Article Directory
1. View network configuration
1. View network interface information-ifconfig
- The host's network interface card (network card) is usually called "network interface"
- In Linux, use the ifconfig command to view the address configuration information of the network interface
- When the ifconfig command is used without any options and parameters, the information about the network interface that has been started (running) in the current host will be displayed
- View primary network card
- inet: IP address
- netmask: subnet mask
- broadcast: broadcast address
- ether: network card address
- mtu: the maximum transmission unit (the number of bytes is 1500 bytes); each network device has its own mtu, the default is 1500; if the mtu of our device is greater than the network device, the data will be fragmented during transmission Packets, resulting in slower network speed (efficiency); if it is less, the maximum transmission capacity cannot be exerted; the most ideal is that the local and network MTU values are equal (basically the default is 1500)
2. View the host name-hostname
- View (without additional options and parameters) or temporarily set the current host name
hostname [name]
[root@localhost ~]# hostname xcf
[root@localhost ~]# hostname
xcf
[root@localhost ~]# su ##(或bash)启用新的Shell会话
[root@xcf ~]#
- Permanently set the hostname
- hostnamectl set-hostname [hostname]
- vim /etc/hostname (you need to restart the system after setting to take effect)
3. View routing table entries-route
- View or set the routing table information in the host
route [-n]
[root@xcf ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.126.2 0.0.0.0 UG 100 0 0 ens33
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
192.168.126.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
- Destination列对应目标网段的地址
- Gateway列对应下一跳路由器的地址
- Iface列对应发送数据的网络接口
- 目标网段为“0.0.0.0”时表示此行为默认网关记录
- 下一跳是“0.0.0.0”时表示目标网段与本主机直连
4. Check the network connection-netstat
- View the system's network connection status, routing table, interface statistics and other information
netstat [option] - Common options
- -a: Display all active network connections in the current host (including monitoring and non-monitoring service ports)
- -n: Display related host address, port and other information in digital form
- -r: Display routing table information
- -l displays the network connection and port information in the track and field state
- -t: View information about TCP protocol
- -u: display UDP protocol related information
- -p: Display the process number and process name information associated with the network connection (this option requires root privileges)
- Usually use the "-anpt" combination option to display all the TCP connection information in the current system in digital form, and also display the corresponding process information; combined with the pipeline command "grep", you can also filter out the specific records you need in the results
- For example, perform the following operations to check whether there is a service program listening on the "TCP80" port (ie standard FTP service) in this machine. The output information includes the PID number and the process number name
[root@xcf ~]# netstat -anpt | grep ":80"- Scan tcp and udp ports
[root@xcf ~]# netstat -nautp
...略
5. Get socket statistics -ss
- Check the network connection of the system and get socket statistics information
ss [option] - socket: Socket, uplink application process, downlink network protocol stack, it is the interface for application program to communicate through network protocol, it is the interface for application program to interact with network protocol root
- Common options
- -t、-u、-n、-l、-p、-a、-r
- Not much use, interested students can go to inquire and learn more
2. Test the network connection
1. Test network connectivity-ping
- ping [options] target host
- Use the ping command to continuously send test data packets to the target host, and feedback the display results, until you press the "Ctrl+C" key combination to terminate the test and display the final statistical results
- Example: Test the connectivity from this machine to the Baidu website (remember to terminate with Ctrl+C, otherwise it will continue to be displayed)
[root@xcf ~]# ping www.baidu.com
PING www.a.shifen.com (180.101.49.12) 56(84) bytes of data.
64 bytes from 180.101.49.12 (180.101.49.12): icmp_seq=1 ttl=128 time=58.0 ms
64 bytes from 180.101.49.12 (180.101.49.12): icmp_seq=2 ttl=128 time=48.4 ms
64 bytes from 180.101.49.12 (180.101.49.12): icmp_seq=3 ttl=128 time=52.0 ms
64 bytes from 180.101.49.12 (180.101.49.12): icmp_seq=4 ttl=128 time=41.2 ms
64 bytes from 180.101.49.12 (180.101.49.12): icmp_seq=5 ttl=128 time=47.5 ms
^C
--- www.a.shifen.com ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4008ms
rtt min/avg/max/mdev = 41.227/49.484/58.045/5.535 ms
- The following may happen
- "Destination Host Unreacheble" means that the destination host is unreachable, the destination address may not exist or the destination host is closed
- "Netwokr is unreacheable" means that there is no available routing record (such as the default gateway), and the network where the target host is located cannot be reached
- It is also possible that when there are factors in the network that affect the stability of the communication process (such as network card failure, virus or network attack), you will see the feedback result of "Request timeout", indicating that the connection to the destination host has timed out (data packet response is slow or lost)
- It is also possible that the firewall of the target host causes the connection timeout feedback
2. Trace packets-traceroute
- Test which network nodes have passed from the current host to the destination host, and display the connection status of each intermediate node (response time)
- For nodes that cannot be displayed, the connection status will display "*"
- Example: From this host to Baidu, a router 192.168.126.2 needs to be crossed
[root@xcf ~]# traceroute www.baidu.com
traceroute to www.baidu.com (180.101.49.11), 30 hops max, 60 byte packets
1 gateway (192.168.126.2) 0.088 ms 0.037 ms 0.024 ms
- The traceroute command can locate the fault point (interruption point) of the network connection more accurately than the ping command, and the execution of the command will be a little slower than the ping command.
- In the process of network testing and troubleshooting, usually first try the ping command to test the network connection with the destination host. If a fault is found, then use the traceroute command to trace the intermediate node of the fault.
- Also remember to press Ctrl+C to terminate
3.DNS domain name resolution-nslookup
- When the domain name resolution is abnormal, it will no longer be possible to use the domain name to access web sites, email systems and other services on the network
- nslookup is a special tool for testing domain name resolution. When using it, you only need to specify the target domain name to be resolved as a parameter.
nslookup target host address [DNS server address] - Example: After
executing the following command, the nslookup program will submit a query request, asking what is the IP address corresponding to the Baidu site
[root@xcf ~]# nslookup www.baidu.com
Server: 192.168.126.2 ##所使用的的DNS服务器
Address: 192.168.126.2#53 ##DNS的服务器IP地址和端口号
Non-authoritative answer: ##以下为DNS解析的反馈结果
www.baidu.com canonical name = www.a.shifen.com.
Name: www.a.shifen.com
Address: 180.101.49.11
Name: www.a.shifen.com
Address: 180.101.49.12
- If you can successfully feedback the IP address of the domain name to be queried, it means that there is no problem with the domain name resolution. Otherwise, you need to determine the cause of the failure based on the actual feedback.
Three, use network configuration commands
In a Linux host, there are two basic ways to manually modify the network configuration:
- Temporary configuration-use commands to adjust network parameters
- Simple and fast, can directly modify the network parameters in operation
- Generally only suitable for use in the process of debugging the network
- After the system restarts, the changes made will be invalid
- Fixed setting-Modify network parameters through configuration files
- Modify configuration files of various network parameters
- Suitable for use when setting fixed parameters for the server
- Need to reload the network service or restart to take effect
1. Set the network interface parameters-ifconfig
- Set the IP address and subnet mask of the network interface
- ifconfig network interface ip address [netmask subnet mask]
- inconfig network interface ip address[/subnet mask length]
- Usually the latter method is used more. When the subnet mask is not specified, the default subnet mask of the category where the ip address is located will be used
- After specifying a new IP address and subnet mask, the original address will become invalid
- Example:
[root@xcf~]# ifconfig eth0 192.168.168.1/24(或 ifconfig eth0 192.168.168.1 netmask 255.255.255.0)
##将网卡echo的IP地址设置为192.168.168.1,子网掩码长度为24
- Disable (temporarily) or reactivate the network card
- ifconfig network interface up
- ifconfig network interface down
- After the network interface is disabled, the network interface can no longer be used to connect with other hosts
- Set up virtual network interface
- In the process of debugging the server, sometimes it is necessary to temporarily use a new IP address on the same network card, but the original IP address cannot be overwritten and the service program is unavailable.
- Equivalent to configuring multiple IP addresses on a network card
- Format (example): ifconfig network interface: serial number IP address
[root@xcf1 ~]# ifconfig ens33:1 11.11.11.11
[root@xcf1 ~]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.126.3 netmask 255.255.255.0 broadcast 192.168.126.255
inet6 fe80::8559:70c4:715b:a5b5 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:b4:c9:c0 txqueuelen 1000 (Ethernet)
RX packets 1905 bytes 154593 (150.9 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1224 bytes 161199 (157.4 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens33:1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 11.11.11.11 netmask 255.0.0.0 broadcast 11.255.255.255
ether 00:0c:29:b4:c9:c0 txqueuelen 1000 (Ethernet)
2. Set the routing record-route (temporary)
- The route command can be used not only to view routing table information, but also to add or delete static routing paths, including setting the default gateway address (the default gateway record is a special static routing entry)
[root@xcf1 ~]# route ##查看路由信息
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default gateway 0.0.0.0 UG 100 0 0 ens33
11.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 ens33
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
192.168.126.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
- Route records added to the specified network segment
- The IP address of the default gateway should be in the same network segment as the IP address of one of the interfaces of the machine
##格式:
route add -net 网段地址 gw IP地址
##通过“route add”添加路由记录,结合“net”指定目标网段的地址,结合“gw”指定下一跳路由器的IP地址,
##示例:
[root@xcf1 ~]# route add -net 192.168.133.0/24 gw 192.168.122.10 ##添加静态路由,本机访问另一个网段192.168.133.0/24的数据都发给192.168.122.10
[root@xcf1 ~]# route ##确认已添加成功
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default gateway 0.0.0.0 UG 100 0 0 ens33
11.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 ens33
11.0.0.0 0.0.0.0 255.0.0.0 U 100 0 0 ens33
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
192.168.126.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
192.168.133.0 192.168.122.10 255.255.255.0 UG 0 0 0 virbr0
- Delete routing records to the specified network segment
[root@xcf1 ~]# route del -net 192.168.133.0/24
[root@xcf1 ~]# route ##没了,删除成功
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default gateway 0.0.0.0 UG 100 0 0 ens33
11.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 ens33
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
192.168.126.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
- Add a default gateway record to the routing table
格式:
route add default gw IP地址
- Delete the default gateway record in the routing table
格式:
route del default gw IP地址
- There should be only one default gateway record in the routing table of the same host. If there are multiple entries at the same time, it may cause network connection failure of the host
Fourth, modify the network configuration file
1. Network interface configuration file
- The configuration file of the network interface is located in the directory "/etc/sysconfig/network-scripts/" by default, and the file name format is "ifcfg-XXX", where "XXX" is the name of the network interface
- "Ifcfg-ens33": is the configuration file of the first Ethernet card
[root@xcf ~]# ls /etc/sysconfig/network-scripts/ifcfg-*
/etc/sysconfig/network-scripts/ifcfg-ens33
/etc/sysconfig/network-scripts/ifcfg-lo
##“lo”是回环接口
- View network card configuration
- supplement:
- TYPE: Set the network card type, the above is expressed as Ethernet
- ONBOOT: Set whether the network interface is automatically activated when the Linux system starts
- NETMASK: Set the subnet mask of the network interface
- GATEMASK: Set the default gateway address of the network interface
- DNS: Set the IP address of the DNS server
2. Enable and disable network interface configuration
- After modifying the configuration file of the network interface, to make the new configuration take effect, you need to restart the network card or host
- Restart network service
[root@xcf ~]# systemctl restart network (重启所有网卡)
或
[root@xcf ~]# service network restart
Restarting network (via systemctl): [ 确定 ]
- Disable and enable network interface
[root@xcf ~]# ifdown ens33 (这里是禁用或启用单个网卡)
##注,若在Xshell中执行此命令,则界面再不可用了,连接不上,需回到VM虚拟机中重新启动网络接口
##这时你会发现网络不可用了↓↓↓
[root@xcf ~]# ping www.baidu.com
ping: www.baidu.com: 未知的名称或服务
[root@xcf ~]# ifup ens33 ##恢复后又可以继续上网了
连接已成功激活(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveConnection/6)
[root@xcf ~]# ping www.baidu.com
PING www.a.shifen.com (180.101.49.12) 56(84) bytes of data.
64 bytes from 180.101.49.12 (180.101.49.12): icmp_seq=1 ttl=128 time=36.2 ms
64 bytes from 180.101.49.12 (180.101.49.12): icmp_seq=2 ttl=128 time=31.8 ms
...略
3. Host name configuration file
- Modify the host name through the "/etc/hostname" file
[root@xcf ~]# vim /etc/hostname
##仅识别第一行作为主机名,并重启后生效
- Modify the host name by "hostnamectl"
[root@xcf ~]# vim /etc/hostname
[root@xcf ~]# hostnamectl set-hostname xcf1
[root@xcf ~]# bash
[root@xcf1 ~]# hostname
xcf1
4. Domain name resolution configuration file
- The /etc/resolv.conf file records the IP address of the DNS server used by the machine by default, and changes made to this file will take effect immediately
- The above "serch" is followed by the domain name suffix, that is, when accessing the host, it is equivalent to accessing "localhost.localdomain"
- Up to 3 different DNS server addresses can be specified in the Linux system (3 and later will be ignored), and the first DNS server will be used first
- CentOS7 needs to set dns=none in the main section of the NetworkManager.conf file and restart the NetworkManager service, or use the newly added nmcil command in CentOS7 to set
5. Local host mapping file
- The /etc/hosts file records a table of mappings between host names and IP addresses,
generally used to store information about hosts that often need to be accessed
- When accessing an unknown domain name, it will first check whether there is a corresponding mapping record in the file, and if it cannot find the corresponding mapping record, then go to the DNS server to query
- For some frequently used URLs, you can reduce DNS queries by adding correct mapping records in the /etc/hosts file, thereby increasing the Internet speed
- If you add the wrong mapping record, it may cause abnormal website access
- The hosts file is only saved locally, so it is only valid for the current host, and cannot be applied to the entire network