Linux网络属性配置—iproute命令家族

ip命令：

show / manipulate routing, devices, policy routing and tunnels

ip [ OPTIONS ] OBJECT { COMMAND | help }

OBJECT := { link | addr | route | netns }

ip OBJECT：

ip link： network device configuration

ip link show – display device attributes

]# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:ae:e4:d8 brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:ae:e4:e2 brd ff:ff:ff:ff:ff:ff

ip link set – change device attributes

dev NAME (default)：指明要管理的设备，dev关键字可省略；

up和down：

multicast on或multicast off：启用或禁用多播功能；

name NAME：重命名接口

mtu NUMBER：设置MTU的大小，默认为1500；

netns PID：ns为namespace，用于将接口移动到指定的网络名称空间；

]# ip link set eth1 down
]# ip link show eth1
3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000
    link/ether 00:0c:29:ae:e4:e2 brd ff:ff:ff:ff:ff:ff
]# ip link set eth1 multicast off 
]# ip link show eth1
3: eth1: <BROADCAST> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000
    link/ether 00:0c:29:ae:e4:e2 brd ff:ff:ff:ff:ff:ff

]# ip link set eth1 name exxx
]# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:ae:e4:d8 brd ff:ff:ff:ff:ff:ff
3: exxx: <BROADCAST> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000
    link/ether 00:0c:29:ae:e4:e2 brd ff:ff:ff:ff:ff:ff

]# ip link set eth1 mtu 2000
]# ip link show eth1
3: eth1: <BROADCAST> mtu 2000 qdisc pfifo_fast state DOWN qlen 1000
    link/ether 00:0c:29:ae:e4:e2 brd ff:ff:ff:ff:ff:ff

ip link help – 显示简要使用帮助；

ip netns： – manage network namespaces.

ip netns list：列出所有的netns

ip netns add NAME：创建指定的netns

ip netns del NAME：删除指定的netns

ip netns exec NAME COMMAND：在指定的netns中运行命令

]# ip netns list
]# ip netns add netspace
]# ip netns list
netspace

ip address – protocol address management.

ip address add – add new protocol address

ip address { add | del } IFADDR dev STRING

ip address { show | flush } [ dev STRING ] [label PATTERN ]

ip addr add IFADDR dev IFACE

[label NAME]：为额外添加的地址指明接口别名；

[broadcast ADDRESS]：广播地址；会根据IP和NETMASK自动计算得到；

[scope SCOPE_VALUE]：

global：全局可用；

link：接口可用；

host：仅本机可用；

]# ip addr add 192.168.1.10/24 dev eno16777736
]# ip addr show eno16777736
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:60:1e:7a brd ff:ff:ff:ff:ff:ff
    inet 10.0.1.20/24 brd 10.0.1.255 scope global eno16777736
       valid_lft forever preferred_lft forever
    inet 192.168.1.10/24 scope global eno16777736
       valid_lft forever preferred_lft forever

]# ip addr add 192.168.2.10/24 dev eno16777736 label eno16777736:0
]# ip addr show eno16777736
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:60:1e:7a brd ff:ff:ff:ff:ff:ff
    inet 10.0.1.20/24 brd 10.0.1.255 scope global eno16777736
       valid_lft forever preferred_lft forever
    inet 192.168.1.10/24 scope global eno16777736
       valid_lft forever preferred_lft forever
    inet 192.168.2.10/24 scope global eno16777736:0
       valid_lft forever preferred_lft forever

ip address delete – delete protocol address

ip addr delete IFADDR dev IFACE

]# ip addr del 192.168.2.10/24 dev eno16777736 
]# ip addr del 192.168.1.10/24 dev eno16777736
]# ip ad sh eno16777736
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:60:1e:7a brd ff:ff:ff:ff:ff:ff
    inet 10.0.1.20/24 brd 10.0.1.255 scope global eno16777736
       valid_lft forever preferred_lft forever

ip address show – look at protocol addresses

ip addr list [IFACE]：显示接口的地址；

]# ip addr show eno16777736
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:60:1e:7a brd ff:ff:ff:ff:ff:ff
    inet 10.0.1.20/24 brd 10.0.1.255 scope global eno16777736
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe60:1e7a/64 scope link 
       valid_lft forever preferred_lft forever

ip address flush – flush protocol addresses

ip addr flush dev IFACE

]# ip addr add 10.10.10.10/8 dev eth1 label eth1:0
]# ip addr add 172.16.1.100/16 dev eth1 label eth1:1
]# ip addr show eth1
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:ae:e4:e2 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.100/24 brd 192.168.1.255 scope global eth1
    inet 10.10.10.10/8 scope global eth1:0
    inet 172.16.1.100/16 scope global eth1:1

]# ip addr flush dev eth1
]# ip addr show eth1
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:ae:e4:e2 brd ff:ff:ff:ff:ff:ff

ip route – routing table management

ip route add – add new route

ip route change – change route

ip route replace – change or add new one

ip route add TYPE PREFIX via GW [dev IFACE] [src SOURCE_IP]

]# ip route add 172.16.0.0/16 via 10.0.1.2 dev eth0 src 10.0.1.6
]# ip route show
10.0.1.0/24 dev eth0  proto kernel  scope link  src 10.0.1.6 
192.168.1.0/24 dev eth1  proto kernel  scope link  src 192.168.1.10 
172.16.0.0/16 via 10.0.1.2 dev eth0  src 10.0.1.6 
default via 10.0.1.2 dev eth0

]# ip route add default via 10.0.1.2 dev eth0
]# ip route show
10.0.1.0/24 dev eth0  proto kernel  scope link  src 10.0.1.6 
192.168.1.0/24 dev eth1  proto kernel  scope link  src 192.168.1.10 
172.16.0.0/16 via 10.0.1.2 dev eth0  src 10.0.1.6 
default via 10.0.1.2 dev eth0

ip route delete – delete route

ip route del TYPE PRIFIX

]# ip route del 172.16.0.0/16
]# ip route del default
]# ip route show
10.0.1.0/24 dev eth0  proto kernel  scope link  src 10.0.1.6 
192.168.1.0/24 dev eth1  proto kernel  scope link  src 192.168.1.10

ip route show – list routes

TYPE PRIFIX

ip route get – get a single route

ip route get TYPE PRIFIX

]# ip route get 192.168.1.0/24
broadcast 192.168.1.0 dev eth1  src 192.168.1.10 
    cache <local,brd>  mtu 1500 advmss 1460 hoplimit 64

ss命令：

ss [options] [ FILTER ]

选项：

-t：TCP协议的相关连接

-u：UDP相关的连接

-w：raw socket相关的连接

-l：监听状态的连接

-a：所有状态的连接

-n：数字格式

-p：相关的程序及其PID

-e：扩展格式信息

-m：内存用量

-o：计时器信息

FILTER := [ state TCP-STATE ] [ EXPRESSION ]

TCP的常见状态：

TCP FSM：

LISTEN：监听

ESTABLISEHD：建立的连接

FIN_WAIT_1：

FIN_WAIT_2：

SYN_SENT：

SYN_RECV：

CLOSED：

EXPRESSION：

dport =

sport =

示例：'( dport = :22 or sport = :22)’

~]# ss -tan ‘( dport = :22 or sport = :22 )’

~]# ss -tan state ESTABLISHED

来自为知笔记(Wiz)

原创文章，作者：N24_ViCi，如若转载，请注明出处：http://www.178linux.com/62526

Linux网络属性配置—iproute命令家族

相关推荐

马哥教育21期网络班—第13周课程+练习—-samba和vsftp-pam

linux常见文件管理类命令

RPM与YUM安装工具介绍与初步使用、编译apache2

学习笔记–权限管理

第十八周

iptables

评论列表（1条）