千家信息网

CentOS7 网络管理与配置

发表于:2025-01-20 作者:千家信息网编辑
千家信息网最后更新 2025年01月20日,在linux下的网络管理大概可以通过两种方式进行实现:命令和配置文件,大部分命令执行以后只能单次生效,而配置文件可以永久生效,根据场景的不同选择不同的方式进行管理。ifconfig:ifconfig
千家信息网最后更新 2025年01月20日CentOS7 网络管理与配置

在linux下的网络管理大概可以通过两种方式进行实现:命令和配置文件,大部分命令执行以后只能单次生效,而配置文件可以永久生效,根据场景的不同选择不同的方式进行管理。


ifconfig:

ifconfig [-a] interfer 查看当前系统处于活动状态接口

-a:显示所有接口,包括非活动状态。

[root@bogon yum.repos.d]# ifconfigeno16777736: flags=4163  mtu 1500        inet 192.168.67.128  netmask 255.255.255.0  broadcast 192.168.67.255        inet6 fe80::20c:29ff:fe74:803f  prefixlen 64  scopeid 0x20        ether 00:0c:29:74:80:3f  txqueuelen 1000  (Ethernet)        RX packets 7404  bytes 6161993 (5.8 MiB)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 1556  bytes 130066 (127.0 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0


eno16777736:网卡名称

flags:标志位

UP:网卡启用状态
BROADCAST:支持广播

RUNNING:正在运行中

MULTICAST:支持组播

mtu:最大传输单源,默认为1500

init: Ipv4地址

init6: Ipv6地址

txqueuelen:传输队列长度

RX packets:接受到报文数量

RX errors:接受时的错误的报文数量

dropped:丢包的报文数量

overruns:溢出的报文数量

frame:帧


修改网络配置:

[root@bogon ~]# ifconfig eno33554984 192.168.77.111/24 up[root@bogon ~]# ifconfig eno33554984 eno33554984: flags=4163  mtu 1500        inet6 fe80::20c:29ff:fe74:8049  prefixlen 64  scopeid 0x20        ether 00:0c:29:74:80:49  txqueuelen 1000  (Ethernet)        RX packets 0  bytes 0 (0.0 B)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 102  bytes 17988 (17.5 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

选项:

[-]promisc启动/关闭混杂模式

[-]allmulti 启动/关闭组播

up

down


route:


route 查看路由

[root@bogon ~]# routeKernel IP routing tableDestination     Gateway         Genmask         Flags Metric Ref    Use Ifacedefault         bogon           0.0.0.0         UG    100    0        0 eno16777736192.168.67.0    0.0.0.0         255.255.255.0   U     100    0        0 eno16777736

route -n

[root@bogon ~]# route -nKernel IP routing tableDestination     Gateway         Genmask         Flags Metric Ref    Use Iface0.0.0.0         192.168.67.2    0.0.0.0         UG    100    0        0 eno16777736192.168.67.0    0.0.0.0         255.255.255.0   U     100    0        0 eno16777736


route add [-net|-host] target [gw GW] [dev]

-net:主机路由host,目标地址为单个IP

-host:网络路径net,目标地址为IP网络

[root@bogon ~]# routeKernel IP routing tableDestination     Gateway         Genmask         Flags Metric Ref    Use Ifacedefault         bogon           0.0.0.0         UG    100    0        0 eno16777736192.168.67.0    0.0.0.0         255.255.255.0   U     100    0        0 eno16777736[root@bogon ~]# route add -net 12.0.0.0/8 gw 192.168.67.2 dev eno16777736[root@bogon ~]# routeKernel IP routing tableDestination     Gateway         Genmask         Flags Metric Ref    Use Ifacedefault         bogon           0.0.0.0         UG    100    0        0 eno1677773612.0.0.0        bogon           255.0.0.0       UG    0      0        0 eno16777736192.168.67.0    0.0.0.0         255.255.255.0   U     100    0        0 eno16777736
[root@bogon ~]# route add -net 13.0.0.0 netmask 255.0.0.0 gw 192.168.67.4 dev eno16777736 [root@bogon ~]# routeKernel IP routing tableDestination     Gateway         Genmask         Flags Metric Ref    Use Ifacedefault         bogon           0.0.0.0         UG    100    0        0 eno1677773612.0.0.0        bogon           255.0.0.0       UG    0      0        0 eno1677773613.0.0.0        bogon           255.0.0.0       UG    0      0        0 eno16777736192.168.67.0    0.0.0.0         255.255.255.0   U     100    0        0 eno16777736


route del [-net|-host] TARGET gw GATEWAY [dev IFNAME]

[root@bogon ~]# route del -net 13.0.0.0 netmask 255.0.0.0 gw 192.168.67.4 dev eno16777736 [root@bogon ~]# routeKernel IP routing tableDestination     Gateway         Genmask         Flags Metric Ref    Use Ifacedefault         bogon           0.0.0.0         UG    100    0        0 eno1677773612.0.0.0        bogon           255.0.0.0       UG    0      0        0 eno16777736192.168.67.0    0.0.0.0         255.255.255.0   U     100    0        0 eno16777736


netstat 命令:显示网路连接,路由表,伪装链接,多播成员关系

[root@bogon ~]# netstatActive Internet connections (w/o servers)Proto Recv-Q Send-Q Local Address           Foreign Address         State      tcp        0      0 bogon:ssh               bogon:63059             ESTABLISHEDtcp        0     52 bogon:ssh               bogon:54942             ESTABLISHED

netstat -r:显示内核路由表

netstat -n: 数字格式,不反解IP地址至主机名;

[root@bogon ~]# netstat -nActive Internet connections (w/o servers)Proto Recv-Q Send-Q Local Address           Foreign Address         State      tcp        0      0 192.168.67.128:22       192.168.67.1:63059      ESTABLISHEDtcp        0     52 192.168.67.128:22       192.168.67.1:54942      ESTABLISHED

netstat -t:TCP协议的相关连接,链接均有其状态

[root@bogon ~]# netstat -tActive Internet connections (w/o servers)Proto Recv-Q Send-Q Local Address           Foreign Address         State      tcp        0      0 bogon:ssh               bogon:63059             ESTABLISHEDtcp        0     52 bogon:ssh               bogon:54942             ESTABLISHED

netstat -u:udp协议的相关连接

[root@bogon ~]# netstat -uActive Internet connections (w/o servers)Proto Recv-Q Send-Q Local Address           Foreign Address         State

netstat -w:raw socket相关的链接

netstat -l:处于监听的链接

[root@bogon yum.repos.d]# netstat -lActive Internet connections (only servers)Proto Recv-Q Send-Q Local Address           Foreign Address         State      tcp        0      0 0.0.0.0:ssh             0.0.0.0:*               LISTEN     tcp        0      0 localhost:ipp           0.0.0.0:*               LISTEN     tcp        0      0 localhost:smtp          0.0.0.0:*               LISTEN

Proto 协议

Recv-Q 接受队列

Send-Q 发送队列

netstat -a:所有状态 (运行,监听)

netstat -n:以数字格式显示IP和Port


netstat -e:显示扩展格式

[root@bogon ~]# netstat -eActive Internet connections (w/o servers)Proto Recv-Q Send-Q Local Address           Foreign Address         State       User       Inode     tcp        0     52 bogon:ssh               bogon:56488             ESTABLISHED root

netstat -i 显示所有接口

[root@bogon ~]# netstat -iKernel Interface tableIface      MTU    RX-OK RX-ERR RX-DRP RX-OVR    TX-OK TX-ERR TX-DRP TX-OVR Flgeno16777  1500      300      0      0 0           137      0      0      0 BMRU

netstat -I

[root@bogon ~]# netstat -Ieno33554984Kernel Interface tableIface      MTU    RX-OK RX-ERR RX-DRP RX-OVR    TX-OK TX-ERR TX-DRP TX-OVR Flgeno33554  1500        0      0      0 0           140      0      0      0 BMRU


ifup /ifdown 打开、关闭网卡

[root@bogon network-scripts]# ifup eno33554984Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/21)[root@bogon network-scripts]# ifdown eno33554984Device 'eno33554984' successfully disconnected.

housname

CentOS6:

查看主机名:hostname


配置主机名:hostname HOSTNAME

通过修改配置文件配置文件:/etc/sysconfig/network 中 HOSTNAME=

[root@localhost ~]# vim /etc/sysconfig/networkNETWORKING=yesHOSTNAME=localhost.localdomain

CentOS7:

hostnamectl status:显示当前主机名设定:

[root@bogon ~]# hostnamectl status   Static hostname: localhost.localdomainTransient hostname: bogon         Icon name: computer-vm           Chassis: vm        Machine ID: 5428a4d5a4bb46b8a5d02ecc7d30d003           Boot ID: c86d23aa109846569cf578d31f2b25e5    Virtualization: vmware  Operating System: CentOS Linux 7 (Core)       CPE OS Name: cpe:/o:centos:centos:7            Kernel: Linux 3.10.0-327.el7.x86_64      Architecture: x86-64

hostnamectl set-hostname 设定主机名,永久有效;

Unknown operation set-lin[root@bogon ~]# hostnamectl set-hostname lin[root@bogon ~]# hostnamectl   Static hostname: lin         Icon name: computer-vm           Chassis: vm        Machine ID: 5428a4d5a4bb46b8a5d02ecc7d30d003           Boot ID: c86d23aa109846569cf578d31f2b25e5    Virtualization: vmware  Operating System: CentOS Linux 7 (Core)       CPE OS Name: cpe:/o:centos:centos:7            Kernel: Linux 3.10.0-327.el7.x86_64      Architecture: x86-64

ip:

ip link 网络设备配置


ip link set interface down

[root@bogon ~]# ip link set eno33554984 down[root@bogon ~]# ifconfigeno16777736: flags=4163  mtu 1500        inet 192.168.67.128  netmask 255.255.255.0  broadcast 192.168.67.255        inet6 fe80::20c:29ff:fe74:803f  prefixlen 64  scopeid 0x20        ether 00:0c:29:74:80:3f  txqueuelen 1000  (Ethernet)        RX packets 15526  bytes 1106373 (1.0 MiB)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 5354  bytes 933749 (911.8 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0lo: flags=73  mtu 65536        inet 127.0.0.1  netmask 255.0.0.0        inet6 ::1  prefixlen 128  scopeid 0x10        loop  txqueuelen 0  (Local Loopback)        RX packets 12  bytes 1020 (1020.0 B)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 12  bytes 1020 (1020.0 B)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ip link set interface up

[root@bogon ~]# ifconfigeno16777736: flags=4163  mtu 1500        inet 192.168.67.128  netmask 255.255.255.0  broadcast 192.168.67.255        inet6 fe80::20c:29ff:fe74:803f  prefixlen 64  scopeid 0x20        ether 00:0c:29:74:80:3f  txqueuelen 1000  (Ethernet)        RX packets 15568  bytes 1109751 (1.0 MiB)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 5378  bytes 937177 (915.2 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0eno33554984: flags=4163  mtu 1500        ether 00:0c:29:74:80:49  txqueuelen 1000  (Ethernet)        RX packets 0  bytes 0 (0.0 B)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 254  bytes 43248 (42.2 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ip link set interface multicast on 开启组播

ip link set interface multicastoff 关闭组播

[root@bogon network-scripts]# ip link set  eno33554984 multicast off[root@bogon network-scripts]# ifconfig eno33554984eno33554984: flags=67  mtu 1500        ether 00:0c:29:74:80:49  txqueuelen 1000  (Ethernet)        RX packets 0  bytes 0 (0.0 B)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 254  bytes 43248 (42.2 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0[root@bogon network-scripts]# ip link set  eno33554984 multicast on[root@bogon network-scripts]# ifconfig eno33554984eno33554984: flags=4163  mtu 1500        ether 00:0c:29:74:80:49  txqueuelen 1000  (Ethernet)        RX packets 0  bytes 0 (0.0 B)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 254  bytes 43248 (42.2 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ip link set interface name NAME 更改设备名称

[root@bogon network-scripts]# ip link set eno33554984 name eth0[root@bogon network-scripts]# ifconfig eth0 eth0: flags=4098  mtu 1500        ether 00:0c:29:74:80:49  txqueuelen 1000  (Ethernet)        RX packets 0  bytes 0 (0.0 B)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 254  bytes 43248 (42.2 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ip link set interface mtu 设置MTU值,默认1500

root@bogon network-scripts]# ip link set eth0 mtu 1600[root@bogon network-scripts]# ifconfig eth0eth0: flags=4098  mtu 1600        ether 00:0c:29:74:80:49  txqueuelen 1000  (Ethernet)        RX packets 0  bytes 0 (0.0 B)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 254  bytes 43248 (42.2 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ip netns :创建指定的空间

ip netns list 累出所有的netns

ip netns add name 增加指定的netns

ip netns del name 删除指定的netns

ip netns exec NAME COMMAND指定的netns中运行命令

[root@bogon network-scripts]# ip netns list[root@bogon network-scripts]# ip netns add test[root@bogon network-scripts]# ip netns listtest[root@bogon network-scripts]# ip link set eth0 netns test[root@bogon network-scripts]# ifconfigeno16777736: flags=4163  mtu 1500        inet 192.168.67.128  netmask 255.255.255.0  broadcast 192.168.67.255        inet6 fe80::20c:29ff:fe74:803f  prefixlen 64  scopeid 0x20        ether 00:0c:29:74:80:3f  txqueuelen 1000  (Ethernet)        RX packets 18036  bytes 1295528 (1.2 MiB)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 6286  bytes 1033927 (1009.6 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0lo: flags=73  mtu 65536        inet 127.0.0.1  netmask 255.0.0.0        inet6 ::1  prefixlen 128  scopeid 0x10        loop  txqueuelen 0  (Local Loopback)        RX packets 12  bytes 1020 (1020.0 B)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 12  bytes 1020 (1020.0 B)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0[root@bogon network-scripts]# ip netns del test[root@bogon network-scripts]# ifconfigeno16777736: flags=4163  mtu 1500        inet 192.168.67.128  netmask 255.255.255.0  broadcast 192.168.67.255        inet6 fe80::20c:29ff:fe74:803f  prefixlen 64  scopeid 0x20        ether 00:0c:29:74:80:3f  txqueuelen 1000  (Ethernet)        RX packets 18104  bytes 1301156 (1.2 MiB)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 6323  bytes 1038797 (1014.4 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0eno33554984: flags=4163  mtu 1600        inet 192.168.66.123  netmask 255.255.255.0  broadcast 192.168.66.255        inet6 fe80::20c:29ff:fe74:8049  prefixlen 64  scopeid 0x20        ether 00:0c:29:74:80:49  txqueuelen 1000  (Ethernet)        RX packets 0  bytes 0 (0.0 B)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 262  bytes 43868 (42.8 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0


ip addr:用来实现管理IP地址

ip addr add IP/MASK dev label

[root@lin ~]# ip addr add  dev eth0 192.168.77.78/24 label eth0:1[root@lin ~]# ip addr add  dev eth0 192.168.77.79/24 label eth0:2[root@lin ~]# ifconfigeno16777736: flags=4163  mtu 1500        inet 192.168.67.128  netmask 255.255.255.0  broadcast 192.168.67.255        inet6 fe80::20c:29ff:fe74:803f  prefixlen 64  scopeid 0x20        ether 00:0c:29:74:80:3f  txqueuelen 1000  (Ethernet)        RX packets 19978  bytes 1455021 (1.3 MiB)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 7267  bytes 1146820 (1.0 MiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0eth0: flags=4163  mtu 1600        inet 192.168.77.74  netmask 255.255.255.0  broadcast 0.0.0.0        ether 00:0c:29:74:80:49  txqueuelen 1000  (Ethernet)        RX packets 0  bytes 0 (0.0 B)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 266  bytes 44112 (43.0 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0eth0:1: flags=4163  mtu 1600        inet 192.168.77.78  netmask 255.255.255.0  broadcast 0.0.0.0        ether 00:0c:29:74:80:49  txqueuelen 1000  (Ethernet)eth0:2: flags=4163  mtu 1600        inet 192.168.77.79  netmask 255.255.255.0  broadcast 0.0.0.0        ether 00:0c:29:74:80:49  txqueuelen 1000  (Ethernet)

ip addr delete 删

ip addr show 显示所有路由信息

[root@lin ~]# ip addr delete dev eth0 192.168.77.77/24[root@lin ~]# ifconfig eth0eth0: flags=4163  mtu 1600        inet 192.168.77.74  netmask 255.255.255.0  broadcast 0.0.0.0        ether 00:0c:29:74:80:49  txqueuelen 1000  (Ethernet)        RX packets 0  bytes 0 (0.0 B)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 266  bytes 44112 (43.0 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ip addr flush 清空所有


ip route

ip route option TPYE PREFIX via[GW] [dev IFACE] [src SOUCE]

ip route add 添加路由

[root@lin ~]# ip route add 10.0.0.0/8 via 192.168.67.1 [root@lin ~]# ip route showdefault via 192.168.67.2 dev eno16777736  proto static  metric 100 10.0.0.0/8 via 192.168.67.1 dev eno16777736

ip route delete:删除路由

[root@lin ~]# ip route del 10.0.0.0/8 via 192.168.67.1[root@lin ~]# ip route showdefault via 192.168.67.2 dev eno16777736  proto static  metric 100 192.168.67.0/24 dev eno16777736  proto kernel  scope link  src 192.168.67.128  metric 100 192.168.77.0/24 dev eth0  proto kernel  scope link  src 192.168.77.74

ip route get:获得路由嘻嘻

[root@lin ~]# ip route get 192.168.67.0broadcast 192.168.67.0 dev eno16777736  src 192.168.67.128     cache 

ip route flush


ss

ss [options] [FILTER]

-t:TCP协议的相关连接

-u: UDP相关连接

-w: raw socket相关的链接

-l:监听状态的了解

-n:数字格式

-p:相关的程序及其PID

-e:扩展格式信息

-m:内存用量

[root@lin ~]# ss -tnlState       Recv-Q Send-Q Local Address:Port               Peer Address:Port              LISTEN      0      128              *:22                           *:*                  LISTEN      0      128      127.0.0.1:631                          *:*


-o:及其他信息

dport=目标端口

sport=源端口

示例:'( dport=:22 sport=:22 ) '

ss -tan '( dport=:22 or sport=:22 )'

ss -tan state ESTABLISHED


通过修改配置文件来配置网络属性:

IP/NETMASK/GW/DNS:

/etc/sysconfig/network-scripts/ifcfg-IFACE

IFACE:接口名称;


路由的相关配置文件:

/etc/sysconfig/network-scripts/route-IFACE

支持两种配置方式,但不可混用

(1)每行一个路由条目

TARGET via GW

(2)没三行一个路由条目

ADDRESS#=TARGER

NETWORK#=MASK

GATEWAY#=NEXT




配置DNS服务器指向:

配置文件: /etc/resolv.conf 最多有三个主机

nameserver DNS_SERVER_IP


如何测试:(host/nslookup/dig)

/etc/hosts

系统中ping命令是事显查看/etc/hosts文件中是否有IP和域名对应的,没有的话在查看resolv.conf,

因此测试的时候要跳开host文件

dig -t A 主机名 FQDN(www.baidu.com)

FQDN--> IP

dig -x IP

IP--> 主机名



nmcli

device:显示并且网络接口

nmcli device status

nmcli device connect

nmcli device disconnect

nmcli device show


connection:

nmcli connection show

nmcli connection up IFACE

nmcli connectionn down IFACE

nmcli connectionn modify IFACE [+|-]setting address vlue

setting:

ipv4.addresss

ipv4.gateway

ipv4.dns1

ipv4.method 配置方法

manual static?


0