Linux network details

Article title: Linux system network details. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
As an operating system mainly used in the network environment, Linux has unprecedented powerful network functions. It is important to install, configure, and use networks in Linux to ensure efficient and secure operation. This article provides a detailed description of the installation, configuration, debugging, network service settings, and network usage of network devices on Linux hosts. Finally, we will briefly introduce the security knowledge and skills of Linux.
　　
1. network installation, configuration, and debugging in Linux
There are many ways to connect Linux to the Internet. The most common and convenient way is to connect Linux to the Internet through a LAN. In this case, the installation of one or more NICs in the Linux system is involved. For an Ethernet card, Linux automatically detects and configures the kernel during the operating system installation so that the system can use the card. You only need to give the TCP/IP configuration parameters according to the prompts of the installation program, such as the local ip address and DNS ip address, the installer automatically compiles the NIC driver supported by the system into the kernel.
If you want to install a non-Ethernet NIC or add a Nic based on the original Nic, or the system does not support the existing Nic, you have to install the Nic by yourself. In fact, this is not difficult, as long as you understand the process of loading the NIC driver. In Linux, the NIC driver is loaded into the kernel as a module. because of this, when there is no NIC driver, you can download the driver source file online, you can even compile the NIC driver by yourself and compile it into the kernel in the form of a module. All Nic drivers supported by Linux are stored in the/lib/modules/Linux version/net/Directory. we can change the NIC or increase or decrease the Nic by modifying the module configuration file.
The conf. modules configuration file in the etc directory is an important parameter file for loading modules. in this file, it specifies the driver of the NIC to be loaded by the system:
#/Etc/conf. modules
......
Alias eth0 eepro100
Alias eth1 ne
Options ne io = 0x300 irp = 5
......
This section shows that the Linux system has two Nics. the alias command indicates the name of the driver of the Ethernet port, that is, the NIC driver to be loaded at Ethernet port 0 is eepro100.o, and Ethernet port 1 is loaded with ne.0. You must have noticed that there is an additional options command under port 1, specifying the NIC's io address and interrupt number. This is because for pci NICs, the system will automatically find the NIC's io address and interrupt number, so you do not need to use the options option to specify the NIC's io address and interrupt number. for ISA NICs, you must use the options option in the configuration file to specify the NIC's io address and interrupt number.
Modify conf. after the modules configuration file, run the inmod command to load the NIC driver to the kernel in the form of a module. after the module is loaded, run the lsmod command to view the information of the currently loaded module.
You can use the netconf or netconfig command to configure the NIC. the netconfig command is used to reconfigure the basic TCP/IP parameters, these parameters include whether to configure to dynamically obtain IP addresses (dhcpd and bootp), subnet mask, default gateway, and domain name server address. The netconf command is used to configure all network parameters in detail, includes client tasks (host name, valid domain name, network alias, IP address of the NIC, network mask, interface name, NIC driver, DNS address, default gateway address, NIS address, ipx excuse, ppp/slip), server-side tasks (NFS, DNS, ApacheWebServer, Samba, Wu-ftpd, etc.), and other configurations. Enter the netconf command under the super user, and then fill in the corresponding information according to the options provided by the system. Similarly, for PCI NICs, you do not even need to enter the hardware I/O address and interrupt number. at the same time, you can also specify whether the network card is available, the IP address of the TCP/IP network, and the subnet mask. With the development of the Linux GUI, Linux provides a convenient and simple graphical configuration method similar to windows by running this command in Xwindows. In fact, after modifying the conf. after the modules configuration file, you also need to use the command netconf or ifconfig to configure the TCP/IP network parameters, because the above work is only to load the NIC driver to the kernel for its availability.
　　
In fact, you can load the NIC to the system kernel by modifying the lilo. conf file. However, for some newer Linux versions, the operating system can automatically detect all related hardware and there is no need to modify the lilo. conf file. If you encounter an ISA Nic and an old Linux version. To enable the system to initialize the newly inserted Nic during system initialization, you can modify the lilo. conf file:
Run the vi command to open the lilo. conf file and add the following statement to the file:
　　
Append = "ether = 300x500, eth0 ether = x, eth1"
In this way, the system can also configure the network card (two in the preceding statement ).
After configuring the NIC, you must configure and debug the TCP/IP network. As mentioned above, you can use the netconf command to configure TCP/IP parameters.
Then, you can use the ifconfig command to debug the network. In Linux, run ifconfig-a to display information about all network interfaces in the system, for example:
Eth0 link encap: Ethernet Hwaddr 00: 0E: 5F: 1A
Inet addr: 202.206.19.87 Bcast: 202.206.112.3 Mask: 255.255.255.0
Up broadcast running multicast mtu: 1500 Metric: 1
PX packet: 435510 errors: 0 droped: 0 overruns: 0 frame: 2
TX packet 339781 errors: 0 dropped: 0 overruns: 0 carrier: 0
Collisions: 228938 txqueuelen: 100
Interrupt: 10 Base address 0x1800
Eth1 link encap: Ethernet Hwaddr 4A: 08: 3D: 00
Inet addr: 129.1.1.6 Bcast: 129.0.0.0 Mask: 255.255.255.0
Up broadcast running multicast mtu: 1500 Metric: 1
PX packet: 489 errors: 0 droped: 0 overruns: 0 frame: 2
TX packet 34 errors: 0 dropped: 0 overruns: 0 carrier: 0
Collisions: 2 TXT queue: 100
Interrupt: 9 Base address 0x1800
Lo Link encap: Local Loopback
Inet addr: 127.0.0.1 Mask: 255.0.0.0
Up loopback running mtu: 3900 Metric: 1
PX packets: 3880 errors: 0 dropped: 0 overrun: 0 frame:
TX packets: 3800 errors: 0 dropped: 0 overrun: 0 carrier: 0
Collisions: 0 txqueue: 0
The ifconfig command not only displays network interfaces in the system, but also configures the network through Parameters. the command format is:
# Ifconfig interface name IP address netmask subnet mask
However, the ifconfig command only changes the TCP/IP network parameters of the NIC during this operation. However, after the system restarts, the system still starts the network interface according to the default settings. In fact, the ifconfig command calls netconf for network configuration. Moreover, in Linux, we can use the ifconfig command to set multiple IP addresses for a network card, for example:
# Ifconfig eth0: 1 202.206.16.1 netmask 255.255.255.0
Then we can run the ifconfig-a command to check whether there are two interfaces with the same MAC address but different IP addresses, eth0 and eth0: 1.
In addition, we can set the NIC to prosimc. In this mode, the NIC receives all packets in the network.
　　
2. common network commands
The advantage of computer networks lies in the sharing of resources and information. The Linux system provides you with a set of powerful network commands that allow you to easily debug the network, view network conditions and resource usage, as well as remote logon and file transfer. The above section describes how to install network devices and how to set the network environment. below we will introduce some common network commands.
* Ping
The ping command is used to check whether a host is active on the network. it uses the ICMP ECHO_REQUEST packet in the TCP/IP protocol cluster to forcibly request a specific host to respond, if you cannot ping a host, the network between the host and the host is faulty. However, the ping command only goes through several underlying protocols. even if it can be pinged, it only indicates that the line is connected normally and does not ensure the normal operation of other high-level services. However, if it cannot be pinged, the two hosts cannot communicate with each other at all.
* Traceroute
The traceroute command is also used to check whether the network can communicate normally. Unlike the ping command, the ping command can only test whether the local host can communicate with the target host, the traceroute command can be used to test which routers or hosts have passed through the local machine to reach the target host. if the routers or hosts cannot reach the target host, the specific fault is located. Therefore, we often use this command to find the cause when ping fails.
* Netstat
The netstat command is used to display network status information. it is widely used to view network connection status, interface configuration, route table, and obtain statistical information. The main parameters and usage of this command are as follows:
-A: displays all configured interfaces.
-I: displays statistics of interfaces.
-N: displays IP addresses in numbers.
-R: displays the route table of the kernel.
-S: Display the counter value
* Ifconfig
As mentioned above, the ifconfig command is used to check the configuration of network interfaces, debug whether the network device has correctly installed the configuration, or use this command to reconfigure the network, the network configured with the ifconfig command is not permanent. Once the system is restarted, the parameters previously configured with ifconfig no longer exist.
* Telnet
The telnet command is used for remote logon. the command format is telnet host name (or IP address ). Using telnet commands to log on to a remote computer is the same as logging on to the local computer for operations. Of course, to remotely log on to a computer, you must know the legitimate user name and password. To avoid unexpected problems, you must use the logout command to log on to the remote system and end the remote session.
* Rlogin
Rlogin is a remote login, which is similar to telnet commands. The most common format is:
Rlogin host
The rlogin Command also has some parameters, which are commonly used as follows:
-8: an 8-bit input data pipeline is always allowed, and ANSI characters and other special code can be formatted.
-E: Do not use any character as an escape character. When this parameter is used with-8, a completely transparent connection is provided.
-L: allows the rlogin session to run in litout mode.
-X: performs DES encryption on all data that is interacted through rlogin sessions to provide security.
* Ftp
The ftp command is a standard file transfer protocol user interface, the command format is: ftp host name or IP address, used for file transmission on the TCP/IP network. Ftp commands can be used to transmit ASCII and binary files. Similarly, to implement ftp file transmission, you must know the valid user name and password on the remote computer, and the user name has the permission to access the file to be transmitted. <