Network configuration file for LINUX network performance tuning

Article title: network configuration file for Tuning LINUX network performance. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
In Tuning LINUX network performance debugging tools, we introduce how to use route, netstat, and tcpdump network tuning testing tools and their functions. This article will focus on the content of network configuration files to help you understand these files.
　　
/Etc/modules. conf file
　　
This configuration file defines the parameter information of various modules that need to be loaded at startup. the configuration of Nic is mainly discussed here. To reduce possible problems during startup, the Linux kernel does not automatically detect multiple NICs. If multiple NICs need to be installed in a system that does not compile the NIC driver into the kernel but is loaded dynamically as a module, configure them in the modules. conf file. If the device driver is compiled into a module (kernel module): For PCI devices, the module automatically detects all devices installed on the system. for ISA cards, you need to provide the IO address to the module so that the module knows where to find the card. The information is in "/etc/conf. modules.
　　
For example, we have two ISA bus 3c509 cards. one IO address is 0x300, and the other is 0x320. Edit the "modules. conf" file as follows:
　　
Alias eth0 3c509
Alias eth1 3c509
Options 3c509 io = 0x320, 0 x
　　
For the PCI card, you only need the alias command to associate ethN with the appropriate driver module name. The IO address of the PCI card will be automatically detected. For the PCI card, edit the "modules. conf" file as follows:
　　
Alias eth0 3c905
Alias eth1 3c905
　　
If the driver has been compiled into the kernel, the PCI detection program at system startup will automatically find all related NICs. The ISA card can also be automatically detected, but in some cases, the ISA card still needs to do the following configuration: In "/etc/lilo. add the configuration information in conf by passing the startup parameter information to the kernel through the LILO program. For the ISA card, edit the "lilo. conf" file and add the following content:
　　
Append = "ether =" 0, 0, eth0 ether = "0, 0, eth1"
　　
/Etc/sysconfig/network-scripts/ifcfg-ethN file
　　
In RedHat, the configuration file for the system network device is saved in the/etc/sysconfig/network-scripts directory, the ifcfg-eth0 contains the configuration information for the first Nic, the ifcfg-eth1 contains the configuration information for the second Nic. if you want to manually modify the network address or add a new network interface on the new interface, you can modify the corresponding file (ifcfg-ethN) or create a new file.
　　
DEVICE = name indicates the name of the physical DEVICE.
IPADDR = addr indicates the IP address assigned to the card
NETMASK = maskmask indicates the network mask
NETWORK = addraddr indicates the NETWORK address.
BROADCAST = addr indicates the BROADCAST address.
ONBOOT = yes/no whether the card is activated at startup
　　
None: no startup protocol required
Bootp: Use the bootp protocol
Dhcp: Use the dhcp protocol.
USERCTL = yes/no whether non-root users are allowed to control the device
　　
/Etc/resolv. conf file
　　
This file is a configuration file used by the domain name parser (resolver, a database that resolves IP addresses based on the host name), for example:
　　
Search domainname.com
Nameserver 208.164.186.1
Nameserver 208.164.186.2
　　
"Search domainname.com" indicates that when a host name that does not include a full domain name is provided, the suffix of domainname.com is added after the host name; "nameserver" indicates that the host specified by this address is the domain name server when the domain name is resolved. The domain name server is queried according to the order in which the file appears.
　　
/Etc/host. conf file
　　
This file specifies how to resolve the host name. Linux uses the parser library to obtain the IP address corresponding to the host name. The following is an example of "/etc/host. conf:
　　
Order bind, hosts
Multi on
Ospoof on
　　
"Order bind, hosts" specifies the host name query order. here, DNS is required to resolve the domain name and then query the "/etc/hosts" file (or the opposite ).
　　
"Multi on" specifies whether the host specified in the "/etc/hosts" file can have multiple addresses. a host with multiple IP addresses is generally called a multi-point host.
　　
"Nospoof on" indicates that IP address spoofing is not allowed on the server. IP spoofing is a means of attacking system security. by disguising IP addresses as other computers, you can gain the trust of other computers.
　　
/Etc/hosts file
　　
When the machine starts, before the DNS can be queried, the machine needs to query the matching of some host names to IP addresses. The matching information is stored in the/etc/hosts file. Without a domain name server, all network programs on the system query the file to resolve the IP address corresponding to a host name.
　　
The following is an example of a "/etc/hosts" file:
　　
IP Address Hostname Alias
127.0.0.1 Localhost Gate.openarch.com
208.164.186.1 gate.openarch.com Gate
............ .....................
　　
The leftmost column is the host IP information, and the middle column is the host name. All the columns that follow are aliases of the host. Once the network configuration file of the machine is configured, restart the network for the modification to take effect. Run the following command to restart the network:/etc/rc. d/init. d/network restart.
　　
/Etc/inetd. conf file
　　
As we all know, as servers, the more open service ports, the more difficult to guarantee system security and stability. Therefore, servers that provide specific services should open the ports necessary to provide services as much as possible, and disable services unrelated to server services, such as a machine that serves as www and ftp servers, port 80 and port 25 should be opened, and other unrelated services such as finger auth should be turned off to reduce system vulnerabilities.