Shulou(Shulou.com)05/31 Report--

This article mainly explains "how to configure Linux network". The content in the article is simple and clear, and it is easy to learn and understand. Please follow the editor's train of thought to study and learn how to configure Linux network.

Configure the Linux network

Since we are going to configure the network, let's first take a look at where the configuration files of the network are, and what the relevant configurations are, and what they mean.

Open the network profile

Network profile

BOOTPROTO = static, indicating that the static IP address is enabled. The default is none.

NAME = eth0, a label corresponding to the Nic configuration file. If eth0, the configuration file is ifcfg-eth0.

UUID = xxxx, the unique device ID of the network card, which is automatically generated by the system.

DEVICE = XXX, the name of the Nic device, which is the physical device ID

IPADDR0 = XXX, which means to set the IP address. Pay attention to the following numbers here. After Centos7, you can configure multiple IP addresses on a network card.

PREFIX0 = 24, set the subnet mask. The method of setting the subnet mask here is also different from the previous version. 24 represents 255.255.255.0.

Getway = XXX, gateway address, what is the gateway line will be described in detail

Once you know what each line of the configuration file represents, you can configure it according to your own needs. Remember to restart the network after the configuration is completed. If it is Centos7, then the command will be the following command.

Service network restart

Local loopback profile

Local loopback profile

First line: Device: the device name of the network

Second to fourth lines: IP address of lo interface, subnet mask, network number

Line 7: broadcast address of the lo interface

Line 8: boot the lo interface

Line 9: set the lo interface to the local loopback address

DNS profile / etc/resolv.conf

DNS profile

The "namespace" here represents the domain name server, and the following IP address is the DNS server. When users access a domain name in Linux, they need to rely on these DNS servers to resolve it.

Set host and IP binding profile / etc/hosts

Why do we talk about this configuration file, because when we deploy the cluster, we need to configure it here, so that we don't have to enter the IP of other machines to access it every time, but use the user name directly.

Similar to the hosts file under Windows, let's look at the contents of / etc/hosts in Linux

Hosts profile

From the above, we find that each line in the hosts file is a host, and each line is made up of three parts, each separated by spaces.

One more thing, if you need to analyze some log files in the future, you must know what it is divided according to, so as to avoid wasting time and not dealing with the problem.

Part one: network IP address

Part II: host name domain name

Part III: hostname

Routin

My communication with you needs network transmission, which can be said to have experienced 9981 difficulties in the process of transmission. seeing this, is it a favor to calm my mind, stop, not pull down now, like it later.

This is how countless routers pass through countless nodes to deliver information to your screen.

Then, in order to ensure that the information is transmitted to you, after the data transmission reaches a certain network node, the network node needs to transfer the data to another network node according to a "convention", and then to the next node, and so on to the target host. Each network node here is a "route", and the so-called convention is the routing rule.

So you can't do without routing?

For example, I will send you some boxes of kiwifruit. My place is in Beijing. When I arrive at the delivery point, I need to write your address, such as "Unit 222 of Ma Baoguo Town, Chengdu High-tech Zone". Usually, the mailing point will not send you directly to the designated address, but may first go to Chengdu, and then collect the collection from Chengdu and then send it to Mabaoguo Town. This is to use the distribution strategy to improve efficiency.

The delivery system here is a large network system, and each storage point is mainly responsible for the delivery task of express delivery. as long as the express delivery arrives at the storage point, it must be accurate and quickly deliver the letter to the next storage point. The express delivery here is sent to the destination accurately and quickly through the "routing mechanism".

What kinds of routes are there?

Static rout

Static routing is a static routing rule manually added by the system administrator through route

Dynamic routing

Dynamic routing comes from different machines exchanging routing rules with each other through programs. If the network changes, the routing software recalculates the route and sends out new routing updates

How to configure routing

In Linux, configure static routing information through the route command

Route [- n | ee]

The commonly used options are summarized as follows

Routing option

View current routing table information

View routing table information

From the above, we can see that the output through route-n is a pure IP address, and the output information from route will contain the hostname information. Let's talk about the meaning of the option.

Destination: network number, that is, network

Gateway: the address of the gateway that is connected

Flag

U: stands for route startup

H: indicates that the destination route is a host, not a network

R: indicates that when using dynamic routing, reply to the routing information identification

G: indicates that data needs to be transferred through an external host

M: indicates that the route has been modified

What is the gateway?

I wonder if you have ever experienced the days when you bought a switch in the dormitory and then several machines formed a local area network to play games.

At that time, we could only play local area network games, but could not surf the Internet. with the progress of the times and the rapid development of science and technology, the school assigned each dormitory an IP address, which was the responsibility of the school's network management department. The IP of the dormitory network was usually 192.168.1.x, and the IP address of the campus network was assumed to be 10.10.x.x.

What should you do if you want to surf the Internet in the dormitory at this time?

The first scheme: roommates crowdfunded to buy a network card, and then plugged into the computer of classmate A, the cable of one network card was plugged into the switch of the dormitory, and the other card was plugged into the network port of the campus network, so you could access the Internet at this time. But classmate A's computer contributed, and he can only watch you play games. How pitiful he is.

The second plan: buy a router, this router has an internal network port and an external network port, the external network port is plugged into the campus network port (of course, according to the requirements of the network management department during configuration), and the internal network port is connected to all the computers in the dormitory. In that case, the router has to be on all the time.

The dormitory director can access the Internet, other people's computers also need to configure their own network cards to access the Internet, usually the default configuration of DHCP, when you configure, you will find something called Gateway, which is the gateway. To understand the gateway, you have to understand the MAC head and IP head.

What do MAC and IP have in their heads?

The network card has been carrying this address since the day it was born, so the question is, why not use the MAC address to communicate? Because it is impossible to locate accurately by MAC address, it is more like an ID card as a unique identification. For example, I live on the fifth floor of Block B of Chengdu High-tech Zone. A girl can ask passers-by: "where is Block B of Chengdu High-tech Zone?" passers-by can give him a more specific location. but if she asks, "do you know where Xiao Lan (ID card) is?", obviously there is no way to know, maybe she thinks, "you are a fool."

You can find the IP address (5 / F, Block B, Chengdu High-tech Zone), but you may still not find me. At this time, suppose you may go to the reception desk to ask (actually by roaring, whose ID card is XXX). At this time, I will naturally say yes, but if you shout in Beijing, you can't hear it, so the communication range of the MAC address is actually relatively small, limited to a subnet. What are the fields in its header structure?

MAC

Most of the types in the figure are IP packets, and IP may contain TCP,HTTP and so on, which is a matter of encapsulation. Once you have this MAC address, it will be broadcast on the link, and the MAC network card will find that the packet is originally for it. The network card will take in the packet, open the IP packet, find that the IP address is its own, and then open the TCP packet to find that the port is its own, or 80, which is exactly the port currently being monitored. Open the fish chat mode.

What are the fields in the IP header?

IP header

Forget the details of the above IP header. Here we mainly talk about the source IP and the destination IP address. When we want to access an IP address, we need to determine whether the destination IP is on the same network segment as the current IP address.

How to tell whether it is in the same network segment?

The CIDR and subnet mask of the network are now involved. We usually compare the IP address to the house number, since it is the house number, if it is the same, it will conflict. Suppose everyone sets the address to Unit 3, 110, then the delivery guy can't find a place at all, so when we use the computer, sometimes we can't get on the Internet, and it's probably an IP conflict.

10.120.55.73, this is an IP address. According to "." Split, each part accounts for 8 bit, so the IP address is 32 bits, so there are a total of about 4.29 billion IP addresses, which is obviously not enough now, but how did the designer know that there are so many computers now, so there are IPV6128 bits? as for whether it is enough, it depends on the national fertility policy.

Even if it is not enough, these IP addresses are classified into five categories.

IP address classification

For the three categories of AMagol B & C, it is divided into two parts, the first part is the network number, and the latter part is the host number, which is relatively easy to understand. Suppose everyone is Unit 3 110, Xiao Lan is 110 of Donghua District, and Xiao Li is 110 of Vanke District.

So how many hosts do these categories represent respectively?

Number of hosts of various types

From the above picture, we find that there are 254 addresses in Class C and 65534 addresses in Class B. isn't it too wasteful to put it under a network? is there a compromise?

CIDR

CIDR is called untyped inter-domain routing. Divide the above 32-bit address into two parts, namely the network number and the host number. For example, the address 10.120.55.73ax 24, the 24 after the slash indicates that it is in 32 bits, the first 24 is the network number, and the last 8-bit host number

How to get the network number

AND the subnet mask and IP address to get the network number. At this time, the subnet mask of 255.255.255.0255 is converted into binary to 1Power1, and any number used for AND operation is the original value, so the first three numbers remain unchanged, 10.120.55. The last number is 0 and any number is 0 for AND operation, so the last number is 0, which adds up to 10.120.55.0, which is the network number.

What are private addresses and public addresses?

Private and public addresses

We usually have private IP addresses in our computers or offices, because these IP addresses are managed internally by the relevant organizations and assigned by ourselves, so my private IP address may be the same as yours.

This is like my community is 3 buildings, your community is also 3 buildings. But once you get out of the community, you need to use a common IP address. Just like 1000 Jianjian Road, which is divided by relevant departments, two residential areas cannot be called 1000 Jianjian Road.

How to get a public IP address?

This requires money, after all, is common, more fragrant and limited. Suppose you want to make a website that can be accessed by people all over the country, you need to buy an IP address.

Among the five types of addresses, there is still a Class D multicast address missing. As can be seen from the name, such addresses can be received by machines that belong to a group. Just like the QQ group, everyone can see it when you send a message, but if you reply, you will say otherwise.

All right, after all I've said, let's go back to the gateway.

If you want to communicate with your roommate, it has nothing to do with the gateway, because you are in the same gateway, you only need to get the MAC address through ARP, and then put the source MAC and destination MAC into the MAC header and send it out.

If you are not in the same network segment and you want to chat with your remote girlfriend, you will first visit the default gateway Gateway. This process is the same as that of other machines sent to the same network segment. Put the source address and destination address into the IP header, obtain the gateway MAC address through ARP, put the source MAC and gateway MAC into the MAC header and send them out. After the port of the gateway is accepted, the next step depends on the gateway.

The network management can be regarded as a router, and the router is a physical device. Suppose there are five network ports, and five network ports are equivalent to five paths, each of which is connected to five local networks. The IP address of each path is the same network segment as the IP address of the local area network, and each path is the gateway of the local area network it holds.

To put it simply: if a packet wants to be sent to another local area network, it will choose one path, and then according to the routing algorithm, choose another path with IP header and MAC to throw it out.

Which way do you choose?

Static rout

Static routing is relatively simple. Configure the rules directly on the router. The rules are as follows: if you visit website A, you will go out from gate 2, and the next hop will be IP2;. If you want to visit website B, go out from gate 3, and the next hop will be IP3, and then cache it in the router.

So what do IP headers and MAC headers need to modify?

Common ways of network connection

The basic principles of bridging

Bridging

By default, VMnet0,Bridge bridge is used as a machine for bridging. This machine has two network cards in two local area networks, which are connected by "bridge" so that LAN An and B are seamlessly connected. When bridging, the VMWare network card and the physical network card are in the same IP network segment.

Vmvare bridge is the same principle. Vmvare software will virtualize a network card. When bridging is used, Vmvare will bridge a virtual network card with a real physical network card. In this way, all packets sent to the physical network card will reach the Vmvare virtual machine.

The packets sent by Vmvare will also be sent from the physical network card through the bridge, so if the physical network card can access the Internet, then the bridged virtual network card is basically fine.

The way of networking

The way of bridging is the simplest. If the host is connected to the network, then the virtual machine can be connected to the network, and the virtual machine can be regarded as a computer in the local area network.

Note: when the host network card can access the local area network of internet, the virtual machine will access internet through Bridge.

Nat

Nat

The basic principle of Nat

The full name of NAT is Network address translate,NAT applied on Internet gateways and routers. For example, the address of 192.168.0.123 requires access to Internet, and the packet will first go to the router or gateway, and then the gateway and router will have an IP address that can access Internet. After receiving the packet, the gateway and router will change the IP of the packet (NAT), so that hosts in private network segments can successfully access Internet. This technology solves the problem of scarcity of IP, and the same private IP can access the Internet through gateway NAT.

Well, the same is true for Vmvare, which forges a network card between the virtual machine and the host. The network card and the IP of the virtual machine are NAT out of the same address segment, the network card and the network interface of the host, which means that every packet sent by the virtual will pass through the virtual network card, and then NAT will be sent out from the interface of the host.

Note: the virtual network card and the virtual machine are in the same address range, the virtual machine and the host are in different address segments, and the host is equivalent to the gateway of the virtual machine, so the virtual machine can ping the Ip of the host, but the host Ping is different from the virtual machine Ip,

Networking mode

Dynamic ip address

This method is simple, directly set the virtual machine to use DHCP mode to access the Internet, and Linux can turn on the DHCP service. Note: in vmvare, you need to enable DHCP in Edit-Virtual Network Settings. Default is off.

Static IP settin

If you do not want to use DHCP, you can also set it manually: IP is set to the same network segment as vmnet1, and the gateway is set to vmnet8 (Gateway can be found in the Net tab in "Virtual Network Settings") is usually xxx.xxx.xxx.2. The subnet mask setting is the same as that of VMnet8 (after setting the IP address, the subnet mask is automatically generated)

The DNS settings are the same as the host.

For example, the host IP is 10.70.54.31 and the virtual machine IP is 10.70.54.22. The virtual machine-host virtual machine Internet communication can be realized if the Netmask,Gateway,DNS is the same as the host.

Tip: using NAT technology, the host can access the Internet, and the virtual machine can access the Internet, but the host cannot access the virtual machine.

The way host--only

Host-only

This way: only the host and the virtual machine need to communicate, and the virtual machine is not allowed to access the Internet. There are also two ways.

Dynamic IP address

Here as above, when DHCP is enabled, the virtual machine can automatically obtain the IP address and DNS

Static address

Set the IP address to the same network segment as VM, and the gateway to VMnet1.

It can also be set manually to set the virtual machine IP setting to the same network segment as VMnet1, the gateway set to the same gateway as VMnet1, the other settings to be the same as VMnet1, and the DNS setting to be the same as host.

For instance

For example: VMnet1 IP:172.16.249.1 Gateway: 172.16.249.2. So the virtual machine

IP:172.16.249.100 Gateway: 172.16.249.2 . In this way, the virtual machine host can communicate, but the virtual machine Internet cannot communicate.

Tip: Host-only technology is only used for the exchange of visits between hosts and virtual machines, and has nothing to do with accessing internet.

Thank you for your reading, the above is the content of "how to configure Linux network". After the study of this article, I believe you have a deeper understanding of how to configure Linux network, and the specific use needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.