ip addr 操作ip时需要注意

在高可用,多线路及系统维护的特殊情况下,我们通常会通过”ip addr ” 这一命令来添加一个隐形IP在相应的设备上,但是当我们在一个设备上添加多个ip的时候,删除某个IP的时候尤其要注意,下面通过几个实例来说明,如下

root@localhost ~]# ip addr add 10.1.1.230/24 dev eth0
[root@localhost ~]# ip addr add 10.1.1.231/24 dev eth0
[root@localhost ~]# ip addr show
1: lo: mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:19:b9:ef:44:8b brd ff:ff:ff:ff:ff:ff
    inet 172.16.0.230/24 brd 172.16.0.255 scope global eth0
    inet 10.1.1.230/24 scope global eth0
    inet 10.1.1.231/24 scope global secondary eth0
    inet6 fe80::219:b9ff:feef:448b/64 scope link
       valid_lft forever preferred_lft forever
3: eth1: mtu 1500 qdisc noop qlen 1000
    link/ether 00:19:b9:ef:44:8d brd ff:ff:ff:ff:ff:ff
4: sit0: mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0
[root@localhost ~]#

当删除10.1.1.230时,10.1.1.231 同时被删除,如下

[root@localhost ~]# ip addr del 10.1.1.230/24 dev eth0
[root@localhost ~]# ip addr show
1: lo: mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:19:b9:ef:44:8b brd ff:ff:ff:ff:ff:ff
    inet 172.16.0.230/24 brd 172.16.0.255 scope global eth0
    inet6 fe80::219:b9ff:feef:448b/64 scope link
       valid_lft forever preferred_lft forever
3: eth1: mtu 1500 qdisc noop qlen 1000
    link/ether 00:19:b9:ef:44:8d brd ff:ff:ff:ff:ff:ff
4: sit0: mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0
[root@localhost ~]#


[root@localhost ~]# ip addr add 10.1.1.230/24 dev eth0
[root@localhost ~]# ip addr add 10.1.1.231/24 dev eth0
[root@localhost ~]# ip addr show
1: lo: mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:19:b9:ef:44:8b brd ff:ff:ff:ff:ff:ff
    inet 172.16.0.230/24 brd 172.16.0.255 scope global eth0
    inet 10.1.1.230/24 scope global eth0
    inet 10.1.1.231/24 scope global secondary eth0
    inet6 fe80::219:b9ff:feef:448b/64 scope link
       valid_lft forever preferred_lft forever
3: eth1: mtu 1500 qdisc noop qlen 1000
    link/ether 00:19:b9:ef:44:8d brd ff:ff:ff:ff:ff:ff
4: sit0: mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0

当删除 10.1.1.231时,10.1.1.230 还在

[root@localhost ~]# ip addr del 10.1.1.231/24 dev eth0  
[root@localhost ~]# ip addr show
1: lo: mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:19:b9:ef:44:8b brd ff:ff:ff:ff:ff:ff
    inet 172.16.0.230/24 brd 172.16.0.255 scope global eth0
    inet 10.1.1.230/24 scope global eth0
    inet6 fe80::219:b9ff:feef:448b/64 scope link
       valid_lft forever preferred_lft forever
3: eth1: mtu 1500 qdisc noop qlen 1000
    link/ether 00:19:b9:ef:44:8d brd ff:ff:ff:ff:ff:ff
4: sit0: mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0
[root@localhost ~]#

通过上面我们可以发现,如果删除的时候不小心仔细,可能会酿成悲剧,造成损失。那到底这一现象是怎么产生的呢?

原因是,在linux中只要在一个网卡上配置的ip是同一个网段的,那么它有Primary IP和Secondary address的区分,反之只要不是同一个网段的ip那么都是Primary IP;primary 和secondary 的关系就是一条链上的吊链结构中上面的那条主链中的IP就是Primary IP,Secondary address是主链结点的子链结点中的IP,一 旦主链上一个节点被删除了,那么它的子链也将不复存在,随之被删除.

要解决这疑问,可以通过调整一个参数来实现,当一个primary地址被删除时,如果它有secondary地址的话,那么它的第一个secondary地址(长子)继承被删除的primary地址的位置成为primary地址,这样就显得很合理了,要不然在删除 primary地址的时候,如果有程序用secondary地址,那么要么延迟删除,要么程序崩溃;起做法如下:

通过/proc可以配置一个选项,在当前Primary地址被删除时可以将Secondary地址提升为Primary地址,具体命令为 :

/sbin/sysctl net.ipv4.conf.eth0.promote_secondaries=1

设置重启后仍然生效的方法:

echo "net.ipv4.conf.eth0.promote_secondaries=1" >>/etc/sysctl.conf

请看下列实例,删除了先前的 scope global 10.1.1.230,inet 10.1.1.232/24 scope global 被提升了

[root@localhost ~]# ip addr del 10.1.1.230/24 dev eth0
[root@localhost ~]# ip addr show
1: lo: mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:19:b9:ef:44:8b brd ff:ff:ff:ff:ff:ff
    inet 172.16.0.230/24 brd 172.16.0.255 scope global eth0
    inet 10.1.1.232/24 scope global eth0
    inet6 fe80::219:b9ff:feef:448b/64 scope link
       valid_lft forever preferred_lft forever
3: eth1: mtu 1500 qdisc noop qlen 1000
    link/ether 00:19:b9:ef:44:8d brd ff:ff:ff:ff:ff:ff
4: sit0: mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0

你可能感兴趣的:(Linux)