Network Management and experiment (the route command and ip command are implemented respectively) A network-related file [plain] [root @ serv01 data] # vim/etc/sysconfig/network-scripts/ifcfg-eth0 [root @ serv01 data] # cd/etc/sysconfig/network- scripts/[root @ serv01 network-scripts] # ifconfig # other Linux: not necessarily eth0. The name is not important, you can modify [root @ serv01 network-scripts] # ls ifcfg-* ifcfg-eth0 ifcfg-lo [root @ serv01 network-scripts] # catifcfg-eth0 # DEVICE name DEVICE = "eth0" # MAC address, globally Unique. Two identical MAC addresses in a LAN: ARP spoofing #00: 0C: 29: Manufacturer ID #07: DD: 3B: Manufacturer definition HWADDR = "00: 0C: 29: 07: DD: 3B "NM_CONTROLLED =" yes "# enable or disable ONBOOT =" yes "# IP address IPADDR = 192.168.1.11 # subnet mask: Calculate the network number together with the IP address, determine whether a network segment is NETMASK = 255.255.255.0 # GATEWAY: data transmission across network segments GATEWAY = 192.168.1.11 # The GATEWAY can be configured to this file: network. Multiple NICs can use this gateway. Global configuration # host name gateway configuration [root @ serv01 network-scripts] # vim/etc/sysconfig/network # ing between IP addresses and host names [root @ serv01 network-scripts] # ls/ etc/hosts/etc/hosts [root @ larrywen ~] # Vim/etc/hosts [root @ serv01 network-scripts] # tail-n2/etc/hosts 192.168.0.29 up01.host.com 192.168.0.185 up02.host.com # ping the domain name, or ping [root @ larrywen ~] # Ping up01.host.com [root @ larrywen ~] # Ping up02.host.com # DNS configuration [root @ serv01 network-scripts] # vim/etc/resolv. conf [root @ serv01 network-scripts] # cat/etc/resolv. conf nameserver 8.8.8.8 2 basic network command 1. ping Command [plain] # ping all the time by default, and press Ctrl + C to end [root @ larrywen ~] # Ping 192.168.1.11 # ping three times [root @ larrywen ~] # Ping-c 3 192.168.1.1 # ping three times and ping it every three seconds [root @ serv01 ~] # Ping-c 3-I 3192.168.1.11 #-s: indicates the size of the package that can be followed [root @ serv01 ~] # Ping 192.168.1.1-s 1024 PING 192.168.1.1 (192.168.1.1) 1024 (1052) bytes of data. 1032 bytes from 192.168.1.1: icmp_seq = 1ttl = 64 time = 0.130 MS [root @ serv01 ~] # Ping -- help # I: Specify the device from which to go [root @ serv01 ~] # Ping-I eth0 192.168.1.11 # [root @ serv01 ~] # Ping-I eth1 192.168.1.11 [root @ serv02 ~] # Ifconfig eth1 172. xxxnetmask = 255.255.255.0 2. netstat Command [plain] [root @ serv01 ~] # Netstat-lanput # service configuration file: Port and service correspond to [root @ serv01 ~] # Vim/etc/services # modify the IP address and subnet mask [root @ serv01 ~] # Ifconfig eth1 172.6.13.11netmask 255.255.255.0 # manually modify the MAC address [root @ serv01 ~] # Ifconfig eth1 hw ether00: 0C: 29: 07: DD: 3C [root @ serv01 ~] # Ifconfig eth0 # manually modify MTU [root @ serv01 ~] # Ifconfig eth1 mtu 2000 # modify the IP address and subnet mask and take the alias. this parameter is valid temporarily [root @ serv01 ~] # Ifconfig eth1: zk172.6.13.131 netmask 255.255.255.0 [root @ serv01 network-scripts] # cpifcfg-eth0 ifcfg-eth1 [root @ serv01 network-scripts] # vimifcfg-eth1 [root @ serv01 network-scripts] # cpifcfg-eth1 ifcfg-eth1: zk [root @ serv01 network-scripts] # vimifcfg-eth1: zk # Delete [root @ serv01 ~] # Ifconfig eth1: zk del172.6.13.131 3. route command [plain] # route [root @ serv01 ~] # Route-n # delete a route [root @ serv02 ~] # Route del-net 169.254.0.0netmask 255.255.0.0 dev eth0 [root @ serv02 ~] # Route del-net 169.254.0.0netmask 255.255.0.0 dev eth1 [root @ serv02 ~] # Service iptables stop [root @ serv02 ~] # Setenforce 0 4. ip command [plain] # Powerful command, not common [root @ serv02 ~] # Ip address # These abbreviations can all be [root @ serv02 ~] # Ip addr [root @ serv02 ~] # Ip add [root @ serv02 ~] # Ip ad [root @ serv02 ~] # Ip a # link: Modify the basic information of the NIC [root @ serv02 ~] # Ip link set eth1 mtu 2000 [root @ serv02 ~] # Ip link [root @ serv02 ~] # Ip link show [root @ serv02 ~] # Ip link list [root @ serv02 ~] # Ip link set eth1 qlen 1500 [root @ serv02 ~] # Ip link # ifconfig cannot change the NIC name [root @ serv02 ~] # Ip link set eth1 namezhink [root @ serv02 ~] # Ip link help # enable the network [root @ serv02 ~] # Ip link set eth1 up # disable the network [root @ serv02 ~] # Ip link set eth1 down [root @ serv02 ~] # Ip address add172.16.1.12/255.255.255.0 broadcast 172.16.1.255 dev eth1 [root @ serv02 ~] # Ip address add172.16.1.12/255.255.255.0 brd 172.16.1.255 dev eth1 # set IP address [root @ serv03 ~] # Ip address add172.16.1.13/255.255.255.0 brd 172.16.1.255 dev eth1 [root @ serv03 ~] # Ip link [root @ serv03 ~] # Ip link set eth1 up [root @ serv03 ~] # Ip link # delete an IP address [root @ serv03 ~] # Ip addr del 172.16.1.15/24dev eth1 # view the route [root @ serv03 ~] # Ip route 172.16.1.0/24 dev eth0 proto kernel scope link src 172.16.1.13 172.16.1.0/24 dev eth1 proto kernel scope link src 172.16.1.14 # Add default route [root @ serv02 ~] # Ip route add default via192.168.1.12 dev eth0 [root @ serv02 ~] # Ip route [root @ serv02 ~] # Route-n # Delete the default route [root @ serv02 ~] # Ip route del default via192.168.1.12 dev eth0 [root @ serv02 ~] # Ip route 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.12 172.16.1.0/24 dev eth1 proto kernel scope link src 172.16.1.12 169.254.0.0/16 dev eth0 scope link metric 1003 [root @ serv02 ~] # Ip route help 3 Experiment 1 (route command implementation) 3.1 small experiment: the network topology figure is as follows 3.2 target [plain] client01 (192.168.1.11) can ping client2 (10.10.1.14) [root @ client01 ~] # Ping 10.10.1.14 connect: Network is unreachable 3.3 preparations 3.3.1. Disable firewall and SELINUX [plain] [root @ client01 ~] # Service iptables stop [root @ client01 ~] # Setenforce 0 3.3.2. virtual Machine configuration [plain] Client01: Use Vmnet1 Serv02: Use Vmnet1, Vmnet2 Serv03: Use Vmnet2, Vmnet3 Client02: Use Vmnet3 3.3.3. configure the IP address and test whether the IP address of the adjacent machine can ping [plain] # The first machine [root @ client01 ~] # Ifconfig eth0192.168.1.11 netmask 255.255.255.0 [root @ client01 ~] # Ping 192.168.1.12 [root @ client01 ~] # Ping 192.168.1.1 # Server 2 [root @ serv02 ~] # Ifconfig eth0 192.168.1.12netmask 255.255.255.0 [root @ serv02 ~] # Ifconfig eth1 172.16.1.12netmask 255.255.255.0 [root @ serv02 ~] # Ping 192.168.1.11 [root @ serv02 ~] # Ping 192.168.1.1 # Server 3 [root @ serv03 ~] # Ifconfig eth0 172.16.1.13netmask 255.255.255.0 [root @ serv03 ~] # Ifconfig eth1 10.10.1.13netmask 255.255.255.0 [root @ serv03 ~] # Ping 172.16.1.12 [root @ serv03 ~] # Ping 172.16.1.1 # Server 4 [root @ client02 ~] # Ifconfig eth0 10.10.1.14netmask 255.255.255.0 [root @ client02 ~] # Ping 10.10.1.14 [root @ client02 ~] # Ping 10.10.1.1 3. 4. solution [plain] # first machine # Add Default Gateway [root @ client01 ~] # Route add default gw192.168.1.12 # modify the sysctl. conf file, change net. ipv4.ip _ forward to 1, and then run sysctl-p to make the modification take effect. [root @ serv02 ~] # Vi/etc/sysctl. conf [root @ serv02 ~] # Sysctl-p [root @ client01 ~] # Sed "7 p"/etc/sysctl. conf-n net. ipv4.ip _ forward = 1 # Second machine # Add route, specify IP address range 10.10.1.0 from 172.16.1.13 [root @ serv02 ~] # Route add-net 10.10.1.0netmask 255.255.255.0 gw 172.16.1.13 # modify the sysctl. conf file, change net. ipv4.ip _ forward to 1, and then execute sysctl-p to make the modification take effect [root @ serv02 ~] # Vi/etc/sysctl. conf [root @ serv02 ~] # Sysctl-p [root @ serv02 ~] # Sed "7 p"/etc/sysctl. conf-n net. route 4.ip _ forward = 1 # Third machine # add route, specify IP address range of 192.168.1.0 from 172.16.1.12 [root @ serv03/] # route add-net 192.168.1.0netmask route 255.255.0 gw 172.16.1.12 # modify sysctl. conf file, net. change ipv4.ip _ forward to 1, and then execute sysctl-p to make the modification take effect [root @ serv02 ~] # Vi/etc/sysctl. conf [root @ serv02 ~] # Sysctl-p [root @ serv03/] # sed "7 p"/etc/sysctl. conf-n net. ipv4.ip _ forward = 1 # Fourth server [root @ client02 ~] # Route add default gw10.10.1.13 # modify the sysctl. conf file, change net. ipv4.ip _ forward to 1, and then run sysctl-p to make the change take effect. [root @ serv02 ~] # Vi/etc/sysctl. conf [root @ serv02 ~] # Sysctl-p [root @ client02 ~] # Sed "7 p"/etc/sysctl. conf-n net. ipv4.ip _ forward = 1 3.5 effect [plain] # client 1ping client 2 [root @ client01 ~] # Ping 10.10.1.14 PING 10.10.1.14 (10.10.1.14) 56 (84) bytesof data. 64 bytes from 10.10.1.14: icmp_seq = 1 ttl = 62 time = 1.84 MS 64 bytes from 10.10.1.14: icmp_seq = 2 ttl = 62 time = 0.856 MS 64 bytes from 10.10.1.14: icmp_seq = 3 ttl = 62 time = 1.13 MS 64 bytes from 10.10.1.14: icmp_seq = 4 ttl = 62 time = 0.805 MS 64 bytes from 10.10.1.14: icmp_seq = 5 ttl = 62 time = 0.866 MS 64 bytes from 10.10.1.14: icmp_seq = 6 ttl = 62 time = 0. 730 MS 64 bytes from 10.10.1.14: icmp_seq = 7 ttl = 62 time = 0.596 MS 64 bytes from 10.10.1.14: icmp_seq = 8 ttl = 62 time = 0.788 MS 64 bytes from 10.10.1.14: icmp_seq = 9 ttl = 62 time = 0.741 m # router 1 captures packets from client 1 [root @ serv02 ~] # Tcpdump-I eth0 host192.168.1.11 tcpdump: verbose output suppressed, use-vor-vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 01:10:02. 177598 IP 192.168.1.11> 10.10.1.14: ICMP echo request, id 26629, seq 65, length 64 01:10:02. 178496 IP 10.10.1.14> 192.168.1.11: ICMP echo reply, id 26629, seq 65, length 64 01:10:02. 179861 IP 192.168.1.1.51524> 192.168.1.11.ssh: Flags [.], ack 1140604063, win 472, options [nop, nop, TS val30797425ecr 5038478], length 0 01:10:02. 179882 IP 192.168.1.11.ssh> 192.168.1.1.51524: Flags [P.], seq 4294967201: 1, ack 0, win 429, options [nop, nop, TS val 5038478ecr 30796131], length 96 # router 2 captures the package from client 1 [root @ serv03/] # tcpdump-I eth0 host 192.168.1.11 tcpdump: verbose output suppressed, use-vor-vv for full protocol Decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 01:10:18. 038232 IP 192.168.1.11> 10.10.1.14: ICMP echo request, id 26629, seq 81, length 64 01:10:18. 038655 IP 10.10.1.14> 192.168.1.11: ICMP echo reply, id 26629, seq 81, length 64 01:10:19. 039708 IP 192.168.1.11> 10.10.1.14: ICMP echo request, id 26629, seq 82, length 64 01:10:19. 040050 IP 10.10.1.14> 192.168.1.11: I CMP echo reply, id 26629, seq 82, length 64 # client 2 captures packets from client 1 [root @ client02 ~] # Tcpdump-I eth0 host192.168.1.11 tcpdump: verbose output suppressed, use-vor-vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 01:10:31. 341271 IP 192.168.1.11> 10.10.1.14: ICMP echo request, id 26629, seq 94, length 64 01:10:31. 341298 IP 10.10.1.14> 192.168.1.11: ICMP echo reply, id 26629, seq 94, length 64 01:10:32. 341282 IP 192.168.1.11> 10.10. 1.14: ICMP echo request, id 26629, seq 95, length 64 01:10:32. 341310 IP 10.10.1.14> 192.168.1.11: ICMP echo reply, id 26629, seq 95, length 64 # client 2ping client 1 [root @ client02 ~] # Ping 192.168.1.11 PING 192.168.1.11 (192.168.1.11) 56 (84) bytes of data. 64 bytes from 192.168.1.11: icmp_seq = 1ttl = 62 time = 0.752 MS 64 bytes from 192.168.1.11: icmp_seq = 2ttl = 62 time = 0.951 MS 64 bytes from 192.168.1.11: icmp_seq = 3ttl = 62 time = 0.604 MS 64 bytes from 192.168.1.11: icmp_seq = 4ttl = 62 time = 1.02 MS # router 1 captures packets from client 2 [root @ serv02 ~] # Tcpdump-I eth0 host10.10.1.14 tcpdump: verbose output suppressed, use-vor-vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 01:11:36. 589348 IP 10.10.1.14> 192.168.1.11: ICMP echo request, id 51205, seq 44, length 64 01:11:36. 589971 IP 192.168.1.11> 10.10.1.14: ICMP echo reply, id 51205, seq 44, length 64 01:11:37. 590849 IP 10.10.1.14> 192.168.1. 11: ICMP echo request, id 51205, seq 45, length 64 01:11:37. 591093 IP 192.168.1.11> 10.10.1.14: ICMP echo reply, id 51205, seq 45, length 64 # router 2 captures the packet from client 2 [root @ serv03/] # tcpdump-I eth0 host 10.10.1.14 tcpdump: verbose output suppressed, use-vor-vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 01:11:20. 425712 IP 10.10.1.14> 192.168.1.11: IC MP echo request, id 51205, seq 28, length 64 01:11:20. 426316 IP 192.168.1.11> 10.10.1.14: ICMP echo reply, id 51205, seq 28, length 64 01:11:21. 426282 IP 10.10.1.14> 192.168.1.11: ICMP echo request, id 51205, seq 29, length 64 01:11:21. 426769 IP 192.168.1.11> 10.10.1.14: ICMP echo reply, id 51205, seq 29, length 64 01:11:22. 426792 IP 10.10.1.14> 192.168.1.11: ICMP echo request, id 51205, seq 30, l Ength 64 01:11:22. 427346 IP 192.168.1.11> 10.10.1.14: ICMP echo reply, id 51205, seq 30, length 64 # client 1 captures packets from client 2 [root @ client01 ~] # Tcpdump-I eth0 host10.10.1.14 tcpdump: verbose output suppressed, use-vor-vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 01:12:27. 549172 IP 10.10.1.14> 192.168.1.11: ICMP echo request, id 51205, seq 95, length 64 01:12:27. 549198 IP 192.168.1.11> 10.10.1.14: ICMP echo reply, id 51205, seq 95, length 64 01:12:28. 549233 IP 10.10.1.14> 192.168.1. 11: ICMP echo request, id 51205, seq 96, length 64 01:12:28. 549259 IP 192.168.1.11> 10.10.1.14: ICMP echo reply, id 51205, seq 96, length 64 experiment-ip command implementation [plain] # prerequisites [root @ client01 ~] # Service iptables stop [root @ client01 ~] # Setenforce 0 [root @ client01 ~] # Chkconfig iptables off [root @ client01 ~] # Chkconfig ip6tables off # configuration of the first machine [root @ client01 ~] # Ip route add default via192.168.1.12 dev eth0 [root @ client01 ~] # Route-n [root @ client01 ~] # Sysctl-wnet. ipv4.ip _ forward = 1 net. ipv4.ip _ forward = 1 # configure the second server [root @ serv02 ~] # Ip route add10.10.1.0/route 255.0 via 172.16.1.13 dev eth1 [root @ serv02 ~] # Ip route [root @ serv02 ~] # Sysctl-w net. ipv4.ip _ forward = 1 net. ipv4.ip _ forward = 1 # Third server [root @ serv03 ~] # Ip route add192.168.1.0/route 255.0 via 172.16.1.12 dev eth0 [root @ serv03 ~] # Route-n [root @ serv03 ~] # Sysctl-wnet. ipv4.ip _ forward = 1 net. ipv4.ip _ forward = 1 # Fourth server [root @ client02 ~] # Sysctl-wnet. ipv4.ip _ forward = 1 net. ipv4.ip _ forward = 1 [root @ client02 ~] # Cat/proc/sys/net/ipv4/ip_forward 1 [root @ client02 ~] # Ip route add default via10.10.1.13 dev eth0 [root @ client02 ~] # Route-n