traceroute Command (Unix)/tracert command (Windows)
The format of the TRACERT command is: tracert [-d] [-h maximum_hops] [-j host-list] [-w timeout] [-r] [-S srcaddr] [-4] [-6] target_name.
①,-D
Indicates that the address is not resolved to a host name.
②,-h maximum_hops
Represents the maximum number of hops for a search target.
③,-j host-list
Represents a loose source route along with the host list (IPV4 only).
④,-w timeout
Represents the time, in milliseconds, to wait for each reply.
⑤,-R
Represents a trace round trip path (for IPV6 only).
⑥,-S srcaddr
Represents the source address to use (only for IPv6).
⑦,-4 and-6
Indicates mandatory use of IPv4 or IPV6.
⑧, Target_name
Represents the name or IP address of the destination host.
There are several ways to configure IP addresses in Linux:
- The graphical interface configures the IP address (operating mode such as Windows system configuration IP, but in actual production, we do not recommend to install the Linux GUI on our server, because the installation of the graphical interface will affect the security and stability of the server to some extent, therefore, This is not a detailed introduction to this approach here. )
ifconfig
The command temporarily configures the IP address (temporarily configuring the IP address, i.e. the configuration will expire when we restart the computer or restart the network service)
setup
The tool permanently configures the IP address (the tool setup
is Red Hat
developed so that under normal circumstances, the tool can only be used in Red Hat
a series of Linux systems) ( setup
tools-Red Hat proprietary graphical tools setup
Set the IP address) (Use the Setup command to restart the network after setting up the network service network restart
)
- To modify a network configuration file
ifconfig
Command
ifconfig
command to view and configure network status. The command results are as follows:
Eth0 Link encap:ethernet HWaddr00:0C:29:11:30:inet Addr:192.168.134.129 Bcast:192.168.134.255 Mask:255.255.255.0 inet6 Addr:fe80::20c:29ff:fe11:3039/Scope:link up broadcast RUNNING multicast MTU:Metric:1 RX Packets:19731 errors:0 dropped:0 Overruns:0 Frame:0 TX Packets:502 Errors:0 dropped:0 Overruns:0 Carrier:0 Collisions:0 Txqueuelen:RX bytes:1248492 (1.1 MiB) TX bytes:58905 (57.5 KiB) Lo Link encap:local Loopback inet Addr:127.0.0.1 Mask:255.0.0.0 Inet6 Addr:::1/128 scope:host up LOOPBACK RUNNING MTU: 16436 metric:1 RX packets:0 errors:< Span class= "Hljs-number" >0 dropped:0 overruns:0 Frame:0 TX packets:0 errors:0 Dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 ( 0.0 b) TX bytes:0 (0. 0 b)
- (
lo
indicates information for the local loopback network card)
ifconfig
You can also use a command to temporarily set the IP address and subnet mask for a network adapter. Such as:
ifconfig eth0 192.168.0.200 netmask 255.255.255.0
Linux network configuration file NIC information file
To view the NIC information for the first net card:
vi /etc/sysconfig/network-scripts/ifcfg-eth0
- The information is as follows:
device=eth0HWADDR=00:0c:29:11:30:39TYPE=< Span class= "Hljs-value" >ethernetuuid= 5ab36190-a5df-4bf1-94d8-6c126afd05f1onboot= yesnm_controlled=yesbootproto=dhcp
- For more information, see the following table:
Configuration |
Description |
DEVICE=eth0 |
Network card device Name, eth0 represents the first NIC |
BOOTPROTO=none |
Whether to automatically acquire IP (none, static, DHCP), when the value is DHCP, just configure the above example of the few items can be networked |
HWADDR=00:0C:29:11:30:39 |
MAC address |
NM_CONTROLLED=yes |
Can be hosted by the Network Manager graphical management tool |
ONBOOT=yes |
Whether the current NIC is active with Network service boot (Onboot is turned off by default in CentOS 6 and above.) ) |
TYPE=Ethernet |
Network type, here for Ethernet |
UUID=5ab36190-a5df-4bf1-94d8-6c126afd05f1 |
Unique identification code |
IPADDR=192.168.0.200 |
IP Address |
NETMASK=255.255.255.0 |
Subnet mask |
GATEWAY=192.168.0.1 |
Gateway |
DNS1=202.106.0.20 |
Dns |
IPV6INIT=no |
IPV6 is enabled, this setting is not enabled |
USERCTL=no |
Allow non-root users to control this network card, this is not allowed |
说明:1.自动获取IP的条件是:必须在局域网内存在DHCP服务器。2.相同UUID网络配置的计算机会导致互相不能上网。
Host name File
To view the host name file:
vi /etc/sysconfig/network
- The contents are as follows:
NETWORKING=yesHOSTNAME=localhost.localdomain
which
1. /etc/sysconfig/network
in this file NETWORKING=no
, the host will not be able to connect to the network.
2. Under Windows, there is no delivery between the same host name within the same LAN. Requires a host that cannot have the same hostname within the LAN. In Linux, a host with the same hostname can be in a local area network, such as the default host name: localhost.localdomain
.
3. You /etc/sysconfig/network
need to restart your computer to take effect after you modify the hostname in the file. hostname 主机名
After you use a command to temporarily change the hostname, the restart of the computer is invalidated. The hostname
current host name can be viewed by command.
DNS configuration file
To view the DNS configuration file:
vi /etc/resolv.conf
- The contents are as follows:
by /sbin/dhclient-scriptsearch localdomainnameserver 192.168.134.2
One of the most important is nameserver
this, set the address of the domain name server, more than one domain name server, the subsequent addition of space to continue to replenish the address of the domain name server, or another line to do a similar nameserver
configuration.
Network parameter configuration for Linux in VMware
(Take CentOS as an example)
1. Configure the Linux IP address;
2. CentOS more than 6 system modifications modify the network configuration to start the network adapter to change the value of the vi /etc/sysconfig/network-scripts/ifcfg-eth0
ONBOOT
option to restart the yes
Web service service network restart
;
3. For the UUID in the network configuration file the same situation, you need to modify the value of the UUID, modified as follows:
1. `vi /etc/sysconfig/network-scripts/ifcfg-eth0`,删除MAC地址行2. `rm -rf /etc/udev/rules.d/70-persistent-net.rules`,删除网卡和MAC地址绑定文件3. 重启当前系统
- 4. Set the network connection mode of the VMware virtual machine, select the Bridging model (the option "Copy Physical network connection status" is not checked) (where the bridging mode allows the virtual machine to access the extranet while communicating with other computers within the LAN, including the native), Nat mode, allowing the virtual machine to access the extranet, Can communicate with the local computer, Host only mode, only with the local communication);
5. Modify the Bridged network card, select in the "Virtual Network Editor" window, VMnet0
modify the bridged network card in bridge mode, select the network card which can be connected to the Internet.
Configure static IP in VMware bridging mode
Modify the NIC configuration file as follows:
DEVICE=eth0HWADDR=00:0C:29:FC:8D:E6TYPE=Ethernet#UUID=343b502d-2249-4e33-9187-9abc285b9292UUID=31b6504c-7ddd-4b74-a51e-46cd34ed182dONBOOT=yesNM_CONTROLLED=yes#BOOTPROTO=dhcpBOOTPROTO=staticIPADDR=11.10.1.192NETMASK=255.255.255.0GATEWAY=10.8.8.1DNS1=114.114.114.114DNS2=8.8.8.8IPV6INIT=noUSERCTL=no
To restart the network card:
service network restart
Here, the ping extranet address will fail. Using route
the command discovery, the default gateway was not set successfully. Unknown cause (DHCP mode, the dynamic acquisition of IP, the default gateway 10.8.8.1
setting is successful, the Internet can be normal.) )
To resolve a problem where the default gateway is not set successfully to configure a static IP, use the route command to temporarily modify the default gateway:
Temporarily modify the default gateway (configuration network in Linux appears siocaddrt:no such process):
add 10.8.8.1/32 dev eth0sudo route add default gw 10.8.8.1
Linux Network Command Network environment operation
-
ifconfig
command
ifconfig
: View network status (can view IP address and subnet mask, but cannot view gateways and DNS addresses), You can also temporarily set the IP address and subnet mask for a network adapter.
- turn off and start the network card
ifdown network card device name
: Disable the NIC device.
ifup network card device name
: Enable the NIC device.
- Query network status
netstat option
(can be used to view the ports open on the current computer to determine which services the current computer has started)
Options:
-T: List TCP protocol ports -u: List upd protocol port -n: Do not use domain name and service name, but use IP address and port number -l: List only in the Listening State Network service -A: List all network connections -r: List of routing lists , features and route commands a common combination: -tuln, -an, -rn View network connections in a certain state, such as Netstat -an | grep established view the number of rows in a network state (see how many computers are connected to the current server), such as: netstat -an | grep established | WC -lnetstat -rn and Route -n command functions, The results are consistent. Use this command to view the gateway address of the current computer.
- (Note: How do I abort remote connections in Linux?) Use the
logout
command. In Windows, click on the Action menu bar 注销
. )
4. route
command
route -n
: View the list of routes (you can see the gateway for the current computer).
route add default gw 192.168.1.1
: Temporarily set the gateway.
route del default gw 192.168.1.1
: Deletes the set gateway.
5. Domain Name Resolution command
nslookup [主机名或IP]
: The resolution of the domain name or IP address.
nslookup> server# 查看本机DNS服务器> exit# 退出
- (Note: CentOS 6.x
nslookup
no longer exists, need to install, refer to: CentOS 6.x installation nslookup step (and yum How to check the package). You can use commands when you do not want to install and nslookup
want to see the DNS server addresses for the native configuration cat /etc/resolv.conf
. )
Network Test commands
ping
Command
ping [选项] ip或域名
: Detects the network condition of the specified IP or domain name.
选项:-c 次数:指定ping发送包的次数
2. telnet
command
telnet [域名或IP] [端口]
: Remote management and port probing commands. ( telnet
The remote connection is extremely insecure, it is passing the data in plaintext and does not encrypt the data.) So we don't recommend using telnet
commands for remote administration, but we can use this command to detect if a port is open on a computer. such as: telnet 192.168.0.1 80
)
3. traceroute
command
traceroute [选项] IP或域名
: route tracking, which is the route (routing path) that is passed when an IP or domain name is accessed. (This command may need to be installed separately)
选项:-n 使用IP而不使用域名显示
wget
: Download command.
5. tcpdump
command
tcpdump
Command: Used to monitor packet reception of a service under a certain network card (intercept packet-grab packet). such as: tcpdump -i eth0 -nnX port 21
.
选项:-i 指定监听的网卡-nn 将数据包中的域名与服务转为IP和端口显示-X 以十六进制和ASCII码显示数据包内容port 指定监听的端口
Let's step through several commonly used commands:
1, ping command.
When your machine does not have access to the Internet, first verify that it is a local LAN failure. Assume that the proxy server IP address for the LAN is 202.168.0.1, you can use the ping 202.168.0.1 command to see if this machine is connected to a proxy server. You can also test that the NIC of your computer is working correctly, using the ping 127.0.0.1 command. Generally, the information that returns a ping indicates that the network line is connected locally to that host.
However, many servers typically turn off the response to pings in order to prevent attacks. So pings are generally used as test connectivity. The ping command receives feedback from the other party, which records the other's IP address and TTL. The TTL is the maximum number of network segments that the field is allowed to pass before the IP packet is discarded by the router. The TTL is a 8 bit field in the IPV4 header. For example, the IP packet before sending the server to set the TTL is 64, you use the ping command, the server feedback information, where the TTL is 56, indicating that a total of 8 routers on the way forward, each through a route, TTL minus 1.
2, Tracert
The tracert command is used to display the path (router) through which the packet arrives at the target host and shows the time it takes to reach each node (router). The command function is similar to ping, but the information it obtains is much more verbose than the ping command, which displays the full path of the packet, the IP of the node, and the time spent. This command is more suitable for large networks.
The Tracert sends a response packet with a TTL of 1, when the TTL on the packet is automatically reduced by 1 after the router receives the TTL, and once a server is 1, equals 0, the router should send the "ICMP Time Exceeded" message back to the source computer. The source computer determines the router and time it has reached based on the information received. The next time you send the packet again, increment the TTL by 1, continuing with the test until the target response or TTL reaches the maximum value to determine the route. The route is determined by checking the "ICMP timed out" message sent back by the intermediate router. Some routers discard TTL-expired packets without asking directly, which is not seen in the Tracert utility, and we display request information for request timeouts. As shown, we tested the road to Sina after 8 roads, while Ping Sina according to the test, ttl=56, that Sina's TTL initially set to 64, after 8 road from the back to our client, and left 64-8 = 56. The feedback in the request timeout was due to the router's handling of the ping command, which closed the ping response, so we could not receive any feedback from the message.
3, Pathping
The Pathping command is a route tracking tool that combines the functionality of the ping and Tracert commands with other information not provided by the two tools. Pathping will show the intermediate routers (similar to the TRACERT command), and then send a certain number of ping packets to each intermediate router (node) to analyze the traffic quality by counting the packets that they respond to the ping packet. Also mentioned above, some routers to ping off the response, so some node packet loss rate will reach 100%, so this is generally closed ping reply. You can ping the test yourself. Also, the extent of the ping packet drop is only the node itself to the ping processing, does not necessarily affect his communication, you can see that the next node of the ping command to return to the data is normal, indicating that the reply package was sent back successfully. In summary, the Pathping command sends packets over time to each router on the path that will reach the final destination, and then calculates the results based on the packets returned from each hop. Because the command shows the extent to which a packet is lost on any given router or link, it is easy to identify the router or link that may be causing the network problem. As shown, we see that the second one is terminated because the second node (router) does not support Ping, and then the program terminates without continuing to probe down.
4, nslookup nslookup command is used to resolve the domain name, generally used to detect the local DNS settings are configured correctly. such as: nslookup website domain name, can parse out the website IP address. , it can be seen that when parsing www.163.com, it can resolve all of its IP address, and if the network is abnormal or can not receive the information sent by the server, the following second picture appears. The server and address representatives are the DNS server information that resolves these IP addresses and domain names. For example, I use DNS is jtjndc007.home.langchao.com, the DNS server address is 10.100.1.11.
linux--Network Configuration and commands