CentOS 7网络属性配置
时间:2016-05-23 20:59 来源:未知 作者:IT
一、简单介绍
在CentOS 7中对网络管理还是有不少变化的,例如管理服务的命令变为systemctl,许多命令可以更改后直接生效,还有许多独有的工具,本文以CentOS 6与CentOS 7对比进行讲解,下面现总体介绍一下网络属性配置工具。
ifcfg家族
ifcofnig:配置IP,NETMASK
route:路由
netstat:状态及统计数据查看
iproute家族
ip OBJECT:
addr: 地址和掩码
link:接口
route:路由
ss:状态及统计数据查看
CentOS 7:nm(Network Manager)家族
nmcli:命令行工具
nmtui:text window工具
二、ifcfg家族配置管理
1、ifconfig命令:配置网络接口(configure a network interface)
查看网络配置:ifconfig [-a] [interface]
-a:查看当前系统上所有网络接口的状态及详细信息,包括inactive状态的接口
# ifconfig
eno16777736: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.18.250.108 netmask 255.255.0.0 broadcast 172.18.255.255
inet6 fe80::20c:29ff:fedd:c19c prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:dd:c1:9c txqueuelen 1000 (Ethernet)
RX packets 267796 bytes 27852817 (26.5 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4268 bytes 556507 (543.4 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 56 bytes 4760 (4.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 56 bytes 4760 (4.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
CentOS 7:ifconfig命令显示参数详解
eno1677736:网卡名称
inet:ip地址
netmask:子网掩码
broadcast:广播地址
UP:网卡表示激活状态
BROADCAST:支持广播功能
MULTICAST:支持组播功能
RUNNING:处于运行状态
mtu:网卡的最大传输单元
inet6:表示IPV6地址
ether:以太网地址,表示mac地址
txqueuelen:传输队列长度
RX packets 267796 bytes 27852817 (26.5 MiB):接收到报文的数量,后面表示接 收到所有报文的大小
RX errors:接收到错误报文的个数
dropped:丢包的数量
overruns:溢出的
TX packets 4268 bytes 556507 (543.4 KiB):传出到报文的数量,后面表示传出所 有报文的大小
TX errors:传出报文的错误数量
dropped:发送出去丢包数量
此处为CentOS 6上使用ifconfig的显示(注意:不标明的都默认指CentOS7,当与CentOS不同时会标注)
# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:69:45:7B
inet addr:172.18.251.87 Bcast:172.18.255.255 Mask:255.255.0.0
inet6 addr: fe80::20c:29ff:fe69:457b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:303612 errors:0 dropped:0 overruns:0 frame:0
TX packets:2296 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:31934172 (30.4 MiB) TX bytes:261862 (255.7 KiB)
eth1 Link encap:Ethernet HWaddr 00:0C:29:69:45:85
inet addr:192.168.200.3 Bcast:192.168.200.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe69:4585/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:292609 errors:0 dropped:0 overruns:0 frame:0
TX packets:202 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:30767674 (29.3 MiB) TX bytes:26126 (25.5 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
CentOS 6:ifconfig命令显示参数详解
eth0:网卡名称
Link encap:接口类型
inet addr:ip地址
Bcast:广播地址
Mask:子网掩码
inet6 addr:IPV6地址
UP:网卡表示激活状态
BROADCAST:支持广播功能
MULTICAST:支持组播功能
RUNNING:处于运行状态
mtu:网卡的最大传输单元
ether:以太网地址,表示mac地址
txqueuelen:传输队列长度
RX packets 接收到报文的数量
errors:接收到错误报文的个数
dropped:丢包的数量
overruns:溢出的
TX packets 传出到报文的数量
errors:传出报文的错误数量
dropped:丢包的数量
overruns:溢出的
RX bytes: 接收到报文的总大小
TX bytes: 传输报文的总大小
# ifconfig -a
eno16777736: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.18.250.108 netmask 255.255.0.0 broadcast 172.18.255.255
inet6 fe80::20c:29ff:fedd:c19c prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:dd:c1:9c txqueuelen 1000 (Ethernet)
RX packets 267877 bytes 27861934 (26.5 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4283 bytes 559025 (545.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eno33554984: flags=4098<BROADCAST,MULTICAST> mtu 1500
ether 00:0c:29:dd:c1:a6 txqueuelen 1000 (Ethernet)
RX packets 257603 bytes 26825123 (25.5 MiB)
RX errors 0 dropped 269 overruns 0 frame 0
TX packets 38 bytes 3900 (3.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 56 bytes 4760 (4.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 56 bytes 4760 (4.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
可以指定接口名称,进行单独查看
# ifconfig eno33554984
eno33554984: flags=4098<BROADCAST,MULTICAST> mtu 1500
ether 00:0c:29:dd:c1:a6 txqueuelen 1000 (Ethernet)
RX packets 257603 bytes 26825123 (25.5 MiB)
RX errors 0 dropped 269 overruns 0 frame 0
TX packets 38 bytes 3900 (3.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
修改网络配置:ifconfig [-v] interface [aftype] options | address …
方式一:
# ifconfig eno33554984 192.168.200.5/24 up
# ifconfig eno33554984
eno33554984: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.200.5 netmask 255.255.255.0 broadcast 192.168.200.255
ether 00:0c:29:dd:c1:a6 txqueuelen 1000 (Ethernet)
RX packets 259004 bytes 26985088 (25.7 MiB)
RX errors 0 dropped 271 overruns 0 frame 0
TX packets 40 bytes 4020 (3.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
# 注意此配置仅限临时生效,重启网络服务或者重启系统,内核会重读配置文件,将配置文件中的参数在执行一遍.
方式二:
# ifconfig eno33554984 192.168.100.5 netmask 255.255.255.0 up
# ifconfig eno33554984
eno33554984: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.100.5 netmask 255.255.255.0 broadcast 192.168.100.255
ether 00:0c:29:dd:c1:a6 txqueuelen 1000 (Ethernet)
RX packets 260398 bytes 27138591 (25.8 MiB)
RX errors 0 dropped 273 overruns 0 frame 0
TX packets 40 bytes 4020 (3.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
2、route命令:查看及管理路由(route – show / manipulate the IP routing table)
命令格式:route add [-net|-host] target [netmask Nm] [gw GW] [[dev] If]
-net:表示添加网络路由
-host:表示添加主机路由
gw:为默认网关
查看:
route -n
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.18.0.1 0.0.0.0 UG 100 0 0 eno16777736
172.18.0.0 0.0.0.0 255.255.0.0 U 100 0 0 eno16777736
192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eno33554984
添加路由:
# route add -net 10.0.0.0/8 gw 192.168.100.5 dev eno33554984
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.18.0.1 0.0.0.0 UG 100 0 0 eno16777736
10.0.0.0 192.168.100.5 255.0.0.0 UG 0 0 0 eno33554984
172.18.0.0 0.0.0.0 255.255.0.0 U 100 0 0 eno16777736
192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eno33554984
删除路由:
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.18.0.1 0.0.0.0 UG 100 0 0 eno16777736
10.0.0.0 192.168.100.5 255.0.0.0 UG 0 0 0 eno33554984
172.18.0.0 0.0.0.0 255.255.0.0 U 100 0 0 eno16777736
192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eno33554984
# route del -net 10.0.0.0/8
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.18.0.1 0.0.0.0 UG 100 0 0 eno16777736
172.18.0.0 0.0.0.0 255.255.0.0 U 100 0 0 eno16777736
192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eno33554984
3、netstat命令:打印网络连接,路由表,接口等信息(Print network connections, routing tables, interface statis﹖ics, masquerade connections, and multicast memberships)
显示网络连接:
netstat [–tcp|-t] [–udp|-u] [–udplite|-U] [–sctp|-S] [–raw|-w] [–listening|-l] [–all|-a] [–numeric|-n] [–extend|-e[–extend|-e]] [–program|-p]
-t:TCP协议的相关连接,连接均有其状态
-u:UDP协议相关的连接
-w:raw socket相关的;连接
-l:处于监听状态的连接
-a:所有状态
-n:以数字格式显示IP和Port
-e:扩展格式
-p:显示相关的进程及PID
# 常用组合:
-tan,-una,-tnl,-unl,-tunlp,-antup
# netstat -tan
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:6011 0.0.0.0:* LISTEN
tcp 0 52 172.18.250.108:22 172.18.4.1:49701 ESTABLISHED
tcp 0 0 172.18.250.108:22 172.18.4.1:49924 ESTABLISHED
tcp6 0 0 :::22 :::* LISTEN
tcp6 0 0 ::1:631 :::* LISTEN
tcp6 0 0 ::1:25 :::* LISTEN
tcp6 0 0 ::1:6010 :::* LISTEN
tcp6 0 0 ::1:6011 :::* LISTEN
# netstat -uan
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
udp 0 0 0.0.0.0:10042 0.0.0.0:*
udp 0 0 127.0.0.1:323 0.0.0.0:*
udp 0 0 0.0.0.0:68 0.0.0.0:*
udp6 0 0 ::1:323 :::*
udp6 0 0 :::50626 :::*
# netstat -tunlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1054/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1052/cupsd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1143/master
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 1190/sshd: root@pts
tcp 0 0 127.0.0.1:6011 0.0.0.0:* LISTEN 5116/sshd: root@pts
tcp6 0 0 :::22 :::* LISTEN 1054/sshd
tcp6 0 0 ::1:631 :::* LISTEN 1052/cupsd
tcp6 0 0 ::1:25 :::* LISTEN 1143/master
tcp6 0 0 ::1:6010 :::* LISTEN 1190/sshd: root@pts
tcp6 0 0 ::1:6011 :::* LISTEN 5116/sshd: root@pts
udp 0 0 0.0.0.0:10042 0.0.0.0:* 4399/dhclient
udp 0 0 127.0.0.1:323 0.0.0.0:* 752/chronyd
udp 0 0 0.0.0.0:68 0.0.0.0:* 4399/dhclient
udp6 0 0 ::1:323 :::* 752/chronyd
udp6 0 0 :::50626 :::* 4399/dhclient
# netstat -antup
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1054/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1052/cupsd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1143/master
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 1190/sshd: root@pts
tcp 0 0 127.0.0.1:6011 0.0.0.0:* LISTEN 5116/sshd: root@pts
tcp 0 52 172.18.250.108:22 172.18.4.1:49701 ESTABLISHED 1190/sshd: root@pts
tcp 0 0 172.18.250.108:22 172.18.4.1:49924 ESTABLISHED 5116/sshd: root@pts
tcp6 0 0 :::22 :::* LISTEN 1054/sshd
tcp6 0 0 ::1:631 :::* LISTEN 1052/cupsd
tcp6 0 0 ::1:25 :::* LISTEN 1143/master
tcp6 0 0 ::1:6010 :::* LISTEN 1190/sshd: root@pts
tcp6 0 0 ::1:6011 :::* LISTEN 5116/sshd: root@pts
udp 0 0 0.0.0.0:10042 0.0.0.0:* 4399/dhclient
udp 0 0 127.0.0.1:323 0.0.0.0:* 752/chronyd
udp 0 0 0.0.0.0:68 0.0.0.0:* 4399/dhclient
udp6 0 0 ::1:323 :::* 752/chronyd
udp6 0 0 :::50626 :::* 4399/dhclient
显示路由表:netstat -rn
-r:显示内核路由表
-n:数字格式显示
# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 172.18.0.1 0.0.0.0 UG 0 0 0 eno16777736
10.0.0.0 192.168.100.5 255.0.0.0 UG 0 0 0 eno33554984
172.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eno16777736
192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eno33554984
显示借口的统计数据:
netstat {–interfaces|-I|-i} [iface] [–all|-a] [–extend|-e] [–verbose|-v] [–program|-p] [–numeric|-n]
所有接口:
netstat -i
# netstat -i
Kernel Interface table
Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eno16777 1500 295676 0 0 0 5992 0 0 0 BMRU
eno33554 1500 281789 0 313 0 40 0 0 0 BMRU
lo 65536 60 0 0 0 60 0 0 0 LRU
具体值:
Iface:借口
MTU:最大传输单元
RX-OK:成功接收报文的数量
RX-ERR:失败的传输报文的数量
RX-DRP:接收丢弃的报文数量
RX-OVR:接收溢出的报文数量
TX-OK:成功传输报文的数量
TX-ERR:失败的传输报文的数量
TX-DRP:传出丢弃的传输数量
TX-OVR:传出溢出的传输数量
Flg:标志
4、ifup/ifdown命令:
# 注意:通过配置文件/etc/sysconfig/network-scripts/ifcfg-IFACE来识别接口并完成配置
# 此处在显示上CentOS 6与CentOS 7有所不同
CentOS 6: 在使用ifdown命令时,禁用的接口用ifconfig命令显示不出来,且在显示中也没有UP选项,如需显示需要指定接口或者使用-a选项
# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:69:45:7B
inet addr:172.18.251.87 Bcast:172.18.255.255 Mask:255.255.0.0
inet6 addr: fe80::20c:29ff:fe69:457b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:320170 errors:0 dropped:0 overruns:0 frame:0
TX packets:2653 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:33769657 (32.2 MiB) TX bytes:313476 (306.1 KiB)
eth1 Link encap:Ethernet HWaddr 00:0C:29:69:45:85
inet addr:192.168.200.3 Bcast:192.168.200.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe69:4585/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:306513 errors:0 dropped:0 overruns:0 frame:0
TX packets:218 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:32321812 (30.8 MiB) TX bytes:27212 (26.5 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
# ifdown eth1
# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:69:45:7B
inet addr:172.18.251.87 Bcast:172.18.255.255 Mask:255.255.0.0
inet6 addr: fe80::20c:29ff:fe69:457b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:319600 errors:0 dropped:0 overruns:0 frame:0
TX packets:2601 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:33705819 (32.1 MiB) TX bytes:305610 (298.4 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
# ifconfig eth1
eth1 Link encap:Ethernet HWaddr 00:0C:29:69:45:85
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:306469 errors:0 dropped:0 overruns:0 frame:0
TX packets:211 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:32316117 (30.8 MiB) TX bytes:26744 (26.1 KiB)
# ifup eth1
Determining if ip address 192.168.200.3 is already in use for device eth1...
# ifconfig eth1
eth1 Link encap:Ethernet HWaddr 00:0C:29:69:45:85
inet addr:192.168.200.3 Bcast:192.168.200.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe69:4585/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:308152 errors:0 dropped:0 overruns:0 frame:0
TX packets:230 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:32503780 (30.9 MiB) TX bytes:28040 (27.3 KiB)
CentOS 7:在CentOS 7 上用ifdown命令禁用网卡UP选项不会消失,但是IP没有显示,此处与CentOS 6相同
# ifconfig eno33554984
eno33554984: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.100.3 netmask 255.255.255.0 broadcast 192.168.100.255
ether 00:0c:29:dd:c1:a6 txqueuelen 1000 (Ethernet)
RX packets 313238 bytes 33067566 (31.5 MiB)
RX errors 0 dropped 349 overruns 0 frame 0
TX packets 42 bytes 4140 (4.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
# ifdown eno33554984
Device 'eno33554984' successfully disconnected.
# ifconfig
eno16777736: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.18.250.108 netmask 255.255.0.0 broadcast 172.18.255.255
inet6 fe80::20c:29ff:fedd:c19c prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:dd:c1:9c txqueuelen 1000 (Ethernet)
RX packets 327832 bytes 34538419 (32.9 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 6428 bytes 919810 (898.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eno33554984: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
ether 00:0c:29:dd:c1:a6 txqueuelen 1000 (Ethernet)
RX packets 313451 bytes 33089849 (31.5 MiB)
RX errors 0 dropped 349 overruns 0 frame 0
TX packets 42 bytes 4140 (4.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 64 bytes 5440 (5.3 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 64 bytes 5440 (5.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
# ifup eno33554984
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/12)
# ifconfig eno33554984
eno33554984: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.100.3 netmask 255.255.255.0 broadcast 192.168.100.255
ether 00:0c:29:dd:c1:a6 txqueuelen 1000 (Ethernet)
RX packets 314723 bytes 33233696 (31.6 MiB)
RX errors 0 dropped 349 overruns 0 frame 0
TX packets 44 bytes 4260 (4.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
5、配置主机名:
hostname命令:
查看:hostname
配置:hostname HOSTNAME
当前系统有效,重启后无效
# hostname
centos6.7
# hostname myserver
# hostname
myserver
hostnamectl命令(CentOS 7):
hostnamectl status:显示当前主机名信息
hostnamectl set-hostname:设定主机名,永久有效
# hostnamectl status
Static hostname: centos7
Icon name: computer-vm
Chassis: vm
Machine ID: 94b3ec34f75d44df93cc011c79159864
Boot ID: 174d10ff65ef4f7d82721fc7b08f6bf7
Virtualization: vmware
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-327.el7.x86_64
Architecture: x86-64
# hostnamectl set-hostname centos7.2
# hostnamectl status
Static hostname: centos7.2
Icon name: computer-vm
Chassis: vm
Machine ID: 94b3ec34f75d44df93cc011c79159864
Boot ID: 174d10ff65ef4f7d82721fc7b08f6bf7
Virtualization: vmware
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-327.el7.x86_64
Architecture: x86-64
# 注意hostname在Centos 7上面也可以使用,但是设置后显示临时主机名
例:
# hostnamectl status
Static hostname: centos7.2
Icon name: computer-vm
Chassis: vm
Machine ID: 94b3ec34f75d44df93cc011c79159864
Boot ID: 174d10ff65ef4f7d82721fc7b08f6bf7
Virtualization: vmware
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-327.el7.x86_64
Architecture: x86-64
# hostname centos777
# hostnamectl status
Static hostname: centos7.2
Transient hostname: hello
Icon name: computer-vm
Chassis: vm
Machine ID: 94b3ec34f75d44df93cc011c79159864
Boot ID: 174d10ff65ef4f7d82721fc7b08f6bf7
Virtualization: vmware
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-327.el7.x86_64
Architecture: x86-64
# hostname
centos777
配置文件:
CentOS6:/etc/sysconfig/network
HOSTNAME=<HOSTNAME>
# hostname
myserver
# vim /etc/sysconfig/network
# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=mycentos6
# hostname
myserver
CentOS7:/etc/hostname
HOSTNAME
# hostnamectl status
Static hostname: centos7
Icon name: computer-vm
Chassis: vm
Machine ID: 94b3ec34f75d44df93cc011c79159864
Boot ID: 174d10ff65ef4f7d82721fc7b08f6bf7
Virtualization: vmware
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-327.el7.x86_64
Architecture: x86-64
# vim /etc/hostname
# cat /etc/hostname
mycentos7
# hostnamectl status
Static hostname: centos7
Icon name: computer-vm
Chassis: vm
Machine ID: 94b3ec34f75d44df93cc011c79159864
Boot ID: 174d10ff65ef4f7d82721fc7b08f6bf7
Virtualization: vmware
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-327.el7.x86_64
Architecture: x86-64
# 注意:在CentOS 6中此方法不会立即生效,但是在CentOS 7中会立即生效
6、配置DNS服务器指向:
配置文件:/etc/resolv.conf
nameserverDNS_SERVER_IP
如何测试(host/nslookup/dig):
# dig -t A FQDN
FQDN –> IP
# dig -x IP
IP –> FQDN
# dig 命令的好处在于,他不检查hosts文件中的定义,直接去dns服务器解析
三、iproute家族配置管理
1、ip命令
show / manipulate routing, devices, policy routing and tunnels
查看和配置 路由表、设备、策略路由等
ip [ OPTIONS ] OBJECT { COMMAND | help }
OBJECT := { link | addr | route | netns }
a、ip link
网络设备配置(network device configuration)
1、 ip link set:改变设备属性
(1)dev NAME (default):指明要管理的设备,dev关键字可省略;
(2)up和down:
# ip link set eno33554984 down
# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:dd:c1:9c brd ff:ff:ff:ff:ff:ff
3: eno33554984: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT qlen 1000
link/ether 00:0c:29:dd:c1:a6 brd ff:ff:ff:ff:ff:ff
# ip link set eno33554984 up
# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:dd:c1:9c brd ff:ff:ff:ff:ff:ff
3: eno33554984: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:dd:c1:a6 brd ff:ff:ff:ff:ff:ff
(3)multicast on或multicast off:启用或禁用多播功能;
# 关闭后可以看到没有UP选项,表示此网卡已关闭
(4)name NAME:重命名接口
# ip link set eno33554984 down
# ip link set eno33554984 name eno666777888
# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:dd:c1:9c brd ff:ff:ff:ff:ff:ff
3: eno666777888: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT qlen 1000
link/ether 00:0c:29:dd:c1:a6 brd ff:ff:ff:ff:ff:ff
# 改名时需要关闭网卡设备
(5)mtu NUMBER:设置MTU的大小,默认为1500;
# ip link set eno666777888 mtu 1000
# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:dd:c1:9c brd ff:ff:ff:ff:ff:ff
3: eno666777888: <BROADCAST,MULTICAST> mtu 1000 qdisc pfifo_fast state DOWN mode DEFAULT qlen 1000
link/ether 00:0c:29:dd:c1:a6 brd ff:ff:ff:ff:ff:ff
(6)netns PID:ns为namespace,用于将接口移动到指定的网络名称空间;(在后面会详细讲解)
2、ip link show:列出设备属性
# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:dd:c1:9c brd ff:ff:ff:ff:ff:ff
3: eno666777888: <BROADCAST,MULTICAST> mtu 1000 qdisc pfifo_fast state DOWN mode DEFAULT qlen 1000
link/ether 00:0c:29:dd:c1:a6 brd ff:ff:ff:ff:ff:ff
# ip link show eno666777888
3: eno666777888: <BROADCAST,MULTICAST> mtu 1000 qdisc pfifo_fast state DOWN mode DEFAULT qlen 1000
link/ether 00:0c:29:dd:c1:a6 brd ff:ff:ff:ff:ff:ff
3、 ip link help:显示简要使用帮助
b、ip netns # 注意:此命令仅在CentOS 7中支持
管理网络名称空间(manage network namespaces)
ip netns list:列出所有的netns
# ip netns list
myspace
ip netns add NAME:创建指定的netns
# ip netns add space1
# ip netns list
space1
myspace
ip netns del NAME:删除指定的netns
# ip netns del myspace
# ip netns list
space1
ip netns exec NAME COMMAND:在指定的netns中运行命令
# ip link set eno666777888 netns space1
# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:dd:c1:9c brd ff:ff:ff:ff:ff:ff
# 加入名称空间后 使用ip link show查看,可以看到此处看不到了eno66677788
# ip netns exec space1 ip link show
1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN mode DEFAULT
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
3: eno666777888: <BROADCAST,MULTICAST> mtu 1000 qdisc noop state DOWN mode DEFAULT qlen 1000
link/ether 00:0c:29:dd:c1:a6 brd ff:ff:ff:ff:ff:ff
# 使用此命令可以查看名称空间space1中的网卡设备
c、ip address
协议地址管理(protocol address management)
ip address add:添加新的协议地址
[label NAME]:为额外添加的地址指明接口别名
# ip add add label eno33554984:0 10.0.0.100/8 dev eno33554984
# ifconfig
eno16777736: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.18.250.108 netmask 255.255.0.0 broadcast 172.18.255.255
inet6 fe80::20c:29ff:fedd:c19c prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:dd:c1:9c txqueuelen 1000 (Ethernet)
RX packets 372250 bytes 39402750 (37.5 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 9582 bytes 1347144 (1.2 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eno33554984: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1000
inet 192.168.200.2 netmask 255.255.255.0 broadcast 0.0.0.0
ether 00:0c:29:dd:c1:a6 txqueuelen 1000 (Ethernet)
RX packets 344492 bytes 36539558 (34.8 MiB)
RX errors 0 dropped 365 overruns 0 frame 0
TX packets 48 bytes 4500 (4.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eno33554984:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1000
inet 10.0.0.100 netmask 255.0.0.0 broadcast 0.0.0.0
ether 00:0c:29:dd:c1:a6 txqueuelen 1000 (Ethernet)
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 76 bytes 6460 (6.3 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 76 bytes 6460 (6.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[broadcast ADDRESS]:广播地址;会根据IP和NETMASK自动计算得到
[scope SCOPE_VALUE]:作用域,默认设置为global
global:全局可用;
link:接口可用;
host:仅本机可用;
# ip addr show eno33554984
3: eno33554984: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1000 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:dd:c1:a6 brd ff:ff:ff:ff:ff:ff
inet 192.168.200.2/24 scope global eno33554984
valid_lft forever preferred_lft forever
inet 10.0.0.100/8 scope global eno33554984:0
valid_lft forever preferred_lft forever
inet 10.0.0.200/8 scope global secondary eno33554984
valid_lft forever preferred_lft forever
ip address delete:删除协议地址
# ip addr show eno33554984
3: eno33554984: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1000 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:dd:c1:a6 brd ff:ff:ff:ff:ff:ff
inet 192.168.200.2/24 scope global eno33554984
valid_lft forever preferred_lft forever
inet 10.0.0.100/8 scope global eno33554984:0
valid_lft forever preferred_lft forever
inet 10.0.0.200/8 scope global secondary eno33554984
valid_lft forever preferred_lft forever
# ip add del 192.168.200.2/24 dev eno33554984
# ip addr show eno33554984
3: eno33554984: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1000 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:dd:c1:a6 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.100/8 scope global eno33554984:0
valid_lft forever preferred_lft forever
inet 10.0.0.200/8 scope global secondary eno33554984
valid_lft forever preferred_lft forever
ip address show:查看协议地址
# ip add show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:dd:c1:9c brd ff:ff:ff:ff:ff:ff
inet 172.18.250.108/16 brd 172.18.255.255 scope global dynamic eno16777736
valid_lft 63185sec preferred_lft 63185sec
inet6 fe80::20c:29ff:fedd:c19c/64 scope link
valid_lft forever preferred_lft forever
3: eno33554984: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1000 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:dd:c1:a6 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.100/8 scope global eno33554984:0
valid_lft forever preferred_lft forever
inet 10.0.0.200/8 scope global secondary eno33554984
valid_lft forever preferred_lft forever
ip address flush:清除协议地址(清除某设备上的所有地址)
# ip add show eno33554984
3: eno33554984: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1000 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:dd:c1:a6 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.100/8 scope global eno33554984:0
valid_lft forever preferred_lft forever
inet 10.0.0.200/8 scope global secondary eno33554984
valid_lft forever preferred_lft forever
# ip add flush dev eno33554984
# ip add show eno33554984
3: eno33554984: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1000 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:dd:c1:a6 brd ff:ff:ff:ff:ff:ff
d、ip route
路由表管理(routing table management)
ip route add:添加新的路由
# ip route add 20.0.0.0/8 via 10.0.0.20 dev eno33554984
# ip route show
default via 172.18.0.1 dev eno16777736 proto static metric 100
10.0.0.0/8 dev eno33554984 proto kernel scope link src 10.0.0.200
20.0.0.0/8 via 10.0.0.20 dev eno33554984
172.18.0.0/16 dev eno16777736 proto kernel scope link src 172.18.250.108 metric 100
192.168.20.0/24 dev eno33554984 proto kernel scope link src 192.168.20.2
192.168.100.0/24 dev eno33554984 proto kernel scope link src 192.168.100.2
ip route change:修改路由
# ip route change 20.0.0.0/8 via 172.18.250.108 dev eno16777736
# ip route show
default via 172.18.0.1 dev eno16777736 proto static metric 100
10.0.0.0/8 dev eno33554984 proto kernel scope link src 10.0.0.200
20.0.0.0/8 via 172.18.250.108 dev eno16777736
172.18.0.0/16 dev eno16777736 proto kernel scope link src 172.18.250.108 metric 100
192.168.20.0/24 dev eno33554984 proto kernel scope link src 192.168.20.2
192.168.100.0/24 dev eno33554984 proto kernel scope link src 192.168.100.2
ip route replace:改变或者添加新的路由(表示如果没有就新添加)
ip route add TYPE PREFIX via GW [dev IFACE] [src SOURCE_IP]
ip route delete:删除路由
# ip route show
default via 172.18.0.1 dev eno16777736 proto static metric 100
10.0.0.0/8 dev eno33554984 proto kernel scope link src 10.0.0.200
20.0.0.0/8 via 172.18.250.108 dev eno16777736
172.18.0.0/16 dev eno16777736 proto kernel scope link src 172.18.250.108 metric 100
192.168.20.0/24 dev eno33554984 proto kernel scope link src 192.168.20.2
192.168.100.0/24 dev eno33554984 proto kernel scope link src 192.168.100.2
# ip route del 10.0.0.0/8
# ip route show
default via 172.18.0.1 dev eno16777736 proto static metric 100
20.0.0.0/8 via 172.18.250.108 dev eno16777736
172.18.0.0/16 dev eno16777736 proto kernel scope link src 172.18.250.108 metric 100
192.168.20.0/24 dev eno33554984 proto kernel scope link src 192.168.20.2
192.168.100.0/24 dev eno33554984 proto kernel scope link src 192.168.100.2
ip route show:查看路由
ip route flush:删除路由表
# ip route flush 192.168.100/24
# ip route show
default via 172.18.0.1 dev eno16777736 proto static metric 100
20.0.0.0/8 via 172.18.250.108 dev eno16777736
172.18.0.0/16 dev eno16777736 proto kernel scope link src 172.18.250.108 metric 100
192.168.20.0/24 dev eno33554984 proto kernel scope link src 192.168.20.2
ip route get:查看一条路由
# ip route get 20.0.0.0/8
20.0.0.0 dev eno16777736 src 172.18.250.108
cache
2、ss命令
另一个套接字管理程序(another utility to investigate sockets)
ss [options] [FILTER]
选项:
-t:TCP协议的相关连接
-u:UDP相关的连接
-w:raw socket相关的连接
-l:监听状态的连接
-a:所有状态的连接
-n:数字格式
-p:相关的程序及其PID
-e:扩展格式信息
-m:内存用量
-o:计时器信息
# 用法与netstat相同,组合方式也可以参照netstat
常用组合:-tan,-una,-tnl,-unl,-tunlp,-antup
# ss -tan
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 128 127.0.0.1:631 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 127.0.0.1:6010 *:*
LISTEN 0 128 127.0.0.1:6011 *:*
ESTAB 0 52 172.18.250.108:22 172.18.4.1:49701
ESTAB 0 0 172.18.250.108:22 172.18.4.1:49924
LISTEN 0 128 :::22 :::*
LISTEN 0 128 ::1:631 :::*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 128 ::1:6010 :::*
LISTEN 0 128 ::1:6011 :::*
# ss -uan
State Recv-Q Send-Q Local Address:Port Peer Address:Port
UNCONN 0 0 *:10042 *:*
UNCONN 0 0 127.0.0.1:323 *:*
UNCONN 0 0 *:68 *:*
UNCONN 0 0 ::1:323 :::*
UNCONN 0 0 :::50626 :::*
FILTER := [ state TCP-STATE ] [ EXPRESSION ]
[EXPRESSION]
dport =
sport =
# ss -tan '( dport = 22 or sport = 22 )'
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
ESTAB 0 52 172.18.250.108:22 172.18.4.1:49701
ESTAB 0 0 172.18.250.108:22 172.18.4.1:49924
LISTEN 0 128 :::22 :::*
四、管理网络属性之配置文件
IP/NETMASK/GW/DNS等配置文件:/etc/sysconfig/network-scripts/ifcfg-IFACE
路由相关的配置文件:/etc/sysconfig/networkj-scripts/route-IFACE
命令方式修改:
CentOS 6:system-config-network
setup
CentOS 7:nmtui
ifcfg-IFACE文件中的参数:
DEVICE:此配置文件对应的设备的名称;
ONBOOT:在系统引导过程中,是否激活此接口;
UUID:此设备的惟一标识;
IPV6INIT:是否初始化IPv6;
BOOTPROTO:激活此接口时使用什么协议来配置接口属性,常用的有dhcp、bootp、static、none;
TYPE:接口类型,常见的有Ethernet, Bridge;
DNS1:第一DNS服务器指向;
DNS2:备用DNS服务器指向;
DOMAIN:DNS搜索域;
IPADDR: IP地址;
NETMASK:子网掩码;CentOS 7支持使用PREFIX以长度方式指明子网掩码;
GATEWAY:默认网关;
USERCTL:是否允许普通用户控制此设备;
PEERDNS:如果BOOTPROTO的值为“dhcp”,是否允许dhcp_server分配的dns服务器指向覆盖本地手动指定的DNS服务器指向;默认为允许;
HWADDR:设备的MAC地址;
NM_CONTROLLED:是否使用NetworkManager服务来控制接口;
示例:
CentOS 7:
IPV6INIT=yes
BOOTPROTO=none
DEVICE=eno16777736
ONBOOT=yes
UUID=fc03aa9a-32b4-4d25-9576-288a0e3cd39a
TYPE=Ethernet
DEFROUTE=yes
NAME="System eno16777736"
PEERDNS=yes
IPADDR=172.18.4.1
PREFIX=8
GATEWAY=172.18.0.1
DNS1=202.106.0.20
DNS2=172.18.0.1
CentOS 6:
DEVICE=eth0
HWADDR=00:0C:29:69:45:7B
TYPE=Ethernet
UUID=1e9d304f-319a-4467-ac3c-67159f182f33
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=dhcp
网络服务:
network
NetworkManger
管理网络服务:
CentOS 6: service {network|NetworkManager} {start|stop|restart|status}
# cat /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=none
IPADDR=10.0.0.100
PREFIX=8
GATEWAY=10.0.0.1
DNS1=202.106.0.20
# service network restart
Shutting down interface eth0: [ OK ]
Shutting down interface eth1: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0:
Determining IP information for eth0... done.
[ OK ]
Bringing up interface eth1: Determining ip address 10.0.0.100 is already in use for device eth1.. [ OK ]
# ifconfig eth1
eth1 Link encap:Ethernet HWaddr 00:0C:29:69:45:85
inet addr:10.0.0.100 Bcast:10.255.255.255 Mask:255.0.0.0
inet6 addr: fe80::20c:29ff:fe69:4585/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:411362 errors:0 dropped:0 overruns:0 frame:0
TX packets:240 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:44602847 (42.5 MiB) TX bytes:28728 (28.0 KiB)
CentOS 7: systemctl {start|stop|restart|status} {network|NetworkManager}.service
# cat /etc/sysconfig/network-scripts/ifcfg-eno33554984
# Generated by parse-kickstart
BOOTPROTO=none
DEVICE=eno33554984
ONBOOT=yes
TYPE=Ethernet
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
NAME="System eno33554984"
PEERDNS=yes
PEERROUTES=yes
IPADDR=20.0.0.100
PREFIX=24
GATEWAY=20.0.0.1
DNS1=202.106.0.20
# systemctl restart network.service
# ifconfig eno33554984
eno33554984: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1000
inet 20.0.0.100 netmask 255.255.255.0 broadcast 20.0.0.255
ether 00:0c:29:dd:c1:a6 txqueuelen 1000 (Ethernet)
RX packets 406943 bytes 44125370 (42.0 MiB)
RX errors 0 dropped 635 overruns 0 frame 0
TX packets 50 bytes 4620 (4.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
配置文件配置路由:/etc/sysconfig/network-scripts/route-IFACE
支持两种配置方式,但不可混用;
(1) 每行一个路由条目:
TARGET via GW
# cat /etc/sysconfig/network-scripts/route-eno33554984
172.0.0.0/8 via 20.0.0.100
# systemctl restart network.service
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.18.0.1 0.0.0.0 UG 100 0 0 eno16777736
0.0.0.0 20.0.0.1 0.0.0.0 UG 101 0 0 eno33554984
20.0.0.0 0.0.0.0 255.255.255.0 U 100 0 0 eno33554984
172.0.0.0 20.0.0.100 255.0.0.0 UG 100 0 0 eno33554984
172.18.0.0 0.0.0.0 255.255.0.0 U 100 0 0 eno16777736
(2) 每三行一个路由条目:
ADDRESS#=TARGET
NETMASK#=MASK
GATEWAY#=NEXTHOP
# cat /etc/sysconfig/network-scripts/route-eno33554984
ADDRESS0=11.0.0.0
NETMASK0=255.0.0.0
GATEWAY0=20.0.0.100
# systemctl restart network.service
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.18.0.1 0.0.0.0 UG 100 0 0 eno16777736
0.0.0.0 20.0.0.1 0.0.0.0 UG 101 0 0 eno33554984
11.0.0.0 20.0.0.100 255.0.0.0 UG 100 0 0 eno33554984
20.0.0.0 0.0.0.0 255.255.255.0 U 100 0 0 eno33554984
172.18.0.0 0.0.0.0 255.255.0.0 U 100 0 0 eno16777736
对于CentOS 7的网络属性管理就写到这里了,感觉写的不错可以给点个赞。
作者: Ace
QQ1257465991
Linux运维攻城狮一只
Q/A:如有问题请慷慨提出
(责任编辑:IT)
一、简单介绍 在CentOS 7中对网络管理还是有不少变化的,例如管理服务的命令变为systemctl,许多命令可以更改后直接生效,还有许多独有的工具,本文以CentOS 6与CentOS 7对比进行讲解,下面现总体介绍一下网络属性配置工具。 ifcfg家族 ifcofnig:配置IP,NETMASK route:路由 netstat:状态及统计数据查看 iproute家族 ip OBJECT: addr: 地址和掩码 link:接口 route:路由 ss:状态及统计数据查看 CentOS 7:nm(Network Manager)家族 nmcli:命令行工具 nmtui:text window工具 二、ifcfg家族配置管理 1、ifconfig命令:配置网络接口(configure a network interface)查看网络配置:ifconfig [-a] [interface] -a:查看当前系统上所有网络接口的状态及详细信息,包括inactive状态的接口 # ifconfig eno16777736: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.18.250.108 netmask 255.255.0.0 broadcast 172.18.255.255 inet6 fe80::20c:29ff:fedd:c19c prefixlen 64 scopeid 0x20<link> ether 00:0c:29:dd:c1:9c txqueuelen 1000 (Ethernet) RX packets 267796 bytes 27852817 (26.5 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 4268 bytes 556507 (543.4 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 0 (Local Loopback) RX packets 56 bytes 4760 (4.6 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 56 bytes 4760 (4.6 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 CentOS 7:ifconfig命令显示参数详解eno1677736:网卡名称 inet:ip地址 netmask:子网掩码 broadcast:广播地址 UP:网卡表示激活状态 BROADCAST:支持广播功能 MULTICAST:支持组播功能 RUNNING:处于运行状态 mtu:网卡的最大传输单元 inet6:表示IPV6地址 ether:以太网地址,表示mac地址 txqueuelen:传输队列长度 RX packets 267796 bytes 27852817 (26.5 MiB):接收到报文的数量,后面表示接 收到所有报文的大小 RX errors:接收到错误报文的个数 dropped:丢包的数量 overruns:溢出的 TX packets 4268 bytes 556507 (543.4 KiB):传出到报文的数量,后面表示传出所 有报文的大小 TX errors:传出报文的错误数量 dropped:发送出去丢包数量 此处为CentOS 6上使用ifconfig的显示(注意:不标明的都默认指CentOS7,当与CentOS不同时会标注) # ifconfig eth0 Link encap:Ethernet HWaddr 00:0C:29:69:45:7B inet addr:172.18.251.87 Bcast:172.18.255.255 Mask:255.255.0.0 inet6 addr: fe80::20c:29ff:fe69:457b/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:303612 errors:0 dropped:0 overruns:0 frame:0 TX packets:2296 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:31934172 (30.4 MiB) TX bytes:261862 (255.7 KiB) eth1 Link encap:Ethernet HWaddr 00:0C:29:69:45:85 inet addr:192.168.200.3 Bcast:192.168.200.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fe69:4585/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:292609 errors:0 dropped:0 overruns:0 frame:0 TX packets:202 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:30767674 (29.3 MiB) TX bytes:26126 (25.5 KiB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) CentOS 6:ifconfig命令显示参数详解eth0:网卡名称 Link encap:接口类型 inet addr:ip地址 Bcast:广播地址 Mask:子网掩码 inet6 addr:IPV6地址 UP:网卡表示激活状态 BROADCAST:支持广播功能 MULTICAST:支持组播功能 RUNNING:处于运行状态 mtu:网卡的最大传输单元 ether:以太网地址,表示mac地址 txqueuelen:传输队列长度 RX packets 接收到报文的数量 errors:接收到错误报文的个数 dropped:丢包的数量 overruns:溢出的 TX packets 传出到报文的数量 errors:传出报文的错误数量 dropped:丢包的数量 overruns:溢出的 RX bytes: 接收到报文的总大小 TX bytes: 传输报文的总大小 # ifconfig -a eno16777736: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.18.250.108 netmask 255.255.0.0 broadcast 172.18.255.255 inet6 fe80::20c:29ff:fedd:c19c prefixlen 64 scopeid 0x20<link> ether 00:0c:29:dd:c1:9c txqueuelen 1000 (Ethernet) RX packets 267877 bytes 27861934 (26.5 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 4283 bytes 559025 (545.9 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 eno33554984: flags=4098<BROADCAST,MULTICAST> mtu 1500 ether 00:0c:29:dd:c1:a6 txqueuelen 1000 (Ethernet) RX packets 257603 bytes 26825123 (25.5 MiB) RX errors 0 dropped 269 overruns 0 frame 0 TX packets 38 bytes 3900 (3.8 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 0 (Local Loopback) RX packets 56 bytes 4760 (4.6 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 56 bytes 4760 (4.6 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 可以指定接口名称,进行单独查看 # ifconfig eno33554984 eno33554984: flags=4098<BROADCAST,MULTICAST> mtu 1500 ether 00:0c:29:dd:c1:a6 txqueuelen 1000 (Ethernet) RX packets 257603 bytes 26825123 (25.5 MiB) RX errors 0 dropped 269 overruns 0 frame 0 TX packets 38 bytes 3900 (3.8 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 修改网络配置:ifconfig [-v] interface [aftype] options | address … 方式一: # ifconfig eno33554984 192.168.200.5/24 up # ifconfig eno33554984 eno33554984: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.200.5 netmask 255.255.255.0 broadcast 192.168.200.255 ether 00:0c:29:dd:c1:a6 txqueuelen 1000 (Ethernet) RX packets 259004 bytes 26985088 (25.7 MiB) RX errors 0 dropped 271 overruns 0 frame 0 TX packets 40 bytes 4020 (3.9 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 # 注意此配置仅限临时生效,重启网络服务或者重启系统,内核会重读配置文件,将配置文件中的参数在执行一遍. 方式二: # ifconfig eno33554984 192.168.100.5 netmask 255.255.255.0 up # ifconfig eno33554984 eno33554984: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.100.5 netmask 255.255.255.0 broadcast 192.168.100.255 ether 00:0c:29:dd:c1:a6 txqueuelen 1000 (Ethernet) RX packets 260398 bytes 27138591 (25.8 MiB) RX errors 0 dropped 273 overruns 0 frame 0 TX packets 40 bytes 4020 (3.9 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 2、route命令:查看及管理路由(route – show / manipulate the IP routing table)命令格式:route add [-net|-host] target [netmask Nm] [gw GW] [[dev] If] -net:表示添加网络路由 -host:表示添加主机路由 gw:为默认网关 查看: route -n # route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 172.18.0.1 0.0.0.0 UG 100 0 0 eno16777736 172.18.0.0 0.0.0.0 255.255.0.0 U 100 0 0 eno16777736 192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eno33554984 添加路由:# route add -net 10.0.0.0/8 gw 192.168.100.5 dev eno33554984 # route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 172.18.0.1 0.0.0.0 UG 100 0 0 eno16777736 10.0.0.0 192.168.100.5 255.0.0.0 UG 0 0 0 eno33554984 172.18.0.0 0.0.0.0 255.255.0.0 U 100 0 0 eno16777736 192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eno33554984 删除路由:# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 172.18.0.1 0.0.0.0 UG 100 0 0 eno16777736 10.0.0.0 192.168.100.5 255.0.0.0 UG 0 0 0 eno33554984 172.18.0.0 0.0.0.0 255.255.0.0 U 100 0 0 eno16777736 192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eno33554984 # route del -net 10.0.0.0/8 # route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 172.18.0.1 0.0.0.0 UG 100 0 0 eno16777736 172.18.0.0 0.0.0.0 255.255.0.0 U 100 0 0 eno16777736 192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eno33554984 3、netstat命令:打印网络连接,路由表,接口等信息(Print network connections, routing tables, interface statis﹖ics, masquerade connections, and multicast memberships)显示网络连接:netstat [–tcp|-t] [–udp|-u] [–udplite|-U] [–sctp|-S] [–raw|-w] [–listening|-l] [–all|-a] [–numeric|-n] [–extend|-e[–extend|-e]] [–program|-p] -t:TCP协议的相关连接,连接均有其状态 -u:UDP协议相关的连接 -w:raw socket相关的;连接 -l:处于监听状态的连接 -a:所有状态 -n:以数字格式显示IP和Port -e:扩展格式 -p:显示相关的进程及PID # 常用组合: -tan,-una,-tnl,-unl,-tunlp,-antup # netstat -tan Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:6011 0.0.0.0:* LISTEN tcp 0 52 172.18.250.108:22 172.18.4.1:49701 ESTABLISHED tcp 0 0 172.18.250.108:22 172.18.4.1:49924 ESTABLISHED tcp6 0 0 :::22 :::* LISTEN tcp6 0 0 ::1:631 :::* LISTEN tcp6 0 0 ::1:25 :::* LISTEN tcp6 0 0 ::1:6010 :::* LISTEN tcp6 0 0 ::1:6011 :::* LISTEN # netstat -uan Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State udp 0 0 0.0.0.0:10042 0.0.0.0:* udp 0 0 127.0.0.1:323 0.0.0.0:* udp 0 0 0.0.0.0:68 0.0.0.0:* udp6 0 0 ::1:323 :::* udp6 0 0 :::50626 :::* # netstat -tunlp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1054/sshd tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1052/cupsd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1143/master tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 1190/sshd: root@pts tcp 0 0 127.0.0.1:6011 0.0.0.0:* LISTEN 5116/sshd: root@pts tcp6 0 0 :::22 :::* LISTEN 1054/sshd tcp6 0 0 ::1:631 :::* LISTEN 1052/cupsd tcp6 0 0 ::1:25 :::* LISTEN 1143/master tcp6 0 0 ::1:6010 :::* LISTEN 1190/sshd: root@pts tcp6 0 0 ::1:6011 :::* LISTEN 5116/sshd: root@pts udp 0 0 0.0.0.0:10042 0.0.0.0:* 4399/dhclient udp 0 0 127.0.0.1:323 0.0.0.0:* 752/chronyd udp 0 0 0.0.0.0:68 0.0.0.0:* 4399/dhclient udp6 0 0 ::1:323 :::* 752/chronyd udp6 0 0 :::50626 :::* 4399/dhclient # netstat -antup Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1054/sshd tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1052/cupsd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1143/master tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 1190/sshd: root@pts tcp 0 0 127.0.0.1:6011 0.0.0.0:* LISTEN 5116/sshd: root@pts tcp 0 52 172.18.250.108:22 172.18.4.1:49701 ESTABLISHED 1190/sshd: root@pts tcp 0 0 172.18.250.108:22 172.18.4.1:49924 ESTABLISHED 5116/sshd: root@pts tcp6 0 0 :::22 :::* LISTEN 1054/sshd tcp6 0 0 ::1:631 :::* LISTEN 1052/cupsd tcp6 0 0 ::1:25 :::* LISTEN 1143/master tcp6 0 0 ::1:6010 :::* LISTEN 1190/sshd: root@pts tcp6 0 0 ::1:6011 :::* LISTEN 5116/sshd: root@pts udp 0 0 0.0.0.0:10042 0.0.0.0:* 4399/dhclient udp 0 0 127.0.0.1:323 0.0.0.0:* 752/chronyd udp 0 0 0.0.0.0:68 0.0.0.0:* 4399/dhclient udp6 0 0 ::1:323 :::* 752/chronyd udp6 0 0 :::50626 :::* 4399/dhclient 显示路由表:netstat -rn-r:显示内核路由表 -n:数字格式显示
# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 172.18.0.1 0.0.0.0 UG 0 0 0 eno16777736
10.0.0.0 192.168.100.5 255.0.0.0 UG 0 0 0 eno33554984
172.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eno16777736
192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eno33554984
显示借口的统计数据:netstat {–interfaces|-I|-i} [iface] [–all|-a] [–extend|-e] [–verbose|-v] [–program|-p] [–numeric|-n] 所有接口: netstat -i # netstat -i Kernel Interface table Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg eno16777 1500 295676 0 0 0 5992 0 0 0 BMRU eno33554 1500 281789 0 313 0 40 0 0 0 BMRU lo 65536 60 0 0 0 60 0 0 0 LRU 具体值: Iface:借口 MTU:最大传输单元 RX-OK:成功接收报文的数量 RX-ERR:失败的传输报文的数量 RX-DRP:接收丢弃的报文数量 RX-OVR:接收溢出的报文数量 TX-OK:成功传输报文的数量 TX-ERR:失败的传输报文的数量 TX-DRP:传出丢弃的传输数量 TX-OVR:传出溢出的传输数量 Flg:标志 4、ifup/ifdown命令:# 注意:通过配置文件/etc/sysconfig/network-scripts/ifcfg-IFACE来识别接口并完成配置 # 此处在显示上CentOS 6与CentOS 7有所不同 CentOS 6: 在使用ifdown命令时,禁用的接口用ifconfig命令显示不出来,且在显示中也没有UP选项,如需显示需要指定接口或者使用-a选项 # ifconfig eth0 Link encap:Ethernet HWaddr 00:0C:29:69:45:7B inet addr:172.18.251.87 Bcast:172.18.255.255 Mask:255.255.0.0 inet6 addr: fe80::20c:29ff:fe69:457b/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:320170 errors:0 dropped:0 overruns:0 frame:0 TX packets:2653 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:33769657 (32.2 MiB) TX bytes:313476 (306.1 KiB) eth1 Link encap:Ethernet HWaddr 00:0C:29:69:45:85 inet addr:192.168.200.3 Bcast:192.168.200.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fe69:4585/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:306513 errors:0 dropped:0 overruns:0 frame:0 TX packets:218 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:32321812 (30.8 MiB) TX bytes:27212 (26.5 KiB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) # ifdown eth1 # ifconfig eth0 Link encap:Ethernet HWaddr 00:0C:29:69:45:7B inet addr:172.18.251.87 Bcast:172.18.255.255 Mask:255.255.0.0 inet6 addr: fe80::20c:29ff:fe69:457b/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:319600 errors:0 dropped:0 overruns:0 frame:0 TX packets:2601 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:33705819 (32.1 MiB) TX bytes:305610 (298.4 KiB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) # ifconfig eth1 eth1 Link encap:Ethernet HWaddr 00:0C:29:69:45:85 BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:306469 errors:0 dropped:0 overruns:0 frame:0 TX packets:211 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:32316117 (30.8 MiB) TX bytes:26744 (26.1 KiB) # ifup eth1 Determining if ip address 192.168.200.3 is already in use for device eth1... # ifconfig eth1 eth1 Link encap:Ethernet HWaddr 00:0C:29:69:45:85 inet addr:192.168.200.3 Bcast:192.168.200.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fe69:4585/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:308152 errors:0 dropped:0 overruns:0 frame:0 TX packets:230 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:32503780 (30.9 MiB) TX bytes:28040 (27.3 KiB) CentOS 7:在CentOS 7 上用ifdown命令禁用网卡UP选项不会消失,但是IP没有显示,此处与CentOS 6相同 # ifconfig eno33554984 eno33554984: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.100.3 netmask 255.255.255.0 broadcast 192.168.100.255 ether 00:0c:29:dd:c1:a6 txqueuelen 1000 (Ethernet) RX packets 313238 bytes 33067566 (31.5 MiB) RX errors 0 dropped 349 overruns 0 frame 0 TX packets 42 bytes 4140 (4.0 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 # ifdown eno33554984 Device 'eno33554984' successfully disconnected. # ifconfig eno16777736: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.18.250.108 netmask 255.255.0.0 broadcast 172.18.255.255 inet6 fe80::20c:29ff:fedd:c19c prefixlen 64 scopeid 0x20<link> ether 00:0c:29:dd:c1:9c txqueuelen 1000 (Ethernet) RX packets 327832 bytes 34538419 (32.9 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 6428 bytes 919810 (898.2 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 eno33554984: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 ether 00:0c:29:dd:c1:a6 txqueuelen 1000 (Ethernet) RX packets 313451 bytes 33089849 (31.5 MiB) RX errors 0 dropped 349 overruns 0 frame 0 TX packets 42 bytes 4140 (4.0 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 0 (Local Loopback) RX packets 64 bytes 5440 (5.3 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 64 bytes 5440 (5.3 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 # ifup eno33554984 Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/12) # ifconfig eno33554984 eno33554984: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.100.3 netmask 255.255.255.0 broadcast 192.168.100.255 ether 00:0c:29:dd:c1:a6 txqueuelen 1000 (Ethernet) RX packets 314723 bytes 33233696 (31.6 MiB) RX errors 0 dropped 349 overruns 0 frame 0 TX packets 44 bytes 4260 (4.1 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 5、配置主机名:hostname命令: 查看:hostname 配置:hostname HOSTNAME 当前系统有效,重启后无效 # hostname centos6.7 # hostname myserver # hostname myserver hostnamectl命令(CentOS 7): hostnamectl status:显示当前主机名信息 hostnamectl set-hostname:设定主机名,永久有效 # hostnamectl status Static hostname: centos7 Icon name: computer-vm Chassis: vm Machine ID: 94b3ec34f75d44df93cc011c79159864 Boot ID: 174d10ff65ef4f7d82721fc7b08f6bf7 Virtualization: vmware Operating System: CentOS Linux 7 (Core) CPE OS Name: cpe:/o:centos:centos:7 Kernel: Linux 3.10.0-327.el7.x86_64 Architecture: x86-64 # hostnamectl set-hostname centos7.2 # hostnamectl status Static hostname: centos7.2 Icon name: computer-vm Chassis: vm Machine ID: 94b3ec34f75d44df93cc011c79159864 Boot ID: 174d10ff65ef4f7d82721fc7b08f6bf7 Virtualization: vmware Operating System: CentOS Linux 7 (Core) CPE OS Name: cpe:/o:centos:centos:7 Kernel: Linux 3.10.0-327.el7.x86_64 Architecture: x86-64 # 注意hostname在Centos 7上面也可以使用,但是设置后显示临时主机名 例: # hostnamectl status Static hostname: centos7.2 Icon name: computer-vm Chassis: vm Machine ID: 94b3ec34f75d44df93cc011c79159864 Boot ID: 174d10ff65ef4f7d82721fc7b08f6bf7 Virtualization: vmware Operating System: CentOS Linux 7 (Core) CPE OS Name: cpe:/o:centos:centos:7 Kernel: Linux 3.10.0-327.el7.x86_64 Architecture: x86-64 # hostname centos777 # hostnamectl status Static hostname: centos7.2 Transient hostname: hello Icon name: computer-vm Chassis: vm Machine ID: 94b3ec34f75d44df93cc011c79159864 Boot ID: 174d10ff65ef4f7d82721fc7b08f6bf7 Virtualization: vmware Operating System: CentOS Linux 7 (Core) CPE OS Name: cpe:/o:centos:centos:7 Kernel: Linux 3.10.0-327.el7.x86_64 Architecture: x86-64 # hostname centos777 配置文件: CentOS6:/etc/sysconfig/network HOSTNAME=<HOSTNAME> # hostname myserver # vim /etc/sysconfig/network # cat /etc/sysconfig/network NETWORKING=yes HOSTNAME=mycentos6 # hostname myserver CentOS7:/etc/hostname HOSTNAME # hostnamectl status Static hostname: centos7 Icon name: computer-vm Chassis: vm Machine ID: 94b3ec34f75d44df93cc011c79159864 Boot ID: 174d10ff65ef4f7d82721fc7b08f6bf7 Virtualization: vmware Operating System: CentOS Linux 7 (Core) CPE OS Name: cpe:/o:centos:centos:7 Kernel: Linux 3.10.0-327.el7.x86_64 Architecture: x86-64 # vim /etc/hostname # cat /etc/hostname mycentos7 # hostnamectl status Static hostname: centos7 Icon name: computer-vm Chassis: vm Machine ID: 94b3ec34f75d44df93cc011c79159864 Boot ID: 174d10ff65ef4f7d82721fc7b08f6bf7 Virtualization: vmware Operating System: CentOS Linux 7 (Core) CPE OS Name: cpe:/o:centos:centos:7 Kernel: Linux 3.10.0-327.el7.x86_64 Architecture: x86-64 # 注意:在CentOS 6中此方法不会立即生效,但是在CentOS 7中会立即生效 6、配置DNS服务器指向: 配置文件:/etc/resolv.conf nameserverDNS_SERVER_IP 如何测试(host/nslookup/dig): # dig -t A FQDN FQDN –> IP # dig -x IP IP –> FQDN # dig 命令的好处在于,他不检查hosts文件中的定义,直接去dns服务器解析 三、iproute家族配置管理 1、ip命令show / manipulate routing, devices, policy routing and tunnels 查看和配置 路由表、设备、策略路由等 ip [ OPTIONS ] OBJECT { COMMAND | help } OBJECT := { link | addr | route | netns } a、ip link 网络设备配置(network device configuration) 1、 ip link set:改变设备属性 (1)dev NAME (default):指明要管理的设备,dev关键字可省略; (2)up和down: # ip link set eno33554984 down # ip link show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000 link/ether 00:0c:29:dd:c1:9c brd ff:ff:ff:ff:ff:ff 3: eno33554984: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT qlen 1000 link/ether 00:0c:29:dd:c1:a6 brd ff:ff:ff:ff:ff:ff # ip link set eno33554984 up # ip link show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000 link/ether 00:0c:29:dd:c1:9c brd ff:ff:ff:ff:ff:ff 3: eno33554984: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000 link/ether 00:0c:29:dd:c1:a6 brd ff:ff:ff:ff:ff:ff (3)multicast on或multicast off:启用或禁用多播功能; # 关闭后可以看到没有UP选项,表示此网卡已关闭 (4)name NAME:重命名接口 # ip link set eno33554984 down # ip link set eno33554984 name eno666777888 # ip link show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000 link/ether 00:0c:29:dd:c1:9c brd ff:ff:ff:ff:ff:ff 3: eno666777888: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT qlen 1000 link/ether 00:0c:29:dd:c1:a6 brd ff:ff:ff:ff:ff:ff # 改名时需要关闭网卡设备 (5)mtu NUMBER:设置MTU的大小,默认为1500; # ip link set eno666777888 mtu 1000 # ip link show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000 link/ether 00:0c:29:dd:c1:9c brd ff:ff:ff:ff:ff:ff 3: eno666777888: <BROADCAST,MULTICAST> mtu 1000 qdisc pfifo_fast state DOWN mode DEFAULT qlen 1000 link/ether 00:0c:29:dd:c1:a6 brd ff:ff:ff:ff:ff:ff (6)netns PID:ns为namespace,用于将接口移动到指定的网络名称空间;(在后面会详细讲解) 2、ip link show:列出设备属性 # ip link show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000 link/ether 00:0c:29:dd:c1:9c brd ff:ff:ff:ff:ff:ff 3: eno666777888: <BROADCAST,MULTICAST> mtu 1000 qdisc pfifo_fast state DOWN mode DEFAULT qlen 1000 link/ether 00:0c:29:dd:c1:a6 brd ff:ff:ff:ff:ff:ff # ip link show eno666777888 3: eno666777888: <BROADCAST,MULTICAST> mtu 1000 qdisc pfifo_fast state DOWN mode DEFAULT qlen 1000 link/ether 00:0c:29:dd:c1:a6 brd ff:ff:ff:ff:ff:ff 3、 ip link help:显示简要使用帮助 b、ip netns # 注意:此命令仅在CentOS 7中支持管理网络名称空间(manage network namespaces) ip netns list:列出所有的netns # ip netns list myspace ip netns add NAME:创建指定的netns # ip netns add space1 # ip netns list space1 myspace ip netns del NAME:删除指定的netns # ip netns del myspace # ip netns list space1 ip netns exec NAME COMMAND:在指定的netns中运行命令 # ip link set eno666777888 netns space1 # ip link show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000 link/ether 00:0c:29:dd:c1:9c brd ff:ff:ff:ff:ff:ff # 加入名称空间后 使用ip link show查看,可以看到此处看不到了eno66677788 # ip netns exec space1 ip link show 1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN mode DEFAULT link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 3: eno666777888: <BROADCAST,MULTICAST> mtu 1000 qdisc noop state DOWN mode DEFAULT qlen 1000 link/ether 00:0c:29:dd:c1:a6 brd ff:ff:ff:ff:ff:ff # 使用此命令可以查看名称空间space1中的网卡设备 c、ip address协议地址管理(protocol address management) ip address add:添加新的协议地址 [label NAME]:为额外添加的地址指明接口别名 # ip add add label eno33554984:0 10.0.0.100/8 dev eno33554984 # ifconfig eno16777736: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.18.250.108 netmask 255.255.0.0 broadcast 172.18.255.255 inet6 fe80::20c:29ff:fedd:c19c prefixlen 64 scopeid 0x20<link> ether 00:0c:29:dd:c1:9c txqueuelen 1000 (Ethernet) RX packets 372250 bytes 39402750 (37.5 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 9582 bytes 1347144 (1.2 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 eno33554984: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1000 inet 192.168.200.2 netmask 255.255.255.0 broadcast 0.0.0.0 ether 00:0c:29:dd:c1:a6 txqueuelen 1000 (Ethernet) RX packets 344492 bytes 36539558 (34.8 MiB) RX errors 0 dropped 365 overruns 0 frame 0 TX packets 48 bytes 4500 (4.3 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 eno33554984:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1000 inet 10.0.0.100 netmask 255.0.0.0 broadcast 0.0.0.0 ether 00:0c:29:dd:c1:a6 txqueuelen 1000 (Ethernet) lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 0 (Local Loopback) RX packets 76 bytes 6460 (6.3 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 76 bytes 6460 (6.3 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [broadcast ADDRESS]:广播地址;会根据IP和NETMASK自动计算得到 [scope SCOPE_VALUE]:作用域,默认设置为global global:全局可用; link:接口可用; host:仅本机可用;
# ip addr show eno33554984
3: eno33554984: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1000 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:dd:c1:a6 brd ff:ff:ff:ff:ff:ff
inet 192.168.200.2/24 scope global eno33554984
valid_lft forever preferred_lft forever
inet 10.0.0.100/8 scope global eno33554984:0
valid_lft forever preferred_lft forever
inet 10.0.0.200/8 scope global secondary eno33554984
valid_lft forever preferred_lft forever
ip address delete:删除协议地址
# ip addr show eno33554984
3: eno33554984: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1000 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:dd:c1:a6 brd ff:ff:ff:ff:ff:ff
inet 192.168.200.2/24 scope global eno33554984
valid_lft forever preferred_lft forever
inet 10.0.0.100/8 scope global eno33554984:0
valid_lft forever preferred_lft forever
inet 10.0.0.200/8 scope global secondary eno33554984
valid_lft forever preferred_lft forever
# ip add del 192.168.200.2/24 dev eno33554984
# ip addr show eno33554984
3: eno33554984: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1000 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:dd:c1:a6 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.100/8 scope global eno33554984:0
valid_lft forever preferred_lft forever
inet 10.0.0.200/8 scope global secondary eno33554984
valid_lft forever preferred_lft forever
ip address show:查看协议地址 # ip add show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:dd:c1:9c brd ff:ff:ff:ff:ff:ff inet 172.18.250.108/16 brd 172.18.255.255 scope global dynamic eno16777736 valid_lft 63185sec preferred_lft 63185sec inet6 fe80::20c:29ff:fedd:c19c/64 scope link valid_lft forever preferred_lft forever 3: eno33554984: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1000 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:dd:c1:a6 brd ff:ff:ff:ff:ff:ff inet 10.0.0.100/8 scope global eno33554984:0 valid_lft forever preferred_lft forever inet 10.0.0.200/8 scope global secondary eno33554984 valid_lft forever preferred_lft forever ip address flush:清除协议地址(清除某设备上的所有地址) # ip add show eno33554984 3: eno33554984: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1000 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:dd:c1:a6 brd ff:ff:ff:ff:ff:ff inet 10.0.0.100/8 scope global eno33554984:0 valid_lft forever preferred_lft forever inet 10.0.0.200/8 scope global secondary eno33554984 valid_lft forever preferred_lft forever # ip add flush dev eno33554984 # ip add show eno33554984 3: eno33554984: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1000 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:dd:c1:a6 brd ff:ff:ff:ff:ff:ff d、ip route路由表管理(routing table management) ip route add:添加新的路由 # ip route add 20.0.0.0/8 via 10.0.0.20 dev eno33554984 # ip route show default via 172.18.0.1 dev eno16777736 proto static metric 100 10.0.0.0/8 dev eno33554984 proto kernel scope link src 10.0.0.200 20.0.0.0/8 via 10.0.0.20 dev eno33554984 172.18.0.0/16 dev eno16777736 proto kernel scope link src 172.18.250.108 metric 100 192.168.20.0/24 dev eno33554984 proto kernel scope link src 192.168.20.2 192.168.100.0/24 dev eno33554984 proto kernel scope link src 192.168.100.2 ip route change:修改路由 # ip route change 20.0.0.0/8 via 172.18.250.108 dev eno16777736 # ip route show default via 172.18.0.1 dev eno16777736 proto static metric 100 10.0.0.0/8 dev eno33554984 proto kernel scope link src 10.0.0.200 20.0.0.0/8 via 172.18.250.108 dev eno16777736 172.18.0.0/16 dev eno16777736 proto kernel scope link src 172.18.250.108 metric 100 192.168.20.0/24 dev eno33554984 proto kernel scope link src 192.168.20.2 192.168.100.0/24 dev eno33554984 proto kernel scope link src 192.168.100.2 ip route replace:改变或者添加新的路由(表示如果没有就新添加) ip route add TYPE PREFIX via GW [dev IFACE] [src SOURCE_IP] ip route delete:删除路由 # ip route show default via 172.18.0.1 dev eno16777736 proto static metric 100 10.0.0.0/8 dev eno33554984 proto kernel scope link src 10.0.0.200 20.0.0.0/8 via 172.18.250.108 dev eno16777736 172.18.0.0/16 dev eno16777736 proto kernel scope link src 172.18.250.108 metric 100 192.168.20.0/24 dev eno33554984 proto kernel scope link src 192.168.20.2 192.168.100.0/24 dev eno33554984 proto kernel scope link src 192.168.100.2 # ip route del 10.0.0.0/8 # ip route show default via 172.18.0.1 dev eno16777736 proto static metric 100 20.0.0.0/8 via 172.18.250.108 dev eno16777736 172.18.0.0/16 dev eno16777736 proto kernel scope link src 172.18.250.108 metric 100 192.168.20.0/24 dev eno33554984 proto kernel scope link src 192.168.20.2 192.168.100.0/24 dev eno33554984 proto kernel scope link src 192.168.100.2 ip route show:查看路由 ip route flush:删除路由表 # ip route flush 192.168.100/24 # ip route show default via 172.18.0.1 dev eno16777736 proto static metric 100 20.0.0.0/8 via 172.18.250.108 dev eno16777736 172.18.0.0/16 dev eno16777736 proto kernel scope link src 172.18.250.108 metric 100 192.168.20.0/24 dev eno33554984 proto kernel scope link src 192.168.20.2 ip route get:查看一条路由
# ip route get 20.0.0.0/8
20.0.0.0 dev eno16777736 src 172.18.250.108
cache
2、ss命令另一个套接字管理程序(another utility to investigate sockets) ss [options] [FILTER] 选项: -t:TCP协议的相关连接 -u:UDP相关的连接 -w:raw socket相关的连接 -l:监听状态的连接 -a:所有状态的连接 -n:数字格式 -p:相关的程序及其PID -e:扩展格式信息 -m:内存用量 -o:计时器信息 # 用法与netstat相同,组合方式也可以参照netstat 常用组合:-tan,-una,-tnl,-unl,-tunlp,-antup # ss -tan State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 *:22 *:* LISTEN 0 128 127.0.0.1:631 *:* LISTEN 0 100 127.0.0.1:25 *:* LISTEN 0 128 127.0.0.1:6010 *:* LISTEN 0 128 127.0.0.1:6011 *:* ESTAB 0 52 172.18.250.108:22 172.18.4.1:49701 ESTAB 0 0 172.18.250.108:22 172.18.4.1:49924 LISTEN 0 128 :::22 :::* LISTEN 0 128 ::1:631 :::* LISTEN 0 100 ::1:25 :::* LISTEN 0 128 ::1:6010 :::* LISTEN 0 128 ::1:6011 :::* # ss -uan State Recv-Q Send-Q Local Address:Port Peer Address:Port UNCONN 0 0 *:10042 *:* UNCONN 0 0 127.0.0.1:323 *:* UNCONN 0 0 *:68 *:* UNCONN 0 0 ::1:323 :::* UNCONN 0 0 :::50626 :::* FILTER := [ state TCP-STATE ] [ EXPRESSION ] [EXPRESSION] dport = sport = # ss -tan '( dport = 22 or sport = 22 )' State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 *:22 *:* ESTAB 0 52 172.18.250.108:22 172.18.4.1:49701 ESTAB 0 0 172.18.250.108:22 172.18.4.1:49924 LISTEN 0 128 :::22 :::* 四、管理网络属性之配置文件 IP/NETMASK/GW/DNS等配置文件:/etc/sysconfig/network-scripts/ifcfg-IFACE 路由相关的配置文件:/etc/sysconfig/networkj-scripts/route-IFACE 命令方式修改: CentOS 6:system-config-network setup CentOS 7:nmtui ifcfg-IFACE文件中的参数: DEVICE:此配置文件对应的设备的名称; ONBOOT:在系统引导过程中,是否激活此接口; UUID:此设备的惟一标识; IPV6INIT:是否初始化IPv6; BOOTPROTO:激活此接口时使用什么协议来配置接口属性,常用的有dhcp、bootp、static、none; TYPE:接口类型,常见的有Ethernet, Bridge; DNS1:第一DNS服务器指向; DNS2:备用DNS服务器指向; DOMAIN:DNS搜索域; IPADDR: IP地址; NETMASK:子网掩码;CentOS 7支持使用PREFIX以长度方式指明子网掩码; GATEWAY:默认网关; USERCTL:是否允许普通用户控制此设备; PEERDNS:如果BOOTPROTO的值为“dhcp”,是否允许dhcp_server分配的dns服务器指向覆盖本地手动指定的DNS服务器指向;默认为允许; HWADDR:设备的MAC地址; NM_CONTROLLED:是否使用NetworkManager服务来控制接口; 示例: CentOS 7: IPV6INIT=yes BOOTPROTO=none DEVICE=eno16777736 ONBOOT=yes UUID=fc03aa9a-32b4-4d25-9576-288a0e3cd39a TYPE=Ethernet DEFROUTE=yes NAME="System eno16777736" PEERDNS=yes IPADDR=172.18.4.1 PREFIX=8 GATEWAY=172.18.0.1 DNS1=202.106.0.20 DNS2=172.18.0.1 CentOS 6: DEVICE=eth0 HWADDR=00:0C:29:69:45:7B TYPE=Ethernet UUID=1e9d304f-319a-4467-ac3c-67159f182f33 ONBOOT=yes NM_CONTROLLED=yes BOOTPROTO=dhcp 网络服务: network NetworkManger 管理网络服务: CentOS 6: service {network|NetworkManager} {start|stop|restart|status} # cat /etc/sysconfig/network-scripts/ifcfg-eth1 DEVICE=eth1 TYPE=Ethernet ONBOOT=yes NM_CONTROLLED=yes BOOTPROTO=none IPADDR=10.0.0.100 PREFIX=8 GATEWAY=10.0.0.1 DNS1=202.106.0.20 # service network restart Shutting down interface eth0: [ OK ] Shutting down interface eth1: [ OK ] Shutting down loopback interface: [ OK ] Bringing up loopback interface: [ OK ] Bringing up interface eth0: Determining IP information for eth0... done. [ OK ] Bringing up interface eth1: Determining ip address 10.0.0.100 is already in use for device eth1.. [ OK ] # ifconfig eth1 eth1 Link encap:Ethernet HWaddr 00:0C:29:69:45:85 inet addr:10.0.0.100 Bcast:10.255.255.255 Mask:255.0.0.0 inet6 addr: fe80::20c:29ff:fe69:4585/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:411362 errors:0 dropped:0 overruns:0 frame:0 TX packets:240 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:44602847 (42.5 MiB) TX bytes:28728 (28.0 KiB) CentOS 7: systemctl {start|stop|restart|status} {network|NetworkManager}.service # cat /etc/sysconfig/network-scripts/ifcfg-eno33554984 # Generated by parse-kickstart BOOTPROTO=none DEVICE=eno33554984 ONBOOT=yes TYPE=Ethernet DEFROUTE=yes IPV4_FAILURE_FATAL=no NAME="System eno33554984" PEERDNS=yes PEERROUTES=yes IPADDR=20.0.0.100 PREFIX=24 GATEWAY=20.0.0.1 DNS1=202.106.0.20 # systemctl restart network.service # ifconfig eno33554984 eno33554984: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1000 inet 20.0.0.100 netmask 255.255.255.0 broadcast 20.0.0.255 ether 00:0c:29:dd:c1:a6 txqueuelen 1000 (Ethernet) RX packets 406943 bytes 44125370 (42.0 MiB) RX errors 0 dropped 635 overruns 0 frame 0 TX packets 50 bytes 4620 (4.5 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 配置文件配置路由:/etc/sysconfig/network-scripts/route-IFACE 支持两种配置方式,但不可混用; (1) 每行一个路由条目: TARGET via GW # cat /etc/sysconfig/network-scripts/route-eno33554984 172.0.0.0/8 via 20.0.0.100 # systemctl restart network.service # route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 172.18.0.1 0.0.0.0 UG 100 0 0 eno16777736 0.0.0.0 20.0.0.1 0.0.0.0 UG 101 0 0 eno33554984 20.0.0.0 0.0.0.0 255.255.255.0 U 100 0 0 eno33554984 172.0.0.0 20.0.0.100 255.0.0.0 UG 100 0 0 eno33554984 172.18.0.0 0.0.0.0 255.255.0.0 U 100 0 0 eno16777736 (2) 每三行一个路由条目: ADDRESS#=TARGET NETMASK#=MASK GATEWAY#=NEXTHOP # cat /etc/sysconfig/network-scripts/route-eno33554984 ADDRESS0=11.0.0.0 NETMASK0=255.0.0.0 GATEWAY0=20.0.0.100 # systemctl restart network.service # route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 172.18.0.1 0.0.0.0 UG 100 0 0 eno16777736 0.0.0.0 20.0.0.1 0.0.0.0 UG 101 0 0 eno33554984 11.0.0.0 20.0.0.100 255.0.0.0 UG 100 0 0 eno33554984 20.0.0.0 0.0.0.0 255.255.255.0 U 100 0 0 eno33554984 172.18.0.0 0.0.0.0 255.255.0.0 U 100 0 0 eno16777736 对于CentOS 7的网络属性管理就写到这里了,感觉写的不错可以给点个赞。
作者: Q/A:如有问题请慷慨提出 (责任编辑:IT) |