Shulou(Shulou.com)06/02 Report--

1. Basic network knowledge

Ifconfig---- view network configuration, configure network card eth0 information, configure loopback network card lo

Ip a è ifconfig

1.1. Configure the network card

Temporary ifconfig eth0 192.168.115.200 Purple 24

Ifconfig eth0:0192.168.115.201

Ifconfig eth0:1192.168.118.34

Netmask 255.255.255.0

Permanent / etc/sysconfig/network-scripts/ifcfg-eth0

All service network restart network card services are restarted.

Ifdown eth0; ifup eth0 restarts the eth0 service of a network card

Close ifdown eth0

Start ifup eth0

1.3.The CDN content distribution network

Content storage and distribution technology is mainly used to reduce network congestion and improve user access response rate and hit rate.

The system consists of four parts: load balancing, content management, distributed storage, and redefinition of network requests.

Advantages:

A. optimize the network access path B and improve the stability of the access server

C, strong expansibility D, improve security and stability

Features:

A, content distribution: distribute or deliver content to the nearest node server B to the user, content routing

C, content switching D, performance management

1.4 、 DDOS***

Abnormal access *: use a large number of clients to send normal access requests to the server, making it impossible for other businesses to access normally, resulting in network paralysis.

Gateway configuration

2.1.Down firewall, SElinux

A, iptables-nL

Iptables-F

Chkconfig iptables off

B 、 vim/etc/selinux/config

SELINUX=disabled

2.2. Configure four virtual machines

RHEL01, RHEL02, RHEL03, service, turn off the firewall and SElinux, respectively

The first step

Configure Nic information for RHEL01, RHEL02 and RHEL03 respectively:

RHEL01:ip è 192.168.10.8

RHEL02:ip è 192.168.20.8

RHEL03:ip è 192.168.30.8

Step two

Configure service with three network cards: eth0/eth2/eth3, and configure the network card information separately:

View the configured Nic IP

Ip a

Step three

Configure temporary gateways for RHEL01, RHEL02 and RHEL03 respectively:

RHEL01:ip è route add default gw 192.168.10.10

RHEL02:ip è route add default gw 192.168.20.20

RHEL03:ip è route add default gw 192.168.30.30

Enable address forwarding function

Vim / etc/sysctl.conf

Modify net.ipv4.ip_forwall=1

Refresh rule: sysctl-p

Temporarily modify the gateway

Route add default gw IP

Permanently modify the gateway

Vi / etc/sysconfig/network-scripts/ifcfg-eth0

Modify GATEWAY=IP

III. Routing configuration

Using RHEL01 to do experiment

Delete gateway configuration and add temporary routing protocol

Shut down the temporary gateway route del default gw 192.168.10.10

Add temporary route route add-net destination segment / gateway IP used by 24 gw

E.g: route add-net 192.168.30.0 24 gw 192.168.10.10

Permanent profile for rout

/ etc/rc.local

IV. DNS domain name resolution

Command: nslookup queries the correspondence between hostname and IP address

DNS profile:

1 、 / etc/sysconfig/network-scripts/ifcfg-eth0

DNS=

2. There are few

/ etc/resolv.conf

Nameserver IP

Host mapping file: / etc/hosts

E.g: 127.0.0.1 localhost.localdomain localhost

Used to save the mapping record of hostname and IP address, but only local mapping, that is, each machine and its are independent!

Comparison of host mapping file and DNS server:

By default, the system first looks for the parsing record from the hosts file

The current host of the Hosts file detachment is valid

Hosts files can reduce the query process of DNS and speed up access.

V. troubleshooting of network nodes

Traceroute 、 ping 、 arp 、 nmap

5.1 、 traceroute

Number of nodes that have passed to reach the target host

Each time you pass a router, the UDP packet is sent from the source host to the router three times, and the router returns the access time three times in the way of ICMP. Every router is in this mode.

B, *

When * appears in the middle of the return value, it is usually the firewall of the intermediate node that blocks the return value of ICMP

When the return value is * from the middle to the end, the target server usually refuses to accept the UDP packet or the return value of the ICMP with the golden finger

Traceroute displays the path of packets to the host, which is used to track the routing path of network packets

-I (uppercase) reply using ICMP protocol

-p + digitally set the number of UDP transport protocol communications

-n directly use the IP address instead of the hostname

-g set source routing gateways, with a maximum of 8

5.2.The host is detected by Ping

-I interval (seconds)

-c number of packets

-s packet size

5.3.The Arp listens for ARP records on the network

-I (interface) specifies the interface that listens to ARP, and the default interface is eth0

-d Delete an ARP record

-a view all the information

-s IP address, MAC address binding

Nmap network probe scan

-sP detects the surviving hosts in a network segment

-sT detects the open TCP port on a host

-sS is the same as above, but the scanned host records related logs

-O scan operating system type

VI. Special orders

Mounting CD image: mount-o loop-t iso9660 * .iso / medio

Listen for packets from IP1 to IP2: arpspoof-I eth0-t ip1 ip2

VII. Router bridging

Step 1: prepare four virtual machines: RHEL01, RHEL02, RHEL03 and RHEL04, turn off the firewall and SElinux respectively

RHEL01--pc1

RHEL02--pc2

RHEL03--Route 1, add two network cards and rename them eth2 and eth3

RHEL04--Route 2, add two network cards and rename them eth3 and eth4

Step 2:

Configure the network card separately

Pc1--eth0

Pc2--eth3 (the name should be consistent with the host number as far as possible)

Route 1--eth2

Route 1--eth3

Route 2--eth3

Route 2--eth4

Restart the network card service service network restart after configuring all the network cards

Step 3:

Enable the network address forwarding function of R1 and R2 respectively

Method 1: vim / etc/sysctl.conf

Net.ipv4.ip_forward=1 (change the original 0 to 1)

Refresh configuration sysctl-p

Method 2:

Echo 1 > / proc/sys/net/ipv4/ip_forward

Step 4:

Pc1 ping 192.168.30.8

Pc2 ping 192.168.10.8

8. Redhat manually compiles yum source

1. Delete all files in the / etc/yum.repo.d/ directory

Rm-rf / etc/yum.repo.d/*

2. Manually create a configuration file

Vim / etc/yum.repo.d/rhel.repo

Format content:

[rehl-server]

Name=***

Baseurl= file:///mnt

Enable=1

Gpgchack=0

3. Clear the cache of the original yum

Yum clear all

4. Refresh the package list

Yum list

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.