Linux Network attribute configuration commands and management details
I. Linux Network attribute Configuration
1. Network Access for Linux Hosts
IP/NETMASK: Implement Local Network Communication
Routing (GATEWAY): Cross-network communication is supported.
DNS server address: Host Name-based communication. Linux can have three DNS addresses.
When the first address goes down, it will find its standby address. If the first address cannot be resolved, it will stop.
2. Network attribute configuration method
(1) Static designation
1) command Method
Ifcfg commands:
Ifconfig: Configure IP address, NETMASK
Route: Configure route information
Netstat: View status and statistics
Iiproute2 series commands:
Ip OBJECT:
Addr: Address and mask;
Link: Interface
Route: route
Ss: View status and statistics
CentOS 7: Network Manager family
Nmcli: command line tool
Nmtui: text window Tool
Hostname/hostnamectl: Host Name Configuration
2) configuration file:
RedHat and related releases:/etc/sysconfig/network-scripts/ifcfg-NETCARD_NAME
DNS server configuration file:/etc/resolv. conf
Local host name configuration file:/etc/sysconfig/network
Note: The command configuration takes effect immediately, but the configuration becomes invalid after the current process is disabled. This is a one-time configuration method.
Configuring network properties through the configuration file does not take effect immediately. You need to restart the service, reload the configuration file, or restart the process.
(2) Dynamic Allocation: dependent on the DHCP service in the local network
DHCP: Dynamic Host Configure Procotol, Dynamic Host Configuration Protocol, the IP address cannot be fixed at this time
3. Network Interface Name
(1) traditional naming
Ethernet: eth #, such as eth0, eth1 ,...
PPP Network: ppp #, for example, ppp0, ppp1 ,...
(2) predictable naming scheme (CentOS 7)
Supports multiple naming mechanisms and is automatically configured based on Fireware, topology, and other information.
1) if the index information provided by Firmware or BIOS is available for devices integrated on the master board, name the index, such as eno1, eno2 ,...
2) Firmware or BIOS is available for the index information provided by the PCI-E expansion slot, and predictable, according to the index name, such as ens1, ens2 ,...
3) if the physical location information of the hardware interface is available, name it, for example, enp2s0 ,...
4) if you explicitly define a MAC address, you can also name it according to the MAC address, for example, eno16777736 (hexadecimal MAC ),...
5) If none of the above are available, the traditional naming is still used;
(3) Composition of the naming format
En: ethernet, indicating the interface of the Internet Nic
Wl: wlan, indicating the interface of the wireless network adapter
Ww: wwan, Wireless Wide Area Network, indicating a Wireless WAN NIC
(4) Name type:
O : The device Index Number of the Integrated Device;
S : Index Number of the expansion slot;
X : MAC address-based naming;
P S : Name the topology based on the bus and slot;
Ii. ifcfg series: fconfig, route, netstat
1. ifconfig: Configure to view Network Interfaces. By default, the second address cannot be displayed, but only the primary address can be displayed.
The label (interface alias) is displayed.
(1) ifconfig [INTERFACE] Only displays the information of the active Nic by default.
# Ifconfig-a: displays all interfaces, including inactive APIs;
Note: The Display Results of CentOS 6 and CentOS 7 are different.
CentOS 7:
Explanation of display meaning:
Eno1677736: Nic Interface Name:
Flags: flag. UP indicates that the NIC is enabled and activated.
Mtu: maximum transmission unit. The maximum transmission unit of the NIC is 1500 bytes.
Inet: IPv4 address; netmask: Subnet Mask; broadcast: broadcast address
Inet6: IPv6 address
HWaddr: ethernet address, corresponding to the HWaddr hardware address in CentOS 6
Txqueuelen 1000 (Ethernet): length of the Ethernet transmission queue
RX packets 7526 bytes 631299 (616.5 KiB): number of packets found after the NIC is activated, total size
RX errors: number of errors received; dropped: Number of packet loss; overruns: Number of overflow; frame: frame
TX packets 162 bytes 18461 (18.0 KiB): number of transmitted packets
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0: Transmission Error, packet loss, overflow, Frame
CentOS 6:
Eh0: Nic interface, which is very different from CentOS 7
HWaddr 00: 0C: 29: 46: 14: 98 hardware address
(2) ifconfig [-v] interface [aftype] options | address... Change the IPv4 address of the Network Adapter
Send it to the TCP/IP protocol stack in the kernel immediately and take effect. After the remote connection is modified, the original address will not cause a disconnection.
# IfconfigINTERFACE IP/MASK
# Ifconfig interface ip netmask NETMASK: Use the netmask keyword
Options: ifconfig INTERFACE OPTIONS
[-] Promisc: mixed mode.-indicates that the mixed mode is disabled. Adding a value directly indicates that the mixed mode is enabled.
... ...
Manage IPv6 addresses: add | del addr/prefixlen
(3) enable/disable NICs
1) # ifconfig INTERFACE up | down
2) ifup/ifdown command:
Note: This command identifies the interface and completes configuration through the configuration file/etc/sysconfig/network-scripts/ifcfg-IFACE;
(4) Delete the IP address of the specified interface NIC:
# Ifconfig INTERFACE 0
2. route command: View and manage routes
Route entry types (three types ):
Host Routing: the destination address is a single IP address;
Network Routing: the destination address is an IP network;
Default route: the target network is 0.0.0.0/0.0.0.0
(1) View:
# Route-n
-N: displays information in numbers without reverse resolution of the address and port number.
If there is a lot of routing information, reverse resolution to host name and port name will occupy a lot of resource overhead
Display Resolution:
Destination: Destination Address
Gateway: Next Hop network management address
0.0.0.0: indicates the network address of the local host. The local host does not need a gateway on the network and directly connects to the route,
Genmask: mask address of the target network
Flags: Route entry flag
U (route is up): up, indicating the enabled status
H (target is a host): The target address is a host address.
G (use gateway): use a gateway
R (reinstate route for dynamic routing): select
D (dynamically installed by daemon or redirect)
M (modified from routing daemon or redirect)
A (installed by addrconf)
C (cache entry)
! (Reject route)
G: indicates a gateway, but not necessarily a target gateway. The default gateway is only the target address 0.0.0.0.
Metric: Metric value, indicating the overhead to be entered in the middle of the network
Ref: Number of references to this route. (Not used in the Linux kernel .)
Use: Count of lookups for the route
Iface: which Nic interface of the host is used to send data
(2) Add:
Route add [-net |-host] target [netmask Nm] [gw GW] [dev] If]
-Net |-host: network route | host route, which is a network route by default
Target [netmask Nm]: The target address, which can be in the subnet mask format or the full format of the keyword netmask.
[Gw GW]: gw indicates the keyword, and GW indicates the real next hop address.
The next hop must be in the same network segment as one of its network adapters and must exist.
[Dev] If]: indicates the network card to which the log belongs. It can be omitted and can be automatically determined.
Example:
Route add-net 10.0.0.0/8 gw 192.168.10.1 dev eth1
Route add-net 0.0.0.0/0.0.0.0 gw 192.168.10.1 === route add default gw 192.168.10.1
(3) Delete:
Route del [-net |-host] target [gw Gw] [netmask Nm] [[dev] If]
Example: route del-net 10.0.0.0/8 gw 192.168.10.1
Route del default
3. netstat command: View network status and statistical data
Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships
Displays network connections, route tables, interface connections, disguised connections, and multicast member relationships
(1) display route table: # netstat-rn
-R: displays the kernel route table.
-N: the information is displayed in numbers without reverse resolution.
(2) display network connection information: # netstat OPTIONS (common combinations:-tan,-uan,-tnl,-unl,-tunlp)
-T, -- tcp: Connection related to the TCP protocol, the connection has its status; FSM (Finate State Machine );
A virtual link must be established before communication starts. After communication is complete, the link must be removed.
-U, -- udp: UDP-related connections; connectionless protocols; direct transmission of data packets
-W: raw socket bare socket-related connections
-L: connection in the listener status
-A: connections in all States
-N: IP and Port are displayed in numeric format;
-E: extended format
-P: displays the related process and PID;
Tcp status: LISTEN, ESTABLISEHD, FIN_WAIT_1 Wait Status, FIN_WAIT_2, SYN_SENT, SYN_RECV, CLOSED
Note: Transport Layer Protocol differences (TCP | UDP)
Tcp: connection-oriented protocol. A virtual link must be established before the communication starts, and the connection must be removed after the communication is complete;
Udp: connectionless protocol; send data packets directly;
(3) display interface statistics:
Netstat {-- interfaces |-I |-I} [iface] [-- all |-a] [-- extend |-e] [-- verbose |-v] [-- program |- p] [-- numeric |-n]
All interfaces: netstat-I
Specified interface: netstat-I Note that there cannot be spaces in the middle
4. Configure the hostname/hostnamectl command:
(1) hostname
View: hostname
Configuration: hostname HOSTNAME, which is valid for the current system and is invalid after restart;
(2) hostnamectl command (CentOS 7): This command will directly modify the configuration file to take effect.
Hostnamectl status: displays the current host name information;
Hostnamectl HOSTNAME: the host name is valid permanently;
Iii. iproute series: ip and ss
The iproute2 series is closely related to the kernel and is directly placed into the kernel for effectiveness. The version number is consistent with the kernel version number.
Advanced IP routing and network device configuration tools: Provides network tools
1. ip commands: show/manipulate routing, devices, policy routing and tunnels policy routing, tunneling, routing, and devices
Ip [OPTIONS] OBJECT {COMMAND | help}
OBJECT: = {link | addr | route | netns}
Note: The OBJECT can be abbreviated, and the sub-commands of each OBJECT can also be abbreviated;
(1) iplink: network device configuration, network device configuration
1) ip link set: change device attributes, modify device attributes
Dev NAME (default): Specifies the device to be managed. default configuration. The dev keyword can be omitted;
Up and down: enabled and Disabled
Multicast on or multicast off: enable or disable the multicast function;
Name NAME: Rename Interface
Mtu NUMBER: Specifies the MTU size. The default value is 1500;
Netns PID: ns is a namespace used to move interfaces to a specified network namespace;
Instance:
Modify the eth1 name. Disable it before modification.
[Root @ localhost ~] # Ip link set eth1 down
[Root @ localhost ~] # Ip link set eth1 name ethtest
[Root @ localhost ~] # Ip link show
2) ip link show/list: display device attributes, display device Properties
3) ip link help: displays brief help information;
(2) ip netns: manage network namespaces. manage network namespaces
Ip netns list: list all netns
Ip netns add NAME: Create the specified netns
Ip netns del NAME: Delete the specified netns
Ip netns exec name command: run the COMMAND in the specified netns
(3) ip address: protocol address management. protocol address management
1) ip address add: add new protocol address, add a new protocol address
Ip addr add INTERFACEADDR dev INTERFACE
[Label NAME]: Specifies the interface alias for the added address;
[Broadcast ADDRESS]: The broadcast ADDRESS, which is automatically calculated based on the ip address and NETMASK;
[Scope SCOPE_VALUE]: range variable
Global: globally available;
Link: the interface is available;
Host: only available on the local machine;
2) ip address delete: delete protocol address, delete the protocol address
# Ip addr delete INTERFACEADDR dev IFACE
3) ip address show: look at protocol addresses, view the protocol address
# Ip addr list [IFACE]: displays the interface address;
4) ip address flush: flush protocol addresses, delete all addresses on the specified Interface
# Ip addr flush dev IFACE
(4) ip route: outing table management, managing route tables
1) ip route add-add new route
Ip route change-change route Modification
Ip route replace-change or add new one modify or add
Ip route add type prefix via GW [dev IFACE] [src SOURCE_IP]
Example:
# Ip route add 192.168.0.0/24 via 10.0.0.1 dev eth1 src 10.0.20.100
# Ip route add default via GW
2) ip route delete-delete route
Ip route del TYPE PRIFIX
3) ip route show-list routes
4) ip route flush-flush routing tables
5) ip route get-get a single route
Ip route get TYPE PRIFIX
2. ss Command: view the network status and statistical data ss [options] [FILTER]
(1) [OPTION]:
-T: TCP-related connections
-U: UDP-related connections
-W: raw socket-related connections
-L: Listener status connection
-A: connections in all States
-N: digit format
-P: The related program and its PID
-E: extended format information
-M: memory usage
-O: timer Information
(2) FILTER: = [state TCP-STATE] [EXPRESSION] state FILTER Function
You can filter port and status information to view
EXPRESSION:
Dport =
Sport =
Example: '(dport =: 22 or sport =: 22 )'
~] # Ss-tan '(dport =: 22 or sport =: 22 )'
~] # Ss-tan state ESTABLISHED
4. nmcli command:
Nmcli [OPTIONS] OBJECT {COMMAND | help}
(1) device: show and manage network interfaces display Management network Interface
COMMAND: = {status | show | connect | disconnect | delete | wifi | wimax}
(2) connection: start, stop, and manage network connections,
COMMAND: = {show | up | down | add | edit | modify | delete | reload | load}
(3) modify [id | uuid | path] [+ |-] .
How to modify attributes such as IP addresses:
# Nmcli conn modify IFACE [+ |-] setting. property value
Ipv4.address
Ipv4.gateway
Ipv4.dns1
Ipv4.method
Manual
V. configuration file:
1. configuration file for IP/NETMASK/GW/DNS and other attributes:/etc/sysconfig/network-scripts/ifcfg-IFACE
Ifcfg-IFACE: actual interface name;
(1) vim editing the configuration file
The configuration file/etc/sysconfig/network-scripts/ifcfg-IFACE defines interface attributes through a large number of parameters and can be directly modified.
1) fcfg-IFACE configuration file parameters:
DEVICE: the name of the DEVICE corresponding to the configuration file;
ONBOOT: whether to activate this interface during system boot;
UUID: the unique identifier of the device;
IPV6INIT: whether to initialize IPv6;
BOOTPROTO: the protocol used to configure interface attributes when activating this interface. Commonly Used protocols include dhcp, bootp, static, and none;
TYPE: interface TYPE. common interfaces include Ethernet and Bridge;
DNS1: The first DNS server points;
DNS2: the backup DNS server directs;
DOMAIN: DNS search DOMAIN;
IPADDR: IP address;
NETMASK: Subnet Mask; CentOS 7 supports specifying the subnet mask in length mode using PREFIX;
GATEWAY: the default GATEWAY;
USERCTL: whether normal users are allowed to control the device;
PEERDNS: If the BOOTPROTO value is "dhcp", whether to allow the dns server allocated by the dhcp server to direct to the DNS server that is manually specified locally. The default value is allow;
HWADDR: the MAC address of the device;
NM_CONTROLLED: whether to use the NetworkManager service to control the interface
The networkManager on CentOS 6 is not complete, and clusters and virtualization bridging cannot be used under this network service.
There are two types of network services: network and NetworkManager.
2) manage network services:
CentOS 6: service {start | stop | restart | status}
CentOS 7: systemctl {start | stop | restart | status} SERVICE [. service]
After the configuration file is modified, restart the network service to take effect;
CentOS 6: # service network restart
CentOS 7: # systemctl restart network. service
(2) Modification of dedicated commands
CentOS 6: system-config-network (setup)
# Setup
# System-config-network
CentOS 7: nmtui
2. route configuration file:/etc/sysconfig/network-scripts/route-IFACE
Use non-default gateway route:/etc/sysconfig/network-scripts/route-IFACE
Two configuration methods are supported, but cannot be mixed;
(1) One route entry per line: TARGET via GW
(2) One route entry per three lines:
ADDRESS # = TARGET
NETMASK # = MASK
GATEWAY # = NEXTHOP
3. Configure multiple addresses for the interface:
(1) ip addr add INTERFACEADDR dev INTERFACE label LABELNAME
(2) ifconfig IFACE_LABEL IPADDR/NETMASK
IFACE_LABEL: eth0: 0, eth0: 1 ,...
(3) Add a configuration file for the alias;
DEVICE = IFACE_LABEL
BOOTPROTO: the online alias does not support dynamic address retrieval;
Static, none
4. hostname configuration file:/etc/sysconfig/network
Command: HOSTNAME =
Note: the setting of this method does not take effect immediately. It will always take effect after you repeat the configuration file or restart the system;
5. Configure the DNS server to point:
Configuration File:/etc/resolv. conf, add nameserver DNS_SERVER_IP
6./etc/hosts alias, name resolution, takes effect in advance, first view this file.