Article Directory
1View and test the network
1.1 View network configuration
1.1.1 Use the ifconfig command to view the network interface address
1) View active network interface devices
ifconfig
2) View the specified network interface device.
When you only need to view the information of one of the network interfaces, you can use the name of the network interface as the parameter of the ifconfig command (regardless of whether the network interface is active or not)
ifconfig 网卡名称
3) Use the ip/ethtool command to view the network interface
ip/ethtool is the same as the ifconfig command, and also refer to the network interface command. But compared with it, the ip/ethtool command is more powerful. It can not only view the basic information of the network interface, but also view deeper content, such as viewing the data link layer of the network interface, network layer information and the speed of the network interface, Mode and other information.
Commonly used commands are
ip link :查看网络接口的数据链路层信息。
ip address :查看网络接口的网络层信息。
ethtool ens33 :查看指定网络接口的速率、模式等信息。
4) Use the route command to view routing table entries
. The routing table in the Linux system determines the destination of sending data from this machine to other hosts and other networks. It is the key information for troubleshooting network failures. Directly execute the route command to view the routing table information in the current host. In the output result, the Destination column corresponds to the address of the target network segment, the Gateway column corresponds to the address of the next hop router, and the Iface column corresponds to the network interface that sends the data.
route [-n] #-n是将地址显示为数字形式
这可以跳过解析主机名的过程,在路由表条目较多的情况下能够加快执行速度。
5) Check the network connection ------ netstat
check the system's network connection status, routing table, interface statistics and other information
netstat [选项]
| Common options | effect |
|---|---|
| -a | Display all active network connection information in the host (including monitoring and non-monitoring service ports) |
| -n | Display related host address, port and other information in the form of numbers. |
| -t | View TCP-related information. |
| -u | Display information related to UDP protocol. |
| -p | Display the process number and process name information associated with the network connection (this option requires root privileges) |
| -r | Display routing table information. |
| -l | Display the network connection and port information in the monitoring state. |
Commonly used to view TCP and UDP protocol information, combination options
netstat -anpt #以数字的形式显示当前系统中所有TCP信息
netstat -anpu #以数字的形式显示当前系统中所有UDP信息
netstat can also use the grep command in combination with the pipe character to filter out specific records.
For example: query the specified port number
6) Obtain socket statistics ------ss
- Check the network connection of the system and get socket statistics.
- The content displayed is similar to netstat, but ss can display more and more detailed information about TCP and connection status, and it is faster and more efficient than netstat.
ss [选项]
| Common options | effect |
|---|---|
| -t | Display the sockets of the TCP protocol |
| -u | Display UDP protocol sockets |
| -n | Do not resolve the name of the service, such as "22" port will not be displayed as "ssh" |
| -l | Only show ports that are in the listening state |
| -p | Show the process of listening port |
| -a | Show all ports and connections |
| -r | Interpret IP as a domain name and port number as a protocol name |
2. Test the network connection
Test network connectivity------ping
- When the connection is normal, you will receive the returned data packet. If you see the feedback message of "Destination Host Unreachable", the destination host is unreachable, maybe the destination address does not exist or the host has been shut down; if you see the feedback message of "Network is unreachable" , It means that there is no available routing record (such as the default gateway), and the network where the target host is located cannot be reached.
- When there are factors that affect the stability of the communication process (such as network card failure, virus or network attack) in the network, you may frequently see the feedback result of "Request time" when using the ping command to test, indicating that the connection with the target host has timed out (data The package is slow or missing accordingly). In addition, when the target host has strict firewall restrictions, it may also receive a "Request timeout" feedback result.
ping [选项] 目标主机
2. Trace the routing path of data packets------traceroute
- Test the network nodes that pass from the current host to the destination host.
For nodes that cannot respond, the connection status will be displayed as *
traceroute 目标主机地址
3. Test DNS domain name resolution------nslookup
If the IP address of the domain name to be queried can be successfully reported, it means that there is no problem with the domain name resolution. If the message "...no servers could be reached" appears, it means that the specified DNS server cannot be connected; if "...can't find xxx. "yyy.zzz:NXDOMAIN" indicates that the domain name to be searched does not exist.
nslookup 目标主机地址 [DNS服务器地址]
3. Set the network address parameters
In the Linux system, there are two basic methods:
- Temporary configuration ---------Use commands to adjust the network parameters. The
modification will take effect immediately.
Simple and fast, you can directly modify the running network parameters.
Generally, it is only suitable for use in the process of debugging the network
after the system is restarted. Will fail - Fixed settings---------Modify network parameters through the configuration file Modify the configuration files of
various network parameters
Suitable for use when setting fixed parameters to the server
Need to reload the network service or restart to take effect
3.1 Use commands to modify (temporary configuration)
(1) Modify the address and status of the network card ------ifconfig
sets the IP address and subnet mask of the network interface
ifconfig 网络接口 ip地址 [ netmask 子网掩码 ]
或
ifconfig 网络接口 ip地址 [/子网掩码长度] #常用
2) Disable or reactivate the network card
ifconfig 网络接口 up
ifconfig 网络接口 down
3) Binding the virtual interface to the network card
In the process of debugging the server network, it is generally used to temporarily use a new IP address on an in-use network card, but it cannot overwrite the original IP address, causing some services to be unavailable. At this point, you can use this command to define a virtual network card and bind it to the original network card.
ifconfig 网络接口:序号 IP地址
3.2 Add and delete static route records------route
- Add and delete routing records to the specified network segment
route add -net 网段地址 gw IP地址
route del -net 网段地址
- Adding and deleting default gateway records is
similar to the command format for adding and deleting static route records, but you only need to simply use "default" when specifying the target network segment. It is
better to have only one default route for the same host's route. Multiple existence may affect the network.
route add default gw IP地址
route del default gw IP地址
This is because there should be only one default gateway record in the routing table of the same host. If there are multiple default gateway records at the same time, it may cause the network connection of the host to fail.
3.3 Modify the configuration file (fixed settings)
(1) Network interface configuration files The
network interface configuration files are all under the /etc/sysconfig/network-scripts/ directory. To
permanently modify the network interface information, you need to modify the network interface configuration file
vim /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet #设置网卡类型,“Ethernet”表示以太网
DEVICE=ens33 #设置网卡的名称
ONBOOT=yes #设置网卡是否在 Linux 操作系统启动时激活
BOOTPROTO=static #设置网卡的配置方式,“static”表示使用静态IP地址,“dhcp”时表示动态获取地址
IPADDR=192.168.132.30 #设置网卡的 IP 地址
NETMASK=255.255.255.0 #设置网卡的子网掩码
GATEWAY=192.168.132.2 #设置网卡的默认网关地址
DNS1=192.168.132.2 #设置DNS服务器的 IP地址
systemctl restart network #重启network服务,让刚才的配置生效
(2) Domain name resolution configuration file
vim /etc/resolv.conf
Save the IP address of the DNS server that the machine needs to use
3) Local host mapping file
/etc/hosts file
Save the mapping record of host name and IP address
- Comparison of hosts file and DNS server
By default, the system first finds the resolution record from the hosts file. The
hosts file is only valid for the
proper host. The hosts file can reduce the DNS query process and speed up the access speed.
supplement
Enable and disable network interface configuration
systemctl restart network #重启所有的网卡
ifdown ens33 ; ifup ens33
ifdown ens33 #关闭某个网卡
ifup ens33 #启动某个网卡
ifconfig ens33 down #临时禁用某个网卡
ifconfig ens33 up #重新激活某个网卡(不会更新IP地址)
Permanently set the hostname
hostnamectl set-hostname [主机名]
vim /etc/hostname #只有第一行有效
#设置完后需重启系统才生效