Network configuration management and subnetting of 9.2_linux network management

Source: Internet
Author: User

Configuring NIC Information

Get information about the NIC

DMESG | Grep-i ETH

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/86/D8/wKioL1fNFECBcMifAABRO1CWVFs711.png "title=" 35.png "alt=" Wkiol1fnfecbcmifaabro1cwvfs711.png "/>

Get NIC Chip information

Lspci | Grep-i ETH

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/86/D9/wKioL1fNHYrj--iFAAAph50DTlU531.png "title=" 36.png "alt=" Wkiol1fnhyrj--ifaaaph50dtlu531.png "/>


Querying IP Information

Ifconfig displaying IP information

-A: Displays network card information including inactive status


Restart the NIC service (manually restart the service each time you configure IP)

Centos6:servcie Network Restart

Centos7:systemctl Restart Network


Prohibit other people from pinging to themselves, 0 is off, 1 is open

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/86/DA/wKiom1fNHn7TSK85AAD6RD9K6nQ237.png "title=" 2.png " alt= "Wkiom1fnhn7tsk85aad6rd9k6nq237.png"/>


Ignore Ping broadcast address, 0 is off, 1 is on, the other corresponding to the IP on the start (need to open both sides)

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M01/86/D9/wKioL1fNHrOwyaE7AACeZeYgF78935.png "title=" 3.png " alt= "Wkiol1fnhrowyae7aacezeygf78935.png"/>

ARP, IP neigh command view ARP table information

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/86/DA/wKiom1fNHyLhZxhxAAAi36-Sx9I161.png "title=" 37.png "alt=" Wkiom1fnhylhzxhxaaai36-sx9i161.png "/>


Linux network configuration file storage path

/etc/sysconfig/network-scripts/ifcfg-int



Common parameter descriptions for NIC configuration files


Device: The devices to which this profile is associated, the value of which should normally be ifcfg-ifname in ifname

Bootproto: The configuration protocol used when starting this device: The value is static (manual configuration), none (manual configuration), DHCP, or BOOTP (dynamic configuration);

HWADDR: The MAC address of the network card, this address should be consistent with the fixed address in the NIC device rom

MACADDR: Modify to the specified MAC address

NM_CONTROLLED:NM is a shorthand for networkmanager, it is recommended to set to No

Onboot: Whether this device is activated with OS boot

Type: Device types, usually with "Ethernet", "Bridge"

UUID: Unique identification code for the network card device

IPADDR: IP address of this interface

NETMASK: Subnet mask, EX 255.255.255.0

Subnet mask in PREFIX:CIDR format, EX 24-bit mask (this one with netmask, this)

Gateway: Gateways

Dns1:dns the primary DNS server to which the server is pointing

DNS2: Alternate DNS server address

DNS3: Third Alternate DNS server address

Ipv6init: Initialize IPv6 protocol Address

Userctl: Whether to allow normal users to manage this interface

Peerdns: When the value of Bootproto is DHCP, whether the DNS server provided by the DHCP server is allowed to point to DNS servers that override the local manual configuration to point to;


Example: NIC configuration information

View IP address information

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M02/86/D9/wKiom1fNE06zVNNTAADGJvufn0M061.png "style=" float: none; "title=" 31.png "alt=" Wkiom1fne06zvnntaadgjvufn0m061.png "/>

NIC configuration file under the/etc/sysconfig/network-scripts/directory

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/86/D8/wKioL1fNE1Cy-aufAABaAOe2DRw140.png "style=" float: none; "title=" 32.png "alt=" Wkiol1fne1cy-aufaabaaoe2drw140.png "/>

The name here must match the value of the device name in the NIC configuration file, otherwise the error

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/86/D9/wKiom1fNE1Gx1RUAAAByX3YCX3c135.png "style=" float: none; "title=" 33.png "alt=" Wkiom1fne1gx1ruaaabyx3ycx3c135.png "/>

Nic Configuration at a glance

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M02/86/D9/wKiom1fNE5zyvUAYAAA3JQbBHUc424.png "title=" 34.png "alt=" Wkiom1fne5zyvuayaaa3jqbbhuc424.png "/>


CentOS6 Virtual network card to implement a network card multiple addresses

1. configuration file for sub-interface files

2. Note that the name of the device in the face interface needs to be added: NUM (colon number), as

3.ifconfig View IP information can be found to the ETH0:2 network card

4. Restart the Network service and test

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M00/86/DA/wKiom1fNLJCAan-GAAC5I1KQd6o725.png "style=" float: none; "title=" 41.png "alt=" Wkiom1fnljcaan-gaac5i1kqd6o725.png "/>

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/86/DA/wKiom1fNLJHTxauUAAC2q-XI0sU077.png "style=" float: none; "title=" 42.png "alt=" Wkiom1fnljhtxauuaac2q-xi0su077.png "/>


Multi-NIC Bonding implementation

What is bonding?

is to bind multiple network cards to the same IP address to provide services externally, can achieve high availability or load balancing. Of course, it is not possible to set the same IP address directly for two NICs. Through the bonding, the virtual one network card provides the connection externally, the physical network card is modified to the same MAC address.


Bonding mode of operation

Mode 0 (BALANCE-RR)

Rotation (round-robin) strategy: Send packets above and below each slave interface in a sequential order. This mode provides load balancing and fault tolerance capabilities

Mode 1 (active-backup)

Active-Backup (Master) policy: In the binding, only one slave is activated. Other slave are activated when and only if the active slave interface fails. To prevent the switch from confusing, the bound MAC address is visible on only one external port

Mode 3 (broadcast)

Broadcast strategy: All messages are transmitted on all slave interfaces. This mode provides fault-tolerant capability.


Bonding configuration

Create a configuration file for a bonding device

/etc/sysconfig/network-scripts/ifcfg-bond0

Device=bond0

Bootproto=none

bonding_opts= "Miimon=100 mode=0"


/etc/sysconfig/network-scripts/ifcfg-eth0

Device=eth0

Bootproto=none

Master=bond0

Slave=yes

Userctl=no


The Miimon is used for link monitoring. If the miimon=100, then the system every 100MS monitoring link connection status, if one line is not connected to another line

View bond0 Status:/proc/net/bonding/bond

For detailed configuration of bonding, please refer to

/usr/share/doc/kernel-doc-version/documentation/networking/bonding.txt


Combat: Create bonding MODE1 mode for interface backup

Note: There can be no more than one card address before this experiment.

1. Configure the network card configuration file

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M00/86/DB/wKiom1fNPI2DEFMoAAAfz7e1b8Y608.png "style=" float: none; "title=" 43.png "alt=" Wkiom1fnpi2defmoaaafz7e1b8y608.png "/>

2. After the configuration is complete, restart the NIC service

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M00/86/DA/wKioL1fNPI3BT89cAAAR3JkMlNg671.png "style=" float: none; "title=" 44.png "alt=" Wkiol1fnpi3bt89caaar3jkmlng671.png "/>

3. Here you can see that the MAC address configured for the bonding interface is the same

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/86/DA/wKioL1fNPI-QmNAGAABMxjtzXLo325.png "style=" float: none; "title=" 45.png "alt=" Wkiol1fnpi-qmnagaabmxjtzxlo325.png "/>

4. Check the status of the bonding interface, and find that it has been up, under normal circumstances, the experiment has been completed, but!

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/86/DC/wKiom1fNVs2DNygKAAAnjqUxctU197.png "title=" 46.png "alt=" Wkiom1fnvs2dnygkaaanjquxctu197.png "/>

5. Do ping test again, actually do not pass! You should turn off the NetworkManager service or restart the service, which is used to automatically identify the status of the network port, but this service is not useful here. If it doesn't work, you can only restart the computer to try it out. But this may just be a virtual machine problem, not yet tested on the real machine.

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M00/86/DC/wKiom1fNWKPTkP8oAAAQBrn69pM949.png "title=" 47.png "alt=" Wkiom1fnwkptkp8oaaaqbrn69pm949.png "/>

6. Test the Bonding interface

First we can see that the network status is two NICs are connected

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M02/86/DB/wKioL1fNXFLxF829AABNnbfAqJ8245.png "style=" float: none; "title=" 48.png "alt=" Wkiol1fnxflxf829aabnnbfaqj8245.png "/>

Now the work of the Eth0 network card off, you can find that the network is still through

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M02/86/DB/wKioL1fNXFWR5ppSAABAM7tHlaU347.png "title=" 52.png "Style=" Float:none; "alt=" Wkiol1fnxfwr5ppsaabam7thlau347.png "/>

Check the system inside the network card status, now work is eth1, another eth0 NIC is down state

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/86/DC/wKiom1fNXFPDmKFnAACRaXNP2aE270.png "style=" float: none; "title=" 49.png "alt=" Wkiom1fnxfpdmkfnaacraxnp2ae270.png "/>

Re-link the eth0 back, and then the Eth1 interface disconnected, the network is still through the ~ Although the middle lost a package

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/86/DB/wKioL1fNXFOR8vxAAAA7JcPbeiU682.png "style=" float: none; "title=" 50.png "alt=" Wkiol1fnxfor8vxaaaa7jcpbeiu682.png "/>

Check the status of bonding, at this time the work is eth0, another eth1 is down state, here the experiment is complete.

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M02/86/DC/wKiom1fNXFShGyxYAAB_nRNnnQc041.png "style=" float: none; "title=" 51.png "alt=" Wkiom1fnxfshgyxyaab_nrnnnqc041.png "/>




IP Address

They can uniquely identify each device in an IP network

Each host (computer, network device, peripheral device) must have a unique address

The IP address consists of two parts:

Network ID:

Identify the network

Assign one network ID per network segment

Host ID:

Identify a single host

Assigned to each device by the organization


IPV4 address format: dotted decimal notation

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M01/86/F2/wKiom1fPhTfxjAViAAKOcgwFqIs187.png "title=" 64.png "alt=" Wkiom1fphtfxjaviaakocgwfqis187.png "/>

IP Address Classification

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M00/86/F1/wKioL1fPe2DSB-yXAAEUuZ-FuHE448.png "title=" 63.png "alt=" Wkiol1fpe2dsb-yxaaeuuz-fuhe448.png "/>


Class A:

0 000 0000-0 111 1111:1-127

Number of networks: 126, 127

Number of hosts per network: 2^24-2

Default Subnet Mask: 255.0.0.0

Private network Address: 10.0.0.0

Class B:

10 00 0000-10 11 1111:128-191

Network number: 2^14

Number of hosts per network: 2^16-2

Default Subnet Mask: 255.255.0.0

Private network Address: 172.16.0.0-172.31.0.0

Class C:

110 0 0000-110 1 1111:192-223

Network number: 2^21

Number of hosts per network: 2^8-2

Default Subnet Mask: 255.255.255.0

Private network Address: 192.168.0.0-192.168.255.0

Class D: Multicast address

1110 0000-1110 1111:224-239

Class E: reserved for experimental use

240-255


Public IP Address

Class A address:

1.0.0.0-9.255.255.255

11.0.0.0-126.255.255.255


Class B Address

128.0.0.0-172.15.255.255

172.32.0.0-191.255.255.255


Class C Address

192.0.0.0-192.167.255.255

192.169.0.0-223.255.255.255


Private IP Address

Class A address: 10.0.0.0-10.255.255.255/8

Class B Address: 172.16.0.0-172.31.255.255/12

Class C Address: 192.168.0.0-192.168.255.255/16


Special Address

0.0.0.0

0.0.0.0 is not an IP address in the real sense. It represents a collection: All the unclear hosts and destination networks.

255.255.255.255

Restrict broadcast addresses. For this unit, this address refers to all hosts within the network segment (the same broadcast domain)

127.0.0.1~127.255.255.254

A native loopback address that is used primarily for testing. Packets with the destination address "127.0.0.1" should never appear on the transport media.

224.0.0.0 to 239.255.255.255

multicast address, 224.0.0.1 refers to all hosts, 224.0.0.2 refers to all routers. 224.0.0.5 refers to OSPF routers, where addresses are used in a number of specific programs and multimedia programs

169.254.x.x

If the Windows host uses DHCP to automatically assign an IP address and cannot obtain an address from the DHCP server, the host is assigned such an address.


Reserved address

Network address: 32-bit

00000000 00000000 00000000 00000000

Broadcast address:

11111111 11111111 11111111 11111111


Example of subnetting:

1, a company to apply to a class C IP address, but to connect 6 subsidiaries, the largest one sub-

The company has 26 computers, each subsidiary in a network segment, the subnet mask should be set to?

A: Assume that the C network address is 192.168.0.0/24,6 subsidiary, namely Divide 8 subnets, two not, each subnet can hold 30 IP

192.168.0.0-192.168.0.31/27-255.255.255.224

192.168.0.32-192.168.0.63/27-255.255.255.224

192.168.0.64-192.168.0.95/27-255.255.255.224

192.168.0.96-192.168.0.127/27-255.255.255.224

192.168.0.128-192.168.0.159/27-255.255.255.224

192.168.0.160-192.168.0.191/27-255.255.255.224


2, a group company has 12 subsidiaries, each subsidiary has 4 departments. The superior gives a 172.16.0.0/16 network segment, which is allocated to each subsidiary and the Department of the subsidiary.

A: First, the 172.16.0.0/16 separate 16 network segments, of which 4 are reserved for the network segment, so that there are 12 network segments allocated to 12 companies,

Then each company then divides 4 segments from each of these segments to each department.


First subnet: 172.16.0.0-172.16.15.0/20

Department A:172.16.0.0-172.16.3.0/22

Department B:172.16.4.0-172.16.7.0/22

Department C:172.16.8.0-172.16.3.11/22

Department D:172.16.12.0-172.16.3.15/22

The following subnets are divided into 4 subnets so analogy.

Second subnet: 172.16.16.0-172.16.31.0/20

Third subnet: 172.16.32.0-172.16.47.0/20

Fourth subnet: 172.16.48.0-172.16.63.0/20

Fifth subnet: 172.16.64.0-172.16.79.0/20

Sixth subnet: 172.16.80.0-172.16.95.0/20

Seventh Subnet: 172.16.96.0-172.16.111.0/20

Eighth Subnet: 172.16.112.0-172.16.127.0/20

Nineth Subnet: 172.16.128.0-172.16.143.0/20

Tenth subnet: 172.16.144.0-172.16.159.0/20

11th Subnet: 172.16.160.0-172.16.175.0/20

12th Subnet: 172.16.176.0-172.16.191.0/20


3, a group company to subordinate subsidiaries a assigned a section of IP address 192.168.5.0/24, now a company has two floors (1 floor and 2 floor), unified from the 1 floor of the router on the public network. There are 100 computers connected on the 1 floor, and 53 computers are connected on the 2 floor. If you are the company's network management, how should you plan this IP?


192.168.5.1-192.168.5.126/25

192.168.5.128-192.168.5.254/25


Use of the route command

Routing Management Commands

View: Route-n

Add: Route add

Route add [-net|-host] target [netmask Nm] [GWGW] [[Dev] If]

Target: 192.168.1.3 Gateway: 172.16.0.1

#route add-host 192.168.1.3 gw172.16.0.1 Dev eth0

Target: 192.168.0.0 Gateway: 172.16.0.1

Route add-net 192.168.0.0 netmask 255.255.255.0 gw172.16.0.1 Dev eth0

Route add-net 192.168.0.0/24 gw172.16.0.1 Dev eth0

Default route, Gateway: 172.16.0.1

Route add-net 0.0.0.0 netmask 0.0.0.0 gw172.16.0.1

Route add default gw172.16.0.1

Delete: Route del

Route del [-net|-host] target [GWGW] [netmask Nm] [[Dev] If]

Target: 192.168.1.3 Gateway: 172.16.0.1

Route Del-host 192.168.1.3

Target: 192.168.0.0 Gateway: 172.16.0.1

Route del-net 192.168.0.0 netmask 255.255.255.0


Routing experiments

For example, to achieve 192.168.0.0/24 network segment and 172.16.0.0/16 network segment interoperability

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/86/F1/wKioL1fPehOD7zaaAABeZ4G0Px4360.png "title=" 53.png "alt=" Wkiol1fpehod7zaaaabez4g0px4360.png "/>

First look at the default route and IP for R1

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M02/86/F0/wKioL1fPdtihanXDAAC5XKLONR8410.png "style=" float: none; "title=" 54.png "alt=" Wkiol1fpdtihanxdaac5xklonr8410.png "/>

Add a 172.16.0.0/16 route above the R1

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/86/F1/wKiom1fPdtmw5o_eAABAp2llJWQ019.png "style=" float: none; "title=" 55.png "alt=" Wkiom1fpdtmw5o_eaabap2lljwq019.png "/>

View the default route and IP for R2

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M02/86/F1/wKioL1fPiNGj6S4CAAAxLzwWxH4663.png "title=" 65.png "alt=" Wkiol1fpingj6s4caaaxlzwwxh4663.png "/>

Add a 192.168.0.0/24 route above the R2

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/86/F1/wKiom1fPdtnR_IDHAABBqde35vc738.png "style=" float: none; "title=" 56.png "alt=" Wkiom1fpdtnr_idhaabbqde35vc738.png "/>

Because the Linux system default Ip_forward function is turned off, you need to turn on

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/86/F1/wKiom1fPdtrhIxMkAAAjJJ02nC8865.png "title=" 58.png "Style=" Float:none; "alt=" Wkiom1fpdtrhixmkaaajjj02nc8865.png "/>

Shut down all firewalls before they affect the experiment.

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M02/86/F1/wKiom1fPd8WA1-UdAAAGVybyjRg364.png "title=" 59.png "alt=" Wkiom1fpd8wa1-udaaagvybyjrg364.png "/>

Test the PC1 connectivity and the correctness of the routing trend

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M00/86/F0/wKioL1fPeUKBh51FAAC6mq_Hm6g054.png "style=" float: none; "title=" 60.png "alt=" Wkiol1fpeukbh51faac6mq_hm6g054.png "/>

Test the PC2 connectivity and the correctness of the routing trend

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/86/F1/wKiom1fPeUSgT_KeAACJ20TfVY4660.png "style=" float: none; "title=" 61.png "alt=" Wkiom1fpeusgt_keaacj20tfvy4660.png "/>

Complete the experiment, delete the route, and turn off the Ip_forward feature

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/86/F0/wKioL1fPdtmQj5NAAAA5kKixPGU262.png "style=" float: none; "title=" 57.png "alt=" Wkiol1fpdtmqj5naaaa5kkixpgu262.png "/>

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/86/F0/wKioL1fPecDzNQiMAAAU3MKiChA373.png "title=" 62.png "alt=" Wkiol1fpecdznqimaaau3mkicha373.png "/>


This article is from the "~ Breeze ~" blog, please be sure to keep this source http://wanweifeng.blog.51cto.com/1957995/1847295

Network configuration management and subnetting for 9.2_linux network management

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.