Linux网络配置
一、网络地址计算:
二进制转换;
查看是否为同一个网段,需要根据ip地址和掩码一起决定。 二进制转换这里不做说明
根据ip和掩码来区分,如10.0.7.10/20和10.0.14.11/20是同一个网段,但是10.0.7.10/21和10.0.14.11/21就是不同网段
二、管理以太网连接
网络接口有序的命令为:eth0,eth1,等
。可以给一个设备作为别名配置多个地址
。别名以eth0:1,eth0:2,等命令.
。别名可以看成子接口
使用ifcofnig [ethX]查看接口配置 ;lo逻辑接口,只在自己电脑有效。
使用ifup ethX启动接口
使用ifdown ethX禁用接口
网络配置文件其他全局网络设置
全局设置/etc/sysconfig/network
。很多参数可以由DHCP提供
。GATEWAY可以被ifcfg配置文件取代
NETWORKING=yes HOSTNAME=service1.example.com GATEWAY=192.168.2.254
虚拟机1:
[ ~]# ip route show //查看本机ip列表 192.168.6.0/24 dev eth0 proto kernel scope link src 192.168.6.128 169.254.0.0/16 dev eth0 scope link metric 1002 default via 192.168.6.2 dev eth0 [ ~]# ip addr add 10.0.7.10/10 dev eth0:testing 添加ip地址到网卡 [ ~]# ip route show //查看ip列表 192.168.6.0/24 dev eth0 proto kernel scope link src 192.168.6.128 169.254.0.0/16 dev eth0 scope link metric 1002 10.0.0.0/10 dev eth0 proto kernel scope link src 10.0.7.10 default via 192.168.6.2 dev eth0
虚拟机2:
[ ~]# ip route show 192.168.6.0/24 dev eth0 proto kernel scope link src 192.168.6.129 169.254.0.0/16 dev eth0 scope link metric 1002 default via 192.168.6.2 dev eth0 [ ~]# ip addr del 10.0.0.128/24 dev eth0 //删除网卡 RTNETLINK answers: Cannot assign requested address [ ~]# ip addr add 10.0.14.11/20 dev eth0:testing //添加网卡 [ ~]# ping 10.0.14.11 -c2 //ping两次包 PING 10.0.14.11 (10.0.14.11) 56(84) bytes of data. 64 bytes from 10.0.14.11: icmp_seq=1 ttl=64 time=0.030 ms 64 bytes from 10.0.14.11: icmp_seq=2 ttl=64 time=0.036 ms --- 10.0.14.11 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1000ms rtt min/avg/max/mdev = 0.030/0.033/0.036/0.003 ms [ ~]# ping 10.0.7.10 -c2 PING 10.0.7.10 (10.0.7.10) 56(84) bytes of data. 64 bytes from 10.0.7.10: icmp_seq=1 ttl=64 time=0.781 ms 64 bytes from 10.0.7.10: icmp_seq=2 ttl=64 time=0.456 ms --- 10.0.7.10 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1000ms rtt min/avg/max/mdev = 0.456/0.618/0.781/0.164 ms [ ~]# ip addr del 10.0.14.11/20 dev eth0:testing [ ~]# ip addr add 10.0.14.11/21 dev eth0:testing [ ~]# ip route 192.168.6.0/24 dev eth0 proto kernel scope link src 192.168.6.129 10.0.8.0/21 dev eth0 proto kernel scope link src 10.0.14.11 169.254.0.0/16 dev eth0 scope link metric 1002 default via 192.168.6.2 dev eth0 [ ~]# ping 10.0.0.7 -c2 PING 10.0.0.7 (10.0.0.7) 56(84) bytes of data. ^C --- 10.0.0.7 ping statistics --- 2 packets transmitted, 0 received, 100% packet loss, time 2008ms
使用别名的方式配置网络:[ ~]# ifconfig eth0:tech 10.0.0.128/24 [ ~]# ifconfig eth0 Link encap:Ethernet HWaddr 00:0C:29:20:00:C1 inet addr:192.168.6.128 Bcast:192.168.6.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fe20:c1/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:48162 errors:0 dropped:0 overruns:0 frame:0 TX packets:1750 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:2954753 (2.8 MiB) TX bytes:124210 (121.2 KiB) eth0:tech Link encap:Ethernet HWaddr 00:0C:29:20:00:C1 inet addr:10.0.0.128 Bcast:10.0.0.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
使用ip link排查网络
#ip link help
#ip link show查看端口是否插入网线:
[ ~]# ip link show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:20:00:c1 brd ff:ff:ff:ff:ff:ff
#ip addr help
#ip add show
[ ~]# ip addr show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:20:00:c1 brd ff:ff:ff:ff:ff:ff inet 192.168.6.128/24 brd 192.168.6.255 scope global eth0 inet 10.0.7.10/10 scope global eth0 inet 10.0.0.128/24 brd 10.0.0.255 scope global eth0:tech inet6 fe80::20c:29ff:fe20:c1/64 scope link valid_lft forever preferred_lft forever [ ~]# ip addr del 10.0.7.10/10 dev eth0 [ ~]# ip addr show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:20:00:c1 brd ff:ff:ff:ff:ff:ff inet 192.168.6.128/24 brd 192.168.6.255 scope global eth0 inet 10.0.0.128/24 brd 10.0.0.255 scope global eth0:tech inet6 fe80::20c:29ff:fe20:c1/64 scope link valid_lft forever preferred_lft forever [ ~]# ip del 10.0.0.128/24 dev eth0 Object "del" is unknown, try "ip help". [ ~]# ip addr del 10.0.0.128/24 dev eth0
选择别名的方式通过ifconfig是看不了ip addr配置网络信息的。
ifconfig配置的方式可以通过ifconfig命令看到
以上配置方式均为临时配置方式。如果需要永久生效可以通过【图形网络配置system-config-network】配置
系统->管理->网络
。激活/禁用接口
。设置IP地址/DHCP
。修改DNS配置
。修改网关地址
网络配置文件以太网设备
设备配置以文本文件保存/etc/sysconfig/network-scripts/ifcfg-ethX
所有的选项列在/usr/share/doc/initscripts-*/sysconfig.txt
BOOTPROTO是DHCP的引导协议
重启网络:
[ ~]# /etc/init.d/network restart 正在关闭接口 eth0: [确定] 关闭环回接口: [确定] 弹出环回接口: [确定] 弹出界面 eth0: [确定]
网络配置文件其他全局网络设置
全局设置/etc/sysconfig/network配置网关
。很多参数可以由DHCP提供
。GATEWAY可以被ifcfg配置文件取代
NETWORKING=yes
HOSTNAME=server1.example.com
GATEWAY=192.168.2.254
网关:
[ ~]# ip route get 192.14.21.1 //使用ip route get ip地址查找当前服务器配置的缺省网关地址为192.168.6.2 192.14.21.1 via 192.168.6.2 dev eth0 src 192.168.6.128 cache mtu 1500 advmss 1460 hoplimit 64 [ ~]# ip route get 192.14.48.5 192.14.48.5 via 192.168.6.2 dev eth0 src 192.168.6.128 cache mtu 1500 advmss 1460 hoplimit 64
临时改动网关,也就是服务器下一跳地址:
[ ~]# ip route show 192.168.6.0/24 dev eth0 proto kernel scope link src 192.168.6.128 169.254.0.0/16 dev eth0 scope link metric 1002 default via 192.168.6.2 dev eth0 [ ~]# ip route replace default via 192.168.6.254 //替换下一跳网关或者路由 [ ~]# ip route show 192.168.6.0/24 dev eth0 proto kernel scope link src 192.168.6.128 169.254.0.0/16 dev eth0 scope link metric 1002 default via 192.168.6.254 dev eth0
[ ~]# ip route del default //删除默认路由
[ ~]# ip route show
192.168.6.0/24 dev eth0 proto kernel scope link src 192.168.6.128
169.254.0.0/16 dev eth0 scope link metric 1002
[ ~]# ip route add 0.0.0.0/0 via 192.168.6.2 //添加默认路由
[ ~]# ip route show
192.168.6.0/24 dev eth0 proto kernel scope link src 192.168.6.128
169.254.0.0/16 dev eth0 scope link metric 1002
default via 192.168.6.2 dev eth0
网关只有一个。所以不要在ifcfg-ethX中配置GATEWAY,不然不好找到对应的GATEWAY。尽量在全局配置GATEWAY
DNS网络配置文件
。域名服务提供了主机名到网络地址的转换
。服务器地址可以通过DHCP或者/etc/resolv.conf指定
search example.com cracker.org
nameserver 192.168.6.254
nameserver 192.168.6.254
[ ~]# nslookup example.com //解析域名看看对应的IP Server: 192.168.6.2 Address: 192.168.6.2#53 Non-authoritative answer: Name: example.com Address: 93.184.216.34 [ ~]# cat /etc/resolv.conf
[ ~]# cat /etc/services | grep domain
domain 53/tcp # name-domain server
domain 53/udp
domaintime 9909/tcp # domaintime
domaintime 9909/udp # domaintime
DNS查询命令:
host ip方向解析域名
host 域名解析ip