配置Linux网络属性:ip命令
ip命令:
ip - show / manipulate routing, devices, policy routing and tunnels
ip [ OPTIONS ] OBJECT { COMMAND | help }OBJECT := { link | addr | route }
link OBJECT:
ip link - network device configuration
set
dev IFACE 可设置属性:up and down:激活或禁用指定接口;
ip link set eth0 up
[root@localhost ~]# ip link set eth0 up
ip link set eth0 down
[root@localhost ~]# ip link set eth0 down
show
[dev IFACE]:指定接口 [up]:仅显示处于激活状态的接口
ip link show eth0
[root@localhost ~]# ip link show eth0 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:47:be:80 brd ff:ff:ff:ff:ff:ff
ip link show up eth0
[root@localhost ~]# ip link show up eth0 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:47:be:80 brd ff:ff:ff:ff:ff:ff
ip address – protocol address management
ip addr { add | del } IFADDR dev STRING[label LABEL]:添加地址时指明网卡别名
[scope {global|link|host}]:指明作用域
global: 全局可用;
link: 仅链接可用;
host: 本机可用;
[broadcast ADDRESS]:指明广播地址
ip addr add 10.0.0.10 dev eth0
[root@localhost ~]# ip addr add 10.0.0.10 dev eth0
ip addr add 192.168.2.10/24 dev eth0 label eth0:0
[root@localhost ~]# ip addr add 192.168.2.10/24 dev eth0 label eth0:0
ip addr add 10.0.0.11 dev eth0 scope link
[root@localhost ~]# ip addr add 10.0.0.11 dev eth0 scope link
ip addr add 10.0.0.11 dev eth0 broadcast 10.0.0.240
[root@localhost ~]# ip addr add 10.0.0.11 dev eth0 broadcast 10.0.0.240
ip address show – look at protocol addresses
[dev DEVICE] [label PATTERN] [primary and secondary]
ip address show dev eth0
[root@localhost ~]# ip address show dev eth0 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:47:be:80 brd ff:ff:ff:ff:ff:ff inet 10.0.0.2/8 brd 10.255.255.255 scope global eth0 inet6 fe80::20c:29ff:fe47:be80/64 scope link valid_lft forever preferred_lft forever
ip address show primary
[root@localhost ~]# ip address show primary 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:47:be:80 brd ff:ff:ff:ff:ff:ff inet 10.0.0.2/8 brd 10.255.255.255 scope global eth0 inet6 fe80::20c:29ff:fe47:be80/64 scope link valid_lft forever preferred_lft forever
ip address flush – flush protocol addresses 使用格式同show
ip address flush eth0
[root@localhost ~]# ip address flush eth0
ip route add
添加路由:ip route add TARGET via GW dev IFACE src SOURCE_IPTARGET: 主机路由:IP 网络路由:NETWORK/MASK 添加网关:ip route add defalt via GW dev IFACE
ip route add 10.0.0.1 via 10.0.0.2 dev eth0
[root@localhost ~]# ip route add 10.0.0.1 via 10.0.0.2 dev eth0
ip route add default via 10.0.0.1 dev eth0
[root@localhost ~]# ip route add default via 10.0.0.1 dev eth0
ip route delete
删除路由:ip route del TARGET
[root@localhost ~]# ip route del 10.0.0.0/8
ip route show
[root@localhost ~]# ip route show 10.0.0.1 via 10.0.0.2 dev eth0 10.0.0.0/8 dev eth0 proto kernel scope link src 10.0.0.2 metric 1 default via 10.0.0.1 dev eth0
ip route flush
[dev IFACE]
[via PREFIX]
[root@localhost ~]# ip route flush dev eth0
-
ss命令:
-
格式:ss [OPTION]… [FILTER]
-
选项:
-t: tcp协议相关-u: udp协议相关-w: 裸套接字相关-x:unix sock相关-l: listen状态的连接-a: 所有-n: 数字格式-p: 相关的程序及PID-e: 扩展的信息-m:内存用量-o:计时器信息FILTER := [ state TCP-STATE ] [ EXPRESSION ]
TCP的常见状态: tcp finite state machine: LISTEN: 监听 ESTABLISHED:已建立的连接 FIN_WAIT_1:主动关闭 FIN_WAIT_2:主动关闭 SYN_SENT:等待连接请求 SYN_RECV:确认连接请求 CLOSED:连接结束 EXPRESSION: dport = sport = 示例:’( dport = :ssh or sport = :ssh )’
常用组合:
-tan, -tanl, -tanlp, -uan
ss -tal
[root@localhost ~]# ss -tal State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 *:38941 *:* LISTEN 0 128 :::39596 :::* LISTEN 0 128 :::sunrpc :::* LISTEN 0 128 *:sunrpc *:* LISTEN 0 128 :::ssh :::* LISTEN 0 128 *:ssh *:* LISTEN 0 128 127.0.0.1:ipp *:* LISTEN 0 128 ::1:ipp :::* LISTEN 0 100 ::1:smtp :::* LISTEN 0 100 127.0.0.1:smtp *:*
ss -ual
[root@localhost ~]# ss -ual State Recv-Q Send-Q Local Address:Port Peer Address:Port UNCONN 0 0 *:787 *:* UNCONN 0 0 *:49202 *:* UNCONN 0 0 127.0.0.1:849 *:* UNCONN 0 0 *:sunrpc *:* UNCONN 0 0 *:ipp *:* UNCONN 0 0 :::787 :::* UNCONN 0 0 :::51988 :::* UNCONN 0 0 :::sunrpc :::*
Linux网络属性配置(3): 修改配置文件
IP、MASK、GW、DNS相关配置文件:/etc/sysconfig/network-scripts/ifcfg-IFACE 路由相关的配置文件:/etc/sysconfig/network-scripts/route-IFACE/etc/sysconfig/network-scripts/ifcfg-IFACE: DEVICE:此配置文件应用到的设备; HWADDR:对应的设备的MAC地址; BOOTPROTO:激活此设备时使用的地址配置协议,常用的dhcp, static, none, bootp; NM_CONTROLLED:NM是NetworkManager的简写;此网卡是否接受NM控制;CentOS6建议为“no”; ONBOOT:在系统引导时是否激活此设备; TYPE:接口类型;常见有的Ethernet, Bridge; UUID:设备的惟一标识; IPADDR:指明IP地址; NETMASK:子网掩码;GATEWAY: 默认网关; DNS1:第一个DNS服务器指向; DNS2:第二个DNS服务器指向; USERCTL:普通用户是否可控制此设备; PEERDNS:如果BOOTPROTO的值为“dhcp”,是否允许dhcp server分配的dns服务器指向信息直接覆盖至/etc/resolv.conf文件中;
/etc/sysconfig/network-scripts/route-IFACE
两种风格: (1) TARGET via GW (2) 每三行定义一条路由 ADDRESS#=TARGETNETMASK#=maskGATEWAY#=GW
Linux网络属性配置的tui(text user interface):
ystem-config-network-tui 也可以使用setup找到; 注意:记得重启网络服务方能生效; 配置当前主机的主机名: hostname [HOSTNAME]/etc/sysconfig/network HOSTNAME= 网络接口识别并命名相关的udev配置文件:/etc/udev/rules.d/70-persistent-net.rules 卸载网卡驱动: modprobe -r e1000 lsmod 装载网卡驱动: modprobe e1000
CentOS 7网络属性配置
传统命名:以太网eth[0,1,2,...], wlan[0,1,2,...] 可预测功能 udev支持多种不同的命名方案: Firmware, 拓扑结构 (1) 网卡命名机制 systemd对网络设备的命名方式: (a) 如果Firmware或BIOS为主板上集成的设备提供的索引信息可用,且可预测则根据此索引进行命名,例如eno1; (b) 如果Firmware或BIOS为PCI-E扩展槽所提供的索引信息可用,且可预测,则根据此索引进行命名,例如ens1; (c) 如果硬件接口的物理位置信息可用,则根据此信息进行命名,例如enp2s0; (d) 如果用户显式启动,也可根据MAC地址进行命名,enx2387a1dc56; (e) 上述均不可用时,则使用传统命名机制; 上述命名机制中,有的需要biosdevname程序的参与;
(2) 名称组成格式
en: ethernet :以太网接口 wl: wlan :无线局域网设备 ww: wwan:无线广域网设备 名称类型: o<index>: 集成设备的设备索引号; s<slot>: 扩展槽的索引号; x<MAC>: 基于MAC地址的命名; p<bus>s<slot>: enp2s1 pci总线上第二个总线上第一个插槽设备
网卡设备的命名过程:
第一步: udev, 辅助工具程序/lib/udev/rename_device, /usr/lib/udev/rules.d/60-net.rules第二步: biosdevname 会根据/usr/lib/udev/rules.d/71-biosdevname.rules第三步: 通过检测网络接口设备,根据/usr/lib/udev/rules.d/75-net-descriptionID_NET_NAME_ONBOARD, ID_NET_NAME_SLOT, ID_NET_NAME_PATH
回归传统命名方式:
(1) 编辑/etc/default/grub配置文件 GRUB_CMDLINE_LINUX="net.ifnames=0 rhgb quiet"(2) 为grub2生成其配置文件 grub2-mkconfig -o /etc/grub2.cfg (3) 重启系统
地址配置工具:nmcli
nmcli [ OPTIONS ] OBJECT { COMMAND | help }
device - show and manage network interfaces
connection - start, stop, and manage network connections
如何修改IP地址等属性:#nmcli connection modify IFACE [+|-]setting.property valuesetting.property:
ipv4.addresses
ipv4.gateway
ipv4.dns1
ipv4.methodmanual
将 NetworkManager 的所有状态都打印出来
[root@localhost ~]# nmcli general status状态 CONNECTIVITY WIFI-HW WIFI WWAN-HW WWAN 已连接(只在本地) 全部 已启用 已启用 已启用 已启用
显示所有连接
[root@localhost ~]# nmcli connection show 名称 UUID 类型 设备 virbr0 34523c12-6df4-4f6e-80cf-0159d8837b87 bridge virbr0 有线连接 1 ddc20fc4-543d-49c4-8fef-b3d325b39b61 802-3-ethernet -- eno16777728 af4505d8-c76c-4cd9-b9d7-1bedf3df789d 802-3-ethernet eno16777728
仅显示当前活动的连接
[root@localhost ~]# nmcli connection show -a 名称 UUID 类型 设备 virbr0 34523c12-6df4-4f6e-80cf-0159d8837b87 bridge virbr0 eno16777728 af4505d8-c76c-4cd9-b9d7-1bedf3df789d 802-3-ethernet eno16777728
列出 NetworkManager识别出的设备列表及他们的状态
[root@localhost ~]# nmcli device status 设备 类型 状态 CONNECTION virbr0 bridge 连接的 virbr0 eno16777728 ethernet 连接的 eno16777728 virbr0-nic ethernet 已断开 -- lo loopback 未管理 --
停止某个接口
[root@localhost ~]# nmcli device disconnect eno16777728
启动接口
[root@localhost ~]# nmcli device connect eno16777728
添加一个静态IP地址的以太网连接
nmcli connection add type ethernet con-name NAME_OF_CONNECTION ifname interface-name ip4 IP_ADDRESS gw4 GW_ADDRESS [root@localhost ~]# nmcli connection add type ethernet con-name NEW ifname eno16777736 ip4 192.168.1.141 gw4 192.168.1.1
设置DNS服务器
[root@localhost ~]# nmcli connection modify NEW ipv4.dns "8.8.8.8 8.8.4.4"
启动新的 Ethernet 连接
[root@localhost ~]# nmcli connection up NEW ifname eno16777729
查看新连接的配置信息
[root@localhost ~]# nmcli -p connection show NEW
原创文章,作者:N21_ Dominic,如若转载,请注明出处:http://www.178linux.com/26480
评论列表(1条)
排版不错,但内容可以再充实一点,加油。