Linux network concepts
Naming NIC
card CENTOS6 naming: it will change rather than a unique and fixed according to the situation, before CENTOS6, network interface uses a serial number name: eth0, eth1, etc., when adding or removing the card, the name may occur changes
CENTOS7 using dmidecode collection naming scheme, in order to obtain information on the motherboard; it can achieve a permanent unique name of the network card (dmidecode this command can gather information about the hardware aspects)
The network device naming :
1) If the index information Firmware (firmware) or BIOS-based onboard device provided available and the predictable be named according to the index, for example: the ifcfg-ens33
2) If Firmware (firmware) or BIOS as index information PCI-E expansion slots provided are available, and can be predicted, are named according to the index, for example, name, for example: the ifcfg-enp33
. 3) If the physical position information of the hardware interface is available, according to this information name, e.g. enp2s0
above are not available, then using conventional naming scheme.
Extended :
In CENTOS7, en represents: ethernet Ethernet is that we now use LAN
enX (X common are the following three types) :
o:主板板载网卡,集成设备的设备索引号。
p:独立网卡,PCI网卡
s:热插拔网卡,usb之类,扩展槽的索引号
nnn (数字)表示:MAC地址+主板信息计算得出唯一的序列
Some common network interface :
eth0 ..... eth4 ... 以太网接口(linux6)
waln0 无线接口
eno177776 以太网接口 (linux7)
ens33 以太网接口(linux7)
bond0 team0 网卡绑定接口
virbr0 虚拟交换机桥接接口
br0 虚拟网桥接口
lo 本地回环接口
vnet0 KVM虚拟机网卡接口
Enter the graphical interface of the native virtual machine configuration (the most simple, but the premise is the graphical interface installed)
Click Wired Settings
当前是第1个:DHCP自动获取IP,第2个Manual(手动):手动配置静态IP
手动配置需配置ip、子网掩码、网关、DNS,如下图:
配完之后将Wired先关闭,再开启,相当于重启网卡
查看配置的IP是否生效:
通过nmtui命令进入图形配置界面(在远程登录工具中也能调出图形化界面)
首先要清楚,nmtui这个命令是NetworkManager这个服务下的
Connecting to 192.168.2.156:22...
Connection established.
To escape to local shell, press Ctrl+Alt+].
Last login: Thu Jan 3 12:51:34 2019
/usr/bin/xauth: file /root/.Xauthority does not exist
[root@client2 ~]# nmtui
nmtui或者nmtui-edit回车,调出图形化界面,选择Edit a connection,如下图:
选择对应的网卡,选择Edit
这里可以选择Automatic(就是自动获取),Manual(手动),如下图:
默认是Automatic,自动获取。
手动配置,如下图:
原本ip是:
重启网卡生效:
虽然重启报错,但已成功生效,验证是否能上网:
注:这里的报错应该就是NetworkManager服务与本身的网卡配置冲突了
[root@client2 ~]# ping baidu.com
PING baidu.com (123.125.115.110) 56(84) bytes of data.
64 bytes from baidu.com (123.125.115.110): icmp_seq=1 ttl=50 time=29.1 ms
64 bytes from baidu.com (123.125.115.110): icmp_seq=2 ttl=50 time=28.7 ms
64 bytes from baidu.com (123.125.115.110): icmp_seq=3 ttl=50 time=30.0 ms
^C
--- baidu.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2004ms
rtt min/avg/max/mdev = 28.749/29.300/30.029/0.537 ms
[root@client2 ~]#
OK,能上网,配置成功。
通过修改网卡配置文件(配置的是静态IP,有点复杂)
注意:这个设置有时会与NetworkManager这个服务冲突,所以最好先关掉NetworkManager
[root@localhost ~]# systemctl stop NetworkManager
[root@localhost ~]# systemctl enable NetworkManager
[root@localhost ~]#
1. 网卡配置文件:/etc/sysconfig/network-scripts/
[root@server ~]# cd /etc/sysconfig/network-scripts/
[root@server network-scripts]# ls
ifcfg-eth0 ifdown-sit ifup-plusb
ifcfg-lo ifdown-Team ifup-post
我们需要配置的网卡是有线网卡,也就是ifcfg-eth0
配置参数如下:
DEVICE = eth0|eth1… #设备编号
ONBOOT=yes|no #是否随系统启动而启动
HWADDR=00:0C:29:62:30:22 #MAC地址
TYPE=Ethernet #类型
BOOTPROTO=static|dhcp|none #地址分配方式
IPADDR=192.168.2.203 #IP地址
NETMASK=255.255.255.0/PREFIX=24 #子网掩码
GATEWAY=192.168.2.1 #网关地址
DNS1=192.168.2.1 #DNS地址,可选多个,用编号区别
DEFROUTE=yes|no #路由设置
注:当ONBOOT设置为NO时,系统启动不会启动上面的DEVICE。需要将ONBOOT改为YES或是手动启动服务
2. generally only need to add: IPADDR, NETMASK, GATEWAY, DNS these four on the line, you also need to address allocation mode to: BOOTPROTO = static (static)
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME="eth0"
UUID=8591ac3c-011c-45e4-a92c-7e01394c144d
ONBOOT=yes
IPADDR=192.168.2.200
NETMASK=PREFIX=24
GATEWAY=192.168.2.1
DNS=192.168.2.1
Save and exit and restart the network card
Linux network management
1. Check the network card physical connection is normal
[root@localhost ~]# yum -y install net-tools #如果没有该命令的话,先安装
[root@localhost ~]# ifconfig ens33
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.100.128 netmask 255.255.255.0 broadcast 192.168.100.255
inet6 fe80::a368:6782:9030:4c6a prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:f7:1a:1b txqueuelen 1000 (Ethernet)
RX packets 25735 bytes 30736820 (29.3 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 6762 bytes 3235031 (3.0 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@localhost ~]# mii-tool ens33
ens33: negotiated 1000baseT-FD flow-control, link ok
[root@localhost ~]#
2. Start closed card, a temporary IP configuration
[root@localhost ~]# ifconfig ens33 down
[root@localhost ~]# ifconfig ens33 up
[root@localhost ~]# ifconfig ens33 192.168.100.200 #配置临时IP
[root@localhost ~]# ifconfig ens33
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.100.200 netmask 255.255.255.0 broadcast 192.168.100.255
inet6 fe80::a368:6782:9030:4c6a prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:f7:1a:1b txqueuelen 1000 (Ethernet)
...
[root@localhost ~]# ifconfig ens33 192.168.100.200 netmask 255.255.255.0
[root@localhost ~]# ifconfig ens33:1 192.168.100.100 netmask 255.255.255.0 #添加网卡
3. Check the status monitor port
[root@localhost ~]# netstat -altup
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN 957/sshd
...
[root@localhost ~]#
Commonly used parameters :
-a,all #显示本机所有连接和监听的端口;
-n,--numeric #以数字形式显示当前建立的有效连接和端口;
-u #显示udp连接;
-t #显示tcp连接;
-p,--programs #显示连接对应的PID与程序名;
Feedback field results explain :
Proto:连接协议的种类;
Recv-Q:接收到字节数;
Send-Q:从本服务器,发出去的字节数;
Local Address:本地的IP地址,可以是IP,也可以是主机名;
Foreign Address:远程主机的IP 地址;
STATE:网络连接状态,状态有:
CLOSED:初始(无连接)状态;
LISTEN:侦听状态,等待远程机器的连接请求;
ESTABLISHED:完成TCP三次握手后,主动连接端进入ESTABLISHED状态。此时,TCP连接已经建立,可以进行通信;
TIME_WAIT:在TCP四次挥手时,主动关闭端发送了ACK包之后,进入TIME_WAIT状态,等待最多MSL时间,让被动关闭端收到ACK包;
Extended : MSL
MSL, i.e. Maximum Segment Lifetime, a fragment data (packets) in the network can survive the maximum time is defined in RFC 793 is usually 2 minutes MSL, i.e., more than two minutes it that the packet has been the network is dropped. For a TCP connection, when the two sides into the TIME_WAIT, usually twice MSL wait time, and then closing off the connection in order to prevent the effect FIN packet loss, the end of a retransmission sequence results in the subsequent TCP connection request chaos .
4. Check the routing information
[root@localhost ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.100.2 0.0.0.0 UG 100 0 0 ens33
192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 ens33
192.168.100.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
[root@localhost ~]#
Parameters :
-n,--numeric #不要使用通讯协定或主机名称,直接使用IP或端口号;
-e, --extend #显示更多信息;
-F, --fib #显示转发信息库(默认);
-C, --cache #显示路由缓存。
Add / remove routing entries syntax :
route add [-net|-host] [网域或主机] netmask [mask] [gw|dev]
route del [-net|-host] [网域或主机] netmask [mask] [gw|dev]
[root@localhost ~]# route add -net 192.168.2.0 netmask 255.255.255.0 dev ens33
[root@localhost ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.100.2 0.0.0.0 UG 100 0 0 ens33
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 ens33
...
[root@localhost ~]# route del -net 192.168.2.0 netmask 255.255.255.0 dev ens33
[root@localhost ~]#
