"Linux Basics" 17, network attribute configuration detailed

First, configure the host to access the TCP/IP network

Routing:

Host routes: Hosts

Network routing: Net

Default route (Gateway):d Efault

DNS server:

Primary DNS Server

Alternate DNS Server

Host Name:

Configure IP:

How network devices represent:

Kernel Recognition Device: Driver

Devices: Aliases

Ethernet Devices: EthX,

PPP Network: PPPX

Local loopback: Lo

IP configuration on the kernel, displayed on the NIC

Statically specified:

Ip/netmask

Dynamic configuration:

DHCP server Dynamic Host Configuration Protocol

1) User Space tool

Immediately notify the kernel to be in effect, shutdown disabled

Ifconfig

Ip

2) Network device service configuration file

Long term effectiveness

3) Gui/tui

Command-line tools for user space: effective immediately, but not long-lasting

Ifconfig

Iproute2 (IP,SS)

Ifconfig

Ifconfig (IP addr,ip link) displays information about all active interfaces

Ifconfig INTERFACE only displays information about the specified interface

Ifconfig INTERFACE Ip/mask

Long format: 255,255.0.0

Ifconfig INTERFACE IP netmask MASK

Cidr:16 (number of 1)

Ifconfig INTERFACE Ip/mask

[Email protected] ~]# ifconfig eth0 192.168.100.10 netmask 255.255.255.0

[Email protected] ~]# ifconfig eth0 192.168.100.100/24

Route

Route (IP route) displays routing information

-n is displayed in number format and does not reverse address to host name

Route add-host host_ip GW Next_hop [Dev Device]

-net net_addr GW next_hop [Dev Device]

-net 0.0.0.0 Destination address is any address, plus a gateway, default route

Route Del-host Host_ip

-net net_addr

[Email protected] ~]# route

Kernel IP Routing Table

Destination Gateway genmask Flags Metric Ref use Iface

192.168.100.0 * 255.255.255.0 U 0 0 0 eth0

[Email protected] ~]# route-n

Kernel IP Routing Table

Destination Gateway genmask Flags Metric Ref use Iface

192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0

U means that the status measure is enabled: 0 indicates that the network does not need to go through the router

G Indicates the default gateway

H means host route [[email protected] ~]# Route add-net 172.16.0.0/16 GW 192.168.100.1

[Email protected] ~]# route

Kernel IP Routing Table

Destination Gateway genmask Flags Metric Ref use Iface

192.168.100.0 * 255.255.255.0 U 0 0 0 eth0

172.16.0.0 192.168.100.1 255.255.0.0 UG 0 0 0 eth0

[Email protected] ~]# route-n

Kernel IP Routing Table

Destination Gateway genmask Flags Metric Ref use Iface

172.16.100.100 192.168.100.2 255.255.255.255 UGH 0 0 0 eth0

192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0

172.16.0.0 192.168.100.1 255.255.0.0 UG 0 0 0 eth0

[Email protected] ~]# Route add-net 0.0.0.0 GW 192.168.100.3

[Email protected] ~]# route-n

Kernel IP Routing Table

Destination Gateway genmask Flags Metric Ref use Iface

172.16.100.100 192.168.100.2 255.255.255.255 UGH 0 0 0 eth0

192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0

172.16.0.0 192.168.100.1 255.255.0.0 UG 0 0 0 eth0

0.0.0.0 192.168.100.3 0.0.0.0 UG 0 0 0 eth0

[[email protected] ~]# route add default GW 192.168.100.4

[Email protected] ~]# route-n

Kernel IP Routing Table

Destination Gateway genmask Flags Metric Ref use Iface

172.16.100.100 192.168.100.2 255.255.255.255 UGH 0 0 0 eth0

192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0

172.16.0.0 192.168.100.1 255.255.0.0 UG 0 0 0 eth0

0.0.0.0 192.168.100.4 0.0.0.0 UG 0 0 0 eth0

0.0.0.0 192.168.100.3 0.0.0.0 UG 0 0 0 eth0

DNS server points to

Configuration file:/etc/resolv.conf

Maximum of three:

NameServer DNS_SERVER_IP

CentOS 5/6:

Service script:/etc/rc.d/init.d/network

CentOS 6:

Service script:/etc/rc.d/init.d/networkmanager

Service script: SysV style LSB

Control runs in daemon, accepts parameter {start|stop|restart|status}

Script location:/ETC/RC.D/INIT.D or/ETC/INIT.D

Configure a service to boot automatically: Chkconfig src_script_name on

Disable start-up automatically: Chkconfig src_script_name off

View Chkconfig--list

Call Mechanism:

1./etc/init.d/script_name {Start|stop|restart|status}

1.service script_name {Start|stop|restart|status}

Service control scripts related to network devices

They are usually able to read the configuration files configured for the network to enable management functions such as their configuration to take effect or fail.

There are two types of configuration files (/etc/sysconfig/network-scripts/)

Configure IP, mask, gateway

Ethernet: Ifcfg-ethx

Ppp:ifcfg-pppx

Matching routes

Route-ethx

Route-pppx

Configure IP, mask, Gateway: ifcfg-ethx

Device= "Eth0"

The device to which this configuration is associated. Device name to be consistent with Ude content after file ifcfg-

Bootproto=none

Boot protocol: {NONE|STATIC|DHCP|BOOTP}

Hwaddr= "00:0c:29:26:62:92"

MAC address: To be consistent with the real MAC address, omit

Nm_controlled= "Yes"

Whether to accept NetworkManager script control: {yes|no}

onboot= "Yes"

Does the boot automatically start this network device {Yes|no}

Type= "Ethernet"

Device Type Etheraget Bridge (bridge)

Uuid= "14351f7f-a726-4dfc-966e-dfb1f352f226"

Unique identification, can be omitted

Ipaddr=

IP Address

netmask=

Mask

gateway=

Default Gateway

dns1=

DNS1 Service Address

Ipv6init=no

Whether to turn on IPv6

Userctl=no

Whether to allow normal users to operate the NIC

Peerdns={yes|no}

If the DHCP service is allowed to assign addresses, update/etc/resolv directly. DNS server address in conf

Configure routing: ROUTE-ETHX

Configuration file Format 1: One path entry per line to configure

Target via Next hop

Configuration file Format 2: One routing entry for each group

address#= Target

Netmask#= Mask

Gateway#= Next Jump

address0=192.168.0.0

netmask0=255.255.255.0

gateway0=172.16.100.1

How to configure multiple addresses on a single NIC:

Through the network interface aliases to achieve

eth0x

Eth0:x,eth0:0,eth0:1 ....

Configuration 1:

Ifconfig ethx:y Ip/mask

Configuration 2:

Ifcfg-ethx:y

Device=ethx:y

Bootproto={none|static}

Ipaddr=

netmask=

Note A host can have only one gateway, and non-primary addresses do not support DHCP protocol acquisition

Use of IP commands

Wkiom1ybrnkdkekeaaozekpua84286.jpg

IP link

IP link Show view default information

IP link

IP link set interface [Up|down] [multicast On|off]:

IP addr

You can configure multiple addresses on an interface without using an interface alias: Display these addresses

IP addr Show

IP addr

IP addr Add Dev Interface IP address/mask [Label alias]

IP addr Add Dev interface ip address [Label alias]

IP addr Flush interface [to network address]

IP route

IP route add target via next hop src address [dev Device]

IP Route del Target

IP Route Show

Enable/Disable interface:

IP Link Set interface up|down

Ifconfig interface Up|down

Ifdown interface, the Ifup interface resets the network connection

Tui or GUI

After the System-config-network-tui configuration is complete, the configuration file is saved

Setup--Network Configuration

Tools related to network management or detection:

PING:ICMP Internet Control Message Protocol

ping [Options] IP

-C Times

-W Test Execution duration

1. Command format:

ping [parameters] [host name or IP address]

2. Command function:

The ping command is used to determine the status of networks and external hosts, to track and isolate hardware and software issues, and to test, evaluate, and manage networks.

If the host is running and connected to the network, it responds to the loopback signal. Each echo request consists of an Internet Protocol (IP) and an ICMP header, followed by a Tim structure, and sufficient bytes to fill in the packet. The default is to send the loopback signal request continuously until the interrupt signal (CTRL-C) is received.

The ping command sends a datagram every second and prints a line of output for each response received. The ping command calculates the statistics of the signal round-trip time and (information) packet loss, and displays a brief summary after completion. The ping command ends when the program times out or when a SIGINT signal is received. The host parameter is either a valid host name or an Internet address.

3. Command parameters:

-D uses the So_debug function of the socket.

-F limit detection. Send a large and fast network packet to a machine to see its response.

-n outputs only numeric values.

-Q does not display information for any transmittal packets, only the final result is displayed.

-R ignores the normal routing Table and sends the packet directly to the remote host. This is usually a matter of looking at the network interface of this computer.

-R records the routing process.

-V shows the execution of the instruction in detail.

Number of <p>-c: Stop after sending a specified number of packages.

-I seconds: set interval a few seconds to send a network packet to a machine, the default value is one second to send once.

-I network interface: sends out packets using the specified network interface.

-L Pre-load: Sets the packets that are emitted before the requested information is sent.

-P Template style: Sets the template style that fills the packet.

-S Bytes: Specifies the number of bytes of data sent, the default value is 56, plus 8 bytes of ICMP header, which is a total of 64ICMP data bytes.

-T Survival value: Sets the size of the Live value TTL.

TTL: Time To Live

Specifies the number of network segments that the datagram is allowed to pass before it is discarded by the router.

The TTL is set by the sending host to prevent packets from continually looping on the IP internetwork forever. When forwarding IP packets, the router is required to reduce the TTL by at least 1.

The TTL field value can help us identify the operating system type.

L Unix and Unix-like operating systems the TTL field value of the ICMP Echo reply is 255.

L COMPAQ Tru64 5.0 The TTL field value of the ICMP Echo reply is 64.

L LINUX Kernel 2.2.x & 2.4.x The TTL field value for the ICMP echo response is 64.

The TTL field value for the Microsoft Windows nt/2k/2k3/2k8 operating system ICMP echo answer is 128.

The TTL field value for the Microsoft Windows 95 operating system ICMP echo answer is 32.

Traceroute HOST:

Gets the gateway that the current host has passed to the target host

MTR HOST

Netstat

The Netstat command is used to display various network-related information, such as network connections, routing tables, Interface states (Interface Statistics), masquerade connections, multicast members (multicast memberships), and so on.

Output message Meaning

After executing the netstat, the output is

[Email protected] ~]# netstat

Active Internet connections (w/o servers)

Proto recv-q send-q Local address Foreign address state

TCP 0 0 192.168.100.20:SSH 192.168.100.3:57272 established

Active UNIX domain sockets (w/o servers)

Proto refcnt Flags Type State I-node Path

UNIX 2 [] Dgram 7659 @/org/kernel/udev/udevd

UNIX 7 [] Dgram 8876/dev/log

UNIX 2 [] Dgram 10769

UNIX 2 [] Dgram 9696

UNIX 2 [] Dgram 9507

UNIX 2 [] Dgram 9379

UNIX 3 [] STREAM CONNECTED 9373

UNIX 3 [] STREAM CONNECTED 9372

UNIX 3 [] STREAM CONNECTED 9360

As a whole, the output of Netstat can be divided into two parts:

One is the active Internet connections, called the active TCP connection, where "recv-q" and "Send-q" refer to the Receive queue and the send queue for%0a. These figures are generally supposed to be 0. If not, it means that the package is accumulating in the queue. This situation can only be seen in very few cases.

The other is the active UNIX domain sockets, known as the active UNIX Domains socket interface (as with network sockets, but only for native communication, which can be increased by one-fold performance).

Proto shows the protocol used by the connection, refcnt represents the process number connected to this set of interfaces, types shows the type of the socket interface, state shows the current status of the socket interface, and path represents the pathname used by other processes connected to the socket.

Common parameters

-A (All) displays all options and does not show listen related by default

-T (TCP) displays only TCP-related options

-U (UDP) displays only UDP-related options

-N refuses to display aliases, showing all numbers converted to numbers.

-l list only service status in Listen (listening)

-P Displays the program name that establishes the associated link

-R display routing information, routing table

-e display extended information, such as UID, etc.

-S statistics according to each protocol

-C executes the netstat command every other fixed time.

Hint: The status of listen and listening can only be seen with-a or-l

Common combinations:

Netstat-naptu

Netstat-tan

Netstat-tunl

Netstat-rn

SS, used to replace Netstat

Connection to the-T:TCP protocol

Links to the-U:UDP agreement

-L: Listening status connection

-A: Connections for all States

-E: Show extended information

-M: Displays memory information used by the socket connection

-P: Process and UDP

-N: Number format display

-O State (established)

Ethtool Interface: Display Interface Device properties

Ethtool-s interface: Displays statistics for device interfaces

Extracurricular tasks:

Nmap: Scanners

Tcpdump: Sniffer

Wireshark: Sniffer

Tshark: The character interface

Use the ping command to detect which hosts are online 172.16.0.0/16

Online, shown in green

Not online, shown in red

#!/bin/bash

For i in {0..255};d o

For j in {1..254};d o

Ping-c 1 172.16. $i. $j &>/dev/null

if [[$?-eq 0]];then

ECHO-E-N "\033[32mping 172.16. $i. $j ke da!\033[0m\n"

Else

ECHO-E-N "\033[31mping 172.16. $i. $j bu ke da!\033[0m \ n"

Fi

Done

Done

"Linux Basics" 17, network attribute configuration detailed