Common CentOS network configurations and operations
In Linux, the most common network configuration commands include ifconfig and route. ifconfig is used to view and configure network interface (usually Nic) information, including the IP address and mask of network interface devices; route is used to manage the route tables in the Linux kernel. It is used to set static route table items. Generally, after the system uses ifconfig to configure network interfaces, it is used to set the interface through which the IP address of the host or a CIDR block should be sent.
3.1.1 ifconfig
1
Ifconfig Syntax:
2
ifconfig [-a] [-v] [-s] <interface> [[<AF>] <address>]
3
[[-]broadcast [<address>]]
4
[netmask <address>]
5
[up|down]
The interface is the NIC name, the address is the IP address, the broadcast is the broadcast address, the address is the IP address of the broadcast address, and The netmask is the subnet mask, the following address is the IP address of the subnet mask. up and down are used to set the status of the current Nic. up indicates that the current Nic is enabled, and down indicates that the current Nic is disabled.
Common Parameters of Ifconfig are described as follows:
-A. view the status of all NICs.
-V: view the version of the ifconfig command
-S: View statistics
Example:
1) set the IP address of the first Nic to 192.168.0.1:
1
Ifconfig eth0 192.168.0.1 (Format: ifconfig network device name IP address)
2) temporarily disable or enable the NIC:
1
Disable the first NIC: ifconfig eth0 down
2
3
Enable the first Nic ifconfig eth0 up
3) set the subnet mask of the first Nic to 255.255.255.0:
1
Ifconfig eth0 netmask 255.255.255.0 (Format: ifconfig network device name netmask subnet mask)
We can also set the IP address and subnet mask at the same time:
1
ifconfig eth0 192.168.0.1 netmask 255.255.255.0
4) view the status of the first ENI:
1
ifconfig eth0
To view the status of all NICs, use the ifconfig command without parameters.
The status information output by ifconfig is very useful. The following is a brief description:
Several statuses are important:
UP/DOWN: indicates whether the NIC is enabled. If it is DOWN, it cannot be used;
If the number of errors packets in the RX packets is too large, it indicates that the NIC is faulty when receiving the packets;
If the number of errors packets in the TX packets is too large, it indicates that the NIC is faulty when being sent;
3.1.2route
The syntax of the route command is:
1
route [-CFvnee]
2
3
route [-v] [-A family] add [-net|-host] target [netmask Nm] [gw Gw] [metric N] [mod] [reinstate] [[dev] If]
4
5
route [-v] [-A family] del [-net|-host] target [gw Gw] [netmask Nm] [metricN] [[dev] If]
6
7
route [-V] [--version] [-h] [--help]
Common route parameters are described as follows:
-V uses the redundant output mode.
-A family specifies A specific address family (for example, "inet" and "inet6 ″).
-N: The address displayed with numbers, for example, 202.38.75.75, instead of interpreting the domain name.
-E uses the same output format as netstat.
-The ee parameter produces a long output, including almost all information about the kernel route table.
-Net target is a network segment.
-The host target is a separate host.
-F indicates that the kernel FIB route table results may be changed by the-e and-ee parameters.
-C: displays the route Cache Information in the kernel.
Del deletes a route table entry.
Add a route table entry.
Target CIDR block or host. It can be an IP address, network, or host name.
Netmask Nm is used to specify the network mask of the route table entry to be added.
Any IP group that leads to the target of gw Gw must use this gateway.
Metric M sets the metric field in the route table to M.
Example:
1) Add a route table entry. The network segment 192.168.0.x should go through the interface "eth0 ".
1
route add -net 192.168.0.0 netmask 255.255.255.0 dev eth0
2) Add a default route
1
Route add 0.0.0.0 gw gateway address
If there are no other matching routing items, use this routing rule.
3) Delete the default route
1
Route del 0.0.0.0 gw gateway address
4) Example of the output result of the route command
The output format includes the following columns:
Destination CIDR block or host
Gateway address. If not set, it is "*"
Genmask network mask
Some possible Flags are as follows:
U (the route is active)
H (target is a host)
G (gateway ))
R (table items generated by reinstate route Dynamic Routing)
D (dynamically installed by daemon or redirect)
M (modified from routing daemon or redirect)
! (Reject route)
Metric routing distance.
Ref route entry reference times. (Not used in linux kernel)
Use the number of times route entries are queried.
Iface: the output interface corresponding to the route table entry.
3.2 network operation commands
Common network operation commands in Linux include netstat, nslookup, hostfinger, and ping.
The netstat command displays network connection, route table, and network interface information, allowing you to know which network connections are currently in operation. The nslookup command is used to query the IP address of a machine and its corresponding domain name. It usually requires a Domain Name Server to provide the Domain Name Service. If you have already set the Domain Name Server, you can use this command to view the domain name corresponding to the IP address of different hosts. The host command can query the host IP address or host IP address based on the host name. The finger command is used to query user information, it usually displays the user name, Home Directory, stagnation time, Logon Time, logon shell, and other information of a user in the system. The ping command is used to check whether hosts on the network are working.
3.2.1 netstat
The syntax of the netstat command is:
Netstat [Option]
Common netstat parameters are described as follows:
-A: All sockets, including
-C is re-displayed every 1 second until the user interrupts it.
-I: The information format of all network interfaces is the same as "ifconfig-e"
-N the network connection is displayed with the network IP address instead of the name.
-R: the format of the core route table is the same as that of "route-e"
-T shows the TCP connection status
-U: displays UDP connections.
-V: displays ongoing work
Example:
1) run the netstat command on the local machine. The output is as follows:
1
Active Internet connections (w/o servers)
2
3
Proto Recv-Q Send-Q Local Address Foreign Address State
4
5
tcp 0 256 10.153.89.66:ssh 10.153.21.168:1054 ESTABLISHED
6
7
tcp 0 0 10.153.89.66:ssh 10.153.21.166:1222 ESTABLISHED
8
9
tcp 0 0 10.153.89.66:1521 10.153.21.166:2625 ESTABLISHED
10
11
tcp 0 0 10.153.89.66:1521 10.153.21.166:2623 ESTABLISHED
12
13
……
14
15
Active UNIX domain sockets (w/o servers)
16
17
Proto RefCnt Flags Type State I-Node Path
18
19
unix 9 [ ] DGRAM 919 /dev/log
20
21
unix 2 [ ] STREAM CONNECTED 50246124
22
23
unix 3 [ ] STREAM CONNECTED 3914245
24
25
/tmp/.ICE-unix/dcop18694-1074144356
26
27
unix 3 [ ] STREAM CONNECTED 3914244
28
29
unix 3 [ ] STREAM CONNECTED 3914127 /tmp/.X11-unix/X0
30
31
…..
3.2.2 nslookup
The nslookup command is used to query the IP address of a machine and its corresponding domain name. It usually requires a Domain Name Server to provide domain name services. If you have configured a Domain Name Server, you can use this command to view the domain name corresponding to the IP address of different hosts. Command syntax:
Nslookup [IP Address/domain name]
Example:
Run the nslookup command on the local machine
1
Default Server: name.tlc.com.cn
2
3
Address: 192.168.1.99
4
5
>
Enter the IP address or domain name to be queried after the symbol ">" and press Enter. To exit the command, enter exit and press Enter.
3.2.3 host command
The host command is similar to nslookup. The syntax of the same command is:
Host [Option] [IP Address/Domain Name/host name]
Common host parameters are as follows:
-A displays information about the queried domain name, IP address, domain name, or host name.
Example:
1
[root]# host huawei-3com.com
2
3
huawei-3com.com has address 172.19.1.228
3.2.4finger
The finger command is used to query user information. It usually displays the user name, main directory, stagnation time, Logon Time, logon shell, and other information of a user in the system. To query user information on a remote machine, you must follow the "@ host name" after the user name in the format of [user name @ host name]. However, the network host to query must run the finger daemon. The common format of this command is:
Finger [Option] [user] [user @ host]
Common finger parameters are as follows:
-S displays the user's registration name, actual name, terminal name, write status, stagnation time, Logon Time, and other information.
-L in addition to the information displayed with the-s option, it also displays information such as the user's home directory, logon shell, email status, and the. plan, project, and. forward files in the user's home directory.
-P is the same as the-l option except that the. plan file and. project file are not displayed.
Example:
1) Display User orcale Information
1
finger oracle
The result is
1
Login: oracle Name: (null)
2
3
Directory: /home/oracle Shell: /bin/bash
4
5
On since Fri Feb 6 16:26 (CST) on pts/1 from 10.153.21.166 33 seconds idle
6
7
On since Wed Feb 4 20:10 (CST) on pts/2 from 10.153.21.166 1 second idle
8
9
No mail.
10
11
No Plan.
3.2.5Ping command
The ping command is used to check whether the host on the network is working. It sends an ICMPECHO_REQUEST packet to the host. Sometimes we want to download files from a host on the network, but do not know whether the host is on, we need to use the ping command to check. The common format of this command is:
Ping [Option] [host name/IP address]
Common ping parameters are as follows:
-The number of c stops when a specified number of packages are sent.
-D: Set the SO_DEBUG option.
-F sends a large number of network packets to a machine quickly to view their responses.
-I. Seconds: Set the interval of several seconds. Send a network packet to a machine. The preset value is one second.
-L the number of times to send packets to the specified Machine as quickly as possible within the specified number of times (this option can only be used by Super Users)
-Q: only the final result is displayed if no packet transfer information is displayed.
-R Directly sends packets to a machine without passing through the gateway. It usually checks whether the network interface of the local machine is faulty.
-S bytes indicates the number of data bytes sent. The default value is 56, plus 8 bytes of ICMP header, which is a total of 64 ICMP data bytes.
3.3 introduction to common network configuration files
In Linux, TCP/IP networks are configured through several text files. You need to edit these files to complete the networking. The important network configuration files in the system are:
1
/etc/sysconfig/network
2
3
/etc/hosts
4
5
/etc/services
6
7
/etc/host.conf
8
9
/etc/nsswitch.conf
10
11
/etc/resolv.conf
12
13
/etc/xinetd.conf
14
15
/etc/modules.conf
16
17
/etc/sysconfig/network-scripts/ifcfg-ethN
Next we will describe these files one by one. These files can be modified during system running without starting or stopping any daemon, the change takes effect immediately (except/etc/sysconfig/network ). In addition, these files support comments starting with "#". Each file has one in Part 1 of the UNIX manual page and can be obtained using the man command.
3.3.1/etc/sysconfig/network settings
This file is used to specify network configuration information on the server, including parameters for controlling network-related file and daemon behavior. The following is an example file:
1
NETWORKING=yes
2
3
HOSTNAME=machine1
4
5
GATEWAY=210.34.6.2
6
7
FORWARD_IPV4=yes
8
9
GATEWAYDEV=
NETWORK = yes/no indicates whether the NETWORK is configured;
HOSTNAME = hostname indicates the Host Name of the server;
GATEWAY = gw-ip indicates the IP address of the Network GATEWAY;
FORWARD_IPV4 = yes/no whether IP Forwarding is enabled;
GAREWAYDEV = gw-dev gw-dw indicates the gateway device name, such as eth0;
3.3.2/etc/hosts IP address and host name ing
/Etc/hosts contains the ing between the IP address and the host name, including the alias IP address of the host name. The address design makes it easy for the computer to recognize, but it is hard for people to remember them, to solve this problem, the/etc/hosts file is created. The following is an example file:
1
127.0.0.1 machine1 localhost.localdomain localhost
2
3
192.168.1.100 machine7
4
5
192.168.1.101 otherpc otheralias
In this example, the local machine name is machine1, otherpc also has the alias otheralias, which can point to otheralias. Once the network configuration file of the machine is configured, restart the network to make the modification take effect. Run the following command to restart the network:
1
service network restart
The/etc/hosts file usually contains the host name, localhost, and system alias frequently used by the system administrator. Sometimes it takes a long time to telnet to a Linux machine, you can add the IP address of the customer's machine and the host name in "/etc/hosts" to reduce the login wait time. Without a Domain Name Server, all network programs on the system query the file to resolve the IP address corresponding to a host name. Otherwise, other host names are generally resolved using DNS, the DNS Client configuration is in the file/etc/resolv. conf.
3.3.3/etc/services
/Etc/services contains the ing between the service name and the port number. Many system programs need to use this file. The following are the first lines of the default/etc/services during RedHat installation:
View Source code printing help
1
tcpmux 1/tcp # TCP port service multiplexer
2
3
echo 7/tcp
4
5
echo 7/udp
6
7
discard 9/tcp sink null
8
9
discard 9/udp sink null
10
11
systat 11/tcp users
The leftmost column is the host service name, the middle column is the port number, "/" is followed by the port type, either TCP or UDP. All the columns that follow are the aliases of the previous service. Aliases also exist in this file. They appear after the port number. In the above example, sink and null are the aliases of the discard service.