CentOS7 网络管理与配置
在linux下的网络管理大概可以通过两种方式进行实现:命令和配置文件,大部分命令执行以后只能单次生效,而配置文件可以永久生效,根据场景的不同选择不同的方式进行管理。
ifconfig:
ifconfig [-a] interfer 查看当前系统处于活动状态接口
-a:显示所有接口,包括非活动状态。
[root@bogon yum.repos.d]# ifconfigeno16777736: flags=4163mtu 1500 inet 192.168.67.128 netmask 255.255.255.0 broadcast 192.168.67.255 inet6 fe80::20c:29ff:fe74:803f prefixlen 64 scopeid 0x20 ether 00:0c:29:74:80:3f txqueuelen 1000 (Ethernet) RX packets 7404 bytes 6161993 (5.8 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 1556 bytes 130066 (127.0 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eno16777736:网卡名称
flags:标志位
UP:网卡启用状态
BROADCAST:支持广播
RUNNING:正在运行中
MULTICAST:支持组播
mtu:最大传输单源,默认为1500
init: Ipv4地址
init6: Ipv6地址
txqueuelen:传输队列长度
RX packets:接受到报文数量
RX errors:接受时的错误的报文数量
dropped:丢包的报文数量
overruns:溢出的报文数量
frame:帧
修改网络配置:
[root@bogon ~]# ifconfig eno33554984 192.168.77.111/24 up[root@bogon ~]# ifconfig eno33554984 eno33554984: flags=4163mtu 1500 inet6 fe80::20c:29ff:fe74:8049 prefixlen 64 scopeid 0x20 ether 00:0c:29:74:80:49 txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 102 bytes 17988 (17.5 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
选项:
[-]promisc启动/关闭混杂模式
[-]allmulti 启动/关闭组播
up
down
route:
route 查看路由
[root@bogon ~]# routeKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Ifacedefault bogon 0.0.0.0 UG 100 0 0 eno16777736192.168.67.0 0.0.0.0 255.255.255.0 U 100 0 0 eno16777736
route -n
[root@bogon ~]# route -nKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface0.0.0.0 192.168.67.2 0.0.0.0 UG 100 0 0 eno16777736192.168.67.0 0.0.0.0 255.255.255.0 U 100 0 0 eno16777736
route add [-net|-host] target [gw GW] [dev]
-net:主机路由host,目标地址为单个IP
-host:网络路径net,目标地址为IP网络
[root@bogon ~]# routeKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Ifacedefault bogon 0.0.0.0 UG 100 0 0 eno16777736192.168.67.0 0.0.0.0 255.255.255.0 U 100 0 0 eno16777736[root@bogon ~]# route add -net 12.0.0.0/8 gw 192.168.67.2 dev eno16777736[root@bogon ~]# routeKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Ifacedefault bogon 0.0.0.0 UG 100 0 0 eno1677773612.0.0.0 bogon 255.0.0.0 UG 0 0 0 eno16777736192.168.67.0 0.0.0.0 255.255.255.0 U 100 0 0 eno16777736
[root@bogon ~]# route add -net 13.0.0.0 netmask 255.0.0.0 gw 192.168.67.4 dev eno16777736 [root@bogon ~]# routeKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Ifacedefault bogon 0.0.0.0 UG 100 0 0 eno1677773612.0.0.0 bogon 255.0.0.0 UG 0 0 0 eno1677773613.0.0.0 bogon 255.0.0.0 UG 0 0 0 eno16777736192.168.67.0 0.0.0.0 255.255.255.0 U 100 0 0 eno16777736
route del [-net|-host] TARGET gw GATEWAY [dev IFNAME]
[root@bogon ~]# route del -net 13.0.0.0 netmask 255.0.0.0 gw 192.168.67.4 dev eno16777736 [root@bogon ~]# routeKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Ifacedefault bogon 0.0.0.0 UG 100 0 0 eno1677773612.0.0.0 bogon 255.0.0.0 UG 0 0 0 eno16777736192.168.67.0 0.0.0.0 255.255.255.0 U 100 0 0 eno16777736
netstat 命令:显示网路连接,路由表,伪装链接,多播成员关系
[root@bogon ~]# netstatActive Internet connections (w/o servers)Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 bogon:ssh bogon:63059 ESTABLISHEDtcp 0 52 bogon:ssh bogon:54942 ESTABLISHED
netstat -r:显示内核路由表
netstat -n: 数字格式,不反解IP地址至主机名;
[root@bogon ~]# netstat -nActive Internet connections (w/o servers)Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 192.168.67.128:22 192.168.67.1:63059 ESTABLISHEDtcp 0 52 192.168.67.128:22 192.168.67.1:54942 ESTABLISHED
netstat -t:TCP协议的相关连接,链接均有其状态
[root@bogon ~]# netstat -tActive Internet connections (w/o servers)Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 bogon:ssh bogon:63059 ESTABLISHEDtcp 0 52 bogon:ssh bogon:54942 ESTABLISHED
netstat -u:udp协议的相关连接
[root@bogon ~]# netstat -uActive Internet connections (w/o servers)Proto Recv-Q Send-Q Local Address Foreign Address State
netstat -w:raw socket相关的链接
netstat -l:处于监听的链接
[root@bogon yum.repos.d]# netstat -lActive Internet connections (only servers)Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN tcp 0 0 localhost:ipp 0.0.0.0:* LISTEN tcp 0 0 localhost:smtp 0.0.0.0:* LISTEN
Proto 协议
Recv-Q 接受队列
Send-Q 发送队列
netstat -a:所有状态 (运行,监听)
netstat -n:以数字格式显示IP和Port
netstat -e:显示扩展格式
[root@bogon ~]# netstat -eActive Internet connections (w/o servers)Proto Recv-Q Send-Q Local Address Foreign Address State User Inode tcp 0 52 bogon:ssh bogon:56488 ESTABLISHED root
netstat -i 显示所有接口
[root@bogon ~]# netstat -iKernel Interface tableIface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flgeno16777 1500 300 0 0 0 137 0 0 0 BMRU
netstat -I
[root@bogon ~]# netstat -Ieno33554984Kernel Interface tableIface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flgeno33554 1500 0 0 0 0 140 0 0 0 BMRU
ifup /ifdown 打开、关闭网卡
[root@bogon network-scripts]# ifup eno33554984Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/21)[root@bogon network-scripts]# ifdown eno33554984Device 'eno33554984' successfully disconnected.
housname
CentOS6:
查看主机名:hostname
配置主机名:hostname HOSTNAME
通过修改配置文件配置文件:/etc/sysconfig/network 中 HOSTNAME=
[root@localhost ~]# vim /etc/sysconfig/networkNETWORKING=yesHOSTNAME=localhost.localdomain
CentOS7:
hostnamectl status:显示当前主机名设定:
[root@bogon ~]# hostnamectl status Static hostname: localhost.localdomainTransient hostname: bogon Icon name: computer-vm Chassis: vm Machine ID: 5428a4d5a4bb46b8a5d02ecc7d30d003 Boot ID: c86d23aa109846569cf578d31f2b25e5 Virtualization: vmware Operating System: CentOS Linux 7 (Core) CPE OS Name: cpe:/o:centos:centos:7 Kernel: Linux 3.10.0-327.el7.x86_64 Architecture: x86-64
hostnamectl set-hostname 设定主机名,永久有效;
Unknown operation set-lin[root@bogon ~]# hostnamectl set-hostname lin[root@bogon ~]# hostnamectl Static hostname: lin Icon name: computer-vm Chassis: vm Machine ID: 5428a4d5a4bb46b8a5d02ecc7d30d003 Boot ID: c86d23aa109846569cf578d31f2b25e5 Virtualization: vmware Operating System: CentOS Linux 7 (Core) CPE OS Name: cpe:/o:centos:centos:7 Kernel: Linux 3.10.0-327.el7.x86_64 Architecture: x86-64
ip:
ip link 网络设备配置
ip link set interface down
[root@bogon ~]# ip link set eno33554984 down[root@bogon ~]# ifconfigeno16777736: flags=4163mtu 1500 inet 192.168.67.128 netmask 255.255.255.0 broadcast 192.168.67.255 inet6 fe80::20c:29ff:fe74:803f prefixlen 64 scopeid 0x20 ether 00:0c:29:74:80:3f txqueuelen 1000 (Ethernet) RX packets 15526 bytes 1106373 (1.0 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 5354 bytes 933749 (911.8 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0lo: flags=73 mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10 loop txqueuelen 0 (Local Loopback) RX packets 12 bytes 1020 (1020.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 12 bytes 1020 (1020.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ip link set interface up
[root@bogon ~]# ifconfigeno16777736: flags=4163mtu 1500 inet 192.168.67.128 netmask 255.255.255.0 broadcast 192.168.67.255 inet6 fe80::20c:29ff:fe74:803f prefixlen 64 scopeid 0x20 ether 00:0c:29:74:80:3f txqueuelen 1000 (Ethernet) RX packets 15568 bytes 1109751 (1.0 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 5378 bytes 937177 (915.2 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0eno33554984: flags=4163 mtu 1500 ether 00:0c:29:74:80:49 txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 254 bytes 43248 (42.2 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ip link set interface multicast on 开启组播
ip link set interface multicastoff 关闭组播
[root@bogon network-scripts]# ip link set eno33554984 multicast off[root@bogon network-scripts]# ifconfig eno33554984eno33554984: flags=67mtu 1500 ether 00:0c:29:74:80:49 txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 254 bytes 43248 (42.2 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0[root@bogon network-scripts]# ip link set eno33554984 multicast on[root@bogon network-scripts]# ifconfig eno33554984eno33554984: flags=4163 mtu 1500 ether 00:0c:29:74:80:49 txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 254 bytes 43248 (42.2 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ip link set interface name NAME 更改设备名称
[root@bogon network-scripts]# ip link set eno33554984 name eth0[root@bogon network-scripts]# ifconfig eth0 eth0: flags=4098mtu 1500 ether 00:0c:29:74:80:49 txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 254 bytes 43248 (42.2 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ip link set interface mtu 设置MTU值,默认1500
root@bogon network-scripts]# ip link set eth0 mtu 1600[root@bogon network-scripts]# ifconfig eth0eth0: flags=4098mtu 1600 ether 00:0c:29:74:80:49 txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 254 bytes 43248 (42.2 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ip netns :创建指定的空间
ip netns list 累出所有的netns
ip netns add name 增加指定的netns
ip netns del name 删除指定的netns
ip netns exec NAME COMMAND指定的netns中运行命令
[root@bogon network-scripts]# ip netns list[root@bogon network-scripts]# ip netns add test[root@bogon network-scripts]# ip netns listtest[root@bogon network-scripts]# ip link set eth0 netns test[root@bogon network-scripts]# ifconfigeno16777736: flags=4163mtu 1500 inet 192.168.67.128 netmask 255.255.255.0 broadcast 192.168.67.255 inet6 fe80::20c:29ff:fe74:803f prefixlen 64 scopeid 0x20 ether 00:0c:29:74:80:3f txqueuelen 1000 (Ethernet) RX packets 18036 bytes 1295528 (1.2 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 6286 bytes 1033927 (1009.6 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0lo: flags=73 mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10 loop txqueuelen 0 (Local Loopback) RX packets 12 bytes 1020 (1020.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 12 bytes 1020 (1020.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0[root@bogon network-scripts]# ip netns del test[root@bogon network-scripts]# ifconfigeno16777736: flags=4163 mtu 1500 inet 192.168.67.128 netmask 255.255.255.0 broadcast 192.168.67.255 inet6 fe80::20c:29ff:fe74:803f prefixlen 64 scopeid 0x20 ether 00:0c:29:74:80:3f txqueuelen 1000 (Ethernet) RX packets 18104 bytes 1301156 (1.2 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 6323 bytes 1038797 (1014.4 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0eno33554984: flags=4163 mtu 1600 inet 192.168.66.123 netmask 255.255.255.0 broadcast 192.168.66.255 inet6 fe80::20c:29ff:fe74:8049 prefixlen 64 scopeid 0x20 ether 00:0c:29:74:80:49 txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 262 bytes 43868 (42.8 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ip addr:用来实现管理IP地址
ip addr add IP/MASK dev label
[root@lin ~]# ip addr add dev eth0 192.168.77.78/24 label eth0:1[root@lin ~]# ip addr add dev eth0 192.168.77.79/24 label eth0:2[root@lin ~]# ifconfigeno16777736: flags=4163mtu 1500 inet 192.168.67.128 netmask 255.255.255.0 broadcast 192.168.67.255 inet6 fe80::20c:29ff:fe74:803f prefixlen 64 scopeid 0x20 ether 00:0c:29:74:80:3f txqueuelen 1000 (Ethernet) RX packets 19978 bytes 1455021 (1.3 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 7267 bytes 1146820 (1.0 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0eth0: flags=4163 mtu 1600 inet 192.168.77.74 netmask 255.255.255.0 broadcast 0.0.0.0 ether 00:0c:29:74:80:49 txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 266 bytes 44112 (43.0 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0eth0:1: flags=4163 mtu 1600 inet 192.168.77.78 netmask 255.255.255.0 broadcast 0.0.0.0 ether 00:0c:29:74:80:49 txqueuelen 1000 (Ethernet)eth0:2: flags=4163 mtu 1600 inet 192.168.77.79 netmask 255.255.255.0 broadcast 0.0.0.0 ether 00:0c:29:74:80:49 txqueuelen 1000 (Ethernet)
ip addr delete 删
ip addr show 显示所有路由信息
[root@lin ~]# ip addr delete dev eth0 192.168.77.77/24[root@lin ~]# ifconfig eth0eth0: flags=4163mtu 1600 inet 192.168.77.74 netmask 255.255.255.0 broadcast 0.0.0.0 ether 00:0c:29:74:80:49 txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 266 bytes 44112 (43.0 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ip addr flush 清空所有
ip route
ip route option TPYE PREFIX via[GW] [dev IFACE] [src SOUCE]
ip route add 添加路由
[root@lin ~]# ip route add 10.0.0.0/8 via 192.168.67.1 [root@lin ~]# ip route showdefault via 192.168.67.2 dev eno16777736 proto static metric 100 10.0.0.0/8 via 192.168.67.1 dev eno16777736
ip route delete:删除路由
[root@lin ~]# ip route del 10.0.0.0/8 via 192.168.67.1[root@lin ~]# ip route showdefault via 192.168.67.2 dev eno16777736 proto static metric 100 192.168.67.0/24 dev eno16777736 proto kernel scope link src 192.168.67.128 metric 100 192.168.77.0/24 dev eth0 proto kernel scope link src 192.168.77.74
ip route get:获得路由嘻嘻
[root@lin ~]# ip route get 192.168.67.0broadcast 192.168.67.0 dev eno16777736 src 192.168.67.128 cache
ip route flush
ss
ss [options] [FILTER]
-t:TCP协议的相关连接
-u: UDP相关连接
-w: raw socket相关的链接
-l:监听状态的了解
-n:数字格式
-p:相关的程序及其PID
-e:扩展格式信息
-m:内存用量
[root@lin ~]# ss -tnlState Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 *:22 *:* LISTEN 0 128 127.0.0.1:631 *:*
-o:及其他信息
dport=目标端口
sport=源端口
示例:'( dport=:22 sport=:22 ) '
ss -tan '( dport=:22 or sport=:22 )'
ss -tan state ESTABLISHED
通过修改配置文件来配置网络属性:
IP/NETMASK/GW/DNS:
/etc/sysconfig/network-scripts/ifcfg-IFACE
IFACE:接口名称;
路由的相关配置文件:
/etc/sysconfig/network-scripts/route-IFACE
支持两种配置方式,但不可混用
(1)每行一个路由条目
TARGET via GW
(2)没三行一个路由条目
ADDRESS#=TARGER
NETWORK#=MASK
GATEWAY#=NEXT
配置DNS服务器指向:
配置文件: /etc/resolv.conf 最多有三个主机
nameserver DNS_SERVER_IP
如何测试:(host/nslookup/dig)
/etc/hosts
系统中ping命令是事显查看/etc/hosts文件中是否有IP和域名对应的,没有的话在查看resolv.conf,
因此测试的时候要跳开host文件
dig -t A 主机名 FQDN(www.baidu.com)
FQDN--> IP
dig -x IP
IP--> 主机名
nmcli
device:显示并且网络接口
nmcli device status
nmcli device connect
nmcli device disconnect
nmcli device show
connection:
nmcli connection show
nmcli connection up IFACE
nmcli connectionn down IFACE
nmcli connectionn modify IFACE [+|-]setting address vlue
setting:
ipv4.addresss
ipv4.gateway
ipv4.dns1
ipv4.method 配置方法
manual static?