The following is the CentOS network management and network configuration
We set the network properties for the NIC in two ways, manually configured and automatically configured. The automatic configuration is obtained from the DHCP server on the host network and has at least one DHCP server. Manual configuration is available in two ways, using commands and modifying configuration files, using commands with three family commands, namely the Net-tools family (ifcfg family), the Iproute family, and the NM family. The related configuration file and network interface naming rules are also described.
First, the Net-tools family
1. Ifconfig command
The Ifconfig command has three main functions, namely, to view network interface status, configure network properties, and manage interface status.
View:
ifconfig [interface] command, if the interface state is not specified, the network information of the activation state interface is displayed, and if the interface is specified, the network configuration information for the specified interface is displayed, regardless of whether the interfaces are active or not.
Ifconfig-a: Displays all port network connections, whether activated or not.
Configuration management:
Ifconfig INTERFACE ADDRESS To configure specified parameters for a specified port
Example: Ifconfig INTERFACE Ip[/prefix_len] [Up/down]
Ifconfig INTERFACE IP netmask subnet_mask [Up/down]
Ifconfig eth1 172.16.1.1
Ifconfig eth1 172.16.1.1/24
Ifconfig eth1 172.16.1.1/24 up
Ifconfig eth1 172.16.1.1 netmask 255.255.255.0 up
Ifconfig eth1 Up/down
2. Route command
The route views and manages routing information, where there are three types of routing entries in the routing table, namely, host routing, network routing, and default routing. The destination address of the host route is a single IP address, the network route has the subnet from, the main network route, the super network by three kinds; The default route, the destination address is the IP address of the 0.0.0.0/0, can reach any address.
View:
Route-n: Displays the hostname, IP address, and port as digitized.
Configuration:
Route add [-net|-host] target [netmask Nm] [GW GW] [[Dev] If] Add
Route del [-net|-host] target [netmask Nm] [GW GW] [[Dev] If] Delete
Add default gateway: Route add default GW 192.168.0.1 or route add default GW 192.168.0.2 Dev eth2
Delete Default gateway: Route del Default or route del default GW 192.168.0.2
Add static route: Route add-net 10.0.0.0/8 GW 192.168.0.2 Dev eth2
Delete static routes: Route del-net 10.0.0.0/8 or Route del-net 10.0.0.0/8 GW 192.168.0.2
3. Netstat command
Netstat view network connections, routing information, interface statistics, and so on.
The common options for Netstat are as follows:
-T: View only network connections related to the TCP protocol
-U: View only network connections related to UDP protocol
-U: Displays only network connections related to the Udplite protocol
-W: Displays the network connection associated with the contact socket
-L: Display network connection in listening state
-A: Show all connections for all States, whether activated or not
-N: Digital display, digital display host name, port number, user ID and other information
-e: Display the output network connection in an extended format
-P: Displays the application and process ID associated with the network connection
Common combinations of options:-tan,-uan,-TNL,-UNL,-TNLP,-UNLP,-TUNLP
-R: Show routing table information Common composite options are:-rn,-rne
-i/-i: Display interface statistics with composite options
-S: Detailed display protocol information, sub-bar display, there are composite options
Second, the Iproute family
1. IP command
The IP command can set the parameters of the network, the related settings of the device, the additional IP settings, and the routing settings. The format is: IP [OPTIONS] OBJECT {COMMAND | help}, where object has four classes: link, addr, route, Netns.
(1), IP link COMMAND
Set settings related to device, including the MTU and the Mac of the network device, and so on. There are 5 types of command in the IP link command, namely add, delete, set, Show/list, help.
The IP link {show | list} simply searches for information about the device, and the list shows all the interfaces.
Example: IP link show eth0
The IP link set modifies the configuration parameters of the network device.
IP link set [dev] iface_name {up |}: Activates or disables the network interface;
Example: IP link set eth0 up eth0
IP link set eth0 down eth0
IP link set [dev] iface_name [arp {on | off}]: Whether this network interface is allowed to use the ARP protocol;
IP link set [dev] iface_name name iface_new_name: Changing the network interface name requires the device to be down first, so it cannot be set when the device is started.
Example: IP link set eth0 name Myeth
IP link Set eth0 address Aa:aa:aa:aa:aa:aa Modify MAC address
IP link set [dev] iface_name [MTU MTU]: Modifies the MTU value of the network interface;
For example: IP link set eth0 MTU 1000 change MTU to bytes, Unit is bytes
IP link set [dev] iface_name [netns PID]
(2), IP addr COMMAND
View and set logical network addresses, which belong to the third tier.
IP addr Add ifaddr dev iface_name: Adds an IP address for the specified network interface;
Example: IP addr Add 192.168.50.50/24 broadcast +/
IP addr del ifaddr dev iface_name: Removes the IP address from the specified network interface;
Example: IP addr del 192.168.50.50/24 dev eth0
IP addr Flush Dev iface_name: Clears all IP addresses configured on the specified interface;
IP Addr {show | list} [Dev Iface_name]: Displays the IP address configured on the network interface;
Example: IP addr Show eth0
Add "Multiple IP Address" to the network interface, and can use Ifconfig to view, set the volume label implementation;
IP addr Add ifaddr dev iface_name label Iface_name_label
Ifconfig Iface_name_label ifaddr
iface_name_label:iface_name:#
(3), IP route COMMAND
The IP route views and sets the routing table information almost as much as the rout command, but it can also make additional parameter settings, such as setting the MTU.
IP route {add | del} target/prefix via next_hop [Dev Iface_name]
Example: IP route add 192.168.5.0/24 dev eth0 add internal route
IP route add 192.168.10.0/24 via 192.168.5.100 Dev eth0 add route to external
IP Route del 192.168.10.0/24
IP Route del 192.168.5.0/24
IP Route list/show
Example: IP route Show
(4), IP netns COMMAND set the network name space in the kernel
IP Netns list: Lists all the custom namespaces that are displayed;
IP netns Add ns_name: Create namespace;
IP netns exec ns_name cmd: Use the command in the specified namespace;
IP netns Delete ns_name: Deletes the specified namespace;
2. SS command
The SS command can be used to get socket statistics, which can display and netstat similar content. But the advantage of the SS is that it can show more and more detailed information about TCP and connection status, and is faster and more efficient than netstat.
SS Format: SS [Options] [FILTER]
(1), [options]
SS Common options are:
-T: The connection state associated with the TCP protocol;
-U: Connection to UDP protocol;
-W: Connections related to bare sockets;
-L: Displays the connection in the listening state;
-A: A socket connection showing all States;
-N: Display the results digitally;
-P: Display the relevant application and PID;
-E: Displays detailed extended information;
-M: Displays memory usage;
-O: Timer information;
Common combinations of options are:-tan,-uan,-TNL,-UNL,-tulp,-UNLP.
(2), [FILTER]
Filter: [State tcp-state] [expression], wherein tcp-statetcp, represents all the available states in the Protocol finite state machine; expression, expressed as dport=:p ort or sport=:p ort, For example: ' (Dport =: + or sport =: 22) ', note that expression is quoted in single quotes.
SAN, NM family
1. NMCLI command
NMCLI is a network management command-line tool that you can use NMCLI to configure the network, implement network groups, set host names
NMCLI format: nmcli [OPTIONS] OBJECT {COMMAND | help}
(1), object mainly consists of two categories, namely connection and device
Device: Display and configure network interface information
There are 7 types of command after device: status, show, connect, disconnect, delete, WiFi, WiMAX
Connection: Start, stop, manage network connections
There are 9 types of command after connection: show, up, down, add, edit, modify, delete, reload, load
(2), COMMAND
Command's multi-class commands show, up, down, add, edit, modify, delete, reload, load are explained as follows:
Show: Displays all the property information for the network connection;
Up|down: Enables or disables the specified network connection;
Add: For adding a new network connection. Then add the following 4 categories: AutoConnect Yes|no: Whether to start this connection automatically, you need to add Onboot=yes|no;ifname if_name in the configuration file: Specify the target network interface device name to create the connection; all Con-name Con_ Name: Creates a connection name for the specified network interface device, type type: Specifies the interface type of the network device.
Example: # NMCLI connection Add AutoConnect Yes ifname eno67109432 con-name eno666 type Ethernet
Delete: Delete the specified network connection
Example: # NMCLI Connection Delete Con_name
# NMCLI Connection Delete eno666
Reload: Do not restart the network interface, but reload the configuration information in its configuration file;
Modify: Modify the network interface information in the format: Modify [ID | uuid | path] <ID> [+|-]<setting>.<property> <value>, where <se Tting> are the following 5 kinds: 802-3-ethernet.mtu; connection.autoconnect; ipv4.addresses; ipv4.dns; ipv4.gateway; Ipv4.method.
Example: # NMCLI connection Modify "system \ eno50332208" ipv4.addresses 1.2.3.4/8 ipv4.dns 202.202.222.222 Ipv4.gateway 1.1.1.1
(3), create Network Group
Network group, which is the method of aggregating multiple "network interface Devices", is designed to realize redundant fault tolerance and improve the availability and throughput, and the network group has better performance and better expansibility than the previous bonding technology; in CentOS7, A network group is implemented by a kernel driver in the kernel and a daemon called TEAMD. The network group can realize the following 5 kinds of working modes, the working mode is also called "The Runner (runner)": Broadcast, Roundrobin, Activebackup, loadbalance, LACP (Link Aggregation Control Protocol).
Network Group interface has the following 4 features: 1), start the Network group interface does not automatically start the other port interface in the network Group, 2), start the Network group Terminal port interface, also does not automatically start the Network group interface, 3), disable the Network group interface, will immediately disable the port interface in the network Group, 4), For network group interfaces that do not have a port interface, only static IP addresses can be configured and cannot be set from DHCP, and if set, the network group interface waits for the port interface to join.
There are two ways to create a network group, one to create with the NMCLI command, and one to modify the corresponding connection's configuration file.
Method One: Use the NMCLI command to create
NMCLI Create Network Group interface: NMCLI connection Add type team con-name TEAM_CON_NAME ifname if_name config JSON, JSON is the way to specify runner in the format: ' { "Runner": {"name": "Method"}} ', method for broadcast, Roundrobin, Activebackup, loadbalance, LACP five kinds.
Example: # NMCLI Connection Add type team con-name CLASS17 ifname class17 config ' {"runner": {"name": "LoadBalance"}} '
# NMCLI Connection Modify CLASS17 ipv4.addresses 172.16.203.205/16
# NMCLI Connection Modify CLASS17 Ipv4.method manual
NMCLI Create Port Interface: NMCLI connection Add type Team-slave [Con-name con_name] ifname if_name master team_name where, if no con-name is specified, The default con-name is Team-slave-if_name.
Example: # NMCLI connection Add type Team-slave con-name eno67109432 ifname eno67109432 Master CLASS17
# NMCLI Connection up CLASS17
# NMCLI Connection up eno67109432
# NMCLI Device Disconnect eno67109432
Method Two: Modify the corresponding connection configuration file to create
For example: Create a network Group interface:
Device=class17
team_config= "{\" Runner\ ": {\" name\ ": \" Activebackup\ "}}"
Devicetype=team
Bootproto=none
Name=class17
Onboot=yes
ipaddr=172.16.203.205
Prefix=16
To create a port interface:
name=team-slave-eno33554984
device=eno33554984
Onboot=yes
Team_master=class17
Devicetype=teamport
2. Nmtui command
Nmtui is a network control connection for the text user interface.
Iv. Bonding
Similar to the network group, the creation of bonding, but also a number of network interface cards, that is, a plurality of LAN interfaces to the same IP address, network services provided externally, can be load-balanced or high-availability technology, through the bonding, a virtual network card to provide services and network connectivity, All of the physical network cards are modified to the same MAC address, but bonding is best implemented in CentOS6, using a network group created by NMCLI in CentOS7 for more robust fault tolerance.
The bonding mainly have mode 0, mode 1 and Mode 3 which are 3 modes of operation, the specific explanation is as follows:
Mode 0: The "load balancing" solution, whose load-balancing algorithm is BALANCE-RR, where RR is polled by round robin. The polling strategy is to send packets on each slave interface in the order of "from beginning to end", which can provide load balancing and fault tolerance;
Mode 1: "Master and Standby" solution, in which only one slave is activated for normal data transfer, while the other interfaces monitor the working state of this interface, and only if the active slave interface fails, only one of the other backup interfaces is selected for activation; Implement fault tolerance ", load balancing is not possible.
Mode 3: "Full broadcast" solution that transmits all messages on all slave interfaces.
The configuration steps for using bonding are as follows:
1, create the virtual interface;
For example:
You can specify the attributes of bonding in the/etc/sysconfig/network-scripts/ifcfg-bond0 file:
Device=bond0
Onboot=yes
Nm_controlled=no
Bootproto=none
bonding_opts= "Miimon=100 mode=0"
ipaddr=172.16.100.135
Prefix=16
2, select Miimon monitoring time and bonding mode of operation; Miimon is used for link monitoring. If miimon=100, the system monitors the status of the link connection every 100ms, and if the result of a network interface in Miimon monitoring is not connected, then fault switching is carried out;
Example: bonding_opts= "miimon=100 mode=0"
3, select the physical interface for this bonding;
Modify the configuration file for the physical NIC Eth1:/etc/sysconfig/network-scripts/ifcfg-eth1
Device=eth1
Bootroto=none
Master=bond0
Slave=yes
Userctl=no
Modify the configuration file for the physical NIC Eth2:/etc/sysconfig/network-scripts/ifcfg-eth2
Device=eth2
Bootroto=none
Master=bond0
Slave=yes
Userctl=no
V. Configuration files
1. Network Interface configuration file
In CentOS6, there are 5 types of configuration files, which are related to IP, MASK, GATEWAY, and DNS server. The access locations for each network interface configuration file are:/etc/sysconfig/network-scripts/ifcfg-iface_name, where the configuration information is explained as follows:
DEVICE: Network Interface "Name"
Type: Network interface "Types", common with Ethernet, Bridge, Token ring, etc.
HWADDR: The "Physical Address" of this device, which is the MAC address in Ethernet;
Onboot: In the system boot process, whether to "activate" this device, yes/no;
NETBOOT: Can use this device for "network boot", yes/no;
Bootproto: Interface "protocol Type", Bootproto has dynamic configuration and static configuration two kinds, dynamic configuration namely DHCP and BOOTP; static configuration namely static and none.
Ipv6init: Whether the "IPV6" protocol is initialized on this interface;
Userctl: Whether "ordinary user can manage" This interface, recommend no;
IPADDR: Specifies the fixed "IP address" of this interface, but only if the Bootproto should be static or none;
NETMASK: Sets the subnet mask corresponding to the IP address, such as: 255.255.255.0
PREFIX: Sets the number of digits of the network prefix for the IP address, and a subnet mask meaning: 24
Gateway: Set Default "Gateways"
DNS1: The address of the preferred "DNS" server is pointed to;
DNS2: The address of the alternate DNS server points to;
DNS3: The address of the third DNS server is pointed to;
Peerdns: If the address of the new DNS server can point to the address of the alternate DNS server, the default value is allow;
Nm_controlled: Whether to allow the "NetworkManager" service to manage network interfaces is not recommended.
Very imperfect in CentOS6, the steps to close NetworkManager are as follows: (1), # Service NetworkManager stop, (2), # Chkconfig NetworkManager off
In CentOS7, the configuration file location associated with IP, MASK, GATEWAY, and DNS server is:/etc/sysconfig/network-scripts/ifcfg-iface_name. Compared with CentOS6, CentOS7 has more than three items, namely UUID, NAME, Defroute. Defroute, which is used to set whether this network interface is allowed to run the default route.
2, the host name of the configuration file
The host name Profile location is:/etc/sysconfig/network.
For the hostname profile, HOSTNAME is the host name used by the current Linux system, use # HOSTNAME to view the current system FQDN, # HOSTNAME new_hostname Log off and log back in.
Example: # hostnamectl Set-hostname New_hostname re-set host name
3. Local parsing configuration file
The local resolution configuration file location is:/etc/hosts. The format is: IP address host name
4. parser file
The parser file is located at:/etc/resolv.conf
Search domain_name
NameServer dns_server_ip_address
5. Static routed configuration file
The configuration file location for static routes is:/etc/sysconfig/network-scripts/route-iface_name.
Iface_name two types are as follows:
(1), each route information occupies one row, in the format: TARGET via next_hop [Dev Iface_name]
For example: 10.0.0.0/8 via 192.168.100.254.
(2), each route information occupies more than one line, the format is:
Address#=target
Netmask#=mask
Gateway#=next_hop
Example: address0=172.16.0.0
netmask0=255.255.0.0
gateway0=192.168.10.254
Six, network interface naming
The Linux network interface has two kinds of naming methods, one is the traditional naming method, it is used in CentOS6 and previous releases, the other is using the predictable naming method, which supports many naming mechanisms, which is used from CentOS7.
1, the traditional naming method
Ethernet: "EthX", where x is the natural number; For example: Eth0, eth1
PPP Network: "PPPX", where x is the natural number; For example: Ppp0, PPP1
Loopback interface: "Lo"
2. Predictable naming scheme
(1), named according to firmware
Each computer's network card has a unique identifier in its computer's hardware firmware, such as: MAC address, Vendor ID, appliance number, and so on.
Name the index information provided by the "Integrated device", for example: Enox, eno1,eno167777736,...
Name according to "MAC address"; For example: enx000c290045b3
(2), named according to the physical topology structure
Each computer has a fixed number of slots or interfaces on the motherboard, such as the first physical interface of the NIC connected to the second slot on the motherboard.
Named according to the index information provided by "extended slots", such as: ENSX, ENS0, Ens2
Named according to the location information of the physical topology of the hardware interface, for example: Enp1s0
Network Management and network configuration (Net-tools family (ifcfg family), Iproute family, NM family)