Nine. Network management under Linux
1. What is an ip address:
View command of ip address: "ip addr show"
2. Subnet mask:
2-1:用来划分网络区域
2-2:子网掩码非0的位对应的ip上的数字表示这个ip的网络位
2-3:子网掩码0位对应的数字是ip的主机位
2-4:网络位表示网络区域
2-5:主机位表示网络区域里某台主机
3.ip communication judgment:
The two IPs with the same network bits and different host bits can communicate directly
172.25.254.1/24 子网掩码24=255.255.255.0(24个1)
172.25.254.2/24
172.25.0.1/16
The ip whose ip is 172.25.254.154 can communicate directly with the host of 172.25.254.54;
4. Network setting tool (command):
4-1:
4-2: ifconfig device down/up just shuts down the network service, but cannot refresh the network information:
5. Graphically set ip:
5-1: nm-connection-editor
5-2: nmtui (network editing mode without graphics):
6. Set the network by command:
7. Manage network configuration files:
The ip network configuration file is shown in the figure:
8.dhcp network settings:
8-1: download and install dhcp.server;
8-2: rpm -qc dhcp-server to view the dhcp configuration file;
8-3: vim /etc/dhcp/dhcp.conf (copy the template Create a configuration file and modify the configuration file)
8-4: execute systemctl restart dhcpd; test after systemctl stop firewalld (check the ip range)
Note:
When the network working mode is dhcp, the
system will automatically obtain the ip gateway dns,
then /etc/resolv.conf will be modified with the
obtained information. If you do not need to obtain the dns information
, add
PEERDNS=no (/usr/share) to the network card configuration file (You can view the writing of the network configuration file in /doc/initscripts/sysconfig.txt)
9. Gateway:
As shown in the figure: the single network card virtual machine ip is: 1.1.1.154; the dual network card virtual machine ip is: 1.1.1.154; 172.25.254.154; the real host ip address is: 172.25.254.54;
the address masquerading function is enabled in the dual network card virtual machine , Turn the host of the virtual machine into a router; set the gateway in the virtual machine; experimental results: cross-network communication can be realized in the 1.1.1.154 virtual machine, through the routing function of the dual network card virtual machine and the real host (172.25.254.54 ) Direct communication;
Single network card virtual machine:
Dual network card virtual machine:
10. Set dns (address resolution):
Provide address resolution in a local file (self-question and self-answer): /etc/hosts: ip + URL
is configured in the dns pointing file (ask the operator): "/etc/resolv.conf": nameserver 114.114.114.114 (operation The business is responsible for resolving the address network):
Two ways: The address resolution priority of local files is higher by default, and the priority of the two can be modified in "/etc/nsswitch.conf"
11. Remote login:
11-1: ssh command:
"-l"--------------------specified login user
"-i"------------ --------Specify the private key
"-X"------------------Open the graphic
"-f" ----------- -------Run in the background
"-o"------------------Specify connection parameters ssh -l root 172.25.254.x -o "StrictHostKeyChecking=no"
"-T"-------------------specify the connection springboard ssh -l root 172.25.254.1 -t ssh -l root 172.25.254.105
11-2: Authentication type:
symmetric encryption: the same string used for encryption and decryption; easy to leak, brute force cracking, easy to forget;
Asymmetric encryption: the public key (lock) is used for encryption and the private key (key) is used for decryption. It will not be stolen, and it is impossible to log in to the server in a keyless way;
11-3: Generate key (any host):
Use the key (no password) to connect to the remote host:
11-4: Security parameter optimization:
“vim /etc/ssh/sshd_config”:
