Linux Basics Introduction "eighth chapter"

Linux Network Base Cable

568A

568B

Line order: Orange white orange green white blue blue white green brown white brown

Switches, routers

Switches: DLINK, H3C, CISCO

A switch is a network device used for the forwarding of electrical signals. It provides a unique electrical signal path for any of the two network nodes that access the switch. The most common switch is the Ethernet switch. Other common telephone voice switches, fiber switches, and so on.

Routers: CISCO

The Router (Router) is a device that connects each LAN and WAN in the Internet, it automatically chooses and sets the route according to the situation of the channel, and sends the signal in the order of the best path.

OSI7 Layer Network Model

Physical layer, Data link layer, network layer, transport layer, Session layer, presentation layer, application layer.

Tcp / ip:

Data Link layer: ARP, RARP

Network layer: IP, ICMP, IGMP

Transport layer: TCP, UDP, UGP

Application layer: Telnet, FTP, SMTP, SNMP

Osi

Physical layers: eia/tia-232, eia/tia-499, v.35, v.24, RJ45, Ethernet, 802.3, 802.5, FDDI, NRZI, NRZ, B8zs

Data Link layer: Frame Relay, HDLC, PPP, IEEE 802.3/802.2, FDDI, ATM, IEEE 802.5/802.2

Network layer: IP, IPX, AppleTalk DDP

Transport layer: TCP, UDP, SPX

Session layer: RPC, SQL, NFS, NetBIOS, names, AppleTalk, ASP, DECnet, SCP

Presentation tiers: TIFF, GIF, JPEG, PICT, ASCII, EBCDIC, encryption, MPEG, MIDI, HTML

Application layer: FTP, WWW, Telnet, NFS, SMTP, Gateway, SNMP

Agreement

A protocol is a convention or call rule designed by both parties to communicate.

How the HTTP protocol works

The TCP/IP protocol has a three-time handshake of four disconnects.

The principle of user's online process

DHCP service

NAT Network Address Translation

Private network Address:

10.0.0.0/8 (10.0.0.0 to 10.255.255.255)

172.16.0.0/12 (172.16.0.0 to 172.31.255.255)

192.168.0.0/16 (192.168.0.0 to 192.168.255.255)

169.254.0.0/16 (169.254.0.0 to 169.254.255.255)

IP Address Classification

Class A

1.0.0.0 to 126.0.0.0

0.0.0.0 and 127.0.0 reserved

Class B

128.1.0.0 to 191.254.0.0

128.0.0.0 and 191.255.0.0 reserved

Class C

192.0.1.0 to 223.255.254.0

192.0.0.0 and 223.255.255.0 reserved

Class D

224.0.0.0 to 239.255.255.255 for multi-point broadcasting

Class E

240.0.0 to 255.255.255.254 reserved

255.255.255.255 for broadcast

The process by which a user visits a website

Dns

DNS (Domain Name System)

oldboy.me>>>1.1.1.1 process requires DNS resolution (DNS configured on the computer)

What can DNS do?

A record: oldboy.me>>>1.1.1.1

CNAME: Often used by CDN service providers

MX parsing record:[email protected] Build mail Service

PTR reverse parsing:1.1.1.1>>> mail Service

A record parsing process:

Web server for the IP address 1.1.1.1>>>IP address of the browser >>> oldboy.me>>> Web server

Principles of the DNS parsing process

Recursive queries >>> iterative queries

DNS itself is a tree structure that hangs upside down, and its vertices are also rooted ".".

Root server, 13 servers worldwide.

Top-level domains: org, com, net, me, CC

First-level domain name: Oldboy, Baidu, Sina

DNS Domain name resolution query

Dig www.baidu.com

View the DNS resolution process

[email protected]www.baidu.com +trace

Nslookup

Host Www.baidu.com

Ping www.baidu.com

Configuring the NIC

Nic configuration file/etc/sysconfig/network-scripts/ifcfg-eth0

2. [Email protected] ~]# Cat/etc/sysconfig/network-scripts/ifcfg-eth0
4. Device=eth0 #第一块网卡逻辑设备名, the second block of eth1, some systems will also be identified with EM characters
6. hwaddr=00:0c:29:96:43:67 #以太网硬件地址即MAC地址, this entry should be removed if the virtual machine that is a VMware clone fails to start the network card
8. Type=ethernet #上网类型, now basically Ethernet
10. UUID=9B7C820B-B8AB-4C33-A7E8-C4DA818B1AE2 #通用唯一标识码 If the VMware cloned virtual machine fails to start the network card should be removed
12. Onboot=yes #yes表示开机自启动激活网卡设备
14. Nm_controlled=yes #是否通过NetworkManager管理网卡设备.
16. Bootproto=dhcp #启动协议, get the configuration method, there are none, BOOTP, DHCP three options.
18. dns1=8.8.8.8 #主DNS, the default overrides and the configuration takes precedence over/etc/resolv.conf
20. dns2=202.106.0.20 #第二个DNS, the default overrides and the configuration takes precedence over/etc/resolv.conf

ipaddr=10.0.0.8 #这是虚拟机桥接模式, fixed IP for LAN Linux servers.

netmask=255.255.255.0 #子网掩码, used to plan the network bit and host bit, generally 255.255.255.0

gateway=10.0.0.254 #局域网上网网关地址

Ipv6init=no #是否支持ipv6

To view the UUID of a disk

1. [Email protected] ~]# Blkid
2. /dev/sda1:uuid= "16664a83-1118-495f-af51-363c9f6fb6e0" type= "ext4"
3. /dev/sda2:uuid= "54fd6fa3-c0aa-4f81-b33a-ec5224a367e4" type= "swap"
4. /dev/sda3:uuid= "1c715af5-9511-4058-9d1c-6191d8ead4e2" type= "ext4"

Nic in effect

Recommended Ifdown, Ifup

Ifdown eth0 stop eth0 NIC

Ifup eth0 start the eth0 NIC

For all network cards

/etc/init.d/network Restart #所有网卡

The DNS of the NIC configuration takes precedence over the/etc/resolv.conf configuration, and restarting the NIC will overwrite the/etc/resolv.conf.

The network card does not have DNS configured, then the configuration in/etc/resolv.conf will take effect, if there are multiple network cards (DHCP acquisition mode), it may overwrite the existing configuration in/etc/resolv.conf.

To modify a host name

1, hostname Oldboylinux

2, Vi/etc/sysconfig/network

3, Vi/etc/hosts

Configuring the default gateway

First entry into force document

1. [Email protected] ~]# grep-i Gate/etc/sysconfig/network-scripts/ifcfg-eth0

Second entry into force document

1. [Email protected] ~]# grep-i gate/etc/sysconfig/network

View Gateway

2. [Email protected] ~]# route-n
4. Kernel IP Routing Table
6. Destination Gateway genmask Flags Metric Ref use Iface
8. 192.168.31.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
10. 169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
12. 0.0.0.0 192.168.31.2 0.0.0.0 UG 0 0 0 eth0
14. [Email protected] ~]# Netstat-rn
16. Kernel IP Routing Table
18. Destination Gateway genmask Flags MSS Window Irtt Iface
20. 192.168.31.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
22. 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
24. 0.0.0.0 192.168.31.2 0.0.0.0 UG 0 0 0 eth0

Delete, add default gateway

1. [Email protected] ~]# route del default GW 10.0.0.254
3. [[email protected] ~]# route add default GW 10.0.0.254

Configure and view network information

Ifconfig View Configuration alias IP, etc.

Alias IP,VIP Virtual IP

1. [Email protected] ~]# ifconfig eth0:1 10.0.0.11/24 up
2. [Email protected] ~]# ifconfig
3. Eth0:1 Link encap:ethernet HWaddr 00:0c:29:96:43:67
4. inet addr:10.0.0.11 bcast:10.0.0.255 mask:255.255.255.0
5. Up broadcast RUNNING multicast mtu:1500 metric:1

Ifconfig eth0:x down to stop the alias IP.

IP in the same way as multiple IPs, secondary IP.

Secondary IP form: keepalived High availability always uses the secondary IP

The NIC restarts alias IP invalidation, written as a configuration file (/etc/sysconfig/network-scripts/ifcfg-eth0:1).

1. [[Email protected] ~]# IP addr add 10.0.0.12/24 dev eth0:1
2. [[Email protected] ~]# IP add
3. 2:eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> MTU Qdisc pfifo_fast State up Qlen 1000
4. Link/ether 00:0c:29:96:43:67 BRD FF:FF:FF:FF:FF:FF
5. inet 192.168.31.128/24 BRD 192.168.31.255 Scope Global eth0
6. inet 10.0.0.12/24 Scope Global eth0
7. Inet6 FE80::20C:29FF:FE96:4367/64 Scope link
8. Valid_lft Forever Preferred_lft Forever

Lsof

If a port is known to be 333, how can I see the service name for the port?

Method One:

1. [Email protected] ~]# lsof-i:333

Method Two:

1. [Email protected] ~]# Netstat-lntup|grep 333

View files that are deleted but still occupied by the process

1. [Email protected] ~]# lsof |grep del

Network check

1, Ping www.baidu.com, ICMP protocol, Linux prohibit ICMP. (There is no repair on the highway)

2, Traceroute www.baidu.com-n (track routing) basic check, each high-speed node has no repair pass

Windows Trace Routing

Tracert–d www.baidu.com

3, Telnet www.baidu.com 80 Check the server Web is not open, the service has no boot, and the firewall is not blocked.

Nmap 10.0.0.25-p 80

nc

Does not pass:

1, 80 service not open or port does not exist.

2, FW Firewall blocked.

3. The port on which the service listens is not on the connected IP.

4, the ISP operator is not open by default, application opening.

Grab Bag Tool

Tcpdump

Tcpdump-n icmp-i eth0

2. [Email protected] ~]# tcpdump-n icmp-i eth0
4. Tcpdump:verbose output suppressed, use-v or-vv for full protocol decode
6. Listening on eth0, Link-type EN10MB (Ethernet), capture size 65535 bytes
8. 21:42:05.685111 IP 192.168.31.1 > 192.168.31.128:icmp echo request, id 1, SEQ 1, length 40
10. 21:42:05.685202 IP 192.168.31.128 > 192.168.31.1:icmp echo Reply, id 1, SEQ 1, length 40
12. 21:42:06.690060 IP 192.168.31.1 > 192.168.31.128:icmp echo request, id 1, SEQ 2, Length 40
14. 21:42:06.690097 IP 192.168.31.128 > 192.168.31.1:icmp echo Reply, id 1, SEQ 2, Length 40
16. 21:42:07.704058 IP 192.168.31.1 > 192.168.31.128:icmp echo request, id 1, SEQ 3, Length 40
18. 21:42:07.704088 IP 192.168.31.128 > 192.168.31.1:icmp echo Reply, id 1, SEQ 3, Length 40
20. 21:42:08.717695 IP 192.168.31.1 > 192.168.31.128:icmp echo request, id 1, SEQ 4, Length 40
22. 21:42:08.717725 IP 192.168.31.128 > 192.168.31.1:icmp echo Reply, id 1, SEQ 4, Length 40

Nmap

Windows:wireshark,sniffer, Koreb network analysis.

Linux Basics Introduction "eighth chapter"