一、keepalived
1.1 简介:
Keepalived 是基于 VRRP(虚拟路由冗余协议) 实现的高可用(HA) 集群管理软件,主要用于解决单点故障问题。
1.2 作用:
(1) 它通过构建主备冗余节点架构,对外提供VIP(虚拟 IP 地址) 作为统一访问入口,并支持对后端服务或节点的健康状态检测。
(2) 当主节点或对应服务失效时,Keepalived 可实现秒级故障自动切换,将 VIP 漂移至备用节点,保障业务连续性与高可用性。
(3) 常与 LVS、HAProxy、Nginx 等负载均衡组件配合,构建高可用、高可靠的四层 / 七层负载均衡集群。
二、keepalived 的环境部署
2.1 实验环境
|-----------|----------------------------------------------|------|
| 主机名 | IP | 角色 |
| KA1 | eth0:192.168.198.50 模式:NAT | 调度器1 |
| KA2 | eth0:192.168.198.60 模式:NAT | 调度器2 |
| webserve1 | 192.168.248.10 模式:host-only wg:192.168.248.2 | 服务器1 |
| webserve2 | 192.168.248.20 模式:host-only wg:192.168.248.2 | 服务器1 |
| client | 192.168.198.10 模式:host-only | 客户端 |
2.2 环境配置
2.2.1 KA1的环境配置
bash
[root@KA1 ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:6d:7f:2b brd ff:ff:ff:ff:ff:ff
altname enp3s0
altname ens160
inet 192.168.198.50/24 brd 192.168.198.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe6d:7f2b/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@KA1 ~]# cat > /etc/hosts << EOF
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.198.50 KA1
192.168.198.60 KA2
192.168.248.10 web1
192.168.248.20 web2
EOF
[root@KA1 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.198.50 KA1
192.168.198.60 KA2
192.168.248.10 web1
192.168.248.20 web2
[root@KA1 ~]# vim /etc/chrony.conf
26 allow 0.0.0.0/0
27
28 # Serve time even if not synchronized to a time source.
29 local stratum 10
[root@KA1 ~]# systemctl restart chronyd
[root@KA1 ~]# systemctl enable --now chronyd2.2.2 KA2的环境配置
bash
[root@KA2 ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:f6:15:27 brd ff:ff:ff:ff:ff:ff
altname enp3s0
altname ens160
inet 192.168.198.60/24 brd 192.168.198.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fef6:1527/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@KA2 ~]# cat > /etc/hosts << EOF
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.198.50 KA1
192.168.198.60 KA2
192.168.248.10 web1
192.168.248.20 web2
EOF
[root@KA2 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.198.50 KA1
192.168.198.60 KA2
192.168.248.10 web1
192.168.248.20 web2
[root@KA2 ~]# vim /etc/chrony.conf
3 pool 192.168.198.50 iburst
[root@KA2 ~]# systemctl restart chronyd
[root@KA2 ~]# systemctl enable --now chronyd2.2.3 web1的环境配置
bash
[root@web1 ~]# ip ad
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:f2:dc:c4 brd ff:ff:ff:ff:ff:ff
altname enp3s0
altname ens160
inet 192.168.248.10/24 brd 192.168.248.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fef2:dcc4/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@web1 ~]# dnf install httpd -y
[root@web1 ~]# echo RS1 - 192.168.248.10 > /var/www/html/index.html
[root@web1 ~]# cat > /etc/hosts << EOF
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.198.50 KA1
192.168.198.60 KA2
192.168.248.10 web1
192.168.248.20 web2
EOF
[root@web1 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.198.50 KA1
192.168.198.60 KA2
192.168.248.10 web1
192.168.248.20 web22.2.4 web2的环境配置
bash
[root@web2 ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:ad:be:2c brd ff:ff:ff:ff:ff:ff
altname enp3s0
altname ens160
inet 192.168.248.20/24 brd 192.168.248.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fead:be2c/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@web2 ~]# cat > /etc/hosts << EOF
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.198.50 KA1
192.168.198.60 KA2
192.168.248.10 web1
192.168.248.20 web2
EOF
[root@web2 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.198.50 KA1
192.168.198.60 KA2
192.168.248.10 web1
192.168.248.20 web2测试:
查看KA2的时间是否与KA1同步
bash
[root@KA2 ~]# chronyc sources -v
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current best, '+' = combined, '-' = not combined,
| / 'x' = may be in error, '~' = too variable, '?' = unusable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* KA1 3 6 17 56 -225us[ -328us] +/- 38ms注意
时间同步:保证 VRRP 协议判断一致,防止脑裂、保证切换正常。
域名解析:keepalived 启动、健康检查需要解析配置中的主机名。
三、Keepalived 的子配置文件设定
3.1 简介
Keepalived 支持通过 include 指令将主配置文件拆分为多个子配置文件,便于维护和协作,实现模块化管,避免单一配置文件过于臃肿。主配置文件通过 include 指令引入子配置目录,Keepalived 启动时会自动合并所有子配置。
3.2 keepalived 文件配置
bash
[root@KA1 ~]# vim /etc/keepalived/keepalived.conf
3 global_defs {
4 notification_email {
5 3305275485@qq.com
6 }
7 notification_email_from 3305275485@qq.com
8 smtp_server 127.0.0.1
9 smtp_connect_timeout 30
10 router_id KA1
11 vrrp_skip_check_adv_addr
12 #vrrp_strict
13 vrrp_garp_interval 1
14 vrrp_gna_interval 1
15 vrrp_mcast_group4 224.0.0.44
16 }
17 include /etc/keepalived/conf.d/*.conf
[root@KA1 ~]# mkdir /etc/keepalived/conf.d -p
[root@KA1 ~]# vim /etc/keepalived/conf.d/webvip.conf
1 vrrp_instance WEB_VIP {
2 state MASTER
3 interface eth0
4 virtual_router_id 51
5 priority 100
6 advert_int 1
7 authentication {
8 auth_type PASS
9 auth_pass 1111
10 }
11 virtual_ipaddress {
12 192.168.248.100/24 dev eth0 label eth0:0
13 }
14 }3.2.1 通知邮件相关配置
notification_email:指定接收告警邮件的地址,当主备切换、服务异常时,Keepalived 会发邮件到这个地址。
notification_email_from:指定发件人邮箱地址,用于邮件头部。
smtp_server:指定发送邮件的 SMTP 服务器,这里用的是本地 127.0.0.1(即本机 Postfix 或 Sendmail 等服务)。
smtp_connect_timeout:SMTP 连接超时时间,单位是秒,这里设为 30 秒。
3.2.2 路由器ID配置
router_id:当前 Keepalived 节点的唯一标识,在同一个 VRRP 组内不能重复,用于日志和状态区分,这里是 KA1。
3.2.3 VRRP 相关配置
vrrp_skip_check_adv_addr:跳过对 VRRP 通告报文源地址的检查,避免某些网络场景下误判通告来源。
vrrp_garp_interval 1:免费 ARP(GARP)发送间隔,单位为秒,这里是 1 秒。用于向网络宣告虚拟 IP 的 MAC 地址更新,保证其他设备能及时更新 ARP 表。
vrrp_gna_interval 1:免费 NA(GNA,IPv6 下的邻居宣告)发送间隔,单位为秒,这里是 1 秒,作用和 GARP 类似,针对 IPv6 环境。
vrrp_mcast_group4 224.0.0.44:指定 VRRP 协议使用的IPv4 多播组地址,默认是 224.0.0.18,这里改成了 224.0.0.44,用于节点间发送 VRRP 通告报文。
3.2.4 web_vip 基础定义
vrrp_instance:定义一个 VRRP 实例,WEB_VIP 是该实例的自定义名称(可自定义,用于标识业务)。
3.2.5 节点角色与网络
state MASTER:当前节点的初始角色为主节点(备节点应设为 BACKUP),主节点优先级更高时会抢占 VIP。
interface eth0:指定 VRRP 报文在 eth0 网卡上传输,需与实际网卡名一致。
virtual_router_id 51:VRRP 组的唯一标识,同一组内所有节点必须相同(范围 1-255),用于区分不同 VRRP 组。
3.2.6 优先级与通告
priority 100:节点优先级,范围 1-254,主节点优先级应高于备节点(如备节点设为 90),优先级高者成为 Master。
advert_int 1:VRRP 通告报文的发送间隔,单位为秒,同一组内节点必须一致,用于节点间心跳检测
3.2.7 认证配置
auth_type PASS:使用密码认证(另一种是 AH 认证,较少用),防止非法节点加入 VRRP 组。
auth_pass 1111:认证密码,同一组内所有节点必须相同,最多 8 个字符
3.2.8 虚拟ip配置
192.168.248.100/24:对外提供服务的虚拟 IP(VIP),主节点故障时会自动漂移到备节点。
dev eth0:指定 VIP 绑定在 eth0 网卡上。
label eth0:0:给 VIP 分配网卡别名,便于在系统中查看(如 ip addr 可看到 eth0:0)。
注意:设置子配置时在主配置文件中把相应的配置文件删除,否则会出现配置文件参数冲突。
3.3 测试
检查子配置文件是否报错,重启keepalived 后 虚拟ip 在eth0上是否挂载成功
bash
[root@KA1 ~]# keepalived -t -f /etc/keepalived/conf.d/webvip.conf
[root@KA1 ~]# systemctl restart keepalived.service
[root@KA1 ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:6d:7f:2b brd ff:ff:ff:ff:ff:ff
altname enp3s0
altname ens160
inet 192.168.198.50/24 brd 192.168.198.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet 192.168.248.100/24 scope global eth0:0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe6d:7f2b/64 scope link noprefixroute
valid_lft forever preferred_lft forever四、Keepalived虚拟路由配置
4.1 简介
Keepalived 的虚拟路由核心是基于 VRRP(虚拟路由冗余协议) 实现的高可用,目的是让多个物理节点对外表现为一个统一的虚拟 IP(VIP),当主节点故障时,备节点能自动接管 VIP,保证服务不中断。
4.2 keepalived 主文件配置
在KA1中的配置
bash
[root@KA1 ~]# vim /etc/keepalived/keepalived.conf
3 global_defs {
4 notification_email {
5 3305275485@qq.com
6 }
7 notification_email_from 3305275485@qq.com
8 smtp_server 127.0.0.1
9 smtp_connect_timeout 30
10 router_id KA1
11 vrrp_skip_check_adv_addr
12 #vrrp_strict
13 vrrp_garp_interval 1
14 vrrp_gna_interval 1
15 vrrp_mcast_group4 224.0.0.44
16 }
18 vrrp_instance WEB_VIP {
19 state MASTER
20 interface eth0
21 virtual_router_id 51
22 priority 100
23 advert_int 1
24 authentication {
25 auth_type PASS
26 auth_pass 1111
27 }
28 virtual_ipaddress{
29 192.168.248.100/24 dev eth0 label eth0:0
30 }
31 }
[root@KA1 ~]# systemctl restart keepalived.service在KA2中的配置
bash
[root@KA2 ~]# vim /etc/keepalived/keepalived.conf
1 ! Configuration File for keepalived
2
3 global_defs {
4 notification_email {
5 3305275485@qq.com
6 }
7 notification_email_from 3305275485@qq.com
8 smtp_server 127.0.0.1
9 smtp_connect_timeout 30
10 router_id KA2
11 vrrp_skip_check_adv_addr
12 #vrrp_strict
13 vrrp_garp_interval 1
14 vrrp_gna_interval 1
15 vrrp_mcast_group4 224.0.0.44
16 }
18 vrrp_instance WEB_VIP {
19 state BACKUP
20 interface eth0
21 virtual_router_id 51
22 priority 80
23 advert_int 1
24 authentication {
25 auth_type PASS
26 auth_pass 1111
27 }
28 virtual_ipaddress {
29 192.168.248.100 dev eth0 label eth0:0
30 }
31 }
[root@KA2 ~]# systemctl restart keepalived.service4.3 测试
bash
[root@KA1 ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:6d:7f:2b brd ff:ff:ff:ff:ff:ff
altname enp3s0
altname ens160
inet 192.168.198.50/24 brd 192.168.198.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet 192.168.248.100/24 scope global eth0:0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe6d:7f2b/64 scope link noprefixroute
valid_lft forever preferred_lft forever此时vip在KA1中,关闭KA1 keepalived 服务观察 VIP是否便偏移到KA2
bash
[root@KA2 ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:f6:15:27 brd ff:ff:ff:ff:ff:ff
altname enp3s0
altname ens160
inet 192.168.198.60/24 brd 192.168.198.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet 192.168.248.100/32 scope global eth0:0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fef6:1527/64 scope link noprefixroute
valid_lft forever preferred_lft forever开启KA1 keepalived服务观察 VIP 是否回到 KA1
bash
[root@KA1 ~]# systemctl restart keepalived.service
[root@KA1 ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:6d:7f:2b brd ff:ff:ff:ff:ff:ff
altname enp3s0
altname ens160
inet 192.168.198.50/24 brd 192.168.198.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet 192.168.248.100/24 scope global eth0:0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe6d:7f2b/64 scope link noprefixroute
valid_lft forever preferred_lft forever五、Keepalived日志分离
5.1 简介:
默认情况下。keepalived的日志会被保存在/var/log/messages文件中,这个文件中除了含有keepalived的日志外,还有其他服务的日志信息,这样不利于对于keepalived的日志进行查看。
5.2 开启日志
修改 keepalived 配置文件和 rsyslog 日志配置文件
bash
[root@KA1 log]# vim /etc/sysconfig/keepalived
14 KEEPALIVED_OPTIONS="-D -S 6"
[root@KA1 log]# systemctl restart keepalived.service
[root@KA1 log]# vim /etc/rsyslog.conf
68 local6.* /var/log/keepalived.log
[root@KA1 log]# systemctl restart rsyslog.service-D:开启调试模式,输出更详细的日志(便于排错)
-S 6:指定日志使用 local6 设施(facility) 输出,这是 syslog 中自定义的日志分类,方便后续单独收集
local6.*:匹配所有来自 local6 设施的日志(即 Keepalived 输出的日志)
/var/log/keepalived.log:将匹配到的日志单独写入这个文件,而不是默认的 /var/log/messages
5.3 测试
重启 keepalived 服务查看 /var/log/ m目录下是否生成日志 keepalived
bash
[root@KA1 log]# systemctl restart keepalived.service
[root@KA1 log]# ls keepalived.log
keepalived.log六、抢占模式
6.1 简介:
6.1.1 抢占模式
(1 )核心逻辑:
谁的优先级更高,VIP 就归谁持有。
(2) 适用场景:
主节点性能更强,希望它恢复后立刻接管服务。
对主节点身份有强绑定需求的场景(比如主节点承载额外业务)。
6.1.2 非抢占模式
(1)核心逻辑:
只要当前持有 VIP 的节点 VRRP 通告正常,就不会发生 VIP 迁移,即使有更高优先级的节点上线。
(2)适用场景:
避免频繁切换 VIP 导致服务抖动(比如数据库、存储类业务对切换敏感)。
希望保持服务稳定性,优先保证当前 Master 持续提供服务。
6.1.3 延迟抢占模式
(1)核心逻辑:
是抢占模式的优化版:高优先级节点上线 / 恢复后,不会立即抢占 VIP,而是等待一段预设时间(延迟时间),确认自身状态稳定后再发起抢占。
过滤掉短暂的节点 / 网络异常(如重启、闪断),避免不必要的 VIP 切换。
(2) 适用场景:
主节点重启后,需要等待依赖服务(如数据库、应用)完全启动,再接管 VIP。
网络环境不稳定,存在短暂丢包 / 抖动,防止误判导致频繁切换。
对服务连续性要求高的业务(如金融、支付),在保证主节点优先的同时,减少切换带来的短暂不可用。
6.2 开启非抢占模式的配置
在KA2上配置
bash
[root@KA1 log]# vim /etc/keepalived/keepalived.conf
18 vrrp_instance WEB_VIP {
19 state BACKUP
20 interface eth0
21 virtual_router_id 51
22 nopreempt
23 priority 100
24 advert_int 1
25 authentication {
26 auth_type PASS
27 auth_pass 1111
28 }
29 virtual_ipaddress{
30 192.168.248.100/24 dev eth0 label eth0:0
31 }
32 }
[root@KA1 log]# [root@KA1 log]# systemctl restart keepalived.service
[root@KA1 log]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:6d:7f:2b brd ff:ff:ff:ff:ff:ff
altname enp3s0
altname ens160
inet 192.168.198.50/24 brd 192.168.198.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet 192.168.248.100/24 scope global eth0:0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe6d:7f2b/64 scope link noprefixroute
valid_lft forever preferred_lft forevernopreempt:开启非抢占模式
在KA2上配置
bash
[root@KA2 ~]# vim /etc/keepalived/keepalived.conf
18 vrrp_instance WEB_VIP {
19 state BACKUP
20 interface eth0
21 virtual_router_id 51
22 nooreempt
23 priority 80
24 advert_int 1
25 authentication {
26 auth_type PASS
27 auth_pass 1111
28 }
29 virtual_ipaddress {
30 192.168.248.100 dev eth0 label eth0:0
31 }
32 }
[root@KA2 ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:f6:15:27 brd ff:ff:ff:ff:ff:ff
altname enp3s0
altname ens160
inet 192.168.198.60/24 brd 192.168.198.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fef6:1527/64 scope link noprefixroute
valid_lft forever preferred_lft forever6.3 测试,关闭KA1 观察 VIP 是否偏移
bash
[root@KA1 log]# systemctl stop keepalived.service
[root@KA1 log]# ip ad
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:6d:7f:2b brd ff:ff:ff:ff:ff:ff
altname enp3s0
altname ens160
inet 192.168.198.50/24 brd 192.168.198.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe6d:7f2b/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@KA2 ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:f6:15:27 brd ff:ff:ff:ff:ff:ff
altname enp3s0
altname ens160
inet 192.168.198.60/24 brd 192.168.198.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet 192.168.248.100/32 scope global eth0:0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fef6:1527/64 scope link noprefixroute
valid_lft forever preferred_lft forever重启KA1 keepalived 服务观察VIP 是否偏移回来
bash
[root@KA1 log]# systemctl restart keepalived.service
[root@KA1 log]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:6d:7f:2b brd ff:ff:ff:ff:ff:ff
altname enp3s0
altname ens160
inet 192.168.198.50/24 brd 192.168.198.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe6d:7f2b/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@KA2 ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:f6:15:27 brd ff:ff:ff:ff:ff:ff
altname enp3s0
altname ens160
inet 192.168.198.60/24 brd 192.168.198.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet 192.168.248.100/32 scope global eth0:0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fef6:1527/64 scope link noprefixroute
valid_lft forever preferred_lft forever关闭 KA2 服务观察 VIP 是否偏移到 KA1 上
bash
[root@KA2 ~]# systemctl stop keepalived.service
[root@KA1 log]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:6d:7f:2b brd ff:ff:ff:ff:ff:ff
altname enp3s0
altname ens160
inet 192.168.198.50/24 brd 192.168.198.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet 192.168.248.100/24 scope global eth0:0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe6d:7f2b/64 scope link noprefixroute
valid_lft forever preferred_lft forever6.4 开启延迟抢占模式配置
在KA1 中配置
bash
[root@KA1 log]# vim /etc/keepalived/keepalived.conf
18 vrrp_instance WEB_VIP {
19 state BACKUP
20 interface eth0
21 virtual_router_id 51
22 priority 100
23 preempt_delay 10
24 advert_int 1
25 authentication {
26 auth_type PASS
27 auth_pass 1111
28 }
[root@KA1 log]# systemctl restart keepalived.service在KA2中配置
bash
[root@KA2 ~]# vim /etc/keepalived/keepalived.conf
18 vrrp_instance WEB_VIP {
19 state BACKUP
20 interface eth0
21 virtual_router_id 51
22 preempt_delay 10
23 priority 80
24 advert_int 1
25 authentication {
26 auth_type PASS
27 auth_pass 1111
28 }
[root@KA2 ~]# systemctl restart keepalived.service6.4 测试
关闭KA1 keepalived服务,再开启keep alived 服务,查看 VIP 偏移过程
总结:
呈现的效果,当KA1 keepalived 服务关闭时,KA2 优先级比 KA1 低,会立刻抢占VIP,当KA1 keepalived 服务开启时, KA1 会延迟十秒再抢占 VIP
这里有个易错点:只有优先级高的才有权力抢占优先级低的 master ,优先级低的只能被动等待优先级高的故障时才接管VIP,所以当关闭KA1 的服务时,KA2 立即获得VIP,当KA1 服务开启时,KA1 等待10秒后才抢占 master。
七、单播模式
7.1 简介
Keepalived 默认使用 多播(multicast) 发送 VRRP 通告报文,但在部分网络环境(如多播被禁用、跨网段部署)中,需要切换为单播模式(unicast),直接向指定对端节点发送 VRRP 报文。
特点:
(1) 解决多播限制:在云环境(如阿里云、AWS)、部分物理交换机或跨网段场景中,多播地址(224.0.0.18)可能被封禁,单播模式可保证 VRRP 通信正常。
(2) 精准通信:直接向指定的备节点 IP 发送通告,避免多播扩散带来的网络开销,提升安全性和稳定性。
(3) 兼容复杂网络:支持跨网段部署主备节点,不再受限于同一广播域
7.2 开启单播模式
在KA1 中
bash
[root@KA1 log]# vim /etc/keepalived/keepalived.conf
13 vrrp_garp_interval 1
14 vrrp_gna_interval 1
15 #vrrp_mcast_group4 224.0.0.44
16 }
17
18 vrrp_instance WEB_VIP {
19 state BACKUP
20 interface eth0
21 virtual_router_id 51
23 priority 100
24 advert_int 1
25 unicast_src_ip 192.168.248.50
26 unicast_peer {
27 192.168.248.60
28 }
[root@KA1 log]# systemctl restart keepalived.service#vrrp_mcast_group4 224.0.0.44:关闭组播
unicast_src_ip 172.25.254.60:指定单播源地址,通常是本机IP
unicast_peer { 172.25.254.50 } :#指定单播接收地址
在KA2 中
bash
[root@KA2 ~]# vim /etc/keepalived/keepalived.conf
15 #vrrp_mcast_group4 224.0.0.44
16 }
17
18 vrrp_instance WEB_VIP {
19 state MASTER
20 interface eth0
21 virtual_router_id 51
23 priority 80
24 advert_int 1
25 unicast_src_ip 192.168.248.60
26 unicast_peer {
27 192.168.248.50
28 }
[root@KA2 ~]# systemctl restart keepalived.service7.3 测试
关闭KA1 的keepalived 服务,观察 VIP的偏移
开启 KA1 的keepalived 服务
8、Keepalived业务vip迁移告警
8.1 简介
Keepalived 支持在 VIP 发生主备切换(迁移) 时,通过脚本或邮件向运维人员发送告警,及时感知服务高可用状态变化。
作用:
实时感知故障: 当主节点宕机、网络故障或手动切换时,VIP 漂移到备节点,立刻触发告警,让运维人员第一时间发现问题。
业务连续性保障: 避免 VIP 迁移后无人知晓,导致后续问题排查滞后,保障业务持续可用。
**可扩展通知:**支持邮件、企业微信、钉钉、短信等多种通知方式,适配不同运维场景。
8.2 开启 keepalived 业务vip迁移警告
8.2.1 安装邮件代理
bash
[root@KA1 ~]# dnf install s-nail postfix -y
[root@KA1 ~]# systemctl start postfix.service
bash
[root@KA2 ~]# dnf install s-nail postfix -y
[root@KA2 ~]# systemctl start postfix.service8.2.2 配置mailcap文件
给KA1 配置
bash
[root@KA1 ~]# vim /etc/mailcap
15 set smtp=smtp.com
16 set smtp-auth=login
17 set smtp-auth-user=3305275485@qq.com
18 set smtp-auth-password=pqnigeilnddydbba
19 set from=3305275485@qq.com
20 set ssl-verify=ignoreset smtp=:指定 SMTP 服务器地址
set smtp-auth=login:设置 SMTP 认证方式 ,login 是最常用的用户名 / 密码登录认证
set smtp-auth-user=:认证用的发件人邮箱账号
set smtp-auth-password=:认证用的密码 / 授权码
set from=:邮件的发件人地址 ,显示在邮件头的 From 字段
set ssl-verify=ignore:忽略 SSL 证书验证,避免因证书问题导致发件失败(测试环境常用,生产环境建议开启验证)
给KA2 配置
8.3 测试
使用邮件工具给自己发送邮件
bash
[root@KA1 ~]# echo hello | mailx -s test
[root@KA1 ~]# mailq
-Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
3137FC0910D8* 321 Thu Mar 19 20:11:38 root@KA1.localdomain
3305275485@qq.com
-- 0 Kbytes in 1 Request.查看自己的邮箱是否收到邮件
8.4 设定keepalived告警脚本
KA1和KA2都要做
bash
[root@KA1 ~]# vim /etc/keepalived/scripts/waring.sh
[root@KA1 ~]# chmod +x /etc/keepalived/scripts/waring.sh
[root@KA1 ~]# /etc/keepalived/scripts/waring.sh master
1 #!/bin/bash
2 mail_dest='3305275485@qq.com'
3 #inet_protocols = ipv4
4 mail_send()
5 {
6 mail_subj="$HOSTNAME to be $1 vip 转移"
7 mail_mess="`date +%F\ %T`: vrrp 转移,$HOSTNAME 变为 $1"
8 echo "$mail_mess" | mail -s "$mail_subj" $mail_dest
9 }
10 case $1 in
11 master)
12 mail_send master
13 ;;
14 backup)
15 mail_send backup
16 ;;
17 fault)
18 mail_send fault
19 ;;
20 *)
21 exit 1
22 ;;
23 esac测试:
bash
[root@KA1 ~]# /etc/keepalived/scripts/waring.sh master
bash
[root@KA2 ~]# /etc/keepalived/scripts/waring.sh master
8.5 配置keepalived告警
修改/etc/keepalived/keepalived.conf 文件信息
bash
[root@KA1 ~]# vim /etc/keepalived/keepalived.conf
3 global_defs {
4 notification_email {
5 3305275485@qq.com
6 }
7 notification_email_from 3305275485@qq.com
8 smtp_server 127.0.0.1
9 smtp_connect_timeout 30
10 router_id KA1
11 vrrp_skip_check_adv_addr
12 #vrrp_strict
13 vrrp_garp_interval 1
14 vrrp_gna_interval 1
15 vrrp_mcast_group4 224.0.0.44
16 enable_script_security
17 script_user root
18 }
20 vrrp_instance WEB_VIP {
21 state MASTER
22 interface eth0
23 virtual_router_id 51
24 priority 100
25 advert_int 1
26 authentication {
27 auth_type PASS
28 auth_pass 1111
29 }
30 virtual_ipaddress{
31 192.168.248.100/24 dev eth0 label eth0:0
32 }
33 notify_master "/etc/keepalived/scripts/waring.sh master"
34 notify_backup "/etc/keepalived/scripts/waring.sh backup"
35 notify_fault "/etc/keepalived/scripts/waring.sh fault"
36 }
[root@KA1 ~]# systemctl restart keepalived.serviceenable_script_security: 启用脚本安全机制,对 notify/vrrp_script 等自定义脚本进行安全校验。
script_user root:指定所有自定义脚本(notify_script、vrrp_script 等)以 root 用户身份执行。
notify_master:当本节点晋升为 MASTER 时触发
notify_backup:当本节点晋升为 BACKUP 时触发
notify_fault:当本节点检测到故障,进入 FAULT 状态时触发
bash
[root@KA2 ~]# vim /etc/keepalived/keepalived.conf
3 global_defs {
4 notification_email {
5 3305275485@qq.com
6 }
7 notification_email_from 3305275485@qq.com
8 smtp_server 127.0.0.1
9 smtp_connect_timeout 30
10 router_id KA1
11 vrrp_skip_check_adv_addr
12 #vrrp_strict
13 vrrp_garp_interval 1
14 vrrp_gna_interval 1
15 vrrp_mcast_group4 224.0.0.44
16 enable_script_security
17 script_user root
18 }
20 vrrp_instance WEB_VIP {
21 state BACKUP
22 interface eth0
23 virtual_router_id 51
24 priority 80
25 advert_int 1
26 authentication {
27 auth_type PASS
28 auth_pass 1111
29 }
30 virtual_ipaddress {
31 192.168.248.100 dev eth0 label eth0:0
32 }
33 notify_master "/etc/keepalived/scripts/waring.sh master"
34 notify_backup "/etc/keepalived/scripts/waring.sh backup"
35 notify_fault "/etc/keepalived/scripts/waring.sh fault"
36 }
[root@KA2 ~]# systemctl restart keepalived.service测试:
关闭KA1 的keepalived 服务
bash
[root@KA1 ~]# systemctl stop keepalived.service
开启KA1的keepalived 服务
bash
[root@KA1 ~]# systemctl start keepalived.service
九、keepalived 双主模式
9.1 简介:
Keepalived 双主模式(Dual-Master Mode)是一种高可用架构,它能让两个节点同时对外提供服务,实现负载均衡 + 故障自动切换。
特点:
同时持有 VIP:两个节点都可以成为 MASTER,各自绑定不同的虚拟 IP(VIP),流量会被分担到两台机器上。
互为主备:节点 A 是 VIP1 的主节点,同时是 VIP2 的备节点,节点 B 是 VIP2 的主节点,同时是 VIP1 的备节点
故障自动切换:如果其中一台宕机,另一台会自动接管它的 VIP,保证服务不中断。
适用场景:
业务流量较大:需要两台机器分担请求,提升并发能力
多业务 / 多 VIP 场景:比如一个 VIP 给 Web 服务,另一个给数据库服务
资源利用率更高:避免主备模式下备机长期闲置
9.2 开启keepalived 的双主模式
KA1上设置
bash
[root@KA1 ~]# vim /etc/keepalived/keepalived.conf
20 vrrp_instance WEB_VIP {
21 state MASTER
22 interface eth0
23 virtual_router_id 51
24 priority 100
25 advert_int 1
26 authentication {
27 auth_type PASS
28 auth_pass 1111
29 }
30 virtual_ipaddress{
31 192.168.248.100/24 dev eth0 label eth0:0
32 }
33 #notify_master "/etc/keepalived/scripts/waring.sh master"
34 #notify_backup "/etc/keepalived/scripts/waring.sh backup"
35 #notify_fault "/etc/keepalived/scripts/waring.sh fault"
36 }
37
38 vrrp_instance DB_VIP {
39 state BACKUP
40 interface eth0
41 virtual_router_id 52
42 priority 80
43 advert_int 1
44 authentication {
45 auth_type PASS
46 auth_pass 1111
47 }
48 virtual_ipaddress {
49 192.168.248.200/24 dev eth0 label eth0:1
50 }
51 }
[root@KA1 ~]# systemctl restart keepalived.serviceKA2上设置
bash
[root@KA2 ~]# vim /etc/keepalived/keepalived.conf
20 vrrp_instance WEB_VIP {
21 state BACKUP
22 interface eth0
23 virtual_router_id 51
24 priority 80
25 advert_int 1
26 authentication {
27 auth_type PASS
28 auth_pass 1111
29 }
30 virtual_ipaddress {
31 192.168.248.100 dev eth0 label eth0:0
32 }
33 }
34
35 vrrp_instance DB_VIP {
36 state MASTER
37 interface eth0
38 virtual_router_id 52
39 priority 100
40 advert_int 1
41 authentication {
42 auth_type PASS
43 auth_pass 1111
44 }
45 virtual_ipaddress {
46 192.168.248.200/24 dev eth0 label eth0:1
47 }
[root@KA2 ~]# systemctl restart keepalived.service测试,查看IP
bash
[root@KA1 ~]# ip ad
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:6d:7f:2b brd ff:ff:ff:ff:ff:ff
altname enp3s0
altname ens160
inet 192.168.198.50/24 brd 192.168.198.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet 192.168.248.100/24 scope global eth0:0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe6d:7f2b/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@KA2 ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:f6:15:27 brd ff:ff:ff:ff:ff:ff
altname enp3s0
altname ens160
inet 192.168.198.60/24 brd 192.168.198.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet 192.168.248.200/24 scope global eth0:1
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fef6:1527/64 scope link noprefixroute
valid_lft forever preferred_lft forever关闭KA1 的keepalived 服务 再查看ip
bash
[root@KA1 ~]# systemctl stop keepalived.service
[root@KA1 ~]# ip ad
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:6d:7f:2b brd ff:ff:ff:ff:ff:ff
altname enp3s0
altname ens160
inet 192.168.198.50/24 brd 192.168.198.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe6d:7f2b/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@KA2 ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:f6:15:27 brd ff:ff:ff:ff:ff:ff
altname enp3s0
altname ens160
inet 192.168.198.60/24 brd 192.168.198.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet 192.168.248.200/24 scope global eth0:1
valid_lft forever preferred_lft forever
inet 192.168.248.100/32 scope global eth0:0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fef6:1527/64 scope link noprefixroute
valid_lft forever preferred_lft forever再打开KA1 keepalived 服务查看 ip
bash
[root@KA1 ~]# systemctl restart keepalived.service
[root@KA1 ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:6d:7f:2b brd ff:ff:ff:ff:ff:ff
altname enp3s0
altname ens160
inet 192.168.198.50/24 brd 192.168.198.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet 192.168.248.100/24 scope global eth0:0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe6d:7f2b/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@KA2 ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:f6:15:27 brd ff:ff:ff:ff:ff:ff
altname enp3s0
altname ens160
inet 192.168.198.60/24 brd 192.168.198.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet 192.168.248.200/24 scope global eth0:1
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fef6:1527/64 scope link noprefixroute
valid_lft forever preferred_lft forever