《liNUX实战:linux基础知识:网络属性配置》要点:
本文介绍了liNUX实战:linux基础知识:网络属性配置,希望对您有用。如果有疑问,可以联系我们。
当我们拥有一个崭新的计算机的时候,第一步恐怕都是迫不及待的下载各种软件,看视频,听音乐等,这里的关键的一点是要有网络.现在的个人计算机大部分都是windows *** 作系统的,接入网络网络很简单,插上网线也许就能上网了,最麻烦不过找到网络和共享中心手动配置一个ip地址、网关地址和DNS服务器就能上网了,当然这都是得益于图形化界面.但是现在很多的服务器都是linux *** 作系统且没有图形化的界面,这时候我们就必要了解怎样正确的给linux主机配置网络属性了,本次博客就来说说以正确的方式打开linux *** 作系统的网络属性配置(本次博客基于的发行版和版本:CentOS7、CentOS6.5).
接入收集的两种方式一、手动的指定
1.使用敕令
一般是临时的改动,重启后失效,如:ifconfig、route、ip addr等.
2.改动配置文件
修改文件配置,永久有效,但是可能不能立即生效,必要重启服务.
二、动态获取
如果当地网路中存在DHCP服务,可以动态的获取到ip地址、网关地址、DNS服务器地址等.
常用的治理和配置命令一、ifconfig
1.不加任何选项,查看处于活动状态下的接口,-a选项显示所有接口,包含inactive状态的接口:
[root@localhost ~]# ifconfigeth0 link encap:Ethernet HWaddr 00:0C:29:9F:AA:AD inet addr:192.168.172.136 Bcast:192.168.172.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fe9f:aaad/64 Scope:link UP broADCAST RUNNING MulTICAST MTU:1500 Metric:1 RX packets:2168 errors:0 dropped:0 overruns:0 frame:0 TX packets:404 errors:0 dropped:0 overruns:0 carrIEr:0 collisions:0 txqueuelen:1000 RX bytes:149715 (146.2 KiB) TX bytes:29251 (28.5 KiB)lo link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrIEr:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)[root@localhost ~]# ifconfig -aeth0 link encap:Ethernet HWaddr 00:0C:29:9F:AA:AD inet addr:192.168.172.136 Bcast:192.168.172.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fe9f:aaad/64 Scope:link UP broADCAST RUNNING MulTICAST MTU:1500 Metric:1 RX packets:2223 errors:0 dropped:0 overruns:0 frame:0 TX packets:425 errors:0 dropped:0 overruns:0 carrIEr:0 collisions:0 txqueuelen:1000 RX bytes:153927 (150.3 KiB) TX bytes:32473 (31.7 KiB)eth1 link encap:Ethernet HWaddr 00:0C:29:9F:AA:B7 broADCAST MulTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrIEr:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)lo link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrIEr:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)VIEw Code
接口的定名方式:
1.传统的命令方式: 以太网:eth1,eth2...ethn #centos6较常见的命名方式 PPP网络:ppp1,ppp2...pppn2.可预测的命令方案如果固件或者BIOS为主板上集成的设备提供的索引信息可以用,根据此索引进行命令,例如:eno1,eno2....enon;如果固件或者BIOS为PCI-E扩展槽上所提供的索引信息可以用,例如:ens1,ens2...ensn;如果硬件接口的物理位置信息可用,则根据此信息命令,如enp2s0如果用户显示定义,也可以根据MAC地址命令,例如enx12321312313.命名格式的组成en:以太网wl:无线网ww:广域网4.名称类型o<index>:集成设备的设备索引号s<slot>:扩展槽的索引号x<MAC>:基于MAC地址的命名p<bus>s<slot>:基于总线槽的拓扑布局进行命名接口命名方式
2. 配置接口ip地址掩码的两种方式:
ifconfig INTERFACE IP/MASK [up|down] #up和down为可选项ifconfig INTERFACE IP netmask NETMASK [up|down]
举例:
[root@localhost ~]# ifconfig eth1 192.168.1.1/24 up[root@localhost ~]# [root@localhost ~]# ifconfigeth0 link encap:Ethernet HWaddr 00:0C:29:9F:AA:AD inet addr:192.168.172.136 Bcast:192.168.172.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fe9f:aaad/64 Scope:link UP broADCAST RUNNING MulTICAST MTU:1500 Metric:1 RX packets:2392 errors:0 dropped:0 overruns:0 frame:0 TX packets:510 errors:0 dropped:0 overruns:0 carrIEr:0 collisions:0 txqueuelen:1000 RX bytes:168403 (164.4 KiB) TX bytes:43303 (42.2 KiB)eth1 link encap:Ethernet HWaddr 00:0C:29:9F:AA:B7 inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fe9f:aab7/64 Scope:link UP broADCAST RUNNING MulTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:5 errors:0 dropped:0 overruns:0 carrIEr:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 b) TX bytes:398 (398.0 b)lo link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrIEr:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)VIEw Code
3.开启接口的杂合模式,这里就不先做太多的阐明,后面博客中会阐明:
@H_404_635@[root@localhost ~]# ifconfig eth1 promisc[root@localhost ~]# [root@localhost ~]# ifconfig eth1eth1 link encap:Ethernet HWaddr 00:0C:29:9F:AA:B7 inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fe9f:aab7/64 Scope:link UP broADCAST RUNNING PROMISC MulTICAST MTU:1500 Metric:1 #这里多了一个PROMISC RX packets:29 errors:0 dropped:0 overruns:0 frame:0 TX packets:6 errors:0 dropped:0 overruns:0 carrIEr:0 collisions:0 txqueuelen:1000 RX bytes:2985 (2.9 KiB) TX bytes:468 (468.0 b)VIEw Code
4.新增和删除IPv6地址
ifconfig INTERFACE add addr/prefixlenifconfig INTERFACE del addr/prefixlen
举例:
[root@localhost ~]# ifconfig eth1 add 2001:0:0:12::1/64 #新增一个IPV6地址[root@localhost ~]# [root@localhost ~]# ifconfig eth1eth1 link encap:Ethernet HWaddr 00:0C:29:9F:AA:B7 inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: 2001:0:0:12::1/64 Scope:Global inet6 addr: fe80::20c:29ff:fe9f:aab7/64 Scope:link UP broADCAST RUNNING PROMISC MulTICAST MTU:1500 Metric:1 RX packets:57 errors:0 dropped:0 overruns:0 frame:0 TX packets:10 errors:0 dropped:0 overruns:0 carrIEr:0 collisions:0 txqueuelen:1000 RX bytes:6604 (6.4 KiB) TX bytes:836 (836.0 b)[root@localhost ~]# ifconfig eth1 del 2001:0:0:12::1/64 #删除ipv6地址[root@localhost ~]# [root@localhost ~]# ifconfig eth1eth1 link encap:Ethernet HWaddr 00:0C:29:9F:AA:B7 inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fe9f:aab7/64 Scope:link UP broADCAST RUNNING PROMISC MulTICAST MTU:1500 Metric:1 RX packets:62 errors:0 dropped:0 overruns:0 frame:0 TX packets:12 errors:0 dropped:0 overruns:0 carrIEr:0 collisions:0 txqueuelen:1000 RX bytes:7468 (7.2 KiB) TX bytes:1016 (1016.0 b)VIEw Code
如果在没有配置ipv6地址的情况下,我们会发现每个接口都有一个开头为fe80的ipv6地址,这个地址被称为链路当地的地址,其前64为都是固定的格式,后64是位是基于EUI-64生成的,通俗的来说就是基于MAC地址生成的,链路当地地址只能用户当地的通信,如果想要实现上网的功能,就必须要给接口配置一个全局的地址,也就是全球可聚合单播地址,配置的方式就如上,显示为Global.
可以给接口起别号配置多个IP地址:
[root@localhost ~]# ifconfig ens34:1 192.168.179.130 netmask 255.255.255.0[root@localhost ~]# [root@localhost ~]# ifconfigens32: flags=4163<UP,broADCAST,RUNNING,MulTICAST> mtu 1500 inet 192.168.172.134 netmask 255.255.255.0 broadcast 192.168.172.255 inet6 fe80::4:ed31:efad:25d0 prefixlen 64 scopeID 0x20<link> ether 00:0c:29:db:7f:47 txqueuelen 1000 (Ethernet) RX packets 25157 bytes 12826364 (12.2 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 11651 bytes 2175604 (2.0 MiB) TX errors 0 dropped 0 overruns 0 carrIEr 0 collisions 0ens34: flags=4163<UP,MulTICAST> mtu 1500 inet 192.168.179.128 netmask 255.255.255.0 broadcast 192.168.179.255 ether 00:0c:29:db:7f:51 txqueuelen 1000 (Ethernet) RX packets 666 bytes 91944 (89.7 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 220 bytes 29356 (28.6 KiB) TX errors 0 dropped 0 overruns 0 carrIEr 0 collisions 0ens34:1: flags=4163<UP,MulTICAST> mtu 1500 inet 192.168.179.130 netmask 255.255.255.0 broadcast 192.168.179.255 ether 00:0c:29:db:7f:51 txqueuelen 1000 (Ethernet)VIEw Code
然后为别号添加配置文件即可,记得DEVICE为别号名称且BOOTPROTO:不支持动态获取地址.
注意:执行ifconfig的时候,命令执行后立即生效的,然则重启后失效!
二、route
1.查看路由条款
route -n #用数字表现,不加-n选项,可能会以主机名和其他的符号来显示地址
举例:
[root@localhost ~]# routeKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface192.168.172.0 * 255.255.255.0 U 0 0 0 eth0link-local * 255.255.0.0 U 1002 0 0 eth0default 192.168.172.2 0.0.0.0 UG 0 0 0 eth0[root@localhost ~]# [root@localhost ~]# route -nKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface192.168.172.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth00.0.0.0 192.168.172.2 0.0.0.0 UG 0 0 0 eth0VIEw Code
2.添加路由条款
route add [-net|-host] target [netmask Nm] [gw GW] [[dev] If]
举例:
[root@localhost ~]# route add -net 100.100.100.0/24 gw 192.168.1.1 #接口可省略[root@localhost ~]# route -nKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface100.100.100.0 192.168.1.1 255.255.255.0 UG 0 0 0 eth1192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1192.168.172.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth00.0.0.0 192.168.172.2 0.0.0.0 UG 0 0 0 eth0[root@localhost ~]# route add default gw 192.168.1.1 dev eth1 #使用default参数创立默认路由[root@localhost ~]# route -nKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface100.100.100.0 192.168.1.1 255.255.255.0 UG 0 0 0 eth1192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1192.168.172.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth00.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth10.0.0.0 192.168.172.2 0.0.0.0 UG 0 0 0 eth0VIEw Code
3.删除路由
route del [-net|-host] target [gw GW] [netmask Nm] [[dev] If]
举例:
[root@localhost ~]# route del -net 100.100.100.0/24 [root@localhost ~]# route del -net 0.0.0.0/0 gw 192.168.1.1 #如果目标IP地址存在多个,可以指定网关地址,避免误删[root@localhost ~]# route -nKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1192.168.172.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth00.0.0.0 192.168.172.2 0.0.0.0 UG 0 0 0 eth0VIEw Code
三、netstat敕令
专门用来显示敕令
1.显示路由表
netstat -rn-r:显示内核路由表-n:数字格局
举例:
[root@localhost ~]# netstat -rnKernel IP routing tableDestination Gateway Genmask Flags MSS Window irtt Iface192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1192.168.172.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth00.0.0.0 192.168.172.2 0.0.0.0 UG 0 0 0 eth0VIEw Code
2.显示网络衔接
netstat [--tcp|-t] [--udp|-u] [--udplite|-U] [--sctp|-S] [--raw|-w] [--Listening|-l] [--all|-a] [--numeric|-n] [--extend|-e[--extend|-e]] [--program|-p]-t:TCP的相关连接-u:UDP相关连接-w:raw socket相关连接-l:处于监听状态的连接-a:所有状态-n:以数字格局显示ip和端口-e:扩展格局-p:显示相关进程及PID常用组合:-tan -uan -tnl -unl -tunlp
举例:
[root@localhost ~]# netstat -tanActive Internet connections (servers and established)Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:22 0.0.0.0:* ListEN tcp 0 0 127.0.0.1:25 0.0.0.0:* ListEN tcp 0 64 192.168.172.136:22 192.168.172.1:60645 ESTABliSHED tcp 0 0 :::22 :::* ListEN tcp 0 0 ::1:25 :::* ListEN [root@localhost ~]# netstat -uanActive Internet connections (servers and established)Proto Recv-Q Send-Q Local Address Foreign Address State udp 0 0 0.0.0.0:68 0.0.0.0:* [root@localhost ~]# netstat -tnlActive Internet connections (only servers)Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:22 0.0.0.0:* ListEN tcp 0 0 127.0.0.1:25 0.0.0.0:* ListEN tcp 0 0 :::22 :::* ListEN tcp 0 0 ::1:25 :::* ListEN [root@localhost ~]# netstat -unlActive Internet connections (only servers)Proto Recv-Q Send-Q Local Address Foreign Address State udp 0 0 0.0.0.0:68 0.0.0.0:* [root@localhost ~]# netstat -tunlpActive Internet connections (only servers)Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* ListEN 1008/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* ListEN 1084/master tcp 0 0 :::22 :::* ListEN 1008/sshd tcp 0 0 ::1:25 :::* ListEN 1084/master udp 0 0 0.0.0.0:68 0.0.0.0:* 904/dhclIEntVIEw Code
3.显示接口的统计数据
netstat {--interfaces|-I|-i} [iface] [--all|-a] [--extend|-e] [--verbose|-v] [--program|-p] [--numeric|-n]所有接口的信息:netstat -i指定的接口:netstat -I<INTERFACE>举例:
[root@localhost ~]# netstat -iKernel Interface tableIface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flgeth0 1500 0 2288 0 0 0 1099 0 0 0 BMRUeth1 1500 0 8 0 0 0 6 0 0 0 BMRUlo 16436 0 0 0 0 0 0 0 0 0 LRU[root@localhost ~]# netstat -IEth1Kernel Interface tableIface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flgeth1 1500 0 8 0 0 0 6 0 0 0 BMRUVIEw Code
四、ifup和ifdown
开启或者关闭接口,通过配置文件来辨认接口并完成配置,如果接口没有配置文件,则不能生效.
ifup INTERFACEifdown INTERFACE
五、ip
ip的功能很强年夜,这里只做一些常用的用法的介绍,具体可以见man手册.
name:show / manipulate routing,devices,policy routing and tunnelsip [ OPTIONS ] OBJECT { COMMAND | help } OBJECT := { link | addr | route | netns } #注意,在写命令的时候,OBJECT可以简写,各个OBJECT的子命令也可以简写
1. ip link:网络设备治理
ip link set:修改设备的属性dev name:默认参数,指明要管理的设备,关键字dev可以省略; {up|down}:开启或关闭设备 {multicast on|multicast off}:开启或关闭多播功能 {name name}:重命名接口,必须先将设备关闭 netns PID|netnsname:netns为名称空间,将接口移动到指定的网络名称空间ip link show:查看设备的状态ip link help:显示赞助信息
举例:
[root@localhost ~]# ip link set ens34 down #关闭ens34[root@localhost ~]# ip link set ens34 name eth34 #重定名[root@localhost ~]# [root@localhost ~]# ifconfig -aens32: flags=4163<UP,MulTICAST> mtu 1500 inet 192.168.172.134 netmask 255.255.255.0 broadcast 192.168.172.255 inet6 fe80::4:ed31:efad:25d0 prefixlen 64 scopeID 0x20<link> ether 00:0c:29:db:7f:47 txqueuelen 1000 (Ethernet) RX packets 14177 bytes 10140644 (9.6 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 5848 bytes 1208376 (1.1 MiB) TX errors 0 dropped 0 overruns 0 carrIEr 0 collisions 0eth34: flags=4098<broADCAST,MulTICAST> mtu 1500 ether 00:0c:29:db:7f:51 txqueuelen 1000 (Ethernet) RX packets 399 bytes 55093 (53.8 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 102 bytes 15624 (15.2 KiB) TX errors 0 dropped 0 overruns 0 carrIEr 0 collisions 0[root@localhost ~]# ip link set eth34 name ens34[root@localhost ~]# ip link set ens34 up[root@localhost ~]# ifconfigens32: flags=4163<UP,MulTICAST> mtu 1500 inet 192.168.172.134 netmask 255.255.255.0 broadcast 192.168.172.255 inet6 fe80::4:ed31:efad:25d0 prefixlen 64 scopeID 0x20<link> ether 00:0c:29:db:7f:47 txqueuelen 1000 (Ethernet) RX packets 14382 bytes 10157346 (9.6 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 5954 bytes 1220936 (1.1 MiB) TX errors 0 dropped 0 overruns 0 carrIEr 0 collisions 0ens34: flags=4163<UP,MulTICAST> mtu 1500 inet 192.168.179.128 netmask 255.255.255.0 broadcast 192.168.179.255 inet6 fe80::3062:d2dc:471:6045 prefixlen 64 scopeID 0x20<link> ether 00:0c:29:db:7f:51 txqueuelen 1000 (Ethernet) RX packets 403 bytes 55727 (54.4 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 112 bytes 16702 (16.3 KiB) TX errors 0 dropped 0 overruns 0 carrIEr 0 collisions 0VIEw Code
2.ip netns:管理网络名称空间(manage network namespaces)
ip netns List:列出所有的网络名称空间ip netns add name:创立指定的网络名称空间ip netns del name:删除指定的网络名称空间ip netns exec name COMMAND:在指定的netns中运行命令举例:
[root@localhost ~]# ip netns add mynetns #创建了一个名称空间[root@localhost ~]# [root@localhost ~]# ip netns List #查看名称空间mynetns[root@localhost ~]# ip link set ens34 netns mynetns #将ens34绑定到名称空间mynetns[root@localhost ~]# ifconfig -a #这时候我们会发现设备没有了ens32: flags=4163<UP,MulTICAST> mtu 1500 inet 192.168.172.134 netmask 255.255.255.0 broadcast 192.168.172.255 inet6 fe80::4:ed31:efad:25d0 prefixlen 64 scopeID 0x20<link> ether 00:0c:29:db:7f:47 txqueuelen 1000 (Ethernet) RX packets 14892 bytes 10199499 (9.7 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 6234 bytes 1258060 (1.1 MiB) TX errors 0 dropped 0 overruns 0 carrIEr 0 collisions 0lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeID 0x10<host> loop txqueuelen 1 (Local Loopback) RX packets 72 bytes 6260 (6.1 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 72 bytes 6260 (6.1 KiB) TX errors 0 dropped 0 overruns 0 carrIEr 0 collisions 0[root@localhost ~]# ip link show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNowN mode DEFAulT qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:002: ens32: <broADCAST,MulTICAST,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAulT qlen 1000 link/ether 00:0c:29:db:7f:47 brd ff:ff:ff:ff:ff:ff[root@localhost ~]# ip netns exec mynetns ip link show #只有在名称空间内执行命令能力看到,使用ifconfig无效1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN mode DEFAulT qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:003: ens34: <broADCAST,MulTICAST> mtu 1500 qdisc noop state DOWN mode DEFAulT qlen 1000 link/ether 00:0c:29:db:7f:51 brd ff:ff:ff:ff:ff:ff[root@localhost ~]# ip netns exec mynetns ip link set ens34 up #启用接口[root@localhost ~]# ip netns exec mynetns ip link show1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN mode DEFAulT qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:003: ens34: <broADCAST,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAulT qlen 1000 link/ether 00:0c:29:db:7f:51 brd ff:ff:ff:ff:ff:ffVIEw Code
3.ip address:协议地址管理(protocol address management)
ip address IFADDR dev INTERFACE:新增地址,一个接口可以有多个地址ip address delete IFADDR dev INTERFACE:删除接口的地址ip address show [INTERFACE]:显示接口地址ip address flush dev INTERFACE:删除接口地址举例:
[root@localhost ~]# ip address flush ens34[root@localhost ~]# ifconfigens32: flags=4163<UP,MulTICAST> mtu 1500 inet 192.168.172.134 netmask 255.255.255.0 broadcast 192.168.172.255 inet6 fe80::4:ed31:efad:25d0 prefixlen 64 scopeID 0x20<link> ether 00:0c:29:db:7f:47 txqueuelen 1000 (Ethernet) RX packets 15955 bytes 10285157 (9.8 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 6762 bytes 1356066 (1.2 MiB) TX errors 0 dropped 0 overruns 0 carrIEr 0 collisions 0ens34: flags=4163<UP,MulTICAST> mtu 1500 ether 00:0c:29:db:7f:51 txqueuelen 1000 (Ethernet) RX packets 413 bytes 57483 (56.1 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 138 bytes 18976 (18.5 KiB) TX errors 0 dropped 0 overruns 0 carrIEr 0 collisions 0[root@localhost ~]# ip address add 192.168.179.22/24 dev ens34[root@localhost ~]# [root@localhost ~]# ifconfig ens34ens34: flags=4163<UP,MulTICAST> mtu 1500 inet 192.168.179.22 netmask 255.255.255.0 broadcast 0.0.0.0 ether 00:0c:29:db:7f:51 txqueuelen 1000 (Ethernet) RX packets 416 bytes 57775 (56.4 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 141 bytes 19212 (18.7 KiB) TX errors 0 dropped 0 overruns 0 carrIEr 0 collisions 0[root@localhost ~]# ip address delete 192.168.179.22/24 dev ens34[root@localhost ~]# ifconfig ens34ens34: flags=4163<UP,MulTICAST> mtu 1500 ether 00:0c:29:db:7f:51 txqueuelen 1000 (Ethernet) RX packets 424 bytes 58479 (57.1 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 149 bytes 19804 (19.3 KiB) TX errors 0 dropped 0 overruns 0 carrIEr 0 collisions 0[root@localhost ~]# ip address show1: lo: <LOOPBACK,LOWER_UP> mtu 65536 qdisc noqueue state UNKNowN qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valID_lft forever preferred_lft forever inet6 ::1/128 scope host valID_lft forever preferred_lft forever2: ens32: <broADCAST,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:db:7f:47 brd ff:ff:ff:ff:ff:ff inet 192.168.172.134/24 brd 192.168.172.255 scope global dynamic ens32 valID_lft 1180sec preferred_lft 1180sec inet6 fe80::4:ed31:efad:25d0/64 scope link valID_lft forever preferred_lft forever3: ens34: <broADCAST,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:db:7f:51 brd ff:ff:ff:ff:ff:ffVIEw Code
4.ip route:路由表治理(routing table management)
ip route add TYPE PREFIX via GW [dev IFACE] [src SOURCE_IP]:新增一条路由ip route delete TYPE PREFIX:删除路由ip route show [TYPE PRIFIX]:查看路由ip route flush:清空路由ip route get TYPE PREFIX:获得一个单独的路由信息详见赞助信息:man ip route
举例:
[root@localhost ~]# ip route showdefault via 192.168.172.2 dev ens32 proto static metric 100 192.168.172.0/24 dev ens32 proto kernel scope link src 192.168.172.134 metric 100 192.168.179.0/24 dev ens34 proto kernel scope link src 192.168.179.128 192.168.179.0/24 dev ens34 proto kernel scope link src 192.168.179.128 metric 100 [root@localhost ~]# [root@localhost ~]# ip route add 100.100.100.0/24 via 192.168.179.128 dev ens34[root@localhost ~]# [root@localhost ~]# ip route showdefault via 192.168.172.2 dev ens32 proto static metric 100 100.100.100.0/24 via 192.168.179.128 dev ens34 192.168.172.0/24 dev ens32 proto kernel scope link src 192.168.172.134 metric 100 192.168.179.0/24 dev ens34 proto kernel scope link src 192.168.179.128 192.168.179.0/24 dev ens34 proto kernel scope link src 192.168.179.128 metric 100 [root@localhost ~]# ip route show 100.100.100.0/24100.100.100.0/24 via 192.168.179.128 dev ens34 [root@localhost ~]# ip route get 100.100.100.0/24100.100.100.0 dev ens34 src 192.168.179.128 cacheVIEw Code
六、ss敕令
ss和netstat的功能类似,但是比netstat的功能强年夜.
net [options] [FILTER]options:-t:TCP的相关连接-u:UDP的相关连接-w:raw socket的相关连接-l:监听状态的连接-a:所有状态的连接-n:数字格式显示-p:相关的法式及其PID-e:扩展格式信息-m:内存用量-o:计时器信息FILTER:[ state TCP-STATE ] [ Expression ]TCP-STATE:ListEN:监听ESTABliSEHD:已经建立连接FIN_WAIT_1:FIN_WAIT_2:SYN_SENT:SYN_RECV:CLOSED:Expression:dport:目的端口sport:源端口...
举例:
[root@localhost ~]# ss -tanState Recv-Q Send-Q Local Address:Port Peer Address:Port ListEN 0 128 *:22 *:* ListEN 0 100 127.0.0.1:25 *:* ESTAB 0 0 192.168.172.134:22 192.168.172.1:57461 ListEN 0 128 :::22 :::* ListEN 0 100 ::1:25 :::* [root@localhost ~]# ss -tanpState Recv-Q Send-Q Local Address:Port Peer Address:Port ListEN 0 128 *:22 *:* users:(("sshd",pID=943,fd=3))ListEN 0 100 127.0.0.1:25 *:* users:(("master",pID=1038,fd=13))ESTAB 0 180 192.168.172.134:22 192.168.172.1:57461 users:(("sshd",pID=1074,fd=3))ListEN 0 128 :::22 :::* users:(("sshd",fd=4))ListEN 0 100 ::1:25 :::* users:(("master",fd=14))[root@localhost ~]# ss -uanState Recv-Q Send-Q Local Address:Port Peer Address:Port ESTAB 0 0 192.168.172.134:60204 61.216.153.106:123 UNCONN 0 0 127.0.0.1:323 *:* UNCONN 0 0 *:1524 *:* UNCONN 0 0 *:68 *:* UNCONN 0 0 *:68 *:* UNCONN 0 0 *:30403 *:* UNCONN 0 0 :::27349 :::* UNCONN 0 0 ::1:323 :::* UNCONN 0 0 :::5011 :::* [root@localhost ~]# ss -tan '( dport = :22 or sport = :22 )'State Recv-Q Send-Q Local Address:Port Peer Address:Port ListEN 0 128 *:22 *:* ESTAB 0 52 192.168.172.134:22 192.168.172.1:57461 ListEN 0 128 :::22 :::* [root@localhost ~]# [root@localhost ~]# ss -tan state ESTABliSHEDRecv-Q Send-Q Local Address:Port Peer Address:Port 0 52 192.168.172.134:22 192.168.172.1:57461VIEw Code
七、设置装备摆设主机名
hostname
hostname:查看主机名hostname HOSTname:改动主机名,重启后无效
在centos7中:
hostnamectl status:显示当前主机名等信息hostnamectl set-hostname HOSTname:设置主机名,永远有效
网络属性设置装备摆设文件
一、主机名的设置装备摆设文件
/etc/sysconfig/network (在centos7有这个文件,然则为空,因为在centos7中新增了hostnamectl set-hostname,可以设置永久有效的主机名了):
centos6:[root@localhost ~]# vim /etc/sysconfig/networkNETWORKING=yesHOSTname=localhost.localdomain
注意:修改配置文件不会立即生效,然则以后会一直有效.
二、DNS的设置装备摆设文件
/etc/hosts:负责ip地址与域名快速解析的文件,hosts文件包含了IP地址和主机名之间的映射,在域名解析的过程中,会先查看hosts文件中是否有域名和ip地址之间的映射关系,如果没有则向DNS服务器发起域名解析的哀求:
[root@frankhost ~]# vim /etc/hosts127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
/etc/resolv.conf:配置的是DNS服务器的地址,当主机要访问某个域名的时候,就会向resolv.conf的中的DNS服务器发起解析的哀求:
[root@localhost ~]# vim /etc/resolv.conf # Generated by NetworkManagersearch localdomainnameserver 192.168.172.2nameserver 192.168.179.1
三、接口和路由的设置装备摆设文件
/etc/sysconfig/network-scripts/ifcfg-IFACE:通过大量的参数来定义接口的属性,可以通过vim等文本编纂器直接修改:
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens32 TYPE=Ethernet #接口类型BOOTPROTO=dhcp #激活此接口使用什么协议来配置接口的属性,有dhcp、bootp、static、none等DEFROUTE=yes #是否以此接口创建默认路由PEERDNS=yes #如果BOOTPROTO的值为DHCP,是否允许dhcp server分配的DNS服务器指向覆盖当地手动指定的DNS服务器指向PEERROUTES=yes IPV4_FAILURE_FATAL=noIPV6INIT=yes #是否初始化IPV6IPV6_autoCONF=yesIPV6_DEFROUTE=yesIPV6_PEERDNS=yesIPV6_PEERROUTES=yesIPV6_FAILURE_FATAL=noIPV6_ADDR_GEN_MODE=stable-privacyname=ens32 #此配置文件对于的设备名称UUID=a3471195-913d-4e38-b521-47ffa1859ffe #此设备的唯一标识DEVICE=ens32 #此设备文件对于的设备名称ONBOOT=yes
除了以上的一些参数之外还有其他一些比较重要的参数:
DNS1:DNS指向,最多可以有三个DOMAIN:DNS搜索域IPADDR:ip地址NETMASK:子网掩码;在centos7中支持使用PREFIX以长度方式指明子网掩码GATEWAY:默认网关USERCTL:是否允许普通用户节制HWADDR:设备的MAC地址NM_CONTRolLED:是否使用NetworkManager服务来节制接口
/etc/sysconfig/network-scripts/route-IFACE:针对每个接口都有其对应的路由配置文件,有两种配置方式,但是弗成以混用:
(1)每行配置一条路由:
target/prefix via GW
(2)每三行设置装备摆设一条路由:
ADDRESS#=targetNETWORK#=maskGATEWAY#=NEXTHOP#为数字0.1.2.3....
举例:
[root@frankhost ~]# vim /etc/sysconfig/network-scripts/route-eth0100.100.100.0/24 via 192.168.172.136[root@frankhost ~]# route -nKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface100.100.100.0 192.168.172.136 255.255.255.0 UG 0 0 0 eth0192.168.172.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth00.0.0.0 192.168.172.2 0.0.0.0 UG 0 0 0 [root@frankhost ~]# vim /etc/sysconfig/network-scripts/route-eth0ADDRESS0=192.168.1.0NETMASK0=255.255.255.0GATEWAY0=192.168.172.136[root@frankhost ~]# route -nKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface192.168.1.0 192.168.172.136 255.255.255.0 UG 0 0 0 eth0192.168.172.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth00.0.0.0 192.168.172.2 0.0.0.0 UG 0 0 0 eth0VIEw Code
图像化的方式设置装备摆设网络属性
在centos6中:
执行system-config-network或者setup敕令:
安装:yum -y install system-config-network-tui
安装:yum -y install setuptool
setup界面:
在centos7中:执行nmtui敕令
该怎么用就不多说了,究竟是傻瓜式的配置,永久有效.
在centos7中有一个很强年夜也很复杂的网络配置管理命令:nmcli,这里暂时就不做介绍了,以后有机会单独写一篇博客,nmcli参考链接:,或者请看man手册.
本文永远更新链接地址:
内存溢出PHP培训学院每天发布《liNUX实战:linux基础知识:网络属性配置》等实战技能,PHP、MysqL、liNUX、APP、Js,CSS全面培养人才。
总结以上是内存溢出为你收集整理的LINUX实战:Linux基础知识:网络属性配置全部内容,希望文章能够帮你解决LINUX实战:Linux基础知识:网络属性配置所遇到的程序开发问题。
如果觉得内存溢出网站内容还不错,欢迎将内存溢出网站推荐给程序员好友。
欢迎分享,转载请注明来源:内存溢出
微信扫一扫
支付宝扫一扫
评论列表(0条)