比较 ifupdown2 命令与 ifupdown 命令

ifupdown2 是 Cumulus Linux 的网络接口管理器。它是 Cumulus Linux 和 Debian 中原始 ifupdown 的更新版本。本文演示了两者在配置接口方式上的差异。

查看所有 ifupdown2 配置关键字和选项

要确定可以为网桥设置或绑定设置配置哪些选项，请运行

ifquery --syntax-help

环回接口

ifupdown2 允许您在环回接口上配置 IP 地址

ifupdown ifupdown2

ifupdown	ifupdown2
`auto lo iface lo inet loopback auto lo:1 iface lo:1 inet static address 10.1.1.1/32 auto lo:2 iface lo:2 inet static address 10.2.2.2/32`	`auto lo iface lo inet loopback address 10.1.1.1/32 address 10.2.2.2/32`

auto lo
iface lo inet loopback
auto lo:1
iface lo:1 inet static
    address 10.1.1.1/32
auto lo:2
iface lo:2 inet static
   address 10.2.2.2/32

auto lo
iface lo inet loopback
   address 10.1.1.1/32
   address 10.2.2.2/32

Layer 2 接口 - 物理

在原始 ifupdown 中，当方法为 manual 时，您必须在配置中指定 up link set $IFACE up 和 down link set $IFACE down。ifupdown2 会自动为您执行此操作。

ifupdown	ifupdown2
`auto swp19 iface swp19 inet manual up link set $IFACE up down link set $IFACE down pre-up /sbin/ethtool -s $IFACE speed 1000`	`auto swp19 iface swp19 link-speed 1000`

以下是一些调试代码

sudo ifup -d swp19
DEBUG: args = Namespace(CLASS=None, all=False, debug=True, excludepats=None, force=False, iflist=['swp19'], jobs=-1, noact=False, nocache=False, perfmode=False, printdependency=None, quiet=False, verbose=False, withdepends=False)
DEBUG: creating ifupdown object ..
INFO: loading builtin modules from /usr/share/ifupdownaddons
INFO: looking for user scripts under /etc/network
INFO: loading scripts under /etc/network/if-pre-up.d ...
INFO: loading scripts under /etc/network/if-up.d ...
INFO: loading scripts under /etc/network/if-post-up.d ...
INFO: loading scripts under /etc/network/if-pre-down.d ...
INFO: loading scripts under /etc/network/if-down.d ...
INFO: loading scripts under /etc/network/if-post-down.d ...
DEBUG: reading interfaces file /etc/network/interfaces
WARNING: template engine mako not found. skip template parsing ..
DEBUG: populating dependency info for ['swp19']
DEBUG: run_without_dependents for ops ['pre-up', 'up', 'post-up'] for ['swp19']
DEBUG: swp19: pre-up : running module bridge
DEBUG: swp19: pre-up : running module mstpctl
DEBUG: swp19: pre-up : running module vlan
DEBUG: swp19: pre-up : running module address
DEBUG: swp19: pre-up : running module usercmds
DEBUG: running cmd 'ethtool -s swp19 speed 1000'
INFO: Executing ethtool -s swp19 speed 1000
DEBUG: swp19: pre-up : running script /etc/network/if-pre-up.d/ethtool
DEBUG: Executing /etc/network/if-pre-up.d/ethtool
DEBUG: swp19: up : running module dhcp
DEBUG: swp19: up : running module link
INFO: Executing ip link set dev swp19 up <===== Run for you now!
DEBUG: swp19: up : running script /etc/network/if-up.d/ethtool
DEBUG: Executing /etc/network/if-up.d/ethtool
DEBUG: swp19: up : running script /etc/network/if-up.d/ip
DEBUG: Executing /etc/network/if-up.d/ip
DEBUG: swp19: up : running script /etc/network/if-up.d/mountnfs
DEBUG: Executing /etc/network/if-up.d/mountnfs
DEBUG: swp19: up : running script /etc/network/if-up.d/openssh-server
DEBUG: Executing /etc/network/if-up.d/openssh-server
DEBUG: swp19: post-up : running module usercmds

Layer 2 接口 - Trunk

使用 ifupdown2，您无需定义子接口即可添加到 trunk。只需将其添加到网桥接口下即可。

请注意，该示例使用 bridge-ports 而不是 mstpctl-ports。

默认情况下，bridge-stp 开启快速生成树。

ifupdown ifupdown2

ifupdown	ifupdown2
`auto swp19 iface swp19 inet manual up link set $IFACE up down link set $IFACE down pre-up /sbin/ethtool -s $IFACE speed 1000 auto swp19.100 iface swp19.100 inet manual up link set $IFACE up down link set $IFACE down auto swp19.200 iface swp19.200 inet manual up link set $IFACE up down link set $IFACE down auto vlan100 iface vlan100 inet manual bridge_ports swp19.100 mstpctl_stp on` `auto vlan200 iface vlan200 inet manual mstpctl_ports swp19.200 mstpctl_stp on`	`auto swp19 iface swp19 link-speed 1000 auto vlan100 iface vlan100 bridge-ports swp19.100 bridge-stp on` `auto vlan200 iface vlan200 bridge-ports swp19.200 bridge-stp on`

auto swp19 iface swp19 inet manual up link set $IFACE up down link set $IFACE down pre-up /sbin/ethtool -s $IFACE speed 1000 auto swp19.100 iface swp19.100 inet manual up link set $IFACE up down link set $IFACE down auto swp19.200 iface swp19.200 inet manual up link set $IFACE up down link set $IFACE down auto vlan100 iface vlan100 inet manual bridge_ports swp19.100 mstpctl_stp on

auto vlan200 iface vlan200 inet manual mstpctl_ports swp19.200 mstpctl_stp on

auto swp19 iface swp19 link-speed 1000 auto vlan100 iface vlan100 bridge-ports swp19.100 bridge-stp on

auto vlan200 iface vlan200 bridge-ports swp19.200 bridge-stp on

Layer 2 绑定接口 - 带 Trunking

以下内容向您展示了如何在 ifupdown2 下配置带 trunking 的绑定。

ifupdown ifupdown2

ifupdown	ifupdown2
auto swp3 iface swp3 inet manual up link set $IFACE up down link set $IFACE down auto swp4 iface swp4 inet manual up link set $IFACE up down link set $IFACE down auto bond0 iface bond0 inet manual up link set $IFACE up down link set $IFACE down bond-slaves swp3 swp4 bond-miimon 100 bond-min-links 1 bond-mode 802.3ad bond-xmit-hash-policy layer3+4 bond-lacp-rate auto bond0.100 iface bond0.100 inet manual up link set $IFACE up down link set $IFACE down auto bond0.200 iface bond0.200 inet manual up link set $IFACE up down link set $IFACE down auto vlan100 iface vlan100 inet manual up link set $IFACE up down link set $IFACE down mstpctl_ports bond0.100 mstpctl_stp on `auto vlan200 iface vlan200 inet manual up link set $IFACE up down link set $IFACE down mstpctl_ports bond0.200 mstpctl_stp on`	`auto swp3 iface swp3 auto swp4 iface swp4 auto bond0 iface bond0 bond-slaves swp3 swp4 bond-miimon 100 bond-min-links 1 bond-mode 802.3ad bond-xmit-hash-policy layer3+4 bond-lacp-rate 1 auto vlan100 iface vlan100 bridge-ports bond0.100 bridge-stp on` `auto vlan200 iface vlan200 bridge-ports bond0.200 bridge-stp on`

auto swp3 iface swp3 inet manual up link set $IFACE up down link set $IFACE down auto swp4 iface swp4 inet manual up link set $IFACE up down link set $IFACE down auto bond0 iface bond0 inet manual up link set $IFACE up down link set $IFACE down bond-slaves swp3 swp4 bond-miimon 100 bond-min-links 1 bond-mode 802.3ad bond-xmit-hash-policy layer3+4 bond-lacp-rate auto bond0.100 iface bond0.100 inet manual up link set $IFACE up down link set $IFACE down auto bond0.200 iface bond0.200 inet manual up link set $IFACE up down link set $IFACE down auto vlan100 iface vlan100 inet manual up link set $IFACE up down link set $IFACE down mstpctl_ports bond0.100 mstpctl_stp on

auto vlan200 iface vlan200 inet manual up link set $IFACE up down link set $IFACE down mstpctl_ports bond0.200 mstpctl_stp on

auto swp3 iface swp3 auto swp4 iface swp4 auto bond0 iface bond0 bond-slaves swp3 swp4 bond-miimon 100 bond-min-links 1 bond-mode 802.3ad bond-xmit-hash-policy layer3+4 bond-lacp-rate 1 auto vlan100 iface vlan100 bridge-ports bond0.100 bridge-stp on

auto vlan200 iface vlan200 bridge-ports bond0.200 bridge-stp on

Layer 2 Trunk - 端口范围

glob 关键字取代了用于创建端口范围的正则表达式，因为它不需要在 /etc/network/interfaces 中提及接口。您可以在节中提及多个 glob 语句，以便您可以配置不连续的端口范围。

ifupdown ifupdown2

ifupdown	ifupdown2
auto swp3 iface swp3 inet manual up link set $IFACE up down link set $IFACE down auto swp3.100 iface swp3.100 inet manual up link set $IFACE up down link set $IFACE down auto swp4 iface swp4 inet manual up link set $IFACE up down link set $IFACE down auto swp4.100 iface swp4.100 inet manual up link set $IFACE up down link set $IFACE down auto swp12 iface swp12 inet manual up link set $IFACE up down link set $IFACE down auto swp12.100 iface swp12.100 inet manual up link set $IFACE up down link set $IFACE down auto swp21 iface swp21 inet manual up link set $IFACE up down link set $IFACE down auto swp21.100 iface swp21.100 inet manual up link set $IFACE up down link set $IFACE down auto swp22 iface swp22 inet manual up link set $IFACE up down link set $IFACE down auto swp22 iface swp22.100 inet manual up link set $IFACE up down link set $IFACE down `auto vlan100 iface vlan100 inet manual up link set $IFACE up down link set $IFACE down mstpctl_ports swp3.100 swp4.100 swp12.100 swp21.100 swp22.100 mstpctl_stp on`	`auto swp3 iface swp3 auto swp4 iface swp4 auto swp12 iface swp12 auto swp21 iface swp21 auto swp22 iface swp22` `auto vlan100 iface vlan100 bridge-ports glob swp3-4.100 swp12.100 swp21-22.100 bridge-stp on`

auto swp3 iface swp3 inet manual up link set $IFACE up down link set $IFACE down auto swp3.100 iface swp3.100 inet manual up link set $IFACE up down link set $IFACE down auto swp4 iface swp4 inet manual up link set $IFACE up down link set $IFACE down auto swp4.100 iface swp4.100 inet manual up link set $IFACE up down link set $IFACE down auto swp12 iface swp12 inet manual up link set $IFACE up down link set $IFACE down auto swp12.100 iface swp12.100 inet manual up link set $IFACE up down link set $IFACE down auto swp21 iface swp21 inet manual up link set $IFACE up down link set $IFACE down auto swp21.100 iface swp21.100 inet manual up link set $IFACE up down link set $IFACE down auto swp22 iface swp22 inet manual up link set $IFACE up down link set $IFACE down auto swp22 iface swp22.100 inet manual up link set $IFACE up down link set $IFACE down

auto vlan100 iface vlan100 inet manual up link set $IFACE up down link set $IFACE down mstpctl_ports swp3.100 swp4.100 swp12.100 swp21.100 swp22.100 mstpctl_stp on

auto swp3 iface swp3 auto swp4 iface swp4 auto swp12 iface swp12 auto swp21 iface swp21 auto swp22 iface swp22

auto vlan100 iface vlan100 bridge-ports glob swp3-4.100 swp12.100 swp21-22.100 bridge-stp on

IPv6 地址分配

ifupdown2 不需要在独立的 inet6 部分下配置 IPv6 地址。您可以在同一部分下完成所有接口配置。环回配置也是如此。

单个 IPv6 地址

ifupdown	ifupdown2
`auto swp1 iface swp1 inet6 manual address 2001:db8::1/64`	`auto swp1 iface swp1 address 2001:db8::1/64`

多个 IPv6 地址

ifupdown	ifupdown2
`auto swp1:1 iface swp1:1 inet6 manual address 2001:db8::1:1/64 auto swp1:2 iface swp1:2 inet6 manual address 2001:db8::2:2/64`	`auto swp1 iface swp1 address 2001:db8::1:1/64 address 2001:db8::2:2/64`

在端口上设置速度、双工和自动协商

ifupdown2 现在支持设置速度、双工和自动协商的关键字。

ifupdown ifupdown2

ifupdown	ifupdown2
`auto swp1 iface swp1 inet static address 10.1.1.1/24 mtu 9000 pre-up /sbin/ethtool -s $IFACE speed 1000 duplex half autoneg off up ip link set $IFACE up down ip link set $IFACE down`	`auto swp1 iface swp1 address 10.1.1.1/24 mtu 9000 link-speed 1000 link-duplex half link-autoneg off`

auto swp1
iface swp1 inet static
  address 10.1.1.1/24
  mtu 9000
  pre-up /sbin/ethtool -s $IFACE speed 1000 duplex half autoneg off
  up ip link set $IFACE up
  down ip link set $IFACE down

auto swp1
iface swp1
  address 10.1.1.1/24
  mtu 9000
  link-speed 1000
  link-duplex half
  link-autoneg off

设置端口描述

ifupdown2 允许您在环回接口上配置 IP 地址。

ifupdown ifupdown2

ifupdown	ifupdown2
`auto swp1 iface swp1 inet static address 10.1.1.1/24 post-up ip link set $IFACE alias customerA up ip link set $IFACE up down ip link set $IFACE down`	`auto swp1 iface swp1 address 10.1.1.1/24 alias customerA`

auto swp1
iface swp1 inet static
  address 10.1.1.1/24
  post-up ip link set $IFACE alias customerA
  up ip link set $IFACE up
  down ip link set $IFACE down

auto swp1
iface swp1
  address 10.1.1.1/24
  alias customerA

# ip link show swp1
3: swp1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT qlen 500
    link/ether 08:9e:01:ce:dc:c2 brd ff:ff:ff:ff:ff:ff
    alias customerA

使用 “source” 关键字将接口配置放置在 /etc/network/interfaces 之外的文件中

这对于自动化非常有用。此示例显示了 Ansible 如何使用 ifupdown2 将单个端口配置写入 /etc/network/ansible/ 目录中。

要查看所有配置，请运行 ifquery -a。

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

source /etc/network/ansible/*

# tree /etc/network/ansible
/etc/network/ansible
|-- swp1
|-- swp2
|-- swp3
`-- swp4
0 directories, 4 files
  
# ifquery -a
auto lo
iface lo inet loopback
    address 10.3.3.3/32
    address 10:3:3::3/128
auto eth0
iface eth0 inet dhcp
auto swp1
iface swp1
    link-speed 1000
auto swp2
iface swp2
    link-speed 1000
auto swp3
iface swp3
    link-speed 10000
auto swp4
iface swp4
    address 10.200.1.1/24

使用 Mako 创建默认配置

Mako 是一个模板引擎，您可以使用它来生成 /etc/network/interfaces 配置。使用它来生成默认配置。下面的示例显示了如何设置绑定的默认值。默认情况下，ifupdown2 读取 /etc/network/ifupdown2/templates 目录中的 Mako 文件。您可以在 /etc/network/ifupdown2/ifupdown2.conf 中更改此位置。要查看展开的配置，例如运行配置，请运行 ifquery bond0 或 ifquery -a。

ifupdown2 - /etc/network/interfaces ifupdown2 - /etc/network/mako/bond_defaults

ifupdown2 - /etc/network/interfaces	ifupdown2 - /etc/network/mako/bond_defaults
`iface lo inet loopback auto eth0 iface eth0 inet dhcp ### define name of default files and functions to use <%namespace file='bond_defaults' import='bond_defaults'/> auto swp1 iface swp1 alias bond0-member auto swp2 iface swp2 alias bond0-member` `auto bond0 iface bond0 bond-slaves swp1 swp2 ${bond_defaults()}`	`<%def name="bond_defaults()"> bond-miimon 100 bond-min-links 1 bond-mode 802.3ad bond-xmit-hash-policy layer3+4 bond-lacp-rate 1 </%def>`

iface lo inet loopback
auto eth0
iface eth0 inet dhcp
### define name of default files and functions to use
<%namespace file='bond_defaults' import='bond_defaults'/>
auto swp1
iface swp1
alias bond0-member
auto swp2
iface swp2
alias bond0-member
auto bond0
iface bond0
bond-slaves swp1 swp2
${bond_defaults()}

<%def name="bond_defaults()">
    bond-miimon 100 
    bond-min-links 1 
    bond-mode 802.3ad 
    bond-xmit-hash-policy layer3+4 
    bond-lacp-rate 1
</%def>

ifquery 输出

#sudo ifquery -a
 
auto lo
iface lo inet loopback
 
auto eth0
iface eth0 inet dhcp
 
auto swp1
iface swp1
 
auto swp2
iface swp2
 
auto bond0
iface bond0
        bond-slaves swp1 swp2
        bond-miimon 100
        bond-min-links 1
        bond-mode 802.3ad
        bond-xmit-hash-policy layer3+4
        bond-lacp-rate 1

另请参阅

使用 Mako 配置接口文件

比较 ifupdown2 命令与 ifupdown 命令

查看所有 ifupdown2 配置关键字和选项

环回接口

Layer 2 接口 - 物理

Layer 2 接口 - Trunk

Layer 2 绑定接口 - 带 Trunking

Layer 2 Trunk - 端口范围

IPv6 地址分配

单个 IPv6 地址

多个 IPv6 地址

在端口上设置速度、双工和自动协商

设置端口描述

使用 “source” 关键字将接口配置放置在 /etc/network/interfaces 之外的文件中

使用 Mako 创建默认配置

ifquery 输出

另请参阅

产品

解决方案

了解