Introduction to Linux Network management

CENTOS6 Traditional Naming conventions:

• Ethernet: EthX, [0,oo], e.g. eth0, eth1, ..... The number defaults from 0, and 1 indicates the second NIC
• PPP Network: PPPX, [0,...], for example, Ppp0, PPP1, ...

Centos7 predictable naming:

1. If the index information provided by the firmware or BIOS-integrated device on the main board is available, then it is named according to this index, such as Eno1, Eno2, ...
2. If the index information provided by the firmware or BIOS for the PCI-E expansion slot is available and predictable, it is named according to this index, such as ENS1, Ens2, ...
3. If the physical location information for the hardware interface is available, it is named according to this information, such as ENP2S0, ...
4. If the user is explicitly defined, it can also be named according to the MAC address, such as Enx122161ab2e10, ...
   • The composition of the naming format:
   • En:ethernet Ethernet
   • Wl:wlan Wireless LAN
   • Ww:wwan Wireless Wan
   • Name Type:
   • O: Device index number of the integrated device;
   • S: The index number of the expansion slot;
   • X s: Name based on MAC address;
   • P S:PCI expansion bus;

Ifconfig Series Introduction

Ifconfig is a command that is used in Linux to display or configure Network devices (network interface cards), and the full name of the web interfaces configuring.
Parameter description:

add< address > Set the IP address of the network device IPV6.
del< address > Remove the IP address of the network device IPV6.
Down to close the specified network device.
IO_ADDR<I/O address > Set the I/O address of the network device.
IRQ<IRQ address > Set IRQ for network devices.
media< network Media type > Set the media type of the network device.
mem_start< memory address > Set the start address occupied by the network device in main memory.
Number of metric< > Specifies the number of times to be added when calculating the number of packets to be transferred.
mtu< byte > Sets the MTU of the network device.
netmask< Subnet mask > Set subnet mask for network devices.
tunnel< address > establish the tunnel communication address between IPV4 and IPV6.
Up to start the specified network device.
-broadcast< address > The packet to be sent to the specified address is treated as a broadcast packet.
-pointopoint< address > establishes a direct connection to a network device with a specified address, which has a privacy feature.
-promisc turns off or starts the promiscuous mode for the specified network device.
[IP Address] Specifies the IP address of the network device.
[Network Device] Specifies the name of the network device.

1. Get Help

[[email protected] ~]# man ifconfig

2. Display configuration information

[[email protected] ~]# ifconfig-aens33:flags=4163<up,broadcast,running,multicast> MTU 1500                    Open, support broadcast, run, multicast multicast, max 1500 bytes per frame inet 192.168.1.102 netmask 255.255.255.0 broadcast 192.168.1.255 IP subnet mask broadcast address Inet6 fe80::f1e9:399f:8eb3:d324 Prefixlen ScopeID 0x20<link > Ether 00:0c:29:58:d6:d7 txqueuelen (Ethernet) MAC address piercing queue Length RX packet        S 247849 bytes 87577060 (83.5 MiB) The number of messages received after this network card is activated RX errors 0 dropped 0 overruns 0 frame 0 Number of error drops overflow tx packets 83818 bytes 22088307 (21.0 MiB) number of packets out of the packet size TX er Rors 0 dropped 0 overruns 0 carrier 0 collisions 0 piercing error packet lo:flags=73<up,loopback,running> MTU 65 536 inet 127.0.0.1 netmask 255.0.0.0 inet6:: 1 prefixlen scopeid 0x10

3. Configuration

Enable

[[email protected] ~]# ifconfig ens33 192.168.1.103/24 up[[email protected] ~]# ifconfig ens34 192.168.1.103 netmask 255.255.255.0 up

Deactivate

[[email protected] ~]# ifconfig ens33 192.168.1.103/24 down[[email protected] ~]# ifconfig ens34 192.168.1.103 netmask 255.255.255.0 down[[email protected] ~]# ifconfig ens34 0 #删除ip信息

4. Feature start off take promiscuous mode as an example

#开启[[email protected] ~]# ifconfig ens33 promisc#关闭[[email protected] ~]# ifconfig ens33 -promisc

Route configuration

1, view?-N? digital display, the default is to reverse the route, display host name, etc.?

[[email protected] network-scripts]# route -nKernel IP routing tableDestination     Gateway         Genmask         Flags       Metric Ref    Use Iface0.0.0.0         192.168.1.1     0.0.0.0         UG          100    0        0 ens33到达任意地址用192.168.1.1这个网关转发 192.168.1.0     0.0.0.0         255.255.255.0   U         100    0        0 ens33到达192.168.1.0这个段的网络，用ip与255.255.255.0子网掩码做运算   

Parameter description

Destination:目标网络或者目标主机Gateway：网关或者*不设置Genmask：Destination的子网掩码，主机用255.255.255.255 ,默认路由0.0.0.0Flags：    U：路由启用    H：主机路由    G：用网关    R：回复动态路由    D：守护进程或者重定向 动态加载    M： 守护进程或者重定向 修改    A：installed by addrconf    C：缓存    ！：拒绝路由Metric：与目标的距离（通常以跳数计算）Ref：非内核引用这条路由次数Use：路由查询计数Iface：发送接口

2. Add route

[[email protected] ~]# route add -net 172.16.86.0/24 gw 192.168.1.101 dev ens33[[email protected] ~]# route add -net 0.0.0.0/0  gw 192.168.1.1 dev ens33[[email protected] ~]# route add -net default  gw 192.168.1.1 dev ens33

3, delete? centos7 default gateway, cannot be added back, need to restart the network, CENTOS6 can be added back

[[email protected] ~]# route del -net 0.0.0.0/0

Netstat Network status Tool

Common parameter Description

-A or--all shows all sockets in the connection.
-a< network type > or--< network type > lists the relevant addresses in the network type connection.
-C or--continuous continues to list network status.
-C or--cache displays the cache information for the router configuration.
-E or--extend displays other relevant information about the network.
-F or--FIB displays the fib.
-G or--groups displays the multi-broadcast feature group members list.
-H or--help online Help.
-I or--interfaces displays the Web interface information form.
-L or--listening displays the socket of the server in the monitor.
-M or--masquerade displays the spoofed network connection.
-N or--numeric uses the IP address directly, not through the domain name server.
-N or--netlink or--symbolic displays the symbolic connection name of the network hardware peripherals.
-O or--timers displays the timer.
-P or--programs shows the program identification code and program name that are using the socket.
-R or--route displays routing Table.
-S or--statistice displays the statistics of network work information.
-T or--tcp shows the connection status of the TCP transport protocol.
-U or--UDP shows the connection status of the UDP transport protocol.
-V or--verbose shows the instruction execution process.
-V or--version displays version information.
-W or--raw shows the connection status of the raw transport protocol.
-X or--unix the effect of this parameter is the same as specifying the "-A Unix" parameter.
--ip or--inet The effect of this parameter is the same as specifying the "-A inet" parameter.

Common combinations

 [[email protected] network-scripts]# netstat -antupActive Internet connections (servers and established)Proto(协议)  Recv-Q(接收队列)  Send-Q(发送队列)  Local Address（表示本地IP地址）               Foreign Address （远程IP地址）            State（状态）       PID/Program name（进程号/名称）tcp              0                               0                           0.0.0.0:22                                                       0.0.0.0:*                                                   LISTEN                 1060/sshd

Above status description

LISTEN: Monitoring
ESTABLISEHD: Established connection
Fin_wait_1: Client Disconnects
Fin_wait_2: Service-side disconnect
Syn_sent: synchronously sends a signal
SYN_RECV: Synchronous Receive signal
CLOSED: End

IP Series Network configuration link (device attribute management)

1. Display device information

[[email protected] ~]# ip link show1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT qlen 1    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:002: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000            广播       多播                             队列  先进先出                           队列长度    link/ether 00:0c:29:58:d6:d7 brd ff:ff:ff:ff:ff:ff

2. Turn off "Device | properties"

ip  link  set - change device attributes            dev NAME (default)：指明要管理的设备，dev关键字可省略；            up和down：            multicast on或multicast off：启用或禁用多播功能；            name NAME：重命名接口            mtu NUMBER：设置MTU的大小，默认为1500；            netns PID：ns为namespace，用于将接口移动到指定的网络名称空间；[[email protected] ~]# ip link set  dev ens34 up   #down

Namespace options

#命名空间 [[email protected] ~]# IP netns helpusage:ip netns list IP netns add name IP netns set name Netnsid IP [-all] netns Delete [NAME] IP netns identify [PID] IP netns pids NAME IP [-all] netns exec [NA ME] cmd ... ip netns monitor IP netns list-id# add namespace [[email protected] ~]# IP netns Add mynet[[email&nbsp ;p rotected] ~]# IP netns listmynet# move ens34 device to mynet space [[email protected] ~]# IP link set ens34 netns mynet[[email&n  bsp;protected] ~]# IP link show1:lo: <LOOPBACK,UP,LOWER_UP> MTU 65536 qdisc noqueue State UNKNOWN mode DEFAULT Qlen 1 link/loopback 00:00:00:00:00:00 BRD 00:00:00:00:00:002:ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> MTU Qdis C Pfifo_fast State up mode default Qlen link/ether 00:0c:29:58:d6:d7 brd ff:ff:ff:ff:ff:ff# view in mynet space [[email&nbsp ;p rotected] ~]# IP netns exec mynet IP link show1:lo: <LOOPBACK> MTU 65536 qdisc noop State down mode DEFAULT Qlen 1 Link/loopback 00:00: 00:00:00:00 BRD 00:00:00:00:00:003:ens34: <BROADCAST,MULTICAST> MTU qdisc NoOp State down mode DEFAULT Qlen 1 Link/ether 00:0c:29:58:d6:e1 BRD ff:ff:ff:ff:ff:ff# Delete namespace, inside the device released to the outermost [[email protected] ~]# IP netns del mynet [[email protected] ~]# IP link show1:lo: <LOOPBACK,UP,LOWER_UP> MTU 65536 qdisc noqueue State UNKNOWN mode DEF Ault Qlen 1 link/loopback 00:00:00:00:00:00 BRD 00:00:00:00:00:002:ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> MTU Qdisc Pfifo_fast State up mode DEFAULT qlen link/ether 00:0c:29:58:d6:d7 brd ff:ff:ff:ff:ff:ff3:ens34: <b Roadcast,multicast,up,lower_up> MTU Qdisc Pfifo_fast State up mode DEFAULT Qlen-link/ether 00:0c:29:58:d6: E1 BRD FF:FF:FF:FF:FF:FF

Addr (Protocol address management)

1. Display

[[email protected] ~]# ip addr show  #list

2. Add

[[email protected] ~]# ifconfig ens34 0[[email protected] ~]# ip addr add 172.16.86.131/24 dev Ens34[[email&nbs p;protected] ~]# IP addr Show ens343:ens34: <BROADCAST,MULTICAST,UP,LOWER_UP> MTU Qdisc Pfifo_fast State up QL En link/ether 00:0c:29:58:d6:e1 brd ff:ff:ff:ff:ff:ff inet 172.16.86.131/24 scope Global ENS34 Valid_lft Forever Preferred_lft Forever Inet6 fe80::f6c5:56ff:bace:e204/64 scope link Valid_lft forever preferred_lft forev  er# add a [[email protected] ~]# IP addr add 172.16.86.132/24 dev ens34[[email protected] ~]# IP addr Show ens343: ENS34: <BROADCAST,MULTICAST,UP,LOWER_UP> MTU Qdisc Pfifo_fast State up Qlen, Link/ether 00:0c:29:58:d6:  E1 BRD ff:ff:ff:ff:ff:ff inet 172.16.86.131/24 scope global ens34 Valid_lft forever Preferred_lft Forever inet 172.16.86.132/24 Scope Global Secondary ens34 valid_lft forever Preferred_lft Forever Inet6 Fe80::f6c5:56ff:bace      : E204/64 Scope link Valid_lft Forever Preferred_lft forever# above 2 add with ifconfig display only see the first add label can let ifconfig also display [[email protected] ~]# IP Addr Add 172.16.86.133/24 dev ens34 label ens34:1[[email protected] ~]# ifconfigens34:1: Flags=4163<up,  Broadcast,running,multicast> MTU inet 172.16.86.133 netmask 255.255.255.0 broadcast 0.0.0.0 ether 00:0c:29:58:d6:e1 Txqueuelen (Ethernet) ...

3. Delete

[[email protected] ~]# ip addr  del  172.16.86.133/24 dev ens34

4. Empty

[[email protected] ~]# ip addr flush dev ens343: ens34: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000    link/ether 00:0c:29:58:d6:e1 brd ff:ff:ff:ff:ff:ff

IP route Configuration

1. Route add

ip route add - add new routeip route change - change routeip route replace - change or add new one[[email protected] ~]# ip route add  172.16.86.0/24 via 172.16.86.132 dev ens34[[email protected] ~]# ip route add  172.16.86.0/24 via 172.16.86.132  dev ens34 src 172.16.86.133[[email protected] ~]# ip route list172.16.86.0/24 via 172.16.86.132 dev ens34 src 172.16.86.133到达172.16.86.0/24这个网段的地址 是由本机ens34上面的172.16.86.133这个网卡出去 下一跳是172.16.86.132[[email protected] ~]# ip route add  172.16.86.0/24 via 192.168.1.103  dev ens33 src 192.168.1.102

2. Delete

[[email protected] ~]# ip route delete  172.16.86.0/24[[email protected] ~]# ip route delete  172.16.86.0/24 dev ens34#清空[[email protected] ~]# ip route flush dev ens34

3. Display

[[email protected] ~]# ip route showdefault via 192.168.1.1 dev ens33 proto static metric 100default via 172.16.86.2 dev ens34 proto static metric 101192.168.1.0/24 dev ens33 proto kernel scope link src 192.168.1.102 metric 100[[email protected] ~]# ip route get 192.168.1.0/24broadcast 192.168.1.0 dev ens33 src 192.168.1.102    cache <local,brd>

SS Network Status Tool

Parameter description

-H: Displays help information;
-V: Displays the instruction version information;
-N: Do not parse the service name and display it digitally;
-A: Displays all sockets;
-L: Displays the socket in the listening state;
-O: Displays timer information;
-M: Shows memory usage of sockets;
-P: Displays process information using sockets;
-I: Displays the internal TCP information;
-4: Only IPv4 sockets are displayed;
-6: Only IPv6 sockets are displayed;
-T: Only TCP sockets are displayed;
-u: Displays only UDP sockets;
-D: Show only DCCP sockets;
-W: Show only raw sockets;
-x: Only UNIX domain sockets are displayed.

More than the netstat of the powerful, more conditional filtering function

[[email protected] network-scripts]# ss   -tuanp    ‘(  dport = :22 or sport = :22  )‘

These are temporary configurations
Configuration file for Nic:/etc/sysconfig/network-scripts/ifcfg-ethx. Set the IP address, subnet mask, default gateway, and so on.

TYPE=Ethernet    #接口类型，常见的有Ethernet, Bridge；BOOTPROTO=static   #激活此接口时使用什么协议来配置接口属性，常用的有dhcp、bootp、static、none；IPADDR=192.168.1.102 DNS1=8.8.8.8     #最多指定3个，防止主机跟dns服务连接不上时候备用DNS2=114.114.114.114GATEWAY=192.168.1.1  #网关NETMASK=255.255.255.0  #子网掩码；CentOS 7支持使用PREFIX以长度方式指明子网掩码； PREFIX=24IPV4_FAILURE_FATAL=noIPV6INIT=no  #是否初始化IPv6；NAME=ens33UUID=c17bccf7-ae71-4e7c-8022-5196ebbf771e   #设备唯一码DEVICE=ens33    #跟文件名ifcfg-ens33必须保持一致ONBOOT=no       #在系统引导过程中，是否激活此接口；

DNS Specifies the configuration file

[[email protected] ~]# cat /etc/resolv.conf# Generated by NetworkManagersearch localdomain zander.comnameserver 172.16.86.2nameserver 8.8.8.8nameserver 114.114.114.114

Configure additional network/etc/sysconfig/network-scripts/ifcfg-ensx:y

[[email protected] network-scripts]# cat ifcfg-ens33:0TYPE=EthernetPROXY_METHOD=noneBROWSER_ONLY=noBOOTPROTO=staticIPADDR=192.168.1.106NETMASK=255.255.255.0NAME=ens33:0DEVICE=ens33:0ONBOOT=yes[[email protected] network-scripts]# ifconfigens33:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500        inet 192.168.1.106  netmask 255.255.255.0  broadcast 192.168.1.255        ether 00:0c:29:58:d6:d7  txqueuelen 1000  (Ethernet)

Specify route additions

 [[email protected] network-scripts]# cat /etc/sysconfig/network-scripts/route-ens33172.16.86.0/24 via 192.168.1.103 # 到达172.16.86.0这个网络段 由dev ens33这个网卡出去  下一跳是192.168.1.103

Manual restart is required after the above configuration file is modified

CentOS 6:# Service Network restart
CentOS 7:# systemctl Restart Network.service

Introduction to Linux Network management