Linux Network configuration

Basic Network Configuration

To connect a Linux host to a network, you need to configure network-related settings

Generally include the following:

Host Name

Ip/netmask

Routing: Default gateway

DNS Server

Primary DNS Server

Secondary DNS server

Third-party DNS servers

To modify the NIC naming example:

1. Check the driver of the network card and uninstall the NIC driver

[Email protected] ~]# ethtool-i eth0
driver:e1000 #网卡驱动
[Email protected] ~]# modprobe-r e1000 #卸载网卡驱动
2. Modify the 70-persistent-net.rules file

3. Reload the NIC driver and restart the network service

[Email protected] ~]# modprobe e1000 #重新加载网卡驱动
[Email protected] ~]#/etc/rc.d/init.d/network restart #重启网络服务

Network Configuration related files

Network Configuration Reference file:/usr/share/doc/initscripts-9.03.53/sysconfig.txt

Network card Configuration under:/etc/sysconfig/network-scripts/, configuration file: ifcfg-nic Name

Example configuration file:

[Email protected] ~]# cat/etc/sysconfig/network-scripts/ifcfg-eth0 device=eth0bootproto=static|dhcp|  noneipaddr=192.168.0.7netmask=255.255.255.0#PREFIX =24 #子网掩码GATEWAY =192.168.0.1 Intranet dns1= 114.114.114.114 External network dns2=8.8.8.8dns3=1.1.1.1type=ethernetonboot=yeshwaddr=00:0c:29:D b : c9:5c#macaddr=00:0c:29:D b:c9:5a #修改MAC地址UUID =38d329c5-b1bb-491b-a669-47422cfda764nm_controlled=no 

Network configuration file Common configuration parameters in detail:

• Device: Devices to which this profile applies
• HWADDR: MAC address of the corresponding device
• Bootproto: Address configuration protocol used when activating this device, common DHCP, static, none, BOOTP
• NM_CONTROLLED:NM is the abbreviation of NetworkManager, whether this network card accepts NM control; recommended for "No" (NetworkManager: The network Configuration tool for the graphical interface, does not support bridging, it is strongly recommended to close)
• Onboot: Whether this device is activated at system boot time
• Type: interface types, common Ethernet, Bridge
• UUID: Unique identification of the device
• IPADDR: Specify IP Address
• NETMASK: Subnet Mask
• Gateway: Default Gateways
• DNS1: The first DNS server points to a
• DNS2: The second DNS server points to a
• Userctl: Whether a normal user can control this device
• Peerdns: If the value of Bootproto is "DHCP", whether to allow DHCP server to assign a DNS server to direct the information to overwrite the/etc/resolv.conf file

Other related configuration files

Routing configuration article:/etc/sysconfig/network-scripts/route-interface

• Netwoek/netmask via GATEWAY

DNS configuration file:/etc/resolv.conf

• NameServer DNS_IP

Local network resolution configuration file:/etc/hosts

• IP hostname Alias

Hostname configuration file:

• Centos6.x:/etc/sysconfig/network
• Centos7.x:/etc/hostname

About the configuration of the network Tools①ifconfig

• -A: View enabled and disabled NIC information
• interface {Up|down}: Enable or disable NIC
• Interface Ip/netmask: Temporarily set IP
• interface [-]PROMISC: Setting the NIC's work in promiscuous mode
• -S interface: View traffic information for the specified NIC

②route

• -N: Digital display, no resolution, improve efficiency
• Add {-net |-host} network/netmask GW GATEWAY Dev DEVICE adds route
• {add | del} default GW GATEWAY Add or remove the defaults route
• del {-net |-host} network/netmask GW GATEWAY Delete route

Route add-net 10.0.0.0/8 GW 172.20.0.1 Dev eth1 #添加一条到10.0.0.0 Network Segment Routing
Route del-net 10.0.0.0/8 GW 172.20.0.1 #删除10.0.0.0 Network Segment Routing

③netstat

• -N: Digital display, no resolution, improve efficiency
• -R: View the routing table
• -T:TCP related
• -U:UDP related
• -W: Bare socket
• -L: View ports in listening state
• -A: View ports in all States
• -E: Show more detailed information
• -P: View related process PID
• -I: Display network card traffic
• -iinterface: View traffic information for a specified NIC = = Ifconfig-s interface

[[email protected] ~]# netstat-tnulp  #显示TCP, UDP listening status and the port of the associated process    

④ip

• Link
  • Set interface {Up|down}: Enable or disable NIC
  • Show interface: Displays the specified NIC information
• Addr
  • Add ip/netmask [Label interface:#] [Scope {global | link | host}] [broadcast IP] Dev interface: Add configuration temporary address
    • Label: Specify Alias
    • Scope: Scope
    • Global: Scope is globally
    • Link: Only the network connected to this network card is active
    • Host: Only hosts are available
    • Broadcast: Set broadcast address
  • Del Dev interface [Label interface:#]: Remove IP
  • Flush Dev interface [Label interface:#]: Empty IP

• Route
  • Add Ip/netmask via GATEWAY Dev interface: adding routes
  • Add default via GATEWAY Dev interface: Adding the defaults route
  • Del ip/netmask via GATEWAY Dev interface: Remove route
  • Flush: Emptying the routing table
  • Show: View the routing table

[Email protected] ~]# IP addr Add 192.168.1.100/24 label eth0:0 Dev eth0 #设置临时IP地址

⑤ss

• -N: Digital display, no resolution, improve efficiency
• -T:TCP related
• -U:UDP related
• -W: Bare socket
• -X: Display information about UNIX sock
• -L: View ports in listening state
• -A: View ports in all States
• -E: Show more detailed information
• -P: View related process PID
• -M: Memory usage
• -O: Timer information
• -S: Show current socket details
• State Tcp_state ' (dport =: ssh or sport =: SSH) '
  • Established
  • Listen
  • Fin_wait_1
  • Fin_wait_2
  • Syn_sent
  • Syn_recv

[[Email protected] ~]# SS State established ' (Dport =: ssh or sport =: SSH) ' #查看已连接状态的ssh

⑥NMCLI: Address Configuration tool (centos7.x)

subcommand complement function: Yum install bash-completion, dependent on Epel source

1. View information

[Email protected] ~]# NMCLI device status
[Email protected] ~]# NMCLI connection Show

2. Delete Configuration

[Email protected] ~]# NMCLI Connection Delete Ens33

3. Add Configuration

[Email protected] ~]# nmcli connection add con-name ENS33 ifname ens33 type Ethernet Ipv4.method Auto Connection.autoconn ECT Yes

• Con-name ens33: Configuration file name
• IfName ENS33: Specify the NIC device
• Type Ethernet: Network type Ethernet
• Ipv4.method Auto: Get IP automatically
• Connection.autoconnect Yes: Boot from boot

4. Switch configuration

[Email protected] ~]# NMCLI connection up Ens33

5. Modify the profile name Ens33-ens33-static

[Email protected] ~]# NMCLI connection Modify ENS33 con-name ens33-static

6. Modify the configuration IP

[Email protected] ~]# NMCLI connection Modify ens33-static ipv4.addresses 192.168.0.100/24 ipv4.gateway 192.168.0.1 IPv4 . Method Manual

• Ipv4.addresses 192.168.0.100/24:IP Address
• Ipv4.gateway 192.168.0.1: Gateway
• Ipv4.method Manual: Manual fetch, static address must be configured to manual, otherwise the default dynamic

7. Re-read the configuration file

[Email protected] ~]# NMCLI connection Reload

8. Disconnect and connect the network connection

[Email protected] ~]# NMCLI device Disconnect Ens33
[Email protected] ~]# nmcli device Connect Ens33

9. View the network configuration details

[Email protected] ~]# NMCLI connection Show Ens33

10. Add another address in the configuration

[Email protected] ~]# NMCLI connection Modify ens33-static +ipv4.addresses 10.0.0.2/8

Other related tools

Ping: Test network command

• The number of-C count:ping
• -W Timeout: Time-out, with-c use
• -I ipaddress: Specifies to ping the other host with the IP of its own host
• -S Size: Packet size per ping, maximum value 65507
• -F: Do your own host's ability to send out packets

[[email protected] ~]# ping-c1-w1 192.168.0.6 #脚本中常用的ping测试, Ping once, time out 1s[[email protected] ~]# ping-s 65507-f 192.168 .0.6 #竭尽自己所能, sending large packets to 192.168.0.6, DDoS attacks

Tcpdump: Grab Bag tool

• -N: Prohibit IP parsing
• -I interface: Specify NIC interface
• TCP|UDP|ICMP|ARP: Specify package protocol

MTR: Network diagnostic tools

Traceroute: Trace Route

Tracepath: Trace Route

Ifup: Enable NIC

Ifdown: Disable NIC

Setup: Character interface Configuration tool (centos6.x)

System-config-network-tui: Character Interface network Configuration tool (centos6.x)

HOSTNAMECTL: Set host Name Tool (centos7.x)

• Status
• Set-hostname hostname

Mm-connection-editor: Graphical Interface network Configuration tool (centos7.x)

Nmtui: Character Interface Configuration tool (centos7.x)

• Nmtui-connect
• Nmtui-edit
• Nmtui-hostname

lftp | lftp [-u User[,pass]] [-P port] [-e cmd] ftpserver:ftp client Tools

• Get
• Mget
• Put
• Mput
• Mirror DIR

Lftpget URL: Non-interactive download of FTP server files

wget: Web Download tool

• -Q: Silent mode
• -C: Breakpoint continued to pass
• -p/path/dirname: The downloaded file is saved to the specified folder
• -o/path/filename: The downloaded file is saved to the specified location and renamed
• --limit-rate=# k| M: Speed limit to # k| M

ELinks | Links: Character Interface Web browser

• -source: Viewing Web page source code
• -dump: Display Text Only

Network Interface Configuration-bonding

Bonding to bind multiple network cards to the same IP address to provide services externally, can achieve high availability or load balancing. It is not possible to set the same IP address directly for two NICs. Through bonding, a virtual one network card to provide external connection, the physical network card is modified to the same MAC address

Binding: Binding multiple network cards to the same IP address to provide services to the outside, can achieve high availability or load balancing.

Operating mode:

Mode 0:BALANCE-RR rotation strategy: Multi-Net card can send packets in turn, realize load balancing function

Mode 1:active-backup Master policy: Where the active NIC sends the packet, the other backup

Mode 3:broadcast broadcast strategy: Each network card will send a copy of the package

Example configuration:

1. Create a bonding device configuration file

# cat >/etc/sysconfig/network-scripts/ifcfg-bond0 <<eofdevice=bond0bootproto=nonebonding_opts= "miimon= Mode=1 "ipaddr=192.168.0.6prefix=24eof

MIIMON=100: One-time link detection per 100ms

2, configure the bonding slave network card

[email protected] ~]# cat >/etc/sysconfig/network-scripts/ifcfg-eth0 <<eofdevice=eth0bootproto=nonemaster =bond0slave=yeseof[[email protected] ~]# cat >/etc/sysconfig/network-scripts/ifcfg-eth1 <<eofdevice= Eth1bootproto=nonemaster=bond0slave=yeseof

3. Restart the Network service and view the bonding status

#/etc/rc.d/init.d/network Restart[[email protected] ~]# cat/proc/net/bonding/bond0 |headethernet Channel Bonding driver:v3.7.1 (April) Bonding mode:fault-tolerance (active-backup) Primary Slave:nonecurrently active Slave : eth0 #现在eth0在工作状态MII status:upmii Polling Interval (ms): 100Up Delay (ms): 0Down Delay (ms): 0

To remove the bonding configuration example:

1. Disable bond0 and uninstall bonding module

# IP link Set bond0 down
# Modprobe-r Bonding

2. Restore the configuration file and restart the network

Bridge

Bridging: "Connect" several network interfaces on a single machine. As a result, one of the messages received by one of the network ports is copied to the other network ports and sent out. So that the messages between the network ports can be forwarded to each other. The bridge is such a device, it has a number of network ports, and these network ports are bridged. The host connected to the bridge can communicate with each other through the message forwarding of the switch.

1. Create a network Bridge

[Email protected] ~]# NMCLI connection Add type bridge con-name BR0 ifname br0

2. Configure the Network Bridge

[Email protected] ~]# NMCLI connection Modify br0 ipv4.addresses 192.168.0.7/24 ipv4.method Manual

3. Join the Slave network card to the bridge

[Email protected] ~]# nmcli connection Add type Bridge-slave con-name br0-eth0 ifname eth0 Master Br0

4. Enable the Network Bridge and view the status

[[email protected] ~]# NMCLI connection up br0[[email protected] ~]# nmcli connection up br0-eth0[[email protected] ~]# BR CTL Showbridge name     Bridge ID               STP enabled     interfacesbr0             8000.000c295df21e       Yes             eth0

Linux Network configuration