Linux Network attribute configuration commands and management details

Linux Network attribute configuration commands and management details

I. Linux Network attribute Configuration

1. Network Access for Linux Hosts

IP/NETMASK: Implement Local Network Communication

Routing (GATEWAY): Cross-network communication is supported.

DNS server address: Host Name-based communication. Linux can have three DNS addresses.

When the first address goes down, it will find its standby address. If the first address cannot be resolved, it will stop.

2. Network attribute configuration method

(1) Static designation

1) command Method

Ifcfg commands:

Ifconfig: Configure IP address, NETMASK

Route: Configure route information

Netstat: View status and statistics

Iiproute2 series commands:

Ip OBJECT:

Addr: Address and mask;

Link: Interface

Route: route

Ss: View status and statistics

CentOS 7: Network Manager family

Nmcli: command line tool

Nmtui: text window Tool

Hostname/hostnamectl: Host Name Configuration

2) configuration file:

RedHat and related releases:/etc/sysconfig/network-scripts/ifcfg-NETCARD_NAME

DNS server configuration file:/etc/resolv. conf

Local host name configuration file:/etc/sysconfig/network

Note: The command configuration takes effect immediately, but the configuration becomes invalid after the current process is disabled. This is a one-time configuration method.

Configuring network properties through the configuration file does not take effect immediately. You need to restart the service, reload the configuration file, or restart the process.

(2) Dynamic Allocation: dependent on the DHCP service in the local network

DHCP: Dynamic Host Configure Procotol, Dynamic Host Configuration Protocol, the IP address cannot be fixed at this time

3. Network Interface Name

(1) traditional naming

Ethernet: eth #, such as eth0, eth1 ,...

PPP Network: ppp #, for example, ppp0, ppp1 ,...

(2) predictable naming scheme (CentOS 7)

Supports multiple naming mechanisms and is automatically configured based on Fireware, topology, and other information.

1) if the index information provided by Firmware or BIOS is available for devices integrated on the master board, name the index, such as eno1, eno2 ,...

2) Firmware or BIOS is available for the index information provided by the PCI-E expansion slot, and predictable, according to the index name, such as ens1, ens2 ,...

3) if the physical location information of the hardware interface is available, name it, for example, enp2s0 ,...

4) if you explicitly define a MAC address, you can also name it according to the MAC address, for example, eno16777736 (hexadecimal MAC ),...

5) If none of the above are available, the traditional naming is still used;

(3) Composition of the naming format

En: ethernet, indicating the interface of the Internet Nic

Wl: wlan, indicating the interface of the wireless network adapter

Ww: wwan, Wireless Wide Area Network, indicating a Wireless WAN NIC

(4) Name type:

O : The device Index Number of the Integrated Device;

S : Index Number of the expansion slot;

X : MAC address-based naming;

P S : Name the topology based on the bus and slot;

Ii. ifcfg series: fconfig, route, netstat

1. ifconfig: Configure to view Network Interfaces. By default, the second address cannot be displayed, but only the primary address can be displayed.

The label (interface alias) is displayed.

(1) ifconfig [INTERFACE] Only displays the information of the active Nic by default.

# Ifconfig-a: displays all interfaces, including inactive APIs;

Note: The Display Results of CentOS 6 and CentOS 7 are different.

CentOS 7:

Explanation of display meaning:

Eno1677736: Nic Interface Name:

Flags: flag. UP indicates that the NIC is enabled and activated.

Mtu: maximum transmission unit. The maximum transmission unit of the NIC is 1500 bytes.

Inet: IPv4 address; netmask: Subnet Mask; broadcast: broadcast address

Inet6: IPv6 address

HWaddr: ethernet address, corresponding to the HWaddr hardware address in CentOS 6

Txqueuelen 1000 (Ethernet): length of the Ethernet transmission queue

RX packets 7526 bytes 631299 (616.5 KiB): number of packets found after the NIC is activated, total size

RX errors: number of errors received; dropped: Number of packet loss; overruns: Number of overflow; frame: frame

TX packets 162 bytes 18461 (18.0 KiB): number of transmitted packets

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0: Transmission Error, packet loss, overflow, Frame

CentOS 6:

Eh0: Nic interface, which is very different from CentOS 7

HWaddr 00: 0C: 29: 46: 14: 98 hardware address

(2) ifconfig [-v] interface [aftype] options | address... Change the IPv4 address of the Network Adapter

Send it to the TCP/IP protocol stack in the kernel immediately and take effect. After the remote connection is modified, the original address will not cause a disconnection.

# IfconfigINTERFACE IP/MASK

# Ifconfig interface ip netmask NETMASK: Use the netmask keyword

Options: ifconfig INTERFACE OPTIONS

[-] Promisc: mixed mode.-indicates that the mixed mode is disabled. Adding a value directly indicates that the mixed mode is enabled.

... ...

Manage IPv6 addresses: add | del addr/prefixlen

(3) enable/disable NICs

1) # ifconfig INTERFACE up | down

2) ifup/ifdown command:

Note: This command identifies the interface and completes configuration through the configuration file/etc/sysconfig/network-scripts/ifcfg-IFACE;

(4) Delete the IP address of the specified interface NIC:

# Ifconfig INTERFACE 0

2. route command: View and manage routes

Route entry types (three types ):

Host Routing: the destination address is a single IP address;

Network Routing: the destination address is an IP network;

Default route: the target network is 0.0.0.0/0.0.0.0

(1) View:

# Route-n

-N: displays information in numbers without reverse resolution of the address and port number.

If there is a lot of routing information, reverse resolution to host name and port name will occupy a lot of resource overhead

Display Resolution:

Destination: Destination Address

Gateway: Next Hop network management address

0.0.0.0: indicates the network address of the local host. The local host does not need a gateway on the network and directly connects to the route,

Genmask: mask address of the target network

Flags: Route entry flag

U (route is up): up, indicating the enabled status

H (target is a host): The target address is a host address.

G (use gateway): use a gateway

R (reinstate route for dynamic routing): select

D (dynamically installed by daemon or redirect)

M (modified from routing daemon or redirect)

A (installed by addrconf)

C (cache entry)

! (Reject route)

G: indicates a gateway, but not necessarily a target gateway. The default gateway is only the target address 0.0.0.0.

Metric: Metric value, indicating the overhead to be entered in the middle of the network

Ref: Number of references to this route. (Not used in the Linux kernel .)

Use: Count of lookups for the route

Iface: which Nic interface of the host is used to send data

(2) Add:

Route add [-net |-host] target [netmask Nm] [gw GW] [dev] If]

-Net |-host: network route | host route, which is a network route by default

Target [netmask Nm]: The target address, which can be in the subnet mask format or the full format of the keyword netmask.

[Gw GW]: gw indicates the keyword, and GW indicates the real next hop address.

The next hop must be in the same network segment as one of its network adapters and must exist.

[Dev] If]: indicates the network card to which the log belongs. It can be omitted and can be automatically determined.

Example:

Route add-net 10.0.0.0/8 gw 192.168.10.1 dev eth1

Route add-net 0.0.0.0/0.0.0.0 gw 192.168.10.1 === route add default gw 192.168.10.1

(3) Delete:

Route del [-net |-host] target [gw Gw] [netmask Nm] [[dev] If]

Example: route del-net 10.0.0.0/8 gw 192.168.10.1

Route del default

3. netstat command: View network status and statistical data

Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships

Displays network connections, route tables, interface connections, disguised connections, and multicast member relationships

(1) display route table: # netstat-rn

-R: displays the kernel route table.

-N: the information is displayed in numbers without reverse resolution.

(2) display network connection information: # netstat OPTIONS (common combinations:-tan,-uan,-tnl,-unl,-tunlp)

-T, -- tcp: Connection related to the TCP protocol, the connection has its status; FSM (Finate State Machine );

A virtual link must be established before communication starts. After communication is complete, the link must be removed.

-U, -- udp: UDP-related connections; connectionless protocols; direct transmission of data packets

-W: raw socket bare socket-related connections

-L: connection in the listener status

-A: connections in all States

-N: IP and Port are displayed in numeric format;

-E: extended format

-P: displays the related process and PID;

Tcp status: LISTEN, ESTABLISEHD, FIN_WAIT_1 Wait Status, FIN_WAIT_2, SYN_SENT, SYN_RECV, CLOSED

Note: Transport Layer Protocol differences (TCP | UDP)

Tcp: connection-oriented protocol. A virtual link must be established before the communication starts, and the connection must be removed after the communication is complete;

Udp: connectionless protocol; send data packets directly;

(3) display interface statistics:

Netstat {-- interfaces |-I |-I} [iface] [-- all |-a] [-- extend |-e] [-- verbose |-v] [-- program |- p] [-- numeric |-n]

All interfaces: netstat-I

Specified interface: netstat-I Note that there cannot be spaces in the middle

4. Configure the hostname/hostnamectl command:

(1) hostname

View: hostname

Configuration: hostname HOSTNAME, which is valid for the current system and is invalid after restart;

(2) hostnamectl command (CentOS 7): This command will directly modify the configuration file to take effect.

Hostnamectl status: displays the current host name information;

Hostnamectl HOSTNAME: the host name is valid permanently;

Iii. iproute series: ip and ss

The iproute2 series is closely related to the kernel and is directly placed into the kernel for effectiveness. The version number is consistent with the kernel version number.

Advanced IP routing and network device configuration tools: Provides network tools

1. ip commands: show/manipulate routing, devices, policy routing and tunnels policy routing, tunneling, routing, and devices

Ip [OPTIONS] OBJECT {COMMAND | help}

OBJECT: = {link | addr | route | netns}

Note: The OBJECT can be abbreviated, and the sub-commands of each OBJECT can also be abbreviated;

(1) iplink: network device configuration, network device configuration

1) ip link set: change device attributes, modify device attributes

Dev NAME (default): Specifies the device to be managed. default configuration. The dev keyword can be omitted;

Up and down: enabled and Disabled

Multicast on or multicast off: enable or disable the multicast function;

Name NAME: Rename Interface

Mtu NUMBER: Specifies the MTU size. The default value is 1500;

Netns PID: ns is a namespace used to move interfaces to a specified network namespace;

Instance:

Modify the eth1 name. Disable it before modification.

[Root @ localhost ~] # Ip link set eth1 down

[Root @ localhost ~] # Ip link set eth1 name ethtest

[Root @ localhost ~] # Ip link show

2) ip link show/list: display device attributes, display device Properties

3) ip link help: displays brief help information;

(2) ip netns: manage network namespaces. manage network namespaces

Ip netns list: list all netns

Ip netns add NAME: Create the specified netns

Ip netns del NAME: Delete the specified netns

Ip netns exec name command: run the COMMAND in the specified netns

(3) ip address: protocol address management. protocol address management

1) ip address add: add new protocol address, add a new protocol address

Ip addr add INTERFACEADDR dev INTERFACE

[Label NAME]: Specifies the interface alias for the added address;

[Broadcast ADDRESS]: The broadcast ADDRESS, which is automatically calculated based on the ip address and NETMASK;

[Scope SCOPE_VALUE]: range variable

Global: globally available;

Link: the interface is available;

Host: only available on the local machine;

2) ip address delete: delete protocol address, delete the protocol address

# Ip addr delete INTERFACEADDR dev IFACE

3) ip address show: look at protocol addresses, view the protocol address

# Ip addr list [IFACE]: displays the interface address;

4) ip address flush: flush protocol addresses, delete all addresses on the specified Interface

# Ip addr flush dev IFACE

(4) ip route: outing table management, managing route tables

1) ip route add-add new route

Ip route change-change route Modification

Ip route replace-change or add new one modify or add

Ip route add type prefix via GW [dev IFACE] [src SOURCE_IP]

Example:

# Ip route add 192.168.0.0/24 via 10.0.0.1 dev eth1 src 10.0.20.100

# Ip route add default via GW

2) ip route delete-delete route

Ip route del TYPE PRIFIX

3) ip route show-list routes

4) ip route flush-flush routing tables

5) ip route get-get a single route

Ip route get TYPE PRIFIX

2. ss Command: view the network status and statistical data ss [options] [FILTER]

(1) [OPTION]:

-T: TCP-related connections

-U: UDP-related connections

-W: raw socket-related connections

-L: Listener status connection

-A: connections in all States

-N: digit format

-P: The related program and its PID

-E: extended format information

-M: memory usage

-O: timer Information

(2) FILTER: = [state TCP-STATE] [EXPRESSION] state FILTER Function

You can filter port and status information to view

EXPRESSION:

Dport =

Sport =

Example: '(dport =: 22 or sport =: 22 )'

~] # Ss-tan '(dport =: 22 or sport =: 22 )'

~] # Ss-tan state ESTABLISHED

4. nmcli command:

Nmcli [OPTIONS] OBJECT {COMMAND | help}

(1) device: show and manage network interfaces display Management network Interface

COMMAND: = {status | show | connect | disconnect | delete | wifi | wimax}

(2) connection: start, stop, and manage network connections,

COMMAND: = {show | up | down | add | edit | modify | delete | reload | load}

(3) modify [id | uuid | path] [+ |-] .

How to modify attributes such as IP addresses:

# Nmcli conn modify IFACE [+ |-] setting. property value

Ipv4.address

Ipv4.gateway

Ipv4.dns1

Ipv4.method

Manual

V. configuration file:

1. configuration file for IP/NETMASK/GW/DNS and other attributes:/etc/sysconfig/network-scripts/ifcfg-IFACE

Ifcfg-IFACE: actual interface name;

(1) vim editing the configuration file

The configuration file/etc/sysconfig/network-scripts/ifcfg-IFACE defines interface attributes through a large number of parameters and can be directly modified.

1) fcfg-IFACE configuration file parameters:

DEVICE: the name of the DEVICE corresponding to the configuration file;

ONBOOT: whether to activate this interface during system boot;

UUID: the unique identifier of the device;

IPV6INIT: whether to initialize IPv6;

BOOTPROTO: the protocol used to configure interface attributes when activating this interface. Commonly Used protocols include dhcp, bootp, static, and none;

TYPE: interface TYPE. common interfaces include Ethernet and Bridge;

DNS1: The first DNS server points;

DNS2: the backup DNS server directs;

DOMAIN: DNS search DOMAIN;

IPADDR: IP address;

NETMASK: Subnet Mask; CentOS 7 supports specifying the subnet mask in length mode using PREFIX;

GATEWAY: the default GATEWAY;

USERCTL: whether normal users are allowed to control the device;

PEERDNS: If the BOOTPROTO value is "dhcp", whether to allow the dns server allocated by the dhcp server to direct to the DNS server that is manually specified locally. The default value is allow;

HWADDR: the MAC address of the device;

NM_CONTROLLED: whether to use the NetworkManager service to control the interface

The networkManager on CentOS 6 is not complete, and clusters and virtualization bridging cannot be used under this network service.

There are two types of network services: network and NetworkManager.

2) manage network services:

CentOS 6: service {start | stop | restart | status}

CentOS 7: systemctl {start | stop | restart | status} SERVICE [. service]

After the configuration file is modified, restart the network service to take effect;

CentOS 6: # service network restart

CentOS 7: # systemctl restart network. service

(2) Modification of dedicated commands

CentOS 6: system-config-network (setup)

# Setup

# System-config-network

CentOS 7: nmtui

2. route configuration file:/etc/sysconfig/network-scripts/route-IFACE

Use non-default gateway route:/etc/sysconfig/network-scripts/route-IFACE

Two configuration methods are supported, but cannot be mixed;

(1) One route entry per line: TARGET via GW

(2) One route entry per three lines:

ADDRESS # = TARGET

NETMASK # = MASK

GATEWAY # = NEXTHOP

3. Configure multiple addresses for the interface:

(1) ip addr add INTERFACEADDR dev INTERFACE label LABELNAME

(2) ifconfig IFACE_LABEL IPADDR/NETMASK

IFACE_LABEL: eth0: 0, eth0: 1 ,...

(3) Add a configuration file for the alias;

DEVICE = IFACE_LABEL

BOOTPROTO: the online alias does not support dynamic address retrieval;

Static, none

4. hostname configuration file:/etc/sysconfig/network

Command: HOSTNAME =

Note: the setting of this method does not take effect immediately. It will always take effect after you repeat the configuration file or restart the system;

5. Configure the DNS server to point:

Configuration File:/etc/resolv. conf, add nameserver DNS_SERVER_IP

6./etc/hosts alias, name resolution, takes effect in advance, first view this file.