Linux 运维学习笔记分享,如有问题欢迎交流探讨 🎉
分类
标签
站点统计
文章
98
分类
11
标签
203
总字数
244,453
运行时长
0
最后活动
0 天前
站点信息
构建平台
Local
博客版本
Firefly v6.13.5
文章许可
CC BY-NC-SA 4.0

文章目录