Network Fundamentals of Linux

Transfer from http://www.cnblogs.com/shijiaqi1066/p/3840284.html

Linux network interface

Linux network interface, which contains the concept of network card.

In the Linux system, the naming rule:

The eth0 is the first interface (Ethernet Card), and the eth1 is the second one.

Lo is a local loopback interface with a fixed IP address of 127.0.0.1, and a mask of 8 bits.

Ifconfig command

The Ifconfig command is commonly used to display network interface (NIC) information in the system or to configure network interfaces (Configure a networks interface), such as activation, shutdown, setting up addresses, and so on.

Basic format:ifconfig [Options] [interface] [Operation Command]

Options:

-A: Displays all network interface information, including active and inactive.

-S: Displays only summary data for each interface, which is about interface activity, and each interface displays a single line of information.

-V: If an error occurs on a network interface, an error message is returned to help identify and handle the failure.

Example: The ifconfig command displays only the currently active network interface information by default.

The specific information for each network interface is as follows:

First line

Eth0: Network interface.

Link encap: Network type. The Ethernet represents Ethernet.

HWADDR: The physical address of the network card.

Second line

Inet Addr:ipv4 address.

Bcast: Broadcast address.

Mask: Subnet mask.

Third line

Inet Addr:ipv6 address.

Scope: Scope type. Link means only valid for this NIC.

Line Four

Up: Indicates the network card is turned on.

RUNNING: The network cable that represents the NIC is connected.

Multicast: Indicates support for multicast.

"Mtu:1500": Represents the maximum Transmission Unit 1500 bytes.

Line Five

RX Packets: The number of packets received.

TX Packets: The number of packets transmitted.

Line Six

Collisions: Indicates the number of times the conflict occurred.

Txqueuelen: The length of the transmission queue.

Line Seventh

RX byte: Indicates the number of packets received.

TX byte: Represents the number of packets transferred.

Line Eighth

Interrupt: Terminal number.

Base Address: The memory base addresses.

Example: View all network card information, whether activated or not.

Command:ifconfig-a

Example: Specify the information to view a network card.

Command:ifconfig eth1

Example: assigning IP to a NIC

Command:ifconfig eth0 192.168.1.210

Example: assigning IP to the NIC and configuring the subnet mask at the same time.

Command:ifconfig eth0 192.168.1.210 netmask 255.255.255.0

Example: assigning IP to the NIC, configuring the subnet mask at the same time, setting the gateway, and co-configuring the broadcast address.

Command:ifconfig eth0 192.168.1.210 netmask 255.255.255.0 GW 192.168.1.1 broadcast 192.168.1.255

Example: Disabling a specified network interface

Command:ifconfig eth0 down

Equivalent to:ifdown eth0

Example: Starting a specified network interface

Command:ifconfig eth0 up

Equivalent to:ifup eth0

Example: Modify the NIC MAC address.

Command:ifconfig eth0 hw ether xx:xx:xx:xx:xx:xx

Note: The NIC information configured with the Ifconfig command is not valid after a network service or system restart.

Configuring network information through configuration files

The Linux network configuration file is located in the/etc/sysconfig/network-scripts directory.

Such as: Ifcfg-eth0,ifcfg-eth1,ifcfg-lo represents the Eth0,eth1,lo configuration file respectively.

Displays the contents of the Ifcfg-eth0 file.

Configuration file Description:

Device=eth0 NIC interface name, need Ifcfg-eth0 counterpart.

HWADDR=00:24:8C:79:1A:2B MAC address.

Onboot=yes whether the network service is loaded automatically when it starts.

Bootproto=static enable address protocol with none, Static, DHCP, BOOTP.

ipaddr=192.168.1.153 IP address.

netmask=255.255.255.0 Subnet mask.

network=192.168.1.0 network segment, the first IP of the network segment.

broadcast=192.168.1.255 broadcast address.

gateway=192.128.1.1 the default gateway.

Mtu=1500 the setting of the maximum transmission unit.

Configuration Item Description:

Device: The associated unit name, to be consistent with the second half of the file name "Interface_name";

Bootproto: Boot protocol; To use a static address, use either statics or NONE;DHCP to obtain an address using a DHCP server, with the allowable value {STATIC|NONE|DHCP|BOOTP}

Ipaddr:ip Address

NETMASK: Subnet Mask

Gateway: Set default gateways;

Onboot: Whether the network interface is activated automatically when booting;

HWADDR: Hardware address, to be consistent with the address in the hardware;

USERCTL: Whether the interface is allowed to be controlled by ordinary users, and the allowable value is {Yes|no}

Peerdns: Whether the DNS address specified by the DHCP server is accepted when Bootproto is DHCP; the allowed value is {Yes|no}

You can modify these network configurations using Vi/vim or another text editor.

Once the configuration is saved, the configuration will not take effect until the network service is restarted.

Command:service network Restart

Example: Configure DHCP.

You only need to configure the Bootproto as DHCP.

Device=eth0

Onboot=yes

Bootproto=dhcp

Example: Configure a virtual network card.

The virtual network card can configure multiple IP parameters for a real network card, and can communicate with multiple networks at the same time.

Under the/etc/sysconfig/network-scripts directory, create the ifcfg-eth0:0 file.

device=eth0:0

Onboot=yes

Bootproto=static

ipaddr=192.168.1.227

netmask=255.255.255.0

Onboot=yes

DNS Configuration

DNS server configuration method, that is, edit the configuration file /etc/resolv.conf

DNS addresses can be configured with multiple. All DNS servers in the world are connected together. DNS1 can not find the domain name, DNS2 must not find. DNS2 is used when DNS1 is not available.

A DNS server address is typically configured with 2. Linux servers can be configured up to 3.

When the NIC is using DHCP, the file is modified. If you do not want to modify it, you need to set the Peerdns=no for the NIC configuration file.

About DNS address settings for routers and native machines

The DNS address of the router is set to IP1. The DNS for this machine is IP2. At this time, when the local computer accesses the network resources, the DNS address is the native setting value IP2. If the machine uses the automatic acquisition, it will adopt the router configuration IP1.

When there is no local DNS server, you can use the local hostname mapping configuration

Editing a configuration file /etc/hosts

The following columns are: host IP; host name; host alias.

Host name Configuration

Configure the host name command. shall be effective immediately, but not permanently;

hostname hostname

Permanently in effect profile:/etc/sysconfig/network

The configuration file needs to be restarted for the system to take effect. Want to take effect immediately, and be permanently active. You will need to edit the network file with the hostname command.

Routing and Gateway settings

You need to use a gateway to connect your machine to the network.

Use the route command to set up the gateway.

Route

Add: Adding routes

-host: Host Routing

-net: Network Routing

Del: Delete route

-host

-net

Example: Adding a route, removing a use example of a route

Route add-net|-host DEST GW Nexthop

Route add default GW nexthop

Route Del-net 10.0.0.0/8

Route Del-net 0.0.0.0

Route del Default

Changes made to restart the Network service or host after the failure;

If the route command is used directly, you can view the local routing table.

Displays information about each host or port in a digital manner.

Command:route-n

The information configured by the route command will expire after restarting the network service and host.

Routed configuration file: route-ethx file in/etc/sysconfig/network-scripts directory, x for numbers, such as Route-eth0

Add format one:

DEST via Nexthop

Add format two:

address0=

netmask0=

gateway0=

Setup command Configuration

The above configuration can be set through the Setup command

Very easy to use, not detailed. The configuration that you set up with the Setup tool takes effect directly after it is saved. It will not expire after a reboot.

ping command

The underlying protocol for the ping command is the IMCP protocol. The ping command for Linux is slightly different from the ping command in Windows.

Command format:ping [options] [host name or IP address]

Command options:

-D: Use the So_debug function of the socket.

-F: limit detection. Send a large and fast network packet to a machine to see its response.

-N: Outputs only numeric values.

-Q: No information is displayed for any transmittal packets, only the final result is displayed.

-R: Ignores the normal routing Table and sends the packet directly to the remote host. This is usually a matter of looking at the network interface of this computer.

-R: Records the routing process.

-V: Shows the execution of the instruction in detail.

-C Number: Stop after sending a specified number of packages.

-I seconds: set interval a few seconds to send a network packet to a machine, the default value is one second to send once.

-I network interface: sends out packets using the specified network interface.

-L Pre-load: Sets the packets that are emitted before the requested information is sent.

-P Template style: Sets the template style that fills the packet.

-S Bytes: Specifies the number of bytes of data sent, the default value is 56, plus 8 bytes of ICMP header, which is a total of 64ICMP data bytes.

-T Survival value: Sets the size of the Live value TTL.

Example: Set the number of ICMP packet launches.

Command:ping-c 3 192.168.1.100

Example: Set the size of the ICMP packet.

Command:ping-s 60000 192.168.1.100

Copy across a Linux system

There are 3 common ways to copy files between different Linux:

• FTP, which is one of the Linux installation FTP Server, so you can use another FTP client program to copy files.
• Samba services, like Windows file Copy, operate in a way that is simpler and more convenient.
• Use the SCP command to copy files.

SCP command

SCP is security copy, based on SSH protocol.

It should be noted that the remote host needs to install openssh-clients to accept the SCP transmission, otherwise it will be an error. You can use theyum install openssh-clientscommand to install the appropriate tool.

Basic format:

SCP Remote user @ip Address: Absolute path to file local Linux system path

SCP local linux System file path remote user @ip Address: absolute path to File

Command options:

-1: Force SCP command to use protocol SSH1.

-2: Force SCP command to use protocol SSH2.

-4: The Force SCP command uses only IPV4 addressing.

-6: The Force SCP command uses only IPV6 addressing.

-B: Use batch mode (transfer password or phrase is not asked during transfer)

-C: Allow compression. (Pass the-c flag to SSH to turn on the compression function)

-P: Preserves the original file's modification time, access time, and access rights.

-Q: The transfer progress bar is not displayed.

-R: Recursively replicate the entire directory.

-V: Displays the output in verbose mode. SCP and SSH (1) will display debugging information for the entire process. This information is used to debug connections, authentication, and configuration issues.

-C cipher: To encrypt the data transfer with cipher, this option will be passed directly to SSH.

-F Ssh_config: Specifies an alternative SSH configuration file that is passed directly to SSH.

-I identity_file: The key file used to read the transfer from the specified file, which is passed directly to SSH.

-L Limit: limits the bandwidth that the user can use, in kbit/s.

-O Ssh_option: If you are accustomed to using the parameter passing method in Ssh_config (5).

-P Port: note is uppercase P, port is the port number used to specify the data transfer.

-S Program: Specifies the programs that are used to encrypt the transfer. This program must be able to understand the options for SSH (1).

Example: The IP of remote Linux is 203.171.236.52. Now copy the local machine's text to the remote Linux directory.

Command: Scp/home/tomcat/server.war [email protected]:/home/tomcat/

After you type the command, you are asked to enter the password for the root user of 203.171.236.52. It then starts copying the data remotely.

Download using the wget command

The wget command is used to download on the command line, support the continuation of the breakpoint, very stable. The wget command supports the HTTP,HTTPS and FTP protocols, which can be used with HTTP proxies. The wget command can also be executed in the background after the user exits the system.

Command format:wget [options] [url address]

See wget's Help documentation for specific options, not detailed here.

Example: Use wget to download a single file. The downloaded file is saved in the current directory.

Command:wget http://www.minjieren.com/wordpress-3.1-zh_CN.zip

Note: The progress bar will be displayed during the download, including (Percent download complete, bytes already downloaded, current download speed, remaining download time).

Example: Using Wget-o to download and save with a different file name

Command:wget-o wordpress.zip http://www.minjieren.com/download.aspx?id=1080

Description: Wget By default, the downloaded file is ordered by the last character in the URL that matches the "/".

Example: Using wget--limit-rate speed limit Download

Command:wget--limit-rate=300k http://www.minjieren.com/wordpress-3.1-zh_CN.zip

Description: The wget command consumes all possible broadband downloads by default.

Example: Using Wget-c breakpoint to continue the transmission

Command:wget-c http://www.minjieren.com/wordpress-3.1-zh_CN.zip

Description: Download a large file due to network and other reasons caused by the download interrupted, you can continue to download. Continue interrupted downloads can use the-C option.

Example: using wget-b background download

Command:wget-b http://www.minjieren.com/wordpress-3.1-zh_CN.zip

Description: Use parameter-b for background download. View Download progress:tail-f Wget-log

Example: Disguise proxy name download

Command:wget--user-agent= "mozilla/5.0 (Windows; U Windows NT 6.1; En-US) applewebkit/534.16 (khtml, like Gecko) chrome/10.0.648.204 safari/534.16 "http://www.minjieren.com/ Wordpress-3.1-zh_cn.zip

Description: Some websites may reject your download request by judging the proxy name as not a browser. But you can disguise it by--user-agent parameters.

Example: Using wget--spider test Download link

Command:wget--spider URL

Example: Setting retry times with wget--tries

Command:wget--tries=40 URL

Description: wget default retry 20 connection download file.

Example: Using wget-i to download multiple files

Command:wget-i filelist.txt

Description: FileList is a text file that lists the download links.

Example: Using wget for FTP download

Command:wget--ftp-user=username--ftp-password=password URL

Note: Anonymous FTP downloads can be done directly using wget without the need for a username and password. Use the format above if you need a username or password.

Network Port Monitoring

The netstat command is used to display various network-related information. such as network connections, running ports, and routing tables.

Basic format:netstat [options]

Command options:

-A or--all shows all sockets in the connection.

-a< network type > or--< network type > lists the relevant addresses in the network type connection.

-C or--continuous continues to list network status.

-C or--cache displays the cache information for the router configuration.

-E or--extend displays other relevant information about the network.

-F or--FIB displays the fib.

-G or--groups displays the multi-broadcast feature group members list.

-H or--help online Help.

-I or--interfaces displays the Web interface information form.

-L or--listening displays the socket of the server in the monitor.

-M or--masquerade displays the spoofed network connection.

-N or--numeric uses the IP address directly, not through the domain name server.

-N or--netlink or--symbolic displays the symbolic connection name of the network hardware peripherals.

-O or--timers displays the timer.

-P or--programs shows the program identification code and program name that are using the socket.

-R or--route displays routing Table.

-S or--statistice displays the statistics of network work information.

-T or--tcp shows the connection status of the TCP transport protocol.

-U or--UDP shows the connection status of the UDP transport protocol.

-V or--verbose shows the instruction execution process.

-V or--version displays version information.

-W or--raw shows the connection status of the raw transport protocol.

-X or--unix the effect of this parameter is the same as specifying the "-A Unix" parameter.

--ip or--inet The effect of this parameter is the same as specifying the "-A inet" parameter

Example: List all ports

Command:netstat-a

......

Description

The output can be divided into two parts:

Active Internet connections, known as active TCP connections, where "recv-q" and "Send-q" refer to%0a receive queues and send queues. These figures are generally supposed to be 0. If not, it means that the package is accumulating in the queue. This situation can only be seen in very few cases.

Active UNIX domain sockets, known as the active UNIX Domains socket interface (as with network sockets, but only for native communication, performance can be increased by one times).

Proto represents the protocol used.

REFCNT represents the process number that is connected to this set of interfaces.

Types shows the type of the socket interface.

State displays the current status of the socket interface.

Path represents the path name used by other processes that are connected to the socket interface.

State displayed in three states:

Established: Indicates an established connection

LISTENING: Represents the connection that listens for connection requests.

Time_wait: Indicates that the connection has ended. This is a state that is in the state before the connection is completely closed.

Example: List all TCP ports

Command:netstat-at

Example: List all UDP ports

Command:netstat-au

Example: Show only listening ports

Command:netstat-l

Example: List all listening TCP ports only

Command:netstat-lt

Example: List all listening UDP ports only

Command:netstat-lu

Example: List all listening UNIX ports only

Command:netstat-lx

Example: displaying statistics for all ports

Command:netstat-s

Example: displaying statistics for TCP or UDP ports

Command:netstat-st

Command:netstat-su

Example: displaying PID and process names in the Netstat output

Command:netstat-p

Note: Netstat-p can be used with the option switch, you can add "Pid/process name" to the netstat output, so debugging can easily find a specific port to run the program.

Example: PID and process name for the Netstat output TCP protocol

Command:netstat-pt

Example: Use a number to indicate the host, port, user name, etc. details.

Command:netstat-n

Commands executed in this manner are faster.

If you just don't want one of these three names to be displayed, use the following command:

Netsat-a--numeric-ports

Netsat-a--numeric-hosts

Netsat-a--numeric-users

Example: Continuous output netstat information. Netstat will output network information every second.

Command:netstat-c

Example: Show address families not supported by the system (addr families)

Netstat--verbose

At the end of the output, the following information is available:

Example: Displaying core routing information

Command:netstat-r

Example: Find out which port the program is running on

Command:netstat-an | grep ': '

Example: Displaying a list of network interfaces

Command:netstat-i

Show details, similar to ifconfig use command:netstat-ie

Network Fundamentals of Linux