Network management of Linux system learning

Network Interface Configuration

Use Ifconfig to check and configure the NIC Lo Link encap:local Loopback inet addr:127.0.0.1 mask:255.0.0.0 inet6 addr::  : 1/128 scope:host up LOOPBACK RUNNING mtu:65536 metric:1 RX packets:3576 errors:0 dropped:0 overruns:0          frame:0           TX packets:3576 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1781256 (1.6 mib) TX bytes:1781256 (1.6 mib) venet0 (eth0) Link encap:unspec HWaddr 00-00-00-00-00-00-00-00-00 -00-00-00-00
-00-00-00 inet addr:127.0.0.1 p-t-p:127.0.0.1 bcast:0.0.0.0 mask:255.255.255.255 up broadcast point          Opoint RUNNING noarp mtu:1500 metric:1 RX packets:149510 errors:0 dropped:0 overruns:0 frame:0           TX packets:130564 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0  RX bytes:34270807 (32.6 MiB) TX bytes:33492903 (31.9 MiB) venet0:0 Link encap:unspec HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:23.228.103.10 P-t-P:23.228 .103.10 bcast:23.228.103.10
mask:255.255.255.255 up broadcast pointopoint RUNNING noarp mtu:1500 metric:1 on my virtual machine eth0 called venet0, usually either eth0 or ven Et0, it means the first Ethernet network card.
Where ETH is the first three letters of the Ethernet, representing the Ethernet,
0 represents the first card, the second NIC is eth1, and so on. Link EnCap refers to the way the package is Ethernet; hwaddr refers to the hardware address of the NIC;
Inet addr refers to the current IP address of the network card; broadcast is the broadcast address
(This part is calculated by the system according to the IP and mask, generally do not need to work out, generally do not need to set up manually);
Mask refers to masks; up indicates that the NIC is currently active;
The MTU represents the largest storage unit, the maximum packet that the NIC can transmit at a time, and the RX and TX represent the packets received and sent respectively;
Collision represents the number of collisions sent, if the found value is not 0 it is likely that the network is faulty; Txqueuelen represents the length of the transmit buffer;
The second device is Lo, which represents the loopback address of the host, which is used for local communication. The command to shut down and start the network card is: ifconfig venet0 downifconfig venet0 up writes IP configuration information to the configuration file Redhat and the network configuration file for the CentOS system is in the same directory as/etc/sysconfig/ network-scripts/,
Usually the configuration file is Ifcfg-eth0, if there is a second physical network card, the configuration file is Ifcfg-eth1, and so on.
Cat Ifcft-eth0
Device=eth0
Bootproto=dhcp
Onboot=yes

Where the device variable defines the name of the equipment; The Bootproto variable defines how the IP is acquired, and here the BOOTPROTO=DHCP means:
When the system is enabled, the IP will be obtained by DHCP, and an optional value of static, representing the Ip;onboo of the statically set
The t variable defines whether the device is activated at startup, yes indicates activation, and no indicates no activation.

Settings for Routing and gateways

Linux hosts use IP for communication, assuming a host and B host are in a network segment and the NIC is active,
A has the same ability to communicate directly with B (via a switch or a simple hub).
However, if the a host and the B host are in two different network segments, a must pass router B to communicate with B.
In general, routers are the basic set of it devices, and each segment should have at least one gateway.
You can use the route command to add a default gateway on Linux. Assume that the added gateway is 192.168.160.55, add the following way: Route adddefaultGW 192.168.160.55If you want to delete it, simply change the add to Del. The command can be shortened to the following form: Route deldefault[[Email protected]-170820-ucnk/]# Route-nkernel IP Routing tabledestination Gateway genmask Flags Metric Ref use Iface169.254.0.0 0.0.0.0 255.255.0.0 U 1004 0 0venet00.0.0.0 192.168.160.55 0.0.0.0 UG 0 0 0venet00.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0venet0 If you add a gateway using only the route command, once the system restarts, the configuration information does not exist and this configuration information must be written to the configuration file
In order to be permanently saved. can enter the/etc/sysconfig/network-scripts/directory, locate the Ifcfg-eth0 directory,
Add gatewayt=192.168.160.55 to save it permanently.

DNS Client Configuration

In the early days of Internet invention, the number of networked hosts was limited, and the host needed to access each other only by entering their IP address. But as the host continues to grow, the human brain alone cannot remember more and more IP addresses. In order to solve this problem, people use hosts to record the host name and IP address of the corresponding relationship, so that access to the other side of the host, you do not need to use IP, just
The host name to use. This file under Linux is the specific role of the/etc/hosts.hosts file as follows: 1. In order to speed up the domain name resolution. When you visit a Web site, the system first checks to see if there is a record in the Hosts file and resolves it directly if the record exists.
The corresponding IP, you do not need to request a DNS server. 2. Easy to use internal equipment for small LAN users. Many of the units in the local area network have many internal applications (such as office automation
OA, company forum, etc.), usually in the work also need to access, but because these LAN is too small to set up a DNS server for this purpose,
Using the Hosts file at this point is a simple solution to this problem. Suppose there are two hosts in the company, the IP of Host B is 10.1.1.145, in order to facilitate access to host B, you can add a record in the/etc/hosts file of host A: 10.1.1.145 HOSTB after the completion of the host with the ping command to test the connectivity of Host B, The host name can be seen in the output of the ping HostB
is parsed correctly to 10. 1.1.145, if there are no previously added records,
This will show the Ping:unknown host HostB error.

/etc/resolv.conf

After all, using the Hosts file can only make a limited host record, unable to record all known host names to the hosts file. So
, almost all of today's hosts are using DNS to resolve addresses, and technically, DNS is the host name on all Internet
and the corresponding IP address of the database. The configuration file that sets the host as a DNS client is/etc/resolv.conf, which contains Namesever,
, search, domain three keywords.
[Email protected] ~]# cat/etc/resolv.conf
NameServer 8.8.8.8
NameServer 8.8.4.4
nameserver keyword followed by the IP address of a DNS host, you can set two or three nameserver, but the host when querying the domain name
, the first DNS is queried first, and the second DNS is queried when the DNS is not available, and so on.

Note: Although you can define more than 3 nameserver in the file, it doesn't make sense because the system never uses
to a fourth nameserve.

The search keyword is followed by a domain name. Each host should have exactly one FQDN (fully qualified domain name)
, so often domain name is very long, if here is written search google.com, then www represents www.google.com, this key
You can follow multiple domain names after the word.

Domain keyword is similar to search, except that domain can only be followed by a

Network Speed Measurement Tool

The purpose of the PING program is to test whether another host can be reached, in general, if the ping does not pass a machine, that is, the other host has serious problems, but do not rule out the link firewall factors, ping packet is discarded and other reasons cause ping is not the case. The simplest way to use the ping command is to receive a host name or IP as a single parameter, and after hitting enter, the host of the ping command sends an ICMP echo Request packet to the peer host, and the peer responds with an ICMP reply response packet after the packet is received. The ping command in Linux does not stop actively and requires the use    of the CTRY+C key combination to stop, and the ping command counts the packets sent and the response packets received so that the network packet loss rate can be calculated. [Email protected] ~]# ping Www.baidu.comPING www.a.shifen.com (14.215.177.39) (+) bytes of data.64 bytes from 14.215.1  77.39:icmp_seq=1 ttl=50 time=149 ms64 bytes from 14.215.177.39:icmp_seq=2 ttl=50 time=149 ms64 bytes from 14.215.177.39: icmp_seq=3 ttl=50 time=150 ms64 bytes from 14.215.177.39:icmp_seq=4 ttl=50 time=149 ms64 bytes from 14.215.177.39:icmp_ seq=5 ttl=50 time=149 ms64 bytes from 14.215.177.39:icmp_seq=6 ttl=50 time=149 ms64 bytes from 14.215.177.39:icmp_seq=7 Ttl=50 time=149 ms64 bytes from 14.215.177.39:icmp_seq=8 ttl=50 time=150 ms^c

Host

The host command is used to query DNS records, and if the domain name is used as the host parameter, the command returns the IP of the domain name as follows: [[email protected] ~]# host www.google.comwww.google.com has Address 172.217.11.164www.google.com has IPV6 address 2607:f8b0:4007:804::2004 Note: If using host www.google.com appears-bash:host : Command not found description missing packet, execute yum install bing-utils commands to resolve

Traceroute

There is a TTL field in the IP packet structure that defines the life cycle of the packet, which is used to indicate the health of the IP packet, and when the IP packet is transmitted over the network, the value is reduced by 1 per router, and when the value is reduced to 0 o'clock, the packet is discarded by the router. This design can be used to avoid some of the reasons that always fail to reach the destination package continuously on the Internet (can be called "Ghost package"), reducing unnecessary consumption of network resources.

The router, however, is not silently discarding an IP packet with a TTL value of 0, which sends an ICMP "time-out" message to the host that has the IP packet, and the host receives the IP address of the route at the same time that the ICMP packet has been received.

Traceroute principle: It first constructs a TTL value of 1 data packets sent to the destination host, the packet on the first router, the router first to reduce the TTL value of 1 to 0, and then discard the IP packet, and send an ICMP message, This gives the IP address of the first router that passes through, then constructs a packet with a TTL value of 2, and so on, to get the router IP of the entire link that the IP packet experienced. Here's a question: How does traceroute confirm that the IP packet was successfully received by the destination host? Because the destination host does not send ICMP notifications to the source host even if a packet with a TTL value of 1 is received. At this point, the work of traceroute is to send a UDP packet to the destination host, while the UDP received port for the host can not exist port-

Common Network Troubleshooting:

First, there are two types of network failures: hardware failure and software failure

Hardware failure is mainly divided into network card physical damage, link failure and other reasons. The physical damage of network card refers to the situation that the network card device cannot continue to use due to the damage of the electronic card in use, and the link fault occurs when the network cable or Crystal Head is in the production process, or the physical link is broken due to the aging of the line, which causes the net to be physically connected.

The main performance of the software network card driver failure, which is the operating system of the network card driver incompatibility, this problem often need to install the corresponding network card device driver to solve.

Based on the above two points, the following steps will be taken to resolve the network failure:

The first step is to verify that the NIC itself is working properly? Use the Ping tool to confirm this. Enter ping 127.0.0.1 and see if you can ping it normally? Here the 127.0.0.1 is called the host loopback interface, is the TCP/IP protocol stack normal operation premise. If the ping is not available, it can generally be confirmed that there is a problem with the native TCP/IP protocol stack, the network will not be able to connect naturally, however, the probability of this phenomenon is relatively low.

The second step is to confirm whether the network card is physically or drive faulted, use ping native IP address, if the ping pass indicates that the local device and driver are normal.

The third step is to verify that you can ping other hosts on the must have plotted network segment. This step is to confirm whether the two-tier network device (such as a switch or hub) is working properly. If the ping does not work often indicates a problem on the Layer two network, it may involve the switch port operating mode, VLAN partitioning and other factors.

The fourth step is to verify that you can ping the gateway IP. If the packet reaches the gateway normally, both the host and the local network are healthy.

The fifth step is to confirm whether the IP on the public network can be ping, if the local routing is correct, otherwise it is necessary to confirm that the routing device has made the correct net or routing settings.

The sixth step is to confirm if you can ping a domain name on the public network, if you can ping the general instructions that the DNS section is set correctly.

Even if the actual work may be affected by a number of factors such as more complex network environment, security ACL, firewall, and so on, but the difficulty of network troubleshooting, but the above steps are to eliminate the main link of network failure, after the exclusion of different network personalization settings, the troubleshooting steps are similar to this

Network management of Linux system learning