1. Detailed Explanation of Configuration Files
In Redhat Linux systems such as RHEL or CentOS, the main network-related setting files are as follows:
/etc/host.conf Configure the control file of the domain name service client
/etc/hosts Complete the mapping of host names to IP addresses The function of
/etc/resolv.conf Domain name service client configuration file, used to specify the location of the domain name server
/etc/sysconfig/network Contains the most basic network information of the host, used for system startup.
/etc/sysconfig/network-script / Some information about initializing the network when the system starts
/etc/xinetd.conf Defines the network service started by the super process xinetd
/etc/networks Completes the mapping between domain names and network addresses
/etc/protocols Sets the protocol used by the host and each protocol The protocol number
/etc/services sets the network services of different ports of the host
1. The default information of the /etc/host.conf file is as follows:
multi on #Allows the host to have multiple IP addresses
order hosts,bind #Host name resolution order, That is, local resolution, the order of DNS domain name resolution,
this file generally does not need to be modified by us. The default resolution order is local resolution and DNS server resolution. That is to say, in this system, a host name is first resolved locally. If there is no local resolution, Then perform DNS server resolution.
2. The default content of the /etc/hosts file is roughly as follows:
127.0.0.1 butbueatiful localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
is visible. The default is the correspondence between the local ip and some host names of the local machine. The first line is ipv4 information, and the second line is ipv6 information. If it is not parsed by ipv6 natively, this line is generally commented out.
The parsing effect of the first line is that butbueatiful localhost.localdomain localhost will be resolved to 127.0.0.1, we can try it with ping.
[root@butbueatiful ~]# ping -c 3 butbueatiful
PING butbueatiful (127.0.0.1) 56(84) bytes of data.
64 bytes from butbueatiful (127.0.0.1): icmp_seq=1 ttl=64 time=0.061 ms
64 bytes from butbueatiful (127.0.0.1): icmp_seq=2 ttl=64 time=0.052 ms
64 bytes from butbueatiful (127.0.0.1): icmp_seq=3 ttl=64 time=0.051 ms
--- butbueatiful ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 0.051/0.054/0.061/0.009 ms
[root@butbueatiful ~]# ping -c 3 localhost.localdomain
PING butbueatiful (127.0.0.1) 56(84) bytes of data.
64 bytes from butbueatiful (127.0.0.1): icmp_seq=1 ttl=64 time=0.055 ms
64 bytes from butbueatiful (127.0.0.1): icmp_seq=2 ttl=64 time=0.035 ms
64 bytes from butbueatiful (127.0.0.1): icmp_seq=3 ttl =64 time=0.050 ms
--- butbueatiful ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 0.035/0.046/0.055/0.011 ms
see above As a result, you may ask why when pinging localhost.localdomain, the following is displayed as butbueatiful, this is because the hostnames after the first hostname butbueatiful are actually butbueatiful host aliases.
If we want to append a new local resolution, for example, we want to resolve both yyyy.com and www.yyyy.com to 192.168.0.100 in our machine, then just append the following sentence:
192.168.0.100 yyyy.com www.yyyy.com
Also, here, www.yyyy.com is the host alias of yyyy.com.
If you think about it carefully, you will find that this file is actually very dangerous. If someone maliciously modifies your file, for example, the domain name of Taobao's website is resolved to his phishing website, then you will be tricked. 3. /etc/resolv.conf, specifies the DNS server IP and other information for domain name resolution. There are generally four configuration parameters: nameserver specifies the IP address of the DNS server domain defines the local domain name information search defines the search list of the domain name sortlist to gethostbyname The returned addresses are sorted, but the most commonly used configuration parameter is nameserver. Others can be left unset. This parameter specifies the IP address of the DNS server. If the setting is incorrect, normal domain name resolution cannot be performed. Generally speaking, it is recommended to set 2 DNS servers. For example, we use google's free DNS server, then the setting content of the file is as follows: nameserver 8.8.8.8 nameserver 8.8.4.4 Similarly, this file is also dangerous, if it is maliciously changed into With his own DNS server, he can do whatever he wants to control every destination you visit through the domain name, which is often referred to as DNS hijacking. 4. /etc/sysconfig/network, a typical configuration is as follows: NETWORKING=yes NETWORKING_IPV6=no HOSTNAME=butbueatiful
Brief explanation of GATEWAY=192.168.0.1 parameters:
NETWORK Set whether the network is valid, yes is valid, no is invalid
NETWORKING_IPV6 Set whether the ipv6 network is valid, yes is valid, no is
invalid Otherwise, there will be problems when using some programs.
GATEWAY Specify the default gateway IP
5. ifcfg-ethX, set the IP and other information of the corresponding network port , such as the first network port, then it is /etc/sysconfig/network-scripts/ifcfg-eth0, configuration example:
DEVICE="eth0"
BOOTPROTO="static"
BROADCAST="192.168.0.255"
HWADDR="00:16:36:1B:BB:74"
IPADDR="192.168.0.100"
NETMASK="255.255.255.0"
ONBOOT="yes"
When ONBOOT starts or restarts the network, whether to start the device, yes is to start, no is to not start the
BOOTPROTO boot protocol, the three most common parameters are as follows:
static (static IP)
none (not specified, set a fixed IP, this is also OK, but if you want to set multiple network ports to bind the bond, you must set it to none)
dhcp (dynamically obtain IP-related information)
6. route-ethX , such as the routing information of the first network port eth0, then it is /etc /sysconfig/network-scripts/route-eth0:
For example, we have such a requirement now that we need to go to the network 172.17.27.0/24 through eth0 instead of the default route and need to go to 192.168.0.254, then our first reaction must be to use the route command Append routing information:
[root@butbueatiful ~]# route add -net 172.17.27.0 netmask 255.255.255.0 gw 192.168.0.254 dev eth0
However, what you didn’t realize is that this is only dynamically added. After restarting the network, the routing information It disappeared, so you need to set a static route. At this time, you need to set the /etc/sysconfig/network-scripts/route-eth0 file. If there is no such file, you can create a new one:
[root@butbueatiful ~]# vi /etc /sysconfig/network-scripts/route-eth0
#Append
172.17.27.0/24via 192.168.0.254
Even if the network is restarted and the system is restarted, the route will be loaded automatically. Of course, if you do not have such a need, then there is no need to create and configure this file.
Second, the commonly used network configuration
With the passage of time, Red Hat launched RHEL6.2, and then CentOS also quit CentOS6.2. In the new system, manufacturers have added a lot of virtualization and cloud computing elements, and at the same time, there are many changes to the details. Here we only describe the network parameters in the new system in detail.
The network parameters in Linux generally include the following contents:
IP address
subnet mask
gateway
DNS server
host name
Traditionally, there are two ways to modify these parameters in Linux systems: commands and files. The command setting can take effect immediately, but it will be invalid after restarting, and it will take effect permanently through file modification, but it will not take effect immediately.
First, let's take a look at the command method:
ifconfig: View and set IP address, subnet mask
hostname: View and set host name
route: View and set routing information (default gateway, etc.)
Modify by file:
/etc/sysconfig /network-scripts/ifcfg-device name (usually ifcfg-eth0)
/etc/sysconfig/network
/etc/resolv.conf file: setting DNS server
All of the above methods can be implemented in both 5.0 and 6.0 systems, but 6.0 systems After the description in the official document: ifconfig and route are very old commands, replaced by the ip command.
So let's take a look at the old command usage:
**************************************************** ************************
ifconfig interface options|address
# ifconfig eth0 up # Turn on eth0 network card
# ifconfig eth0 down # Turn off eth0 network card
# ifconfig eth0 -arp # Close the arp protocol of the eth0 network card
# ifconfig eth0 promisc # Enable the mixed mode of the eth0 network card
# ifconfig eth0 mtu 1400 # Set the maximum transmission unit of the eth0 network card to 1400
# ifconfig eth0 192.168.0.2/24 # Set the IP address of the eth0 network card
# ifconfig eth0 192.168. 0.2 netmask 255.255.255.0 # Same as above
********************************************** ********************************
Hostname:
# hostname # View the hostname
# hostname butbueatiful.com # Set the hostname butbueatiful.com
************************************************ ****************************
Gateway Settings:
route add [-net|-host] target [netmask] gw
route del [-net|-host] target [netmask] gw
# route add -net 192.168.3.0/24 gw 192.168.0.254 # Set to 192.168.3.0 network segment The gateway is 192.168.0.254
# route add -net 192.168.3.0 netmask 255.255.255.0 gw 192.168.0.254 # The function is the same as above
# route add -host 192.168.4.4 gw 192.168.0.254 # Set the gateway to the 192.168.4.4 host as 1902
#
# route del -net 192.168.3.0/24 # Delete the gateway information of the 192.168.3.0 network segment
# route del -host 192.168.4.4 # Delete the gateway information of the 192.168.4.4 host
# route add default gw 192.168.0.254 # Set the default gateway 192.168.0.254
# route del default gw 192.168.0.254 # Delete the default gateway as 192.168.0.254
**************************************************** ************************
And now the official no longer recommends the use of such an old command and recommends the use of the ip command, let's take a look at its usage:
ip [Options] Operation object {link|addr|route...}
# ip link show # Display network interface information
# ip link set eth0 upi # Turn on the network card
# ip link set eth0 down # Turn off the network card
# ip link set eth0 promisc on # Enable the mixed mode of the network card
# ip link set eth0 promisc offi # Turn off the mixed mode of the network card
# ip link set eth0 txqueuelen 1200 # Set the queue length of the network card
# ip link set eth0 mtu 1400 # Set the maximum transmission unit of the network card
# ip addr show # Display Network card IP information
# ip addr add 192.168.0.1/24 dev eth0 # Set the eth0 network card IP address 192.168.0.1
# ip addr del 192.168.0.1/24 dev eth0 # Delete the eth0 network card IP address
# ip route list # View routing information
# ip route add 192.168.4.0/24 via 192.168.0.254 dev eth0 # Set the gateway of the 192.168.4.0 network segment to 192.168.0.254, and the data goes through the eth0 interface
# ip route add default via 192.168.0.254 dev eth0 # Set the default gateway to 192.168 .0.254
# ip route del 192.168.4.0/24 # Delete the gateway of the 192.168.4.0 network segment
# ip route del default # Delete the default route
********************* ****************************************
Next, let's look at modifying the network through files Parameters: (CentOS6.2 system as an example)
# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE="eth0" Device name
NM_CONTROLLED="yes" Whether the device is managed by NetworkManager
ONBOOT="no" Whether to start
HWADDR ="00:0C:29:59:E2:D3" hardware address (MAC address)
TYPE=Ethernet type
BOOTPROTO=none boot protocol {none|dhcp}
IPADDR=192.168.0.1 IP address
PREFIX=24 Subnet Mask
GATEWAY=192.168.0.254 Default Gateway
DNS1=202.106.0.20 Primary DNS
DOMAIN=202.106.46.151 Secondary DNS
UUID=5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03 Device UUID Number
******** **************************************************** ****
# cat /etc/sysconfig/network
HOSTNAME=butbueatiful.com hostname
******************************** ********************************
NOTE: In the 5.0 era DNS servers were written in the /etc/resolv.conf file, but In the 6.0 era, DNS can be written in /etc/resolv.conf, but at this time, PEERDNS=no configuration needs to be added to the /etc/sysconfig/network-scripts/ifcfg-eth0 file, otherwise /etc/ will be rewritten every time the network card is restarted. The content of the resolv.conf file, of course, can also be written directly in the /etc/sysconfig/network-scripts/ifcfg-eth0 file .
Prompt: ONBOOT should be set to yes, otherwise it will not be able to connect to the network.
Postscript:
1. Configure /etc/resolv.confg to restart the lost solution:
One way is to set PEERDNS to "no".
Locate the network card configuration file, location and: /etc/sysconfig/network-scripts/ifcfg-eth Add the PEERDNS option to the file. Can be 0, 1, 2, etc., representing the configuration files of different network cards. For example, if the first network card on the system is eth0, then its configuration file is /etc/sysconfig/network-scripts/ifcfg-eth0 and then change PEERDNS to 'no' in the file.
For example:
DEVICE=eth0
BOOTPROTO=dhcp
ONBOOT=yes
TYPE=Ethernet
PEERDNS=no
This option prevents /etc/resolv.conf from being rewritten after a system reboot.
Another method is to add DNS to this file: for
example:
DNS1=127.0.0.1
DNS2=8.8.8.8
2. Security settings
We said earlier that if /etc/resolv.conf and /etc/hosts are tampered with, it will It is very dangerous, then we will do something after setting up the two files, so that these two files cannot be modified directly by default, even if root cannot, execute the following command:
[root@butbueatiful ~]# chattr +i /etc/ {resolv.conf,hosts}
If we want to modify it ourselves, execute:
[root@butbueatiful ~]# chattr -i /etc/{resolv.conf,hosts}
and then we can modify it. Don’t forget +i after modification.
3. Network troubleshooting ideas
Check the configuration file for errors (writing and syntax errors, etc.)
Check whether the local network protocol is correct: # ping -c 3 127.0.0.1
Check whether the local network card link is correct: # ping -c 3 192.168. 0.1 (local IP address)
to check whether the gateway is correct: # ping -c 3 192.168.0.254 (gateway IP address)
to check external connectivity: # ping -c 3 www.google.com.hk
to check the hardware
This article comes from: http://blog.chinaunix.net/uid-26495963-id-3230810.html