一、简单介绍
在CentOS 7中对网络管理还是有不少变化的,例如管理服务的命令变为systemctl,许多命令可以更改后直接生效,还有许多独有的工具,本文以CentOS 6与CentOS 7对比进行讲解,下面现总体介绍一下网络属性配置工具。
ifcfg家族
ifcofnig:配置IP,NETMASK
route:路由
netstat:状态及统计数据查看
iproute家族
ip OBJECT:
addr: 地址和掩码
link:接口
route:路由
ss:状态及统计数据查看
CentOS 7:nm(Network Manager)家族
nmcli:命令行工具
nmtui:text window工具
二、ifcfg家族配置管理
1、ifconfig命令:配置网络接口(configure a network interface)
查看网络配置:ifconfig [-a] [interface]
-a:查看当前系统上所有网络接口的状态及详细信息,包括inactive状态的接口
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
# ifconfig
eno16777736: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.18.250.108 netmask 255.255.0.0 broadcast 172.18.255.255
inet6 fe80::20c:29ff:fedd:c19c prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:
dd
:c1:9c txqueuelen 1000 (Ethernet)
RX packets 267796 bytes 27852817 (26.5 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4268 bytes 556507 (543.4 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 56 bytes 4760 (4.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 56 bytes 4760 (4.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
|
CentOS 7:ifconfig命令显示参数详解
eno1677736:网卡名称
inet:ip地址
netmask:子网掩码
broadcast:广播地址
UP:网卡表示激活状态
BROADCAST:支持广播功能
MULTICAST:支持组播功能
RUNNING:处于运行状态
mtu:网卡的最大传输单元
inet6:表示IPV6地址
ether:以太网地址,表示mac地址
txqueuelen:传输队列长度
RX packets 267796 bytes 27852817 (26.5 MiB):接收到报文的数量,后面表示接 收到所有报文的大小
RX errors:接收到错误报文的个数
dropped:丢包的数量
overruns:溢出的
TX packets 4268 bytes 556507 (543.4 KiB):传出到报文的数量,后面表示传出所 有报文的大小
TX errors:传出报文的错误数量
dropped:发送出去丢包数量
此处为CentOS 6上使用ifconfig的显示(注意:不标明的都默认指CentOS7,当与CentOS不同时会标注)
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:69:45:7B
inet addr:172.18.251.87 Bcast:172.18.255.255 Mask:255.255.0.0
inet6 addr: fe80::20c:29ff:fe69:457b
/64
Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:303612 errors:0 dropped:0 overruns:0 frame:0
TX packets:2296 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:31934172 (30.4 MiB) TX bytes:261862 (255.7 KiB)
eth1 Link encap:Ethernet HWaddr 00:0C:29:69:45:85
inet addr:192.168.200.3 Bcast:192.168.200.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe69:4585
/64
Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:292609 errors:0 dropped:0 overruns:0 frame:0
TX packets:202 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:30767674 (29.3 MiB) TX bytes:26126 (25.5 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1
/128
Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
|
CentOS 6:ifconfig命令显示参数详解
eth0:网卡名称
Link encap:接口类型
inet addr:ip地址
Bcast:广播地址
Mask:子网掩码
inet6 addr:IPV6地址
UP:网卡表示激活状态
BROADCAST:支持广播功能
MULTICAST:支持组播功能
RUNNING:处于运行状态
mtu:网卡的最大传输单元
ether:以太网地址,表示mac地址
txqueuelen:传输队列长度
RX packets 接收到报文的数量
errors:接收到错误报文的个数
dropped:丢包的数量
overruns:溢出的
TX packets 传出到报文的数量
errors:传出报文的错误数量
dropped:丢包的数量
overruns:溢出的
RX bytes: 接收到报文的总大小
TX bytes: 传输报文的总大小
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
# ifconfig -a
eno16777736: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.18.250.108 netmask 255.255.0.0 broadcast 172.18.255.255
inet6 fe80::20c:29ff:fedd:c19c prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:
dd
:c1:9c txqueuelen 1000 (Ethernet)
RX packets 267877 bytes 27861934 (26.5 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4283 bytes 559025 (545.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eno33554984: flags=4098<BROADCAST,MULTICAST> mtu 1500
ether 00:0c:29:
dd
:c1:a6 txqueuelen 1000 (Ethernet)
RX packets 257603 bytes 26825123 (25.5 MiB)
RX errors 0 dropped 269 overruns 0 frame 0
TX packets 38 bytes 3900 (3.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 56 bytes 4760 (4.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 56 bytes 4760 (4.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
|
可以指定接口名称,进行单独查看
|
1
2
3
4
5
6
7
|
# ifconfig eno33554984
eno33554984: flags=4098<BROADCAST,MULTICAST> mtu 1500
ether 00:0c:29:
dd
:c1:a6 txqueuelen 1000 (Ethernet)
RX packets 257603 bytes 26825123 (25.5 MiB)
RX errors 0 dropped 269 overruns 0 frame 0
TX packets 38 bytes 3900 (3.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
|
修改网络配置:ifconfig [-v] interface [aftype] options | address ...
方式一:
|
1
2
3
4
5
6
7
8
9
|
# ifconfig eno33554984 192.168.200.5/24 up
# ifconfig eno33554984
eno33554984: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.200.5 netmask 255.255.255.0 broadcast 192.168.200.255
ether 00:0c:29:
dd
:c1:a6 txqueuelen 1000 (Ethernet)
RX packets 259004 bytes 26985088 (25.7 MiB)
RX errors 0 dropped 271 overruns 0 frame 0
TX packets 40 bytes 4020 (3.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
|
# 注意此配置仅限临时生效,重启网络服务或者重启系统,内核会重读配置文件,将配置文件中的参数在执行一遍.
方式二:
|
1
2
3
4
5
6
7
8
9
|
# ifconfig eno33554984 192.168.100.5 netmask 255.255.255.0 up
# ifconfig eno33554984
eno33554984: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.100.5 netmask 255.255.255.0 broadcast 192.168.100.255
ether 00:0c:29:
dd
:c1:a6 txqueuelen 1000 (Ethernet)
RX packets 260398 bytes 27138591 (25.8 MiB)
RX errors 0 dropped 273 overruns 0 frame 0
TX packets 40 bytes 4020 (3.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
|
2、route命令:查看及管理路由(route - show / manipulate the IP routing table)
命令格式:route add [-net|-host] target [netmask Nm] [gw GW] [[dev] If]
-net:表示添加网络路由
-host:表示添加主机路由
gw:为默认网关
查看:
route -n
|
1
2
3
4
5
6
|
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.18.0.1 0.0.0.0 UG 100 0 0 eno16777736
172.18.0.0 0.0.0.0 255.255.0.0 U 100 0 0 eno16777736
192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eno33554984
|
添加路由:
|
1
2
3
4
5
6
7
8
|
# route add -net 10.0.0.0/8 gw 192.168.100.5 dev eno33554984
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.18.0.1 0.0.0.0 UG 100 0 0 eno16777736
10.0.0.0 192.168.100.5 255.0.0.0 UG 0 0 0 eno33554984
172.18.0.0 0.0.0.0 255.255.0.0 U 100 0 0 eno16777736
192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eno33554984
|
删除路由:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.18.0.1 0.0.0.0 UG 100 0 0 eno16777736
10.0.0.0 192.168.100.5 255.0.0.0 UG 0 0 0 eno33554984
172.18.0.0 0.0.0.0 255.255.0.0 U 100 0 0 eno16777736
192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eno33554984
# route del -net 10.0.0.0/8
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.18.0.1 0.0.0.0 UG 100 0 0 eno16777736
172.18.0.0 0.0.0.0 255.255.0.0 U 100 0 0 eno16777736
192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eno33554984
|
3、netstat命令:打印网络连接,路由表,接口等信息(Print network connections, routing tables, interface statis﹖ics, masquerade connections, and multicast memberships)
显示网络连接:
netstat [--tcp|-t] [--udp|-u] [--udplite|-U] [--sctp|-S] [--raw|-w] [--listening|-l] [--all|-a] [--numeric|-n] [--extend|-e[--extend|-e]] [--program|-p]
-t:TCP协议的相关连接,连接均有其状态
-u:UDP协议相关的连接
-w:raw socket相关的;连接
-l:处于监听状态的连接
-a:所有状态
-n:以数字格式显示IP和Port
-e:扩展格式
-p:显示相关的进程及PID
# 常用组合:
-tan,-una,-tnl,-unl,-tunlp,-antup
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
|
# netstat -tan
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:6011 0.0.0.0:* LISTEN
tcp 0 52 172.18.250.108:22 172.18.4.1:49701 ESTABLISHED
tcp 0 0 172.18.250.108:22 172.18.4.1:49924 ESTABLISHED
tcp6 0 0 :::22 :::* LISTEN
tcp6 0 0 ::1:631 :::* LISTEN
tcp6 0 0 ::1:25 :::* LISTEN
tcp6 0 0 ::1:6010 :::* LISTEN
tcp6 0 0 ::1:6011 :::* LISTEN
# netstat -uan
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
udp 0 0 0.0.0.0:10042 0.0.0.0:*
udp 0 0 127.0.0.1:323 0.0.0.0:*
udp 0 0 0.0.0.0:68 0.0.0.0:*
udp6 0 0 ::1:323 :::*
udp6 0 0 :::50626 :::*
# netstat -tunlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID
/Program
name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1054
/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1052
/cupsd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1143
/master
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 1190
/sshd
: root@pts
tcp 0 0 127.0.0.1:6011 0.0.0.0:* LISTEN 5116
/sshd
: root@pts
tcp6 0 0 :::22 :::* LISTEN 1054
/sshd
tcp6 0 0 ::1:631 :::* LISTEN 1052
/cupsd
tcp6 0 0 ::1:25 :::* LISTEN 1143
/master
tcp6 0 0 ::1:6010 :::* LISTEN 1190
/sshd
: root@pts
tcp6 0 0 ::1:6011 :::* LISTEN 5116
/sshd
: root@pts
udp 0 0 0.0.0.0:10042 0.0.0.0:* 4399
/dhclient
udp 0 0 127.0.0.1:323 0.0.0.0:* 752
/chronyd
udp 0 0 0.0.0.0:68 0.0.0.0:* 4399
/dhclient
udp6 0 0 ::1:323 :::* 752
/chronyd
udp6 0 0 :::50626 :::* 4399
/dhclient
# netstat -antup
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID
/Program
name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1054
/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1052
/cupsd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1143
/master
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 1190
/sshd
: root@pts
tcp 0 0 127.0.0.1:6011 0.0.0.0:* LISTEN 5116
/sshd
: root@pts
tcp 0 52 172.18.250.108:22 172.18.4.1:49701 ESTABLISHED 1190
/sshd
: root@pts
tcp 0 0 172.18.250.108:22 172.18.4.1:49924 ESTABLISHED 5116
/sshd
: root@pts
tcp6 0 0 :::22 :::* LISTEN 1054
/sshd
tcp6 0 0 ::1:631 :::* LISTEN 1052
/cupsd
tcp6 0 0 ::1:25 :::* LISTEN 1143
/master
tcp6 0 0 ::1:6010 :::* LISTEN 1190
/sshd
: root@pts
tcp6 0 0 ::1:6011 :::* LISTEN 5116
/sshd
: root@pts
udp 0 0 0.0.0.0:10042 0.0.0.0:* 4399
/dhclient
udp 0 0 127.0.0.1:323 0.0.0.0:* 752
/chronyd
udp 0 0 0.0.0.0:68 0.0.0.0:* 4399
/dhclient
udp6 0 0 ::1:323 :::* 752
/chronyd
udp6 0 0 :::50626 :::* 4399
/dhclient
|
显示路由表:netstat -rn
-r:显示内核路由表
-n:数字格式显示
|
1
2
3
4
5
6
7
|
# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 172.18.0.1 0.0.0.0 UG 0 0 0 eno16777736
10.0.0.0 192.168.100.5 255.0.0.0 UG 0 0 0 eno33554984
172.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eno16777736
192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eno33554984
|
显示借口的统计数据:
netstat {--interfaces|-I|-i} [iface] [--all|-a] [--extend|-e] [--verbose|-v] [--program|-p] [--numeric|-n]
所有接口:
netstat -i
|
1
2
3
4
5
6
|
# netstat -i
Kernel Interface table
Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eno16777 1500 295676 0 0 0 5992 0 0 0 BMRU
eno33554 1500 281789 0 313 0 40 0 0 0 BMRU
lo 65536 60 0 0 0 60 0 0 0 LRU
|
具体值:
Iface:借口
MTU:最大传输单元
RX-OK:成功接收报文的数量
RX-ERR:失败的传输报文的数量
RX-DRP:接收丢弃的报文数量
RX-OVR:接收溢出的报文数量
TX-OK:成功传输报文的数量
TX-ERR:失败的传输报文的数量
TX-DRP:传出丢弃的传输数量
TX-OVR:传出溢出的传输数量
Flg:标志
4、ifup/ifdown命令:
# 注意:通过配置文件/etc/sysconfig/network-scripts/ifcfg-IFACE来识别接口并完成配置
# 此处在显示上CentOS 6与CentOS 7有所不同
CentOS 6: 在使用ifdown命令时,禁用的接口用ifconfig命令显示不出来,且在显示中也没有UP选项,如需显示需要指定接口或者使用-a选项
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
|
# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:69:45:7B
inet addr:172.18.251.87 Bcast:172.18.255.255 Mask:255.255.0.0
inet6 addr: fe80::20c:29ff:fe69:457b
/64
Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:320170 errors:0 dropped:0 overruns:0 frame:0
TX packets:2653 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:33769657 (32.2 MiB) TX bytes:313476 (306.1 KiB)
eth1 Link encap:Ethernet HWaddr 00:0C:29:69:45:85
inet addr:192.168.200.3 Bcast:192.168.200.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe69:4585
/64
Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:306513 errors:0 dropped:0 overruns:0 frame:0
TX packets:218 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:32321812 (30.8 MiB) TX bytes:27212 (26.5 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1
/128
Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
# ifdown eth1
# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:69:45:7B
inet addr:172.18.251.87 Bcast:172.18.255.255 Mask:255.255.0.0
inet6 addr: fe80::20c:29ff:fe69:457b
/64
Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:319600 errors:0 dropped:0 overruns:0 frame:0
TX packets:2601 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:33705819 (32.1 MiB) TX bytes:305610 (298.4 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1
/128
Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
# ifconfig eth1
eth1 Link encap:Ethernet HWaddr 00:0C:29:69:45:85
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:306469 errors:0 dropped:0 overruns:0 frame:0
TX packets:211 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:32316117 (30.8 MiB) TX bytes:26744 (26.1 KiB)
# ifup eth1
Determining
if
ip address 192.168.200.3 is already
in
use
for
device eth1...
# ifconfig eth1
eth1 Link encap:Ethernet HWaddr 00:0C:29:69:45:85
inet addr:192.168.200.3 Bcast:192.168.200.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe69:4585
/64
Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:308152 errors:0 dropped:0 overruns:0 frame:0
TX packets:230 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:32503780 (30.9 MiB) TX bytes:28040 (27.3 KiB)
|
CentOS 7:在CentOS 7 上用ifdown命令禁用网卡UP选项不会消失,但是IP没有显示,此处与CentOS 6相同
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
# ifconfig eno33554984
eno33554984: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.100.3 netmask 255.255.255.0 broadcast 192.168.100.255
ether 00:0c:29:
dd
:c1:a6 txqueuelen 1000 (Ethernet)
RX packets 313238 bytes 33067566 (31.5 MiB)
RX errors 0 dropped 349 overruns 0 frame 0
TX packets 42 bytes 4140 (4.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
# ifdown eno33554984
Device
'eno33554984'
successfully disconnected.
# ifconfig
eno16777736: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.18.250.108 netmask 255.255.0.0 broadcast 172.18.255.255
inet6 fe80::20c:29ff:fedd:c19c prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:
dd
:c1:9c txqueuelen 1000 (Ethernet)
RX packets 327832 bytes 34538419 (32.9 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 6428 bytes 919810 (898.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eno33554984: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
ether 00:0c:29:
dd
:c1:a6 txqueuelen 1000 (Ethernet)
RX packets 313451 bytes 33089849 (31.5 MiB)
RX errors 0 dropped 349 overruns 0 frame 0
TX packets 42 bytes 4140 (4.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 64 bytes 5440 (5.3 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 64 bytes 5440 (5.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
# ifup eno33554984
Connection successfully activated (D-Bus active path:
/org/freedesktop/NetworkManager/ActiveConnection/12
)
# ifconfig eno33554984
eno33554984: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.100.3 netmask 255.255.255.0 broadcast 192.168.100.255
ether 00:0c:29:
dd
:c1:a6 txqueuelen 1000 (Ethernet)
RX packets 314723 bytes 33233696 (31.6 MiB)
RX errors 0 dropped 349 overruns 0 frame 0
TX packets 44 bytes 4260 (4.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
|
5、配置主机名:
hostname命令:
查看:hostname
配置:hostname HOSTNAME
当前系统有效,重启后无效
|
1
2
3
4
5
|
# hostname
centos6.7
# hostname myserver
# hostname
myserver
|
hostnamectl命令(CentOS 7):
hostnamectl status:显示当前主机名信息
hostnamectl set-hostname:设定主机名,永久有效
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
# hostnamectl status
Static
hostname
: centos7
Icon name: computer-vm
Chassis: vm
Machine ID: 94b3ec34f75d44df93cc011c79159864
Boot ID: 174d10ff65ef4f7d82721fc7b08f6bf7
Virtualization: vmware
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:
/o
:centos:centos:7
Kernel: Linux 3.10.0-327.el7.x86_64
Architecture: x86-64
# hostnamectl set-hostname centos7.2
# hostnamectl status
Static
hostname
: centos7.2
Icon name: computer-vm
Chassis: vm
Machine ID: 94b3ec34f75d44df93cc011c79159864
Boot ID: 174d10ff65ef4f7d82721fc7b08f6bf7
Virtualization: vmware
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:
/o
:centos:centos:7
Kernel: Linux 3.10.0-327.el7.x86_64
Architecture: x86-64
|
# 注意hostname在Centos 7上面也可以使用,但是设置后显示临时主机名
例:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
# hostnamectl status
Static
hostname
: centos7.2
Icon name: computer-vm
Chassis: vm
Machine ID: 94b3ec34f75d44df93cc011c79159864
Boot ID: 174d10ff65ef4f7d82721fc7b08f6bf7
Virtualization: vmware
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:
/o
:centos:centos:7
Kernel: Linux 3.10.0-327.el7.x86_64
Architecture: x86-64
# hostname centos777
# hostnamectl status
Static
hostname
: centos7.2
Transient
hostname
: hello
Icon name: computer-vm
Chassis: vm
Machine ID: 94b3ec34f75d44df93cc011c79159864
Boot ID: 174d10ff65ef4f7d82721fc7b08f6bf7
Virtualization: vmware
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:
/o
:centos:centos:7
Kernel: Linux 3.10.0-327.el7.x86_64
Architecture: x86-64
# hostname
centos777
|
配置文件:
CentOS6:/etc/sysconfig/network
HOSTNAME=<HOSTNAME>
|
1
2
3
4
5
6
7
8
|
# hostname
myserver
# vim /etc/sysconfig/network
# cat /etc/sysconfig/network
NETWORKING=
yes
HOSTNAME=mycentos6
# hostname
myserver
|
CentOS7:/etc/hostname
HOSTNAME
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
# hostnamectl status
Static
hostname
: centos7
Icon name: computer-vm
Chassis: vm
Machine ID: 94b3ec34f75d44df93cc011c79159864
Boot ID: 174d10ff65ef4f7d82721fc7b08f6bf7
Virtualization: vmware
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:
/o
:centos:centos:7
Kernel: Linux 3.10.0-327.el7.x86_64
Architecture: x86-64
# vim /etc/hostname
# cat /etc/hostname
mycentos7
# hostnamectl status
Static
hostname
: centos7
Icon name: computer-vm
Chassis: vm
Machine ID: 94b3ec34f75d44df93cc011c79159864
Boot ID: 174d10ff65ef4f7d82721fc7b08f6bf7
Virtualization: vmware
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:
/o
:centos:centos:7
Kernel: Linux 3.10.0-327.el7.x86_64
Architecture: x86-64
|
# 注意:在CentOS 6中此方法不会立即生效,但是在CentOS 7中会立即生效
6、配置DNS服务器指向:
配置文件:/etc/resolv.conf
nameserverDNS_SERVER_IP
如何测试(host/nslookup/dig):
# dig -t A FQDN
FQDN --> IP
# dig -x IP
IP --> FQDN
# dig 命令的好处在于,他不检查hosts文件中的定义,直接去dns服务器解析
三、iproute家族配置管理
1、ip命令
show / manipulate routing, devices, policy routing and tunnels
查看和配置 路由表、设备、策略路由等
ip [ OPTIONS ] OBJECT { COMMAND | help }
OBJECT := { link | addr | route | netns }
a、ip link
网络设备配置(network device configuration)
1、ip link set:改变设备属性
(1)dev NAME (default):指明要管理的设备,dev关键字可省略;
(2)up和down:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
# ip link set eno33554984 down
# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT
link
/loopback
00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link
/ether
00:0c:29:
dd
:c1:9c brd ff:ff:ff:ff:ff:ff
3: eno33554984: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT qlen 1000
link
/ether
00:0c:29:
dd
:c1:a6 brd ff:ff:ff:ff:ff:ff
# ip link set eno33554984 up
# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT
link
/loopback
00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link
/ether
00:0c:29:
dd
:c1:9c brd ff:ff:ff:ff:ff:ff
3: eno33554984: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link
/ether
00:0c:29:
dd
:c1:a6 brd ff:ff:ff:ff:ff:ff
|
(3)multicast on或multicast off:启用或禁用多播功能;
# 关闭后可以看到没有UP选项,表示此网卡已关闭
(4)name NAME:重命名接口
|
1
2
3
4
5
6
7
8
9
|
# ip link set eno33554984 down
# ip link set eno33554984 name eno666777888
# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT
link
/loopback
00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link
/ether
00:0c:29:
dd
:c1:9c brd ff:ff:ff:ff:ff:ff
3: eno666777888: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT qlen 1000
link
/ether
00:0c:29:
dd
:c1:a6 brd ff:ff:ff:ff:ff:ff
|
# 改名时需要关闭网卡设备
(5)mtu NUMBER:设置MTU的大小,默认为1500;
|
1
2
3
4
5
6
7
8
|
# ip link set eno666777888 mtu 1000
# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT
link
/loopback
00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link
/ether
00:0c:29:
dd
:c1:9c brd ff:ff:ff:ff:ff:ff
3: eno666777888: <BROADCAST,MULTICAST> mtu 1000 qdisc pfifo_fast state DOWN mode DEFAULT qlen 1000
link
/ether
00:0c:29:
dd
:c1:a6 brd ff:ff:ff:ff:ff:ff
|
(6)netns PID:ns为namespace,用于将接口移动到指定的网络名称空间;(在后面会详细讲解)
2、ip link show:列出设备属性
|
1
2
3
4
5
6
7
8
9
10
|
# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT
link
/loopback
00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link
/ether
00:0c:29:
dd
:c1:9c brd ff:ff:ff:ff:ff:ff
3: eno666777888: <BROADCAST,MULTICAST> mtu 1000 qdisc pfifo_fast state DOWN mode DEFAULT qlen 1000
link
/ether
00:0c:29:
dd
:c1:a6 brd ff:ff:ff:ff:ff:ff
# ip link show eno666777888
3: eno666777888: <BROADCAST,MULTICAST> mtu 1000 qdisc pfifo_fast state DOWN mode DEFAULT qlen 1000
link
/ether
00:0c:29:
dd
:c1:a6 brd ff:ff:ff:ff:ff:ff
|
3、ip link help:显示简要使用帮助
b、ip netns # 注意:此命令仅在CentOS 7中支持
管理网络名称空间(manage network namespaces)
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
ip netns list:列出所有的netns
# ip netns list
myspace
ip netns add NAME:创建指定的netns
# ip netns add space1
# ip netns list
space1
myspace
ip netns del NAME:删除指定的netns
# ip netns del myspace
# ip netns list
space1
ip netns
exec
NAME COMMAND:在指定的netns中运行命令
# ip link set eno666777888 netns space1
# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT
link
/loopback
00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link
/ether
00:0c:29:
dd
:c1:9c brd ff:ff:ff:ff:ff:ff
# 加入名称空间后 使用ip link show查看,可以看到此处看不到了eno66677788
# ip netns exec space1 ip link show
1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN mode DEFAULT
link
/loopback
00:00:00:00:00:00 brd 00:00:00:00:00:00
3: eno666777888: <BROADCAST,MULTICAST> mtu 1000 qdisc noop state DOWN mode DEFAULT qlen 1000
link
/ether
00:0c:29:
dd
:c1:a6 brd ff:ff:ff:ff:ff:ff
|
# 使用此命令可以查看名称空间space1中的网卡设备
c、ip address
协议地址管理(protocol address management)
ip address add:添加新的协议地址
[label NAME]:为额外添加的地址指明接口别名
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
# ip add add label eno33554984:0 10.0.0.100/8 dev eno33554984
# ifconfig
eno16777736: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.18.250.108 netmask 255.255.0.0 broadcast 172.18.255.255
inet6 fe80::20c:29ff:fedd:c19c prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:
dd
:c1:9c txqueuelen 1000 (Ethernet)
RX packets 372250 bytes 39402750 (37.5 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 9582 bytes 1347144 (1.2 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eno33554984: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1000
inet 192.168.200.2 netmask 255.255.255.0 broadcast 0.0.0.0
ether 00:0c:29:
dd
:c1:a6 txqueuelen 1000 (Ethernet)
RX packets 344492 bytes 36539558 (34.8 MiB)
RX errors 0 dropped 365 overruns 0 frame 0
TX packets 48 bytes 4500 (4.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eno33554984:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1000
inet 10.0.0.100 netmask 255.0.0.0 broadcast 0.0.0.0
ether 00:0c:29:
dd
:c1:a6 txqueuelen 1000 (Ethernet)
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 76 bytes 6460 (6.3 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 76 bytes 6460 (6.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[broadcast ADDRESS]:广播地址;会根据IP和NETMASK自动计算得到
|
[scope SCOPE_VALUE]:作用域,默认设置为global
global:全局可用;
link:接口可用;
host:仅本机可用;
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
# ip addr show eno33554984
3: eno33554984: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1000 qdisc pfifo_fast state UP qlen 1000
link
/ether
00:0c:29:
dd
:c1:a6 brd ff:ff:ff:ff:ff:ff
inet 192.168.200.2
/24
scope global eno33554984
valid_lft forever preferred_lft forever
inet 10.0.0.100
/8
scope global eno33554984:0
valid_lft forever preferred_lft forever
inet 10.0.0.200
/8
scope global secondary eno33554984
valid_lft forever preferred_lft forever
ip address delete:删除协议地址
# ip addr show eno33554984
3: eno33554984: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1000 qdisc pfifo_fast state UP qlen 1000
link
/ether
00:0c:29:
dd
:c1:a6 brd ff:ff:ff:ff:ff:ff
inet 192.168.200.2
/24
scope global eno33554984
valid_lft forever preferred_lft forever
inet 10.0.0.100
/8
scope global eno33554984:0
valid_lft forever preferred_lft forever
inet 10.0.0.200
/8
scope global secondary eno33554984
valid_lft forever preferred_lft forever
# ip add del 192.168.200.2/24 dev eno33554984
# ip addr show eno33554984
3: eno33554984: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1000 qdisc pfifo_fast state UP qlen 1000
link
/ether
00:0c:29:
dd
:c1:a6 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.100
/8
scope global eno33554984:0
valid_lft forever preferred_lft forever
inet 10.0.0.200
/8
scope global secondary eno33554984
valid_lft forever preferred_lft forever
|
ip address show:查看协议地址
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
# ip add show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link
/loopback
00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1
/8
scope host lo
valid_lft forever preferred_lft forever
inet6 ::1
/128
scope host
valid_lft forever preferred_lft forever
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link
/ether
00:0c:29:
dd
:c1:9c brd ff:ff:ff:ff:ff:ff
inet 172.18.250.108
/16
brd 172.18.255.255 scope global dynamic eno16777736
valid_lft 63185sec preferred_lft 63185sec
inet6 fe80::20c:29ff:fedd:c19c
/64
scope link
valid_lft forever preferred_lft forever
3: eno33554984: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1000 qdisc pfifo_fast state UP qlen 1000
link
/ether
00:0c:29:
dd
:c1:a6 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.100
/8
scope global eno33554984:0
valid_lft forever preferred_lft forever
inet 10.0.0.200
/8
scope global secondary eno33554984
valid_lft forever preferred_lft forever
|
ip address flush:清除协议地址(清除某设备上的所有地址)
|
1
2
3
4
5
6
7
8
9
10
11
|
# ip add show eno33554984
3: eno33554984: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1000 qdisc pfifo_fast state UP qlen 1000
link
/ether
00:0c:29:
dd
:c1:a6 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.100
/8
scope global eno33554984:0
valid_lft forever preferred_lft forever
inet 10.0.0.200
/8
scope global secondary eno33554984
valid_lft forever preferred_lft forever
# ip add flush dev eno33554984
# ip add show eno33554984
3: eno33554984: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1000 qdisc pfifo_fast state UP qlen 1000
link
/ether
00:0c:29:
dd
:c1:a6 brd ff:ff:ff:ff:ff:ff
|
d、ip route
路由表管理(routing table management)
ip route add:添加新的路由
|
1
2
3
4
5
6
7
8
|
# ip route add 20.0.0.0/8 via 10.0.0.20 dev eno33554984
# ip route show
default via 172.18.0.1 dev eno16777736 proto static metric 100
10.0.0.0
/8
dev eno33554984 proto kernel scope link src 10.0.0.200
20.0.0.0
/8
via 10.0.0.20 dev eno33554984
172.18.0.0
/16
dev eno16777736 proto kernel scope link src 172.18.250.108 metric 100
192.168.20.0
/24
dev eno33554984 proto kernel scope link src 192.168.20.2
192.168.100.0
/24
dev eno33554984 proto kernel scope link src 192.168.100.2
|
ip route change:修改路由
|
1
2
3
4
5
6
7
8
|
# ip route change 20.0.0.0/8 via 172.18.250.108 dev eno16777736
# ip route show
default via 172.18.0.1 dev eno16777736 proto static metric 100
10.0.0.0
/8
dev eno33554984 proto kernel scope link src 10.0.0.200
20.0.0.0
/8
via 172.18.250.108 dev eno16777736
172.18.0.0
/16
dev eno16777736 proto kernel scope link src 172.18.250.108 metric 100
192.168.20.0
/24
dev eno33554984 proto kernel scope link src 192.168.20.2
192.168.100.0
/24
dev eno33554984 proto kernel scope link src 192.168.100.2
|
ip route replace:改变或者添加新的路由(表示如果没有就新添加)
ip route add TYPE PREFIX via GW [dev IFACE] [src SOURCE_IP]
ip route delete:删除路由
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
# ip route show
default via 172.18.0.1 dev eno16777736 proto static metric 100
10.0.0.0
/8
dev eno33554984 proto kernel scope link src 10.0.0.200
20.0.0.0
/8
via 172.18.250.108 dev eno16777736
172.18.0.0
/16
dev eno16777736 proto kernel scope link src 172.18.250.108 metric 100
192.168.20.0
/24
dev eno33554984 proto kernel scope link src 192.168.20.2
192.168.100.0
/24
dev eno33554984 proto kernel scope link src 192.168.100.2
# ip route del 10.0.0.0/8
# ip route show
default via 172.18.0.1 dev eno16777736 proto static metric 100
20.0.0.0
/8
via 172.18.250.108 dev eno16777736
172.18.0.0
/16
dev eno16777736 proto kernel scope link src 172.18.250.108 metric 100
192.168.20.0
/24
dev eno33554984 proto kernel scope link src 192.168.20.2
192.168.100.0
/24
dev eno33554984 proto kernel scope link src 192.168.100.2
|
ip route show:查看路由
ip route flush:删除路由表
|
1
2
3
4
5
6
|
# ip route flush 192.168.100/24
# ip route show
default via 172.18.0.1 dev eno16777736 proto static metric 100
20.0.0.0
/8
via 172.18.250.108 dev eno16777736
172.18.0.0
/16
dev eno16777736 proto kernel scope link src 172.18.250.108 metric 100
192.168.20.0
/24
dev eno33554984 proto kernel scope link src 192.168.20.2
|
ip route get:查看一条路由
|
1
2
3
|
# ip route get 20.0.0.0/8
20.0.0.0 dev eno16777736 src 172.18.250.108
cache
|
2、ss命令
另一个套接字管理程序(another utility to investigate sockets)
ss [options] [FILTER]
选项:
-t:TCP协议的相关连接
-u:UDP相关的连接
-w:raw socket相关的连接
-l:监听状态的连接
-a:所有状态的连接
-n:数字格式
-p:相关的程序及其PID
-e:扩展格式信息
-m:内存用量
-o:计时器信息
# 用法与netstat相同,组合方式也可以参照netstat
常用组合:-tan,-una,-tnl,-unl,-tunlp,-antup
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
# ss -tan
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 128 127.0.0.1:631 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 127.0.0.1:6010 *:*
LISTEN 0 128 127.0.0.1:6011 *:*
ESTAB 0 52 172.18.250.108:22 172.18.4.1:49701
ESTAB 0 0 172.18.250.108:22 172.18.4.1:49924
LISTEN 0 128 :::22 :::*
LISTEN 0 128 ::1:631 :::*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 128 ::1:6010 :::*
LISTEN 0 128 ::1:6011 :::*
# ss -uan
State Recv-Q Send-Q Local Address:Port Peer Address:Port
UNCONN 0 0 *:10042 *:*
UNCONN 0 0 127.0.0.1:323 *:*
UNCONN 0 0 *:68 *:*
UNCONN 0 0 ::1:323 :::*
UNCONN 0 0 :::50626 :::*
FILTER := [ state TCP-STATE ] [ EXPRESSION ]
[EXPRESSION]
dport =
sport =
# ss -tan '( dport = 22 or sport = 22 )'
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
ESTAB 0 52 172.18.250.108:22 172.18.4.1:49701
ESTAB 0 0 172.18.250.108:22 172.18.4.1:49924
LISTEN 0 128 :::22 :::*
|
四、管理网络属性之配置文件
IP/NETMASK/GW/DNS等配置文件:/etc/sysconfig/network-scripts/ifcfg-IFACE
路由相关的配置文件:/etc/sysconfig/networkj-scripts/route-IFACE
命令方式修改:
CentOS 6:system-config-network
setup
CentOS 7:nmtui
ifcfg-IFACE文件中的参数:
DEVICE:此配置文件对应的设备的名称;
ONBOOT:在系统引导过程中,是否激活此接口;
UUID:此设备的惟一标识;
IPV6INIT:是否初始化IPv6;
BOOTPROTO:激活此接口时使用什么协议来配置接口属性,常用的有dhcp、bootp、static、none;
TYPE:接口类型,常见的有Ethernet, Bridge;
DNS1:第一DNS服务器指向;
DNS2:备用DNS服务器指向;
DOMAIN:DNS搜索域;
IPADDR: IP地址;
NETMASK:子网掩码;CentOS 7支持使用PREFIX以长度方式指明子网掩码;
GATEWAY:默认网关;
USERCTL:是否允许普通用户控制此设备;
PEERDNS:如果BOOTPROTO的值为“dhcp”,是否允许dhcp_server分配的dns服务器指向覆盖本地手动指定的DNS服务器指向;默认为允许;
HWADDR:设备的MAC地址;
NM_CONTROLLED:是否使用NetworkManager服务来控制接口;
示例:
CentOS 7:
IPV6INIT=yes
BOOTPROTO=none
DEVICE=eno16777736
ONBOOT=yes
UUID=fc03aa9a-32b4-4d25-9576-288a0e3cd39a
TYPE=Ethernet
DEFROUTE=yes
NAME="System eno16777736"
PEERDNS=yes
IPADDR=172.18.4.1
PREFIX=8
GATEWAY=172.18.0.1
DNS1=202.106.0.20
DNS2=172.18.0.1
CentOS 6:
DEVICE=eth0
HWADDR=00:0C:29:69:45:7B
TYPE=Ethernet
UUID=1e9d304f-319a-4467-ac3c-67159f182f33
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=dhcp
网络服务:
network
NetworkManger
管理网络服务:
CentOS 6: service {network|NetworkManager} {start|stop|restart|status}
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
# cat /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
TYPE=Ethernet
ONBOOT=
yes
NM_CONTROLLED=
yes
BOOTPROTO=none
IPADDR=10.0.0.100
PREFIX=8
GATEWAY=10.0.0.1
DNS1=202.106.0.20
# service network restart
Shutting down interface eth0: [ OK ]
Shutting down interface eth1: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0:
Determining IP information
for
eth0...
done
.
[ OK ]
Bringing up interface eth1: Determining ip address 10.0.0.100 is already
in
use
for
device eth1.. [ OK ]
# ifconfig eth1
eth1 Link encap:Ethernet HWaddr 00:0C:29:69:45:85
inet addr:10.0.0.100 Bcast:10.255.255.255 Mask:255.0.0.0
inet6 addr: fe80::20c:29ff:fe69:4585
/64
Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:411362 errors:0 dropped:0 overruns:0 frame:0
TX packets:240 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:44602847 (42.5 MiB) TX bytes:28728 (28.0 KiB)
|
CentOS 7: systemctl {start|stop|restart|status} {network|NetworkManager}.service
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
# cat /etc/sysconfig/network-scripts/ifcfg-eno33554984
# Generated by parse-kickstart
BOOTPROTO=none
DEVICE=eno33554984
ONBOOT=
yes
TYPE=Ethernet
DEFROUTE=
yes
IPV4_FAILURE_FATAL=no
NAME=
"System eno33554984"
PEERDNS=
yes
PEERROUTES=
yes
IPADDR=20.0.0.100
PREFIX=24
GATEWAY=20.0.0.1
DNS1=202.106.0.20
# systemctl restart network.service
# ifconfig eno33554984
eno33554984: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1000
inet 20.0.0.100 netmask 255.255.255.0 broadcast 20.0.0.255
ether 00:0c:29:
dd
:c1:a6 txqueuelen 1000 (Ethernet)
RX packets 406943 bytes 44125370 (42.0 MiB)
RX errors 0 dropped 635 overruns 0 frame 0
TX packets 50 bytes 4620 (4.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
|
配置文件配置路由:/etc/sysconfig/network-scripts/route-IFACE
支持两种配置方式,但不可混用;
(1) 每行一个路由条目:
TARGET via GW
|
1
2
3
4
5
6
7
8
9
10
11
|
# cat /etc/sysconfig/network-scripts/route-eno33554984
172.0.0.0
/8
via 20.0.0.100
# systemctl restart network.service
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.18.0.1 0.0.0.0 UG 100 0 0 eno16777736
0.0.0.0 20.0.0.1 0.0.0.0 UG 101 0 0 eno33554984
20.0.0.0 0.0.0.0 255.255.255.0 U 100 0 0 eno33554984
172.0.0.0 20.0.0.100 255.0.0.0 UG 100 0 0 eno33554984
172.18.0.0 0.0.0.0 255.255.0.0 U 100 0 0 eno16777736
|
(2) 每三行一个路由条目:
ADDRESS#=TARGET
NETMASK#=MASK
GATEWAY#=NEXTHOP
|
1
2
3
4
5
6
7
8
9
10
11
12
13
|
# cat /etc/sysconfig/network-scripts/route-eno33554984
ADDRESS0=11.0.0.0
NETMASK0=255.0.0.0
GATEWAY0=20.0.0.100
# systemctl restart network.service
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.18.0.1 0.0.0.0 UG 100 0 0 eno16777736
0.0.0.0 20.0.0.1 0.0.0.0 UG 101 0 0 eno33554984
11.0.0.0 20.0.0.100 255.0.0.0 UG 100 0 0 eno33554984
20.0.0.0 0.0.0.0 255.255.255.0 U 100 0 0 eno33554984
172.18.0.0 0.0.0.0 255.255.0.0 U 100 0 0 eno16777736
|
# 此处就介绍到这,如果有错误希望大家及时支持,我长期更新,如果感觉还不错可以收藏,或者添加友链。
