CentOS 6 网卡名称
Centos6网卡接口命名方式:
- 以太网:eth[0, 1, 2, ...]
- PPP:ppp[0, 1, 2, …]
网络接口识别并命名相关的udev配置文件: /etc/udev/rules.d/70-persistent-net.rules
此文件主要是记录网卡的信息,这个文件在虚拟机克隆的时候比较有用处,一般说来,虚拟机克隆,相应也会把网卡物理地址克隆过来,所以需要到这个文件里把相应的网卡记录删除,然后重启,或者重新加载网卡驱动
cat /etc/udev/rules.d/70-persistent-net.rules
# This file was automatically generated by the /lib/udev/write_net_rules
# program, run by the persistent-net-generator.rules rules file.
#
# You can modify it, as long as you keep each rule on a single
# line, and change only the value of the NAME= key.
# PCI device 0x8086:0x100f (e1000)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0c:29:ae:f9:a9", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0"
# PCI device 0x8086:0x100f (e1000)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0c:29:ae:f9:b3", ATTR{type}=="1", KERNEL=="eth*", NAME="eth1"查看网卡信息
[root@Centos6 ~]# dmesg |grep -i eth
e1000 0000:02:01.0: eth0: (PCI:66MHz:32-bit) 00:0c:29:ae:f9:a9
e1000 0000:02:01.0: eth0: Intel(R) PRO/1000 Network Connection
e1000 0000:02:04.0: eth1: (PCI:66MHz:32-bit) 00:0c:29:ae:f9:b3
e1000 0000:02:04.0: eth1: Intel(R) PRO/1000 Network Connection
e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
eth0: no IPv6 routers present
e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
ADDRCONF(NETDEV_UP): eth0: link is not ready
ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready
eth0: no IPv6 routers present
e1000 0000:02:01.0: eth0: (PCI:66MHz:32-bit) 00:0c:29:ae:f9:a9
e1000 0000:02:01.0: eth0: Intel(R) PRO/1000 Network Connection
ADDRCONF(NETDEV_UP): eth0: link is not ready
e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready
e1000 0000:02:04.0: eth1: (PCI:66MHz:32-bit) 00:0c:29:ae:f9:b3
e1000 0000:02:04.0: eth1: Intel(R) PRO/1000 Network Connection
eth0: no IPv6 routers present
[root@Centos6 ~]# ethtool -i eth0
driver: e1000
version: 7.3.21-k8-NAPI
firmware-version:
bus-info: 0000:02:01.0
supports-statistics: yes
supports-test: yes
supports-eeprom-access: yes
supports-register-dump: yes
supports-priv-flags: no卸载网卡驱动
[root@Centos6 ~]# modprobe -r e1000
或
[root@Centos6 ~]# rmmod e1000装载网卡驱动
[root@Centos6 ~]# modprobe e1000网络配置方式
- 静态指定
- ifconfig ,route ,netstat
- ip: object {link, add, route}, ss, tc
- system-config-network-tui, setup
- 配置文件
- 动态分配
- DHCP:Dynamic Host Configuration Protocol
配置网络接口
ifconfig命令
ifconfig [interface]
ifconfig -a
ifconfig IFAC [up|down]
ifconfig interface [aftype] option | address …
ifconfig IFACE IP/netmask [up]
ifconfig IFACE IP net mask NETMASK
注意:立即生效
启用混杂模式:[-] promise
[root@Centos7 ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.17.93 netmask 255.255.254.0 broadcast 10.0.17.255
inet6 fe80::2ac2:85fc:c7a1:ba02 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:03:fc:f1 txqueuelen 1000 (Ethernet)
RX packets 9819 bytes 830422 (810.9 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 75 bytes 13561 (13.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.132 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::41d4:5d69:d41a:6ae6 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:03:fc:fb txqueuelen 1000 (Ethernet)
RX packets 91 bytes 10295 (10.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 33 bytes 5706 (5.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 24 bytes 2808 (2.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 24 bytes 2808 (2.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0配置别名eth1:1 192.168.1.200 netmask 255.255.255.0
[root@Centos7 ~]# ifconfig eth1:1 192.168.1.200 netmask 255.255.255.0
[root@Centos7 ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.17.93 netmask 255.255.254.0 broadcast 10.0.17.255
inet6 fe80::2ac2:85fc:c7a1:ba02 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:03:fc:f1 txqueuelen 1000 (Ethernet)
RX packets 11574 bytes 961152 (938.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 184 bytes 28669 (27.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.132 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::41d4:5d69:d41a:6ae6 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:03:fc:fb txqueuelen 1000 (Ethernet)
RX packets 94 bytes 10752 (10.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 41 bytes 6784 (6.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth1:1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.200 netmask 255.255.255.0 broadcast 192.168.1.255
ether 00:0c:29:03:fc:fb txqueuelen 1000 (Ethernet)
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 28 bytes 3144 (3.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 28 bytes 3144 (3.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0重启服务或执行ifconfig eth1:1 down就可以消除刚配置的别名eth1:1
[root@Centos7 ~]# ifconfig eth1:1 down
[root@Centos7 ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.17.93 netmask 255.255.254.0 broadcast 10.0.17.255
inet6 fe80::2ac2:85fc:c7a1:ba02 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:03:fc:f1 txqueuelen 1000 (Ethernet)
RX packets 12327 bytes 1022949 (998.9 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 276 bytes 42737 (41.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.132 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::41d4:5d69:d41a:6ae6 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:03:fc:fb txqueuelen 1000 (Ethernet)
RX packets 95 bytes 10854 (10.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 42 bytes 6907 (6.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 28 bytes 3144 (3.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 28 bytes 3144 (3.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0route命令
route:路由管理命令
查看:route -n
添加:route add
route add [-net | -host] target [netmask Nm] [gw GW] [[dev] IF]
例如:
目标:192.168.100.1 网关是192.168.1.1
[root@Centos7 ~]# route add -host 192.168.100.1 gw 192.168.1.1 dev eth1删除
[root@Centos7 ~]# route del -host 192.168.100.1目标:192.168.0.0 网关:192.168.1.1
[root@Centos7 ~]# route add -net 192.168.0.0 netmask 255.255.255.0 gw 192.168.1.1 dev eth1删除
[root@Centos7 ~]# route del -net 192.168.0.0 netmask 255.255.255.0默认路由,网关:192.168.1.1
[root@Centos7 ~]# route add -net 0.0.0.0 netmask 0.0.0.0 gw 192.168.1.1 dev eth1
或
[root@Centos7 ~]# route add default gw 192.168.1.1 eth1删除
[root@Centos7 ~]# route del default gw 192.168.1.1netstat命令
netstat 显示网络连接
netstat [--tcp|-t] [--udp|-u] [--raw|-w] [--listening|-l] [--all|-a] [--numeric|-n] [--extend|-e [--extend|-e]] [--program|-p]
- -t:tcp协议相关
- -u:udp协议相关
- -w:raw socke相关
- -l:处于监听状态
- -a:所有状态
- -n:以数字显示IP或端口
- -e:扩展格式
- -p:显示相关进程及PID
常用组合: - -tan
- -uan
- -tnl
- -unl
显示路由表:
netstat {--route|-r} [--numric|-n] - -r:显示内核路由表
- -n:数字格式
显示接口统计数据:
netstat {--interfaces|-I|-i} [iface] [--all|-a] [--extend|-e] [--program|-p] [--numeric|-n][root@Centos7 ~]# netstat -i Kernel Interface table Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg eth0 1500 21895 0 0 0 1043 0 0 0 BMRU eth1 1500 142 0 0 0 48 0 0 0 BMRU lo 65536 28 0 0 0 28 0 0 0 LRU
root@Centos7 ~]# netstat -I=eth1
Kernel Interface table
Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth1 1500 142 0 0 0 48 0 0 0 BMRU
[root@Centos7 ~]# ifconfig -s eth1
Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth1 1500 142 0 0 0 48 0 0 0 BMRU
[root@Centos7 ~]# ifconfig -s
Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0 1500 22346 0 0 0 1163 0 0 0 BMRU
eth1 1500 143 0 0 0 48 0 0 0 BMRU
lo 65536 28 0 0 0 28 0 0 0 LRU
ip命令
ip命令:配置Linux网络属性
* ip - show / manipulate routing, devices, policy routing and tunnels
* ip [OPTIONS] OBJECT {COMMAND | help}
* OBJECT := {link|addr|route}
* ip link - network device configuration
* set dev IFACE
* 可设置属性:
* up and down:激活禁用指定接口
* ifup/ifdown
* show [dev IFACE]:指定接口
* [up]:仅显示处于激活状态的接口
* ip adds {add|del} IFADDR dev STRING
* [label|LABEL]:添加地址时指明网卡别名
* [scope {global|link|host}]:指明作用域
* global:全局可用
* link:仅链路链接可用
* 本机可用
* [broadcast ADDRESS]:指明广播地址
* ip address show - look at protocol address
* [dev DEVICE]
* [lable PATTERN]
* [primary and secondary]
* ip adds flush:清除协议地址;使用格式同show
例如:[root@Centos7 ~]# ip addr add 192.168.1.100 dev eth1 label eth1:1
[root@Centos7 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:03:fc:f1 brd ff:ff:ff:ff:ff:ff
inet 10.0.17.93/23 brd 10.0.17.255 scope global dynamic eth0
valid_lft 534264sec preferred_lft 534264sec
inet6 fe80::2ac2:85fc:c7a1:ba02/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:03:fc:fb brd ff:ff:ff:ff:ff:ff
inet 192.168.1.132/24 brd 192.168.1.255 scope global dynamic eth1
valid_lft 1575sec preferred_lft 1575sec
inet 192.168.1.100/32 scope global eth1:1
valid_lft forever preferred_lft forever
inet6 fe80::41d4:5d69:d41a:6ae6/64 scope link
valid_lft forever preferred_lft forever
[root@Centos7 ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.17.93 netmask 255.255.254.0 broadcast 10.0.17.255
inet6 fe80::2ac2:85fc:c7a1:ba02 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:03:fc:f1 txqueuelen 1000 (Ethernet)
RX packets 26277 bytes 2124374 (2.0 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1261 bytes 192229 (187.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.132 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::41d4:5d69:d41a:6ae6 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:03:fc:fb txqueuelen 1000 (Ethernet)
RX packets 156 bytes 18707 (18.2 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 58 bytes 9593 (9.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth1:1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.100 netmask 255.255.255.255 broadcast 0.0.0.0
ether 00:0c:29:03:fc:fb txqueuelen 1000 (Ethernet)
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 28 bytes 3144 (3.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 28 bytes 3144 (3.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@Centos7 ~]# ip del add 192.168.1.100 dev eth1 label eth1:1
Object "del" is unknown, try "ip help".
[root@Centos7 ~]# ip addr del 192.168.1.100 dev eth1 label eth1:1
Warning: Executing wildcard deletion to stay compatible with old scripts.
Explicitly specify the prefix length (192.168.1.100/32) to avoid this warning.
This special behaviour is likely to disappear in further releases,
fix your scripts!
[root@Centos7 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:03:fc:f1 brd ff:ff:ff:ff:ff:ff
inet 10.0.17.93/23 brd 10.0.17.255 scope global dynamic eth0
valid_lft 534151sec preferred_lft 534151sec
inet6 fe80::2ac2:85fc:c7a1:ba02/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:03:fc:fb brd ff:ff:ff:ff:ff:ff
inet 192.168.1.132/24 brd 192.168.1.255 scope global dynamic eth1
valid_lft 1462sec preferred_lft 1462sec
inet6 fe80::41d4:5d69:d41a:6ae6/64 scope link
valid_lft forever preferred_lft forever
[root@Centos7 ~]# ip addr flush dev eth1 label eth1:1
[root@Centos7 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:03:fc:f1 brd ff:ff:ff:ff:ff:ff
inet 10.0.17.93/23 brd 10.0.17.255 scope global dynamic eth0
valid_lft 534135sec preferred_lft 534135sec
inet6 fe80::2ac2:85fc:c7a1:ba02/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:03:fc:fb brd ff:ff:ff:ff:ff:ff
inet 192.168.1.132/24 brd 192.168.1.255 scope global dynamic eth1
valid_lft 1446sec preferred_lft 1446sec
inet6 fe80::41d4:5d69:d41a:6ae6/64 scope link
valid_lft forever preferred_lft forever
* ip route - routing table management
* 添加路由:ip route add
* ip route add TARGET via GW dev IFACE src SOURCE_IP
* TARGET:
* 主机路由:IP
* ip route add 192.168.0.11 via 192.168.1.1 dev eth1
* 网络路由:NETWORK/MASK
* ip route add 192.168.2.0/24 via 192.168.1.1 dev eth1
* 默认网关:
* ip route add default via 192.168.1.1
* 删除路由:ip route del TARGET
* 删除主机路由:ip route del 192.168.0.11
* 删除网络路由:ip route del 192.168.2.0/24
* 删除默认路由:ip route del default via 192.168.1.1
* 显示路由:ip route show | list
* 清空路由表:ip route flush dev IFACE [via PREFIX]
* ip route flush dev eth1 (清空所有eth1上的路由表)如果不加
ss命令
* 格式:ss [OPTION]… [FILTER]
* netstat通过比那里proc来获取socket信息,ss使用netlink与内核tcp_diag模块通信获取socket信息
* 选项
* -t:tcp协议相关
* -u:udp协议相关
* -w:裸套接字相关
* -x:unix sock相关
* -l:listen状态的链接
* -a:所有
* -n:数字格式
* -p:相关的程序及PID
* -e:扩展的信息
* -m:内存用量
* -o:计时器信息
* FILTER:[state TCP-STATE] [EXPRESSION]
* TCP的常见状态:
* tcp finite state machine:
* LISTEN:监听
* ESTABLISHED:已建立的链接
* FIN_WAIT_1
* FIN_WAIT_2
* SYN_SENT
* SYN_RECV
* CLOSED
* EXPRESSION:
* dport=
* sport=
* 常用组合:
* -tan , -tanl, -tanlp , -uan
常见用法
* ss -l 显示本地打开的所有端口
* ss -pl 显示每个进程具体打开的socket
* ss -t -a 显示所有TCP socket
* ss -u -a显示所有的UDP socket
* ss -o state established ‘( dport = :ssh or sport = :ssh )’ 显示所有已建立的ssh连接
* ss -o state established ‘( sport = :http or sport = :http )’ 显示所有已建立的HTTP连接
* ss -s 列出当前socket详细信息
**网络配置文件**
* IP、MASK、GW、DNS相关配置文件:/etc/sysconfig/network-scripts/ifcfg-IFACE
* 路由相关的配置文件:/etc/sysconfig/network-scriptes/route-IFACE
* /etc/sysconfig/network-scripts/ifcfg-IFACE:
* DEVICE:此配置文件应用到的设备
* HWADDR:对应的设备的MAC地址
* BOOTRPROTO:激活此设备时使用的地址配置协议,常用的dhcp,static,none,bootp
* NM_CONTROLLED:NM时NetworkManager的缩写,此网卡是否接受NM控制;建议Centos6为“no”
* ONBOOT:在系统引导时是否激活此设备
* TYEP:接口类型;常见的有Ethernet,Bridge
* UUID:设备的惟一标识
* IPADDR:指明IP地址
* NETMASK:子网掩码
* GATEWAY:默认网关
* DNS1:第一个DNS服务器指向
* DNS2:第二个DNS服务器指向
* USERCTL:普通用户是否可控制此设备
* REEPDNS:如果BOOTPROTO的值为“dhcp”,YES将允许dhcp server分配的DNS服务器信息直接覆盖至/etc/resolv.conf文件,NO不允许修改/etc/resolv.conf
* 设备配置被保存在文本文件中
* /etc/sysconfig/network-scripts/ifcfg-<name>
* 帮助文档列出完整选项列表:/usr/share/doc/initcripts-*/sysconfig.txt
**nmcli命令**
* 地址配置工具:nmcli
* nmcli [OPTIONS] OBJECT {COMMAND | help }
* device - show and manage network interfaces
* nmcli device help
* connection - start, stop, and manage network connections
* nmcli connection help
* 修改IP地址等属性:
* nmcli connection modify IFACE [+|-] setting.property value
* setting property:
* ipv4.address
* ipv4.geteway
* ipv4.dns1
* ipv4.method manual | auto
* 修改配置文件执行生效:systemctl restart network | nmcli con reload
* nmcli 命令生效:nmcli con down eth0;nmcli con up eth0
* NetworkManager 是管理和监控网络设置的守护进程
* 设备即网络接口,连接是对网络接口的配置,一个网络接口可有多个连接配置,但同时只有一个连接配置生效
* 显示所有包括不活动的连接
* nmcli con show
* 显示所有活动连接
* nmcli con show —active
* 显示网络连接配置
* nmcli con show “System eth0"
* 显示设备状态
* nmcli dev status
* 显示网络接口属性
* nmcli dev show eth0
* 创建新连接default,IP自动通过dhcp获取
* nmcli con add con-name default type Ethernet ifname eth0
* 删除连接
* nmcli con del default
* 创建新连接static,指定静态IP,不自动连接
* nmcli con add con-name static ifname eth0 autoconnect no type ethernet ipv4.address 192.168.x.10/24 ipv4.gateway 192.168.x.254
使用nmcli配置网络
* 启动static连接配置
* nmcli con up static
* 启动default连接配置
* nmcli con up default
* 查看帮助
* nmcli con add help
* 修改连接设置
* nmcli con mod “static” connection.autoconnect no
* nmcli con mod “static” ipv4.dns 192.168.x.254
* nmcli con mod “static” +ipv4.dns 8.8.8.8
* nmcli con mod “static” -ipv4.dns 8.8.8.8
* nmcli con mod “static” ipv4.address “192.168.x.10/24 192.168.x.254"
* nmcli con mod “static” +ipv4.address 10.10.10.10/14
* DNS设置,存放在/etc/resolv.conf文件中
* PEERDNS=no表示当IP通过dhcp自动获取时,dns仍是手动设置,不自动获取
* 等价下面的命令:
* nmcli con mod “System eth0” ipv4.ignore-auto-dns yes
* 修改配置连接后,需要重新加载配置
* nmcli con reload
* nmcli con down “System eth0” 可被自动激活
* nmcli con up “System eth0”
* nmcli dev dis eth0 禁用网卡,防止被自动激活
* 图形工具
* nm-connection-editor
* 字符工具
* nmtui
* nmtui-connect
* nmtui-edit
* nmtui-hostname
**nmcli实现bonding **
bonding的作用:
可将多块网卡绑定同一个IP地址对外提供服务;可实现高可用或者负载均衡
* 添加bonding接口
* nmcli con add con-name mybond0 type bond ifname bond0 mode active-backup
* 添加从属接口
* nmcli con add type bond-slave ifname ens33 master bond0
* nmcli con add type bond-slave ifname ens34 master bond0
* 注意:无需为从属接口提供连接名,则该名称是接口名称加类型构成
* 要启动绑定,则必须首先启动从属接口
* nmcli con up bond-slave-ens33
* nmcli con up bond-slave-ens34
* 启动绑定
* nmcli con up mybond0
* 配置IP地址
* nmcli con mod mybond0 ipv4.address 192.168.1.x/24 ipv4.gateway 192.168.1.254 ipv4.method manual
* 查看bonding状态
* cat /proc/net/bonding/bond0
* 删除bonding绑定
* 关闭bonding
* nmcli con down mybond0
* 删除bonding
* nmcli con delete mybond0
* 删除从属接口
* nmcli con delete bond-slave-ens33
* nmcli con delete bond-slave-ens34
**网络组Network Teaming**
网络组:是将多个网卡聚合在一起,从而实现容错和提高吞吐量
网络组不同于旧版中bonding技术,提供更好的性能和扩展性
网络组由内核驱动和teamd守护进程实现
runner多种方式:broadcast, roundrobin, activebackup, loadbalance, lacp
网络组
* 启动网络组接口不会自动启动网络组中的port接口
* 启动网络组接口中的port接口总会自动启动网络组接口
* 禁用网络组接口会自动禁用网络组中的port接口
* 没有port接口的网络组接口可以启动静态IP连接
* 启用DHCP连接时,没有port接口的网络组会等待port接口的加入
创建网络组接口
* nmcli con add con-name CNAME type team ifname IFNAME [config JSON]
* CNAME:连接名
* IFNAME:接口名
* JSON指定runner方式
* 格式:’{“runner”:{“name”:”METHOD}}'
* METHOD
* broadcast
* roundrobin
* activebackup
* loadbalance
* lacp
创建port接口
* nmcli con add con-name CNAME type team-slave ifname IFNAME master TEAM
* CNAME:连接名
* IFNAME:网络接口名
* TEAM:网络组接口名
* 连接名若不指定,默认为team-slave-IFACE
* nmcli dev dis IFNAME
* nmcli con up CNAME
* IFNAME:设备名
* CNAME:网络组接口名或port接口
网络组示例:
* nmcli con add con-name myteam0 type team ifname team0 config ‘{“runner”:{“name”:”loadbalance"}}’ ipv4.address 192.168.1.100/24 ipv4.method manual
* nmcli con add con-name team0-eth1 type team-slave ifname eth1 master team0
* nmcli con add con-name team0-eth2 type team-slave ifname eth1 master team0
* nmcli con up myteam0
* nmcli con up team0-eth1
* nmcli con up team0-eth2
* teamdctl team0 state
* nmcli dev dis eth1
删除网络组
* nmcli con down team0
* teamdctl team0 state
* nmcli con show
* nmcli con del team0-eth0
* nmcli con del team0-eth1
* nmcli con show