1.A ping B intermediate route can not be added
A--net1--1 R1 2--net2C--3 R2 4--net3D--5 R3 6--net4--B
R1
route add -net net4/N4 gw ip3 only add this
route add -net net3/N3 gw ip3 not add
or
route add default gw ip3
R2
route add -net net1/N1 gw ip2
route add -net net4/N4 gw ip5
R3
route add -net net1/N1 gw ip4
route add -net net2/N2 gw ip4
or
route add default gw ip4
2. The external network of this network forwards data packets through routing, and deleting the local routing network will not work, so when creating a network card, a gateway for a network card is generated by default.
3. DEVICE and HW find out which network card to set, corresponding to ifcfg-eth0, DEVICE=eth0, or specify the MAC address of the network card (the MAC address viewed in ifconfig) HWADDR=...
4. Multiple DNS settings can be used as high availability settings such as 1.1.1.1 (Australia's DNS server) 114.114.114.114 (Ali's DNS server)
5. HWADDR must be the real MAC address (the MAC address viewed in ifconfig). MACADDR can be a fake MAC address generated by VMware. If the name is HWADDR and a fake MAC address is specified, an error will be reported. The specified network card can be specified by specifying the DEVICE name or HWADDR. One can locate the network card
6. Check if DNS is in effect, check cat /etc/resolve.conf to see if there is a DNS host IP
7. Modify the hostname vi /etc/sysconfig/network (centos6) hostname hostname
The prompt needs to be logged in again to change, or you can execute excel bash to take effect directly
vi /etc/sysconfig/network can also store the configuration of the gateway
For example: GATEWAY=192.168.30.254
After modification, it will not take effect immediately. It will take effect after rebooting. You can use the route add command to add a gateway to take effect immediately.
The modified gateway in ifcfg-ens33 must also be rebooted to take effect. Restarting the network service will not take effect.
If /etc/sysconfig/network conflicts with the gateway in the network card configuration file, the gateway configured in the network card takes precedence.
8.ifconfig ens33:0 192.168.1.1/24 temporary settings (ip addr add 192.168.1.1/24 dev ens33 label ens33:0)
9. A single network card permanently saves multiple IPs. You need to edit the configuration file ifcfg-eth0:1. It should be noted that the DEVICE name in the configuration file must be ifcfg-eth0:1 after the same
cat > ifcfg-eth0:1
DEVICE=eth0:1 The name is the same as the suffix of the file name to locate the network card (the network card can also be located by the MAC address)
...
DEVICE
It takes effect permanently after restarting the network service
10. When the server of the router must pay attention to enable the port forwarding function /proc/sys/net/ipv4/ip_forward is 1, the one-arm route does not pass through the router, so the ttl value does not decrease by 1, because it does not pass through the route
Pseudo file system files cannot be opened with an editor. You can use echo "value" > /pro/sys/net/ipv4/ip_forward to change the file name. The file name can also be a parameter name, such as sysctl -w net.ipv4.ip_forward=1
To make the configuration take effect permanently, you need to modify the configuration file vi /etc/sysctl.conf . After modifying the configuration file, use sysctl -p to take effect, and sysctl -a to display the current configuration
11.ping -I 1.1.1.254 3.3.3.3 You can specify which network card to use to ping
12. tcpdump icmp -nn View the outgoing packets of the current network, specify the -nn option, and do not resolve the service port number into the service name
13.netstat -nr (route -n) View routing table
14. The socket file is used for local communication, and the tcp/ip protocol stack needs to be encapsulated and decapsulated to communicate
15.netstat -p to see which process is opening the port -e will display extended information -l listen listening status
netstat -i counts the number of packets sent and received, if the increase is too large, it may be attacked
tcpdump -i eth0 -nn to capture packets to view the details -nn option does not allow it to be resolved into a service name so as not to affect the efficiency
netstat -Ieth0 netstat -I=eth0 Specify the port to view the number of packets sent and received
16.MTU refers to the data part of the Ethernet frame (MTU maximum transmission unit)
17.netstat can be replaced by ss, ss is more efficient than netstat
18. ip link View the information of the link layer (you can check whether the network cable is unplugged (down), link (up))
ip address View Layer 3 information including Layer 2 information
ip a (ip address), ip r (ip route) 简写
ip route can be added by copying and pasting its display format (deletion can also use ip route format)
ip route add 4.4.4.0/24 via 192.168.1.100
The ip command has a completion function. In centos6, use yum install bash-completion -y (in the EPEL source)
19. You can also use the bridge to access the Internet. If the LAN can access the Internet through NAT address resolution
20. Supplementary explanation of the principle of yum source
21.ip address add 2.2.2.2/24 dev eth0 label eth0:2 lable alias
22.ip link set eth0 down is equivalent to unplugging the network cable
ip link set eht0 up
23.ip scope:
global: IPs of different network cards will also respond
link: only the connected IP address will respond
host: only valid on this machine
24. Save the configuration file of the route
/etc/sysconfig/network-scripts/route-IFACE
Requires service network restart to take effect
Two styles:
1.target via gw
For example: 10.0.0.0/8 via 172.16.0.1
2. Define a route every three lines
如:ADDRESS=target
NETMASK=mask
GATEWAY = GW
25. The network card alias must manually specify the IP. The standard network card configuration file can manually specify the IP or dynamically obtain the IP, and one can automatically obtain one manually.
26. TYPE and UUID configuration file can not be specified
27. The /etc/hosts file resolves names into addresses (common domain name resolution has higher priority than DNS)
6.6.6.6 www.magedu.com
The correspondence between the hostname and IP should be added after the hostname is modified. Some services are accessed through the hostname, so it is recommended to modify both configuration files.
Modify priority /etc/nsswitch.conf, files first
cat /etc/nsswitch.conf
#hosts: db files nisplus nis dns
hosts: files dns Modify the order of files and dns to redefine the priority of dns resolution
dns modification order
You can modify /etc/hosts to write the ip correspondence of the google address ×××
28. A single network card can be configured with alias ip of different network segments to simulate network cards of different network segments
29. Whether USERCTL allows ordinary users to start and close the network card
30.cat /proc/net/bonding/bond0 View status
31. In bond3 broadcast mode, all network cards take the same data packet (DUP!) and the return packet is repeated
32. When virbr0 appears, uninstall the package yum remove libvirt-daemon -y, and it will disappear after reboot
33.Supplement of bond experiment, experiment supplement of network card name modification
34. Install the kernel-doc package to view the help documentation of bond0
35.modporobe -r bonding uninstalls the bongding module (lsmod displays the loaded module)
36. Modify the name of the network card (centos7)
Method 1: vim /etc/grub2.cfg (link to /etc/default/grub file) Modify the file, and then restart reboot to take effect
Method 2: vim /etc/default/grub add content, modify and regenerate the file grub.cfg
grub2-mkconfig The output content of the carriage return needs to be redirected -o output to the file and the renaming takes effect after reboot
All are final modifications to /boot/grub2/grub.cfg
37.nmcli (network manager client)
centos7 management network
38.nmcli video supplement
39.centos 7 /etc/hostname hostname Modify the host name
hostnamectl takes effect directly after modifying the configuration file
hostnamectl set-hostname hostname
exec bash is equivalent to the hostname modification of the login prompt after exiting
After the 40.127.0.0.1 line, add the host name and short name of the machine
41.temdctl team0 state View status
42.nmcli plus team rhce must be very skilled
43.ethtool ens33 can view the hardware configuration information of the network card
mii-tool ens33 View the hardware configuration information of the network card
44. Whether nslookup www.baidu.com can resolve the domain name
Dig www.magedu.com to see if the domain name can be resolved
host www.baidu.com to see if the domain name can be resolved
45.ip address can check whether the network cable is disconnected (down)
46. yum install ftp lftp installs the client using ftp, lftp is more convenient, can be completed and can display color to distinguish folder files
47.lftpget ftp://172.20.0.1/pub/Tools/file Available in non-interactive download scripts
wget can download both ftp files and http files
48.grep -q yum -q silently install wget -q
49.yum install links -y
links 172.20.0.1 --source to view the source code
links 172.20.0.1 --dump > a.txt Otherwise, the copied file can be directly dumped --dump only displays the file
50.Cow (copy on write) Copy-on-write (similar to the effect of snapshots) When creating a child process, the memory space is shared, and the child process will only copy a memory space when modifying the memory
51.ps aux VSZ All the memory required by the program, the memory actually allocated by RSS (the program does not need to give all the memory during running, just allocate part of the memory for the program to run, and then the system will allocate the memory when needed)
52. Free shared shared memory space, which can be used for communication between processes within the host
53. Message Queue Multiple messages are sent to the message queue to communicate.
54. Uninterruptible, cannot be awakened, only when certain conditions are met can it be awakened
Zombie state, the memory space is not released after the process ends
55. In the information displayed by pstree -p {} is the thread
56. exec bash is similar to logging out and then logging in, (you can execute the exec bash command to solve it when you need to log out and log in to take effect)
57. If you want the alias of the network card (note that it is an alias, not an independent network card, an independent network card requires not only a configuration file but also a virtual machine to add a network card) to take effect permanently, a configuration file is required.
58. The analog unplugging of the network cable can be used
# ip link set ens33 down(ifconfig ens33 down)
# ip link [show] (ip address) You can view the status of the network (UP/DOWN)
59.nmcli can support the completion function, you can generate the configuration file of the network card through nmcli connection, and then use nmcli connection up name to take effect of the network card configuration
nmcli device status
nmcli connection show
nmcli connection delete ens33
nmcli connection add con-name office-eth1 ifname eth1 type ethernet ipv4.method auto connection.autoconnect yes
nmcli connection show
nmcli connection up office-eth1 configuration file associated network card device
nmcli connection
nmcli connection modify Wired\ connection \2 con-name home-eth1
nmcli connection
nmcli connection is to edit the configuration file
cat ifcfg-home-eth1 , you can directly modify the file or use nmcli
nmcli connection modify home-eth1 ipv4.address 172.20.0.7/16 ipv4.gatewat 172.20.0.1 ipv4.dns 114.114.114.114 ipv4.method manual (default is to obtain automatically) The method not set is manual, and the ip setting will be invalid
nmcli connection up home-eth1 takes effect
IP switching of a single network card address
cp Copy the network card device file generated by nmcli and modify it. After modification, nmcli connection reload is required to load it into the memory to take effect.
After the configuration file generated by nmcli is manually modified, only nmcli connection reload can be used to make it take effect, and commands similar to nmcli connection up static-eth1 cannot make it take effect. If you use nmcli connection modify to modify it, you can use nmcli connection up static-eth1 to make it take effect. can make it effective
Supplement, UUID uniquely identifies a network card device. If you copy the network card file or clone, you can delete its UUID and let the system regenerate to avoid conflicts.
nmcli connection modify \Wired\ connection\1 con-name eth0 ipv4.method manual ipv4.address 192.168.30.7/24
nmcli connection up eth0 Associate the configuration file to the network card and make it effective
nmcli device disconnect eth1 just deletes the ip address of the network card, the network status is still UP
nmcli device connect eth1 restores the ip address of the network card
nmcli connection show ens33 View the detailed configuration information of nmcli (ipv4.method is auto by default)
60. After modifying the host name, fill in the host name and short name at the end of 127.0.0.1
61. centos7 replaces bonding with Teaming, and its performance is said to be better than bonding
62.teamdctl team0 state
63.nmcli connection delete ... (3 configuration files for Teaming)
nmcli's team experiment blog
ip classified class notes blog
Wireshark installation, using
Create a collection of image installation packages (Centos6)
64.nmcli creates Teaming steps: (Centos7)
1. First, two or more network card devices are required. #nmcli device status can view the status of the system network card.
2.nmcli connection delete ens33 (name of the first column of nmcli connection show) delete the network configuration file of ifcfg-ens33
3.nmcli connection delete ens37 deletes the network configuration file of ifcfg-ens37
4.nmcli connection add type team con-name team0 ifname team0 config '{"runner":{"name":"activebackup"}}'
5.nmcli connection modify team0 ipv4.address 192.168.1.2/24 ipv4.method manual
6.nmcli connection add type team-slave con-name team0-ens33 ifname ens33 master team0
7.nmcli connection add type team-slave con-name team0-ens37 ifname ens37 master team0
8.nmcli connection up team0
9.nmcli connection up team0-ens33
10.nmcli connection up team0-ens37
11.teamdctl team0 state View team status
12.nmcli dev dis ens33
con-name in nmcli (corresponding to the name of the first column of nmcli connection show), ifname (corresponding to device name)
The essence of the nmcli command is to create a configuration file for the network card, such as ifcfg-team0-slave
nmcli connection up name (name of the first column of nmcli connection show) to take effect in the configuration file
If using an editor to modify the configuration file generated by nmcli needs to be reloaded, nmcli connection reload will take effect
The steps for nmcli to create a bond:
1.nmcli connection add type bond con-name my-bond0 ifname bond0 mode active-backup
2.nmcli connection modify my-bond0 ipv4.method manual ipv4.address 192.168.1.100/24
3. nmcli connection add type bond-slave con-name bond0-ens33 ifname ens33 master bond0 (bond0 is the name of the device of the nmcli connection show command)
4.nmcli connection add type bond-slave con-name bond0-ens37 ifname ens37 master bond0
5.nmcli connection up bond0-ens37 takes effect configuration (start from the slave interface first, and then start the bond interface)
6.nmcli connection up bond0-ens33
7.nmcli connection up my-bond0 finally takes effect on the bond0 interface
Manually configure bonding
vi ifcfg-bond1:
DEVICE=bond1
IPADDR=192.168.30.6
PREFIX=24
BONDING_OPTS="mode=1 miimon=100"
vi ifcfg-ens33:
DEVICE=ens33
MASTER=bond1
SLAVE=yes
vi ifcfg-ens37:
DEVICE=ens37
MASTER=bond1
SLAVE=yes
Restart the service to take effect
uninstall bond
1.ifconfig bond1 down
2.rmmod bonding(mobprobe -r bonding) Uninstall the bonding module(lsmod |grep bonding)
View the specific status information of bonding
cat /proc/net/bonding/bond0