Linux系统的网卡路由配置

2023-07-29 267

版权

本文内容由阿里云实名注册用户自发贡献，版权归原作者所有，阿里云开发者社区不拥有其著作权，亦不承担相应法律责任。具体规则请查看《阿里云开发者社区用户服务协议》和《阿里云开发者社区知识产权保护指引》。如果您发现本社区中有涉嫌抄袭的内容，填写侵权投诉表单进行举报，一经查实，本社区将立刻删除涉嫌侵权内容。

简介： Linux系统的网卡路由配置

一、查看系统路由

[root@control ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.3.254   0.0.0.0         UG    103    0        0 ens161
10.88.0.0       0.0.0.0         255.255.0.0     U     0      0        0 cni0
192.168.3.0     0.0.0.0         255.255.255.0   U     103    0        0 ens161
192.168.3.254   0.0.0.0         255.255.255.255 UH    0      0        0 ens161
192.168.122.0   0.0.0.0         255.255.255.0   U     0      0        0 virbr0

二、激活网卡

1.查看所有物理网卡

在这里插入代码片

[root@control ~]# nmcli device 
DEVICE        TYPE      STATE         CONNECTION 
ens161        ethernet  connected     ens161     
cni0          bridge    connected     cni0       
virbr0        bridge    connected     virbr0     
ens160        ethernet  disconnected  --         
vethbf044fd9  ethernet  unmanaged     --         
lo            loopback  unmanaged     --         
virbr0-nic    tun       unmanaged     --

2.连接新增网卡

[root@control ~]# nmcli connection up ens160
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/10)

3.查看IP

ifconfig ens160

三、系统的路由管理

1.添加一条网关路由

route add -net 0.0.0.0 netmask 255.255.255.255 dev ens37

2.设置默认网关

route add default gw 192.168.243.2

[root@192 user]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         0.0.0.0         255.255.255.255 UH    0      0        0 ens37
0.0.0.0         192.168.243.2   0.0.0.0         UG    0      0        0 ens37
0.0.0.0         192.168.3.254   0.0.0.0         UG    100    0        0 ens33
10.88.0.0       0.0.0.0         255.255.0.0     U     0      0        0 cni-podman0
192.168.3.0     0.0.0.0         255.255.255.0   U     100    0        0 ens33
192.168.122.0   0.0.0.0         255.255.255.0   U     0      0        0 virbr0
192.168.243.0   0.0.0.0         255.255.255.0   U     101    0        0 ens37

3.删除默认网关

route del default gw 192.168.243.2

4.使用route命令删除静态路由

route del -net 192.168.1.0 netmask 255.255.255.0 dev ens37

四、配置路由优先级

1.多个网关存在时，无法上网

[root@192 user]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         0.0.0.0         255.255.255.255 UH    0      0        0 ens37
0.0.0.0         192.168.243.2   0.0.0.0         UG    0      0        0 ens37
0.0.0.0         192.168.3.254   0.0.0.0         UG    100    0        0 ens33
10.88.0.0       0.0.0.0         255.255.0.0     U     0      0        0 cni-podman0
192.168.3.0     0.0.0.0         255.255.255.0   U     100    0        0 ens33
192.168.122.0   0.0.0.0         255.255.255.0   U     0      0        0 virbr0
192.168.243.0   0.0.0.0         255.255.255.0   U     101    0        0 ens37
[root@192 user]# ping www.baidu.com
^C
[root@192 user]# ping www.baidu.com -c4
PING www.a.shifen.com (112.80.248.76) 56(84) bytes of data.
From 192.168.243.140 (192.168.243.140) icmp_seq=1 Destination Host Unreachable
From 192.168.243.140 (192.168.243.140) icmp_seq=2 Destination Host Unreachable
From 192.168.243.140 (192.168.243.140) icmp_seq=3 Destination Host Unreachable
From 192.168.243.140 (192.168.243.140) icmp_seq=4 Destination Host Unreachable

--- www.a.shifen.com ping statistics ---
4 packets transmitted, 0 received, +4 errors, 100% packet loss, time 2999ms
pipe 4
[root@192 user]#

2.添加路由时指定优先级

[root@192 user]# ip route add default via 192.168.243.2 metric 99
[root@192 user]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         0.0.0.0         255.255.255.255 UH    0      0        0 ens37
0.0.0.0         192.168.243.2   0.0.0.0         UG    0      0        0 ens37
0.0.0.0         192.168.243.2   0.0.0.0         UG    99     0        0 ens37
0.0.0.0         192.168.3.254   0.0.0.0         UG    100    0        0 ens33
10.88.0.0       0.0.0.0         255.255.0.0     U     0      0        0 cni-podman0
192.168.3.0     0.0.0.0         255.255.255.0   U     100    0        0 ens33
192.168.122.0   0.0.0.0         255.255.255.0   U     0      0        0 virbr0
192.168.243.0   0.0.0.0         255.255.255.0   U     101    0        0 ens37

3.添加某条静态路由

[root@192 user]# ip route add 192.168.120.0/24 via 192.168.243.2
[root@192 user]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.243.2   0.0.0.0         UG    0      0        0 ens37
0.0.0.0         192.168.243.2   0.0.0.0         UG    99     0        0 ens37
0.0.0.0         192.168.3.254   0.0.0.0         UG    100    0        0 ens33
10.88.0.0       0.0.0.0         255.255.0.0     U     0      0        0 cni-podman0
192.168.3.0     0.0.0.0         255.255.255.0   U     100    0        0 ens33
192.168.120.0   192.168.243.2   255.255.255.0   UG    0      0        0 ens37
192.168.122.0   0.0.0.0         255.255.255.0   U     0      0        0 virbr0
192.168.243.0   0.0.0.0         255.255.255.0   U     101    0        0 ens37

4.删除静态路由

ip route del default  via 192.168.243.2

5.指定上网出口网关优先级

[root@192 user]# ip route add default via 192.168.3.254  metric 98
[root@192 user]# ping www.baidu.com
PING www.a.shifen.com (112.80.248.76) 56(84) bytes of data.
64 bytes from 112.80.248.76 (112.80.248.76): icmp_seq=1 ttl=55 time=32.3 ms
64 bytes from 112.80.248.76 (112.80.248.76): icmp_seq=2 ttl=55 time=33.0 ms
64 bytes from 112.80.248.76 (112.80.248.76): icmp_seq=3 ttl=55 time=34.0 ms
64 bytes from 112.80.248.76 (112.80.248.76): icmp_seq=4 ttl=55 time=34.2 ms
^C
--- www.a.shifen.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 32.395/33.442/34.268/0.782 ms
[root@192 user]#

五、网卡的配置

1.修改IP

[root@node1 ~]# nmcli connection modify ens224-con224 ipv4.addresses 192.168.8.11/24 ipv4.gateway 192.168.8.1 ipv4.dns 192.168.8.1 ipv4.method manual 
[root@node1 ~]# nmcli connection reload 
[root@node1 ~]# nmcli connection up ens224-con224

2.添加网卡IP

[root@node1 ~]# nmcli connection add ifname ens224 type ethernet con-name ens224-con224 ipv4.addresses  192.168.8.11/24 ipv4.gateway 192.168.8.1 ipv4.dns 192.168.8.1 ipv4.method manual
[root@node1 ~]# nmcli connection reload 
[root@node1 ~]# nmcli connection up ens224-con224 
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/7)
[root@node1 ~]#

3.给网卡配置多个IP

nmcli connection modify ens224-con224 +ipv4.addresses 192.168.8.111/24
[root@node1 ~]# nmcli con up ens224-con224 
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/10)
[root@node1 network-scripts]# ip addr show ens224
3: ens224: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 00:0c:29:4e:fd:bc brd ff:ff:ff:ff:ff:ff
    inet 192.168.8.11/24 brd 192.168.8.255 scope global noprefixroute ens224
       valid_lft forever preferred_lft forever
    inet 192.168.8.111/24 brd 192.168.8.255 scope global secondary noprefixroute ens224
       valid_lft forever preferred_lft forever
    inet6 fe80::1344:2c57:66a9:99a6/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
[root@node1 network-scripts]#

六、ss命令

[root@192 user]# ss -tunlp |grep 80
udp    UNCONN     0      0         *:807                   *:*                   users:(("rpcbind",pid=8696,fd=10))
udp    UNCONN     0      0        :::807                  :::*                   users:(("rpcbind",pid=8696,fd=11))

[root@192 user]# netstat -tunlp |grep 80
udp        0      0 0.0.0.0:807             0.0.0.0:*                           8696/rpcbind        
udp6       0      0 :::807                  :::*                                8696/rpcbind