Shulou(Shulou.com)06/01 Report--

CentOs Network Management: ifconfig Family, iproute Family and configuration Files

The ifcfg family has always played an important role in the network management of centos, and this family has accompanied centos through the arduous youth. But according to the laws of society, the growing centos is gradually snubbing the wife of the chaff and marrying a larger family that is more helpful to his future-the iproute family. The ifcfg family is slipping into the cold palace, and the iproute family is about to move into the main palace.

Ifcfg command family

Ifconfig command: for interface and address viewing and management

Ifconfig displays an enabled Nic information

[root@yph7 ~] # ifconfig- displays the status information of enabled network interfaces eno16777736: flags=4163 mtu 1500 inet 172.16.59.1 netmask 255.255.0.0 broadcast 172.16.255.255 inet6fe80::20c:29ff:fe90:fa11 prefixlen64 scopeid 0x20 ether00:0c:29:90:fa:11 txqueuelen 1000 (Ethernet) RX packets 641674 bytes 40563451 (38.6 MiB) RX errors 0 dropped 169 overruns 0 frame 0 TX packets 18804 bytes 10014415 (9.5 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73 mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6:: 1 prefixlen 128 scopeid 0x10 loop txqueuelen 0 (Local Loopback) RX packets 131 bytes 7618 (7.4 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 131 bytes 7618 ( 7.4 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

Ifconfig-a: an interface that displays all interfaces, including inactive status

[root@yph7 ~] # ifconfig-a-found an extra network card This network card is not enabled eno16777736:flags=4163 mtu 1500 inet172.16.59.1 netmask 255.255.0.0 broadcast 172.16.255.255 inet6fe80::20c:29ff:fe90:fa11 prefixlen64 scopeid 0x20 ether00:0c:29:90:fa:11 txqueuelen 1000 (Ethernet) RXpackets 646011 bytes 40828485 (38.9 MiB) RXerrors 0 dropped 169 overruns 0 frame 0 TXpackets 18835 bytes 10018077 (9.5 MiB) TXerrors 0 Dropped 0 overruns 0 carrier 0 collisions 0 eno33554984:flags=4098 mtu 1500-ether00:0c:29:90:fa:1b txqueuelen 1000 (Ethernet) RXpackets 0 bytes 0 (0.0B) RXerrors 0 dropped 0 overruns 0 frame 0 TXpackets 0 bytes 0 (0.0B) TXerrors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73 mtu 65536 inet127.0.0.1 netmask 255.0.0.0 inet6::1 prefixlen 128 Scopeid 0x10 loop txqueuelen 0 (Local Loopback) RXpackets 131 bytes 7618 (7.4 KiB) RXerrors 0 dropped 0 overruns 0 frame 0 TXpackets 131 bytes 7618 (7.4 KiB) TXerrors 0 dropped 0 overruns 0 carrier 0 collisions 0

View the status information of the specified network interface:

[root@yph7 ~] # ifconfigeno33554984eno33554984:flags=4098 mtu 1500 ether 00:0c:29:90:fa:1b txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

Configure IP address, mask:

Ifconfig IFACE IP/MASK [up | down]

Configure ip and subnet mask for the specified network interface, and can enable or deactivate this network interface

-set ip and netmask, and enable the network card. The "up" in the following figure indicates that the network card is enabled.

Another way to set the subnet mask:

Ifconfig IFACE IP netmask NETMASK

[root@yph7 ~] # ifconfig eno33554984 192.168.254.254netmask 255.255.255.0

[root@yph7 ~] # ifconfig eno33554984

Eno33554984: flags=4099 mtu 1500

Inet192.168.254.254 netmask255.255.255.0 broadcast 192.168.254.255

Ether00:0c:29:90:fa:1b txqueuelen 1000 (Ethernet)

RXpackets 0 bytes 0 (0.0B)

RXerrors 0 dropped 0 overruns 0 frame 0

TXpackets 0 bytes 0 (0.0B)

TXerrors 0 dropped 0 overruns 0 carrier 0 collisions 0

When this network card is disabled, "up" disappears, indicating that this network card has been disabled.

Delete the IP address:

[root@yph7 apache2] # ifconfig eth0 0 Delete the ip address of eth0 [root@yph7 apache2] # ifconfig eth0 View eth0 information eth0 Link encap:Ethernet HWaddr 00:0C:29:40:7C:9B inet6 addr: fe80::20c:29ff:fe40:7c9b/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:3518 errors:0 dropped:0 overruns:0 frame:0 TX packets:208 errors : 0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:331302 (323.5 KiB) TX bytes:56048 (54.7 KiB)

Ifconfig [-] promisc promiscuous mode on or off

Turn on hybrid mode

Turn off mixed mode and "PROMISC" disappears

Note: the ifconfig command is immediately sent to the TCP/IP protocol stack in the kernel and takes effect.

Route command: route viewing and management

Route entry type:

Host routing: the destination address is a single IP

Network routing: the destination address is the IP network

Default route: destination is any network, 0.0.0.0max 0.0.0.0

Viewing: displaying view route entry

Route-n displays routing information in digital format, rather than inverse solution, because inverse solution will consume system resources

[root@yph7] # route-nKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface0.0.0.0 172.16.0.1 0.0.0 UG 10000 eno16777736172.16.0.0 0.0.0.0 255.255.0.0 U 10000 eno16777736192.168.0.0 0. 0.0.0 255.255.255.0 U 0 0 0 eno33554984

Destination refers to the address of the destination network, and Genmask refers to the mask of the destination network.

Gateway refers to the address of the next-hop gateway. A Gateway of 0.0.0.0 means no gateway is required and a directly connected route is required.

Metric refers to the cost of getting to this address.

Flags: the status of the route entry, where U indicates enabled. G represents the gateway, but not necessarily the default gateway.

Iface: your own local network card interface

Add a route in the format:

Route add [- net |-host] target [netmask NETMASK] [gw GW] [[dev] If]

Add a route: for the purpose of 10.0.0.0amp 8 and 192.168.0.1 as the next hop, through the eno33554984 interface

Because 10.0.0.0 is the network address, use-net.

The next hop address must be accessible by my own Destination. Because I have two network cards, one of which has an IP of 192.168.0.5, so its Destination is 192.168.0.0, so if you want to add a route through this network card, the gw must be 192.168.0.x; adding through another network card is the same.

[root@yph7] # route add-net 10.0.0.0 eno1677773610.0.0.0 8 gw 192.168.0.1 eno33554984 [root@yph7] # route-nKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface0.0.0.0 172.16.0.1 0.0.0 UG 10000 eno1677773610.0.0.0 192.168.0.1 255. 0.0.0 UG 00 0 eno33554984172.16.0.0 0.0.0.0 255.255.0.0 U 100 00 eno16777736192.168.0.0 0.0.0.0 255.255.255.0 U 00 0 eno33554984

Add the default gateway. The result of the following two ways of adding is the same. Default is equivalent to-net 0.0.0.0max 0.0.0.0.

[root@yph7 ~] # route add default gw 192.168.0.2 [root@yph7 ~] # route add-net 0.0.0.0 netmask 0.0.0.0 gw 192.168.0.2 [root@yph7] # route-nKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface0.0.0.0 192.168.0.2 0.0.0.0 UG 0 0 0 eno335549840.0.0.0 172.16.0.1 0.0.0.0 UG 100 00 eno1677773610.0.0.0 192.168.0.1 255.0.0.0 UG 00 0 eno33554984172.16.0.0 0.0.0.0 255.255.0.0 U 100 0 0 eno16777736192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eno33554984

Delete a route:

Route del [- net |-host] target [gw Gw] [netmask Nm] [[dev] If]

Delete the default gateway:

[root@yph7 ~] # route del default [root@yph7 ~] # route-nKernel IP routing table-the default gateway with 192.168.0.2 as gw has lost Destination Gateway Genmask Flags Metric Ref Use Iface0.0.0.0 172.16.0.1 0.0.0.0 UG 1000 eno1677773610.0.0.0 192.168.0.1 255.0.0.0 UG 00 0 eno33554984172.16.0.0 0.0.0.0 255.255.0.0 U 100 00 eno16777736192.168.0.0 0.0.0.0 255.255.255.0 U 00 0 eno33554984

Delete if there is a duplicate Destination, you must specify a gw

[root@yph7] # route del-net 10.0.0.0 nKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface0.0.0.0 8 gw 192.168.0.1 [root@yph7] # route-nKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface0.0.0.0 172.16.0.1 0.0.0.0 UG 10000 eno16777736172.16.0.0 0.0.0.0 255. 255.0.0 U 100 00 eno16777736192.168.0.0 0.0.0.0 255.255.255.0 U 00 0 eno33554984

Netstat command:

Print networkconnections, routing tables, interface statistics, masquerade connections, andmulticast memberships, display network connection status, interface status, routing table and other information.

Netstat-rn displays the routing table, similar to route-n

-r:routing, showing the kernel routing table

-n: numeric format

[root@yph7 ~] # netstat-rnKernel IP routingtableDestination Gateway Genmask Flags MSS Window irtt Iface0.0.0.0 172.16.0.1 0.0.0.0 UG 0 000 eno16777736172.16.0.0 0.0.0.0 255.255.0.0 U 000 eno16777736

Show network connections:

-t: displays the relevant connections of the established TCP protocol, all of which have their own status; the state contained in the FSM (Finate State Machine) finite state machine

[root@yph7 ~] # netstat-tActive Internet connections (wbat o servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 52 localhost:ssh localhost:49973 ESTABLISHED

If you add-n, the hostname will not be reversed, but will be displayed as a number.

[root@yph7] # netstat-tnActive Internet connections (w servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 52 172.16.59.1 tnActive Internet connections 22 172.16.59.0 ESTABLISHED

Proto: protocol

Recv-Q: receive queue, length of queue waiting to be received

Send-Q: send queue, length of waiting to be sent

LocalAddress: local host addr

Foreign Address: remote connection address

State: state you are in

-related connections that have been made by u:UDP, there is no concept of state

[root@yph7 ~] # netstat-un-unable to display Active Internet connections (servers) Proto Recv-Q Send-Q Local Address Foreign Address State [root@yph7 ~] # because of udp-related services

-w:raw socket bare socket related connections

-l: the connection in the listening state is always waiting to receive others.

-a: all statu

-n: display IP and Port in digital format

-e: extended format; if user is 0, the process is started by root, and Inode represents the inode number of the corresponding socket file.

[root@yph7 ~] # netstat-tneActive Internet connections (wshock o servers) Proto Recv-Q Send-Q Local Address Foreign Address State User Inode tcp 0 0 172.16.59.1 tneActive Internet connections 22 172.16.59.0 virtual 49973 ESTABLISHED 0 20867

-p: displays related processes and PID

Common combinations:

-tnl: add l to indicate that you are listening and have been paying close attention to the network information, and State becomes "LISTEN".

[root@yph7] # netstat-tnlActive Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0 only servers 22 0.0.0.0 Proto Recv-Q Send-Q Local Address Foreign Address State tcp * LISTEN tcp 0 0 127.0.1 Proto Recv-Q Send-Q Local Address Foreign Address State tcp 25 0.0.0.0 Proto Recv-Q Send-Q Local Address Foreign Address State tcp Tcp6 0 0: 22: * LISTEN tcp6 0 0:: 1:25:: * LISTEN

-unl: listen to udp. Since udp has no status, there is no content in the State column.

[root@yph7] # netstat-unlActive Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State udp 0 0 0. 0 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 1 udp 0 0. 0. 0. 0. 1 of the 3 23 0. 0. 0. 0. Udp6 0 0: 123: * udp6 0 0:: 1 323: *

-tunlp: listening to both tcp and udp,PID refers to which process is listening.

[root@yph7 ~] # netstat-tnulpActive Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0 tnulpActive Internet connections 22 0.0.0.0 tnulpActive Internet connections * LISTEN 1037/sshd tcp 0 0 127.0.1 15 0.0.0 LISTEN 2163/master tcp6 0 0: 22: * LISTEN 1037/sshd tcp6 0 0:: 1:25:: * LISTEN 2163/master udp 00 0.0.0.0 LISTEN 2163/master udp 123 0.0.0. 0807/chronyd udp6 * 807/chronyd udp 0 0127.0.0.1 807/chronyd udp6 323 0.0.0.0 * 807/chronyd udp6 0 0: 123: * 807/chronyd udp6 0 0:: 1 :: * 807/chronyd

-tan: displays all state links in the tcp state machine. As follows, it shows not only the link of the communication status, but also the monitoring status.

[root@yph7 ~] # netstat-tanActive Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0 tanActive Internet connections 22 0.0.0.0 tanActive Internet connections * LISTEN tcp 0 0 127.0.1 15 0.0.0 LISTEN tcp 0 52 172.16.59.1 ESTABLISHEDtcp6 22 172.16.59.0 ESTABLISHEDtcp6 0 0: 22: * LISTEN tcp6 0 0:: 1:25:: * LISTEN

-uan: as shown below, since udp has no communication for the time being, only the link of listening status is displayed.

[root@yph7] # netstat-uanActive Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State udp 0 0 0. 0 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 1 udp 0 0. 0. 0. 0. 1 of the 3 23 0. 0. 0. 0. Udp6 0 0: 123: * udp6 0 0:: 1 323: *

Transport layer protocols:

Tcp: connection-oriented protocol; establish a virtual link before the communication begins; remove the connection after the communication is completed; prepare for similar phone calls, both sides must be busy, and disconnect after the end, otherwise others will not be able to call in.

Udp: connectionless protocol; send data message directly; similar to writing a letter, send it without confirmation from the other party, the line will not be busy.

Displays the statistics of the interface:

Netstat {- interfaces |-I |-I} [iface] [--all |-a] [--extend |-e] [--verbose |-v] [--program |-p] [--numeric |-n]

-I: displays relevant statistics for all interfaces

[root@yph7] # netstat-iKernel Interface tableIface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flgeno16777 1500 9504 0 17 0 1104 00 0 BMRUeno33554 1500 00 00 00 BMUlo 65536 6 00 0 6 000 LRU

-I: displays statistics about the specified interface. Note: there is no space between "- I" and the interface name.

[root@yph7 ~] # netstat-Ieno33554984Kernel Interface tableIface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flgeno33554 1500 00 00 00 BMU

Ifup/ifdown command: enable or disable a network card

Note: identify the interface and complete the configuration through the configuration file / etc/sysconfig/network-scripts/ifcfg-IFACE; if the newly added network card does not have a configuration file, you must add it manually before using this command. For example, I need to manually add the / etc/sysconfig/network-scripts/ifcfg-eno33554984 configuration file before I can use these two commands.

Hostname view and configure hostnames:

View the hostname:

[root@yph7 ~] # hostnameyph7.localdomain

Configure the hostname: but it is only valid for the current system, and it is not valid after rebooting; moreover, after the hostname is set, the users who log in in this range before the system restart will take effect. That is to say, after the hostname is set, the login will not take effect until you log in, so the following example does not take effect.

[root@yph7 ~] # hostnamevbird [root@yph7 ~] # hostnamevbird

Hostnamectl command: applies only to CentOS 7. Check the help with hostnamectl-- help

Hostnamectl status: displays the details of the current hostname

[root@yph7 ~] # hostnamectl status Static hostname: yph7.localdomainTransient hostname: yph7 Icon name: computer-vm Chassis: vm Machine ID: 0ceb40c75866411c8ccc966de90ff915 Boot ID: 0d23420528e0406480bb2ba9d87aaaec Virtualization: vmware Operating System: CentOS Linux 7 (Core) CPE OS Name: cpe:/o:centos:centos:7 Kernel: Linux 3.10.0-229.el7.x86_64 Architecture: x86

Hostnamectl set-hostname NAME: set the hostname, which is valid forever, but the shell that must be re-logged in is not valid until it is logged in again.

[root@yph7 ~] # hostnamectl set-hostname vbird [root@yph7 ~] # cat / etc/hostname-check to see if the name in the configuration file has changed vbird. Log in again, and you can see below that the new hostname has taken effect. Hello,root Welcome to login,the time is 2015-12-27-21:55:46 [root@vbird ~] #

Configuration file for hostnam

Centos6:/etc/sysconfig/network

Centos7:/etc/hostname

Configure the DNS server to point to: resolve the ip address to the host name or the host name to the ip address

Edit the configuration file: / etc/resolv.conf

Nameserver DNS_SERVER_IP

For example: nameserver 202.106.195.68

Up to three can be configured

How to test to see if DNS works (host/nslookup/dig):

The purpose of the hosts file:

[root@yph7 ~] # cat / etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4::1 localhost localhost.localdomain localhost6 localhost6.localdomain6172.16.0.1 www.baidu.com g.cn google

As shown above, modify the hosts file, add an IP and host resolution on the last line, and add several aliases to 172.16.0.1. As you can see below, I will eventually resolve to 172.16.0.1 host whether ping is www.baidu.com, g.cn or google. It's just that in this way, you can't use the domain name www.baidu.com for hundreds of degrees.

[root@yph7] # ping www.baidu.comPING www.baidu.com (172.16.0.1) 56 (84) bytes of data. [root@yph7] # ping g.cnPING www.baidu.com (172.16.0.1) 56 (84) bytes of data. [root@yph7] # ping googlePING www.baidu.com (172.16.0.1) 56 (84) bytes of data.

Dig-t A FQDN, which resolves the host name into an ip address. You can also access the website directly with the ip address.

[root@yph7] # dig-t A www.magedu.com 600 IN A 101.200.188.230

Dig-x IP: resolves ip to hostname

However, most websites carry out such anti-parsing, so it is likely to be unsuccessful.

Iproute family

The version number of iproute is the same as that of the kernel because many of the iproute settings are placed directly into the kernel. (if you want to verify the version number, please use: rpm-qi iproute; to check the kernel version with uname-r)

Ip command:

Show / manipulaterouting, devices, policy routing and tunnels

Ip OBJECT:link 、 addr 、 route 、 netns

Ip link: network device configuration completes the configuration of network devices, view help with ip link help

Note: ip link set can be abbreviated to ip li se

Ip link set-change device attributes manages device properties

Dev NAME (default): indicates the device to be managed. The keyword dev can be omitted.

Up and down: enable and disable Nic

Disable the network card

[root@yph7 ~] # ip link set eno33554984 down [root@yph7 ~] # ip link list1: lo: mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT link/loopback 00ip link list1 0000VlV 0000VlV 000000 brd 0000VIED 0000Rd 0000Rd 0000Rd: eno16777736: mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000 link/ether 00:0c:29:90:fa:11 brd ff:ff:ff:ff:ff:ff3: eno33554984: mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT qlen 1000 link/ether 00:0c:29:90:fa:1b brd ff:ff:ff:ff:ff:ff

Enable the network card

[root@yph7 ~] # ip link set eno33554984 up-Please use this network card, the "up" logo has returned [root@yph7 ~] # ip link list dev eno335549843: eno33554984: mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT qlen 1000 link/ether 00:0c:29:90:fa:1b brd ff:ff:ff:ff:ff:ff

Multicast on or multicast off: enable or disable multicast featur

Disable Multicast

[root@yph7 ~] # ip link set eno33554984 multicast off [root@yph7 ~] # ip link show eno33554984-you can see that multicast has been turned off. 3: eno33554984: mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT qlen 1000 link/ether 00:0c:29:90:fa:1b brd ff:ff:ff:ff:ff:ff

Enable Multicast

[root@yph7 ~] # ip link set eno33554984 multicast on [root@yph7 ~] # ip link list eno33554984-you can see that multicast is coming again: eno33554984: mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT qlen 1000 link/ether 00:0c:29:90:fa:1b brd ff:ff:ff:ff:ff:ff

Name NAME: rename a network interface

[root@yph7 ~] # ip link set eno33554984 down-disable the network card before renaming [root@yph7 ~] # ip link set eno33554984 name eno33333333 [root@yph7 ~] # ip link show-the network card was renamed successfully 1: lo: mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT link/loopback 00lv 0000lv 0000lv 0000 brd 00lv 00lv 0000lv 002: eno16777736 : mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000 link/ether 00:0c:29:90:fa:11 brd ff:ff:ff:ff:ff:ff3: eno33333333: mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT qlen 1000 link/ether 00:0c:29:90:fa:1b brd ff:ff:ff:ff:ff:ff

Mtu NUMBER: sets the size of MTU. Default is 1500.

[root@yph7 ~] # ip link set eno33554984 mtu 1200 [root@yph7 ~] # ip link list eno33554984-mtu has become 1200: eno33554984: mtu 1200 qdisc pfifo_fast state DOWN mode DEFAULT qlen 1000 link/ether 00:0c:29:90:fa:1b brd ff:ff:ff:ff:ff:ff

Ip link show-display device attributes displays device properties ip; link help-shows brief usage help.

Ip link list: usage is similar to ip link show

[root@yph7 ~] # ip link show-shows the status of all network cards, including unenabled network cards [root@yph7 ~] # ip link show eno33554984-shows the status of the specified network interface

Ip netns:-manage network namespaces. Manage network user space

Netns PID:ns is namespace and is used to move interfaces to a specified network namespace; this method can be used to build very complex virtual networks. Only centos7 can be used

Ip netns list: list all netns; can be abbreviated: ip link list or ip li li

Ip netns add NAME: creates the specified netns

Ip netns del NAME: deletes the specified netns

Ip netns exec NAME COMMAND: runs the command in the specified netns

[root@yph7 ~] # ip netns add mynet-add a new network namespace [root@yph7 ~] # ip netns list-check whether the mynet [root@yph7 ~] # ip link show has been added successfully-now there are two network cards 1: lo: mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT link/loopback 00 brd 00:00: Eno16777736: mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000 link/ether 00:0c:29:90:fa:11 brd ff:ff:ff:ff:ff:ff3: eno33333333: mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT qlen 1000 link/ether 00:0c:29:90:fa:1b brd ff:ff:ff:ff:ff:ff [root@yph7 ~] # ip link set eno33333333 netns mynet-move the specified network card to the network name Call the space [root@yph7] # ip link show-now there is only one network card left Because the other piece has been removed 1: lo: mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT link/loopback 0000 brd 0000: eno16777736: mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000 link/ether 00:0c:29:90:fa:11 brd ff:ff:ff:ff:ff:ff [root@yph7 ~] # ip netns exec mynet ip link show-similar to entering the virtual world Line ip link show command 1: lo: mtu 65536 qdisc noop state DOWN mode DEFAULT link/loopback 0000 brd 0000 brd 0000 qdisc noop state DOWN mode DEFAULT qlen 1000 link/ether 00:0c:29:90:fa:1b brd ff:ff:ff:ff:ff:ff [root@yph7 ~] # ip netns del mynet-Delete the virtual network name Call the space [root@yph7] # ip link show-our network card has come back to the real world again. 1: lo: mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT link/loopback 0000 qdisc pfifo_fast state UP mode DEFAULT qlen 0000 qdisc pfifo_fast state UP mode DEFAULT qlen 1000 link/ether 00:0c:29:90:fa: 11 brd ff:ff:ff:ff:ff:ff3: eno33554984: mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT qlen 1000 link/ether 00:0c:29:90:fa:1b brd ff:ff:ff:ff:ff:ff

Ip addr-protocol address management. Manage ip network interface addr

Ip address add-add new protocol address adds a new protocol address

Ip addr add IFADDR dev IFACE

[root@yph7 apache2] # ip addr add 192.168.100.10 eth0 24 dev eth0 [root@yph7 apache2] # ip addr add 192.168.100.20 ip addr add 24 dev eth0 [root@yph7 apache2] # ip addr add 10.0.0.0 eth0 add 3 ip addresses [root@yph7 apache2] # ip addr show eth02: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:40:7c:9b brd ff:ff : ff:ff:ff:ff inet 192.168.100.10, 24 scope global eth0 inet 10.0.0.0, 8 scope global eth0- eth0 has three ip addresses, inet 192.168.100.20, 24 scope global secondary eth0--- is secondary. Because there is an ip inet6 fe80::20c:29ff:fe40:7c9b/64 scope link valid_lft forever preferred_lft forever with the same network segment in front.

Label NAME: specifies the alias of the interface for the additional address; add an alias to the ip address of an interface and use the ifconfig command to view all the ip of the interface.

[root@yph7 apache2] # ip addr add 192.168.100.1 dev eth0 [root@yph7 apache2] # ip addr add 192.168.100.2 dev eth0 label eth0:0 [root@yph7 apache2] # ifconfigeth0 Link encap:Ethernet HWaddr 00:0C:29:40:7C:9B inet addr:192.168.100.1 Bcast:0.0.0.0 Mask:255.255.255.255--- result that no mask is specified. ... eth0:0 Link encap:Ethernet HWaddr 00:0C:29:40:7C:9B inet addr:192.168.100.2 Bcast:0.0.0.0 Mask:255.255.255.255 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

Broadcast ADDRESS: broadcast address; it will be calculated automatically based on IP and NETMASK, so it is generally not necessary for us to set it manually

Scope SCOPE_VALUE: here are three options for scope

Global: globally available; others can ping

Link: the interface is available; if other people's ping is not available, you can ping it.

Host: only available locally; this ip cannot be seen by hosts other than this host

Ip address delete- delete protocol address deletes the specified ip address of the specified interface

Ip addr delete IFADDR dev IFACE

[root@yph7 apache2] # ip addr add 192.168.100.2/24 dev eth0 [root@yph7 apache2] # ip addr del 192.168.100.2/24 dev eth0 [root@yph7 apache2] # ip addr show dev eth02: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:40:7c:9b brd ff:ff:ff:ff:ff:ff inet 192.168.100.1/32 scope global eth0

Ip address show-look at protocol addresses

Ip addr list [IFACE]: displays the address of the interface

Ip address flush- flush protocol addresses clears all ip addresses for the specified interface

Ip addr flush dev IFACE

[root@yph7 apache2] # ip addr show eth0-eth0 original 3 ip2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:40:7c:9b brd ff:ff:ff:ff:ff:ff inet 192.168.100.10 scope global eth0 inet 24 scope global eth0 inet 10.0.0.0 scope global eth0 inet 192.168.100.20 scope global secondary eth0 inet6 fe80::20c:29ff:fe40:7c9b/ 64 scope link valid_lft forever preferred_lft forever [root@yph7 apache2] # ip addr flush eth0-clear all ip addresses for eth0 Failed to send flush request: Cannot assign requested address [root@yph7 apache2] # ip addr list eth02: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:40:7c:9b brd ff:ff:ff:ff:ff:ff

Ip route-routing table management implements routing table management

Ip route add-add new route

Ip route change-change route

Ip route replace- change or add new one replacement rout

Ip route add TYPE PREFIX via GW [dev IFACE] [src SOURCE_IP]

Src is the ip of your network card. It is necessary to specify src only if your network card has more than one ip set. For example, if you configure a network card with three ip,src, it should be one of the three ip.

[root@yph7 ~] # ip addr add 172.16.10.20 link/ether 00:0c:29:40:7c:a5 brd ff:ff:ff:ff:ff:ff inet 16 dev eth2 add a new IP [root@yph7 ~] # ip addr list dev eth23: eth2: mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:40:7c:a5 brd ff:ff:ff:ff:ff:ff inet 192.168.0.106 scope global eth2 inet 24 brd 192.168.0.255 scope global eth2 inet 172.16.10.20 scope global eth2 inet6 fe80 :: 20c:29ff:fe40:7ca5/64 scope link valid_lft forever preferred_lft forever

Add a new route with the new IP

[root@yph7] # ip route add 192.168.10.0 via 172.16.0.20 dev eth2 src 172.16.10.20 [root@yph7] # ip route list192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.110 192.168.0 metric 24 dev eth2 proto kernel scope link src 192.168.0.106 metric 1 192.168.10.0 metric 24 via 172.16.0.20 dev eth2 src 172.16.10 20 172.16.0.0/16 dev eth2 proto kernel scope link src 172.16.10.20 169.254.0.0/16 dev eth0 scope link metric 1002 default via 192.168.0.1 dev eth0 proto static

Add a default route:

[root@yph7 ~] # ip route add default via 172.16.0.10 dev eth2 src 172.16.10.20 [root@yph7 ~] # ip route list via 172.16.0.10default dev eth2 src 172.16.10.20

The first time I misspelled the prompt "RTNETLINK answers: Network is unreachable", then I found that I misspelled eth2 as eth0.

Ip route del TYPE PRIFIX delete route

[root@yph7 ~] # ip route del default [root@yph7 ~] # ip route del 192.168.0 dev eth0 24 dev eth0 [root@yph7 ~] # ip route del 192.168.10 0 metric 24 delete three routes in a row [root@yph7 ~] # ip route list192.168.0.0/24 dev eth2 proto kernel scope link src 192.168.0.106 metric 1 172.16.0 Accord 16 dev eth2 proto kernel scope link src 172.16.10.20 169. 254.0.0/16 dev eth0 scope link metric 1002

Ip route show -, which shows the route. You can specify via, src, etc.

[root@yph7 ~] # ip route show src 172.16.10.20172.16.0.0Universe 16 dev eth2 proto kernel scope link

Ip route flush-flush routing tables clears a certain type of route

[root@yph7] # ip route flush 169swap 8-delete all 169network segments But it may not be possible to delete the route created by the system [root@yph7 ~] # ip route list192.168.0.0/24 dev eth2 proto kernel scope link src 192.168.0.106 metric 1 172.16.0.0 metric 16 dev eth2 proto kernel scope link src 172.16.10.20 169.254.0.0 dev eth2 src 16 dev eth0 scope link metric 1002 default via 172.16.0.10 dev eth2 src 172.16.10.20 [root@yph7 ~] # ip route flush 169.254Universe 16 -make the scope more accurate on the basis of the above If you find out, you can delete [root@yph7 ~] # ip route list192.168.0.0/24 dev eth2 proto kernel scope link src 192.168.0.106 metric 1 172.16.0.0Accord 16 dev eth2 proto kernel scope link src 172.16.10.20 default via 172.16.0.10 dev eth2 src 172.16.10.20

Ip route get-get a single route to view a single route

Ip route get TYPE PRIFIX

[root@yph7 ~] # ip route get 192.168.0.0/24broadcast 192.168.0.0 dev eth0 src 192.168.0.110 cache mtu 1500 advmss 1460 hoplimit 64

Ss command: a tool that displays socket and is designed to love netstat only.

Ss [options] [FILTER]

Options:

-related connections of t:TCP protocol

-u:UDP related connections

-w:raw socket related connections

-l: connection for listening statu

-a: connections for all statu

-n: numeric format

-p: related programs and their PID

-e: extended format information

Here are two things netstat doesn't have:

-m: memory usage

-o: timer information

[root@yph7] # ss-mState Recv-Q Send-Q Local Address:Port Peer Address:Port ESTAB 0 52 192.168.0.110:ssh 192.168.0.104 mState Recv-Q Send-Q Local Address:Port Peer Address:Port ESTAB 51158 mem: T0) [root@yph7 ~] # ss-oState Recv-Q Send-Q Local Address:Port Peer Address:Port ESTAB 0 52 192.168.0.110:ssh 192.168.0.104 oState Recv-Q Send-Q Local Address:Port Peer Address:Port ESTAB 51158 timer: (on,370ms,0)

FILTER: = [stateTCP-STATE] [EXPRESSION] only look at the links of the relevant status

Common status of TCP:

TCP FSM:

LISTEN: monitoring

ESTABLISEHD: established connection, both parties are on the phone

FIN_WAIT_1: one party is breaking up, waiting for a response.

FIN_WAIT_2: split as soon as possible, promise to break up

SYN_SENT:

SYN_RECV:

CLOSED:

[root@yph7 ~] # ss-tan state CLOSED does not have a process Recv-Q Send-Q Local Address:Port Peer Address:Port in this state

[root@yph7 ~] # ss-tan state ESTABLISHEDRecv-Q Send-Q Local Address:Port Peer Address:Port 0 52 192.168.0.110 purl 22 192.168.0.104 purl 51158

EXPRESSION:

Dport = destination port

Sport = source port

For example:'(dport =: 22or sport =: 22) 'show both the source port and the destination port of port 22.

[root@yph7 ~] # ss-tan state ESTABLISHED'(dport =: 22 or sport =: 22) 'Recv-Q Send-Q Local Address:Port Peer Address:Port 0 52 192.168.0.110 tan state ESTABLISHED 22 192.168.0.104 tan state ESTABLISHED 51158 [root@yph7] # ss-tan' (dport =: 22 or sport =: 22 ) 'State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128: 22: * LISTEN 0 128 *: 22 *: * ESTAB 0 52 192.168.0.110 ESTAB 22 192.168.0.104:51158

Configuration file:

The configuration files for attributes such as IP/NETMASK/GW/DNS are:

/ etc/sysconfig/network-scripts/ifcfg-IFACE

For example: / etc/sysconfig/network-scripts/ifcfg-eno16777736

/ etc/sysconfig/network-scripts/ifcfg-eth0

The routing properties profile is:

/ etc/sysconfig/network-scripts/route-IFACE

Modification of the configuration file:

1. Modify directly through vim and other text editors

2. Use the command to modify

CentOS 6:system-config-network or setup

CentOS 7: nmtui

Ifcfg-IFACE profile parameters:

DEVICE: the name of the device corresponding to this profile

ONBOOT: whether to activate this interface during system boot

UUID: unique identification of this device

IPV6INIT: whether to initialize IPv6

BOOTPROTO: what protocol is used to configure interface properties (ip) when activating this interface? commonly used are dhcp, bootp, static, none (static in fact)

TYPE: interface type. Common ones are Ethernet and Bridge.

DNS1: the first DNS server points to

DNS2: the alternate DNS server points to

DOMAIN:DNS search domain

IPADDR: IP address

NETMASK: subnet mask; CentOS 7 supports the use of PREFIX to specify the subnet mask (PREFIX=16) in length

GATEWAY: default gateway

USERCTL: whether to allow ordinary users to control this device

PEERDNS: if the value of BOOTPROTO is "dhcp", whether to allow the dns server assigned by dhcpserver to point to the manually specified DNS server locally; default is yes

HWADDR: the MAC address of the device; this does not need to be configured because it is included with the network card

NM_CONTROLLED: whether to use NetworkManager service to control the interface; for centos6, no;centos7 is yes

Manual configuration file (centos6) for eth2:

[root@yph7 network-scripts] # cp ifcfg-eth0 ifcfg-eth2 [root@yph7 network-scripts] # vim ifcfg-eth2 [root@yph7 network-scripts] # cat ifcfg-eth2DEVICE= "eth2" BOOTPROTO= "none" NM_CONTROLLED= "no" ONBOOT= "yes" TYPE= "Ethernet" IPADDR=10.100.100.10NETMASK=255.0.0.0

[root@yph7 network-scripts] # service network restart-restart the network card [root@yph7 network-scripts] # ip addr list dev eth2-found that the configuration just now should take effect. 3: eth2: mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:40:7c:a5 brd ff:ff:ff:ff:ff:ff inet 10.100.100.10 scope global eth2 8 brd 10.255.255.255 Inet6 fe80::20c:29ff:fe40:7ca5/64 scope link valid_lft forever preferred_lft forever

For eno33554984 profile (centos7):

Copy it from eno16777737 and edit it to the following style

NAME= "eno33554984" DEVICE= "eno33554984" ONBOOT=yesNETBOOT=yesIPV6INIT=noBOOTPROTO=noneTYPE=EthernetDEFROUTE=yesIPADDR=172.10.100.10PREFIX=24

Network Services:

Network and NetworkManager

It is best to use network in centos6

NetworkManager for centos7

Manage network services:

CentOS 6: service SERVICE {start | stop | restart | status (View status)}

CentOS 7:systemctl {start | stop | restart | status} SERVICE [.service]

After the configuration file is modified, you need to restart the network service for the configuration file to take effect.

CentOS 6:# service network restart

CentOS 7:# systemctl restart network.service

In fact, centos7 can also be used in the same way as 6, but not very formal.

Configure a non-default gateway route: / etc/sysconfig/network-scripts/route-IFACE

Two configuration modes are supported, but they cannot be mixed

(1) one route entry per line:

TARGET via GW

(2) one route entry for every three lines: (# indicates group number)

ADDRESS#=TARGET

NETMASK#=MASK

GATEWAY#=NEXTHOP

Configure a route file for eno33554984:

[root@yph7 network-scripts] # vim route-eno33554984

[root@yph7 network-scripts] # cat route-eno33554984

10.0.0.0/8 via 192.168.0.1

Or in the following format:

ADDRESS0=20.0.0.0

NETMASK0=255.0.0.0

GATEWAY0=192.168.10.2

Configure the interface with multiple addresses:

In addition to ip addr, ifconfig or configuration files can

(1) configure multiple ip with ifconfig or ip addr

[root@yph7 network-scripts] # ifconfig eth2:0 192.168.0.10

(2) add a configuration file for the Nic alias

Based on the creation of the configuration file mentioned above, you only need to modify two items:

DEVICE= "eth2:0"

IPADDR=

Note: BOOTPROTO: online aliases do not support dynamic address acquisition; only static and none are supported.

Another command for ip configuration on nmcli:centos7:

Nmcli [OPTIONS] OBJECT {COMMAND | help}

Device-show andmanage network interfaces views and manages network interfaces

COMMAND = {status | show | connect | disconnect | delete | wifi | wimax}

[root@yph7] # nmcli device showGENERAL. Equipment: eno16777736GENERAL. Type: ethernetGENERAL. Hard disk: 00:0C:29:90:FA:11GENERAL.MTU: 1500GENERAL. Status: 100th GENERAL.CONNECTION: wired connection 1GENERAL.CON-PATH: / org/freedesktop/NetworkManager/ActiveConnection/0WIRED-PROPERTIES. Container: open IP4. Address: 192.168.0.111/24IP4. Gateway: 192.168.0.1IP4.DNS [1]: 211.140.197.58IP4.DNS [2]: 211.137.32.178IP6. Address: fe80::20c:29ff:fe90:fa11/64IP6. Gateway: fe80::512c:9097:f2a8:42f5 [root@yph7 ~] # nmcli device status device type status CONNECTION eno16777736 ethernet connection wired connection 1 eno33554984 ethernet connection eno33554984 lo loopback unmanaged--

[root@yph7 ~] # nmcli device disconnect eno33554984Device 'eno33554984' successfully disconnected. [root@yph7 ~] # nmcli device status device type status CONNECTION eno16777736 ethernet connection wired connection 1 eno33554984 ethernet disconnected-- lo loopback unmanaged--

Connection-start, stop, and manage network connections enable, disable, and manage network connections

COMMAND = {show | up | down | add | edit | modify | delete | reload | load}

[root@yph7 network-scripts] # nmcli conn down eno33554984 [root@yph7 network-scripts] # nmcli conn up eno33554984 [root@yph7 network-scripts] # nmcli conn show

How to modify attributes such as IP address:

# nmcli conn modify IFACE [+ | -] setting.property value

The following attributes are supported by modify:

Ipv4.address

Ipv4.gateway

Ipv4.dns1

Ipv4.method

Manual

This command is immature. After adding an address, down will not take effect until up.

[root@yph7 network-scripts] # nmcli conn modify eno33554984 + ipv4.address 192.168.200.10 nmcli conn show 24 [root@yph7 network-scripts] # nmcli conn down eno33554984 [root@yph7 network-scripts] # nmcli conn up eno33554984 [root@yph7 network-scripts] # nmcli conn show [root@yph7 network-scripts] # nmcli conn modify eno33554984-ipv4.address 192.168.200.10 ipv4.address 24 [root@yph7 network-scripts] # nmcli conn down eno33554984 [root@yph7 network-scripts] # nmcli conn up eno33554984 [root@yph7 network-scripts] # nmcli conn show

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.