Linux
Article Directory
- Linux
- 1. NIC name
- 1.1 traditional card naming scheme
- 1.2 redhat7 card naming scheme
- 1.3 network interface name format consisting of
- 1.4 NIC naming process equipment
- 1.5 return to the traditional name
- 2. Network Management commonly used commands
- 3. Network configuration file
- 3.1 Network Configuration File
- 3.2 The network interface configuration files
- 3.3 Routing Profiles
- 3.4 DNS configuration files
- 4. NetworkManager Network management
- 5. Use native network management network
- 6. The network detection and troubleshooting tools
1. NIC name
1.1 traditional card naming scheme
Traditional names:
Ethernet eth [0,1,2, ...]
wlan [0,1,2, ...]
1.2 redhat7 card naming scheme
systemd naming of network equipment:
如果Firmware或BIOS为主板上集成的设备提供的索引信息可用,且可预测,则根据此索引进行命名,例如eno1
如果Firmware或BIOS为PCI-E扩展槽所提供的索引信息可用,且可预测,则根据此索引进行命名,例如ens1
如果硬件接口的物理位置信息可用,则根据此信息进行命名,例如enp2s0
如果用户显式启动,也可根据MAC地址进行命名,例如enx2387a1dc56
上述均不可用时,则使用传统命名机制
Above naming scheme, some need to be involved biosdevname program. Biosdevname program must be installed and enabled.
1.3 network interface name format consisting of
Based firmware, device configuration, device type
From the first two letters indicate the firmware
- Ethernet NICs to the beginning of en
- Wireless network card to begin with wl
Construction equipment
- o: device index number motherboard integrated device
- s: expansion slot index
- x: MAC address named
- ps: name based on the physical location topology. As enp2s1, 2 represents the first bus PCI bus device index number of a slot
1.4 NIC naming process equipment
1.udev, aids program / lib / udev / rename_device will be set based on the information in the card /usr/lib/udev/rules.d/60-net.rules name
2.biosdevname based / usr / lib / udev / name card information setting rules.d / 71-biosdevname.rules is
3. udev detected by the network interface device, in accordance with the variable information set /usr/lib/udev/rules.d/75-net-description card name
1.5 return to the traditional name
//修改网卡配置文件
[root@localhost ~]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# mv ifcfg-ens33 ifcfg-eth0
[root@localhost network-scripts]# vim ifcfg-eth0
TYPE=Ethernet
BOOTPROTO=dhcp
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
NAME=eth0 //此处要把ens33改成eht0
UUID=03be31f5-a3c1-4f8d-88b3-aea6e85c869f
DEVICE=eth0 //此处要把ens33改成eth0
ONBOOT=yes
//编辑/etc/default/grub配置文件,在以GRUB_CMDLINE_LINUX开头的行内rhgb的前面加上net.ifnames=0 biosdevname=0
[root@localhost ~]# vim /etc/default/grub
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)"
GRUB_DEFAULT=saved
GRUB_DISABLE_SUBMENU=true
GRUB_TERMINAL_OUTPUT="console"
GRUB_CMDLINE_LINUX="crashkernel=auto rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap net.ifnames=0 biosdevname=0 rhgb quiet"
GRUB_DISABLE_RECOVERY="true"
//为grub2生成其配置文件
[root@localhost ~]# grub2-mkconfig -o /etc/grub2.cfg
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-3.10.0-693.el7.x86_64
Found initrd image: /boot/initramfs-3.10.0-693.el7.x86_64.img
Found linux image: /boot/vmlinuz-0-rescue-fd0bcf5782d24ba5b903b175c35f328e
Found initrd image: /boot/initramfs-0-rescue-fd0bcf5782d24ba5b903b175c35f328e.img
done
//重启系统
[root@localhost ~]# reboot
2. Network Management commonly used commands
2.1 ifconfig
//查看当前处于活动状态的所有网络接口
[root@localhost ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.16.12.128 netmask 255.255.255.0 broadcast 172.16.12.255
inet6 fe80::20c:29ff:fe73:110 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:73:01:10 txqueuelen 1000 (Ethernet)
RX packets 5121 bytes 424364 (414.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3813 bytes 3257482 (3.1 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 4 bytes 344 (344.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4 bytes 344 (344.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
//仅查看eth0网卡状态
[root@localhost ~]# ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.16.12.128 netmask 255.255.255.0 broadcast 172.16.12.255
inet6 fe80::20c:29ff:fe73:110 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:73:01:10 txqueuelen 1000 (Ethernet)
RX packets 5148 bytes 426572 (416.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3828 bytes 3259946 (3.1 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
//查看所有网卡状态信息, 包括禁用和启用
[root@localhost ~]# ifconfig -a
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.16.12.128 netmask 255.255.255.0 broadcast 172.16.12.255
inet6 fe80::20c:29ff:fe73:110 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:73:01:10 txqueuelen 1000 (Ethernet)
RX packets 5177 bytes 428948 (418.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3844 bytes 3262104 (3.1 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 4 bytes 344 (344.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4 bytes 344 (344.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
//网卡配置信息含义如下:
UP: 网卡处于活动状态
BROADCAST: 支持广播
RUNNING: 网线已接入
MULTICAST: 支持组播
MTU: 最大传输单元(字节),即此接口一次所能传输的最大封包
inet: 显示IPv4地址行
inet6: 显示IPv6地址行
link/enther: 指设备硬件(MAC)地址
txqueuelen: 传输缓存区长度大小
RX packets: 接收的数据包
TX packets: 发送的数据包
errors: 总的收包的错误数量
dropped: 由于各种原因, 导致拷贝在内存过程中被丢弃
collisions: 网络信号冲突情况, 值不为0则可能存在网络故障
2.2 ip
//语法:ip [ OPTIONS ] OBJECT { COMMAND | help }
OBJECT:
link:网络接口属性
addr:协议地址
route:路由
//查看网络接口所有地址
[root@localhost ~]# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:73:01:10 brd ff:ff:ff:ff:ff:ff
//显示报文统计信息
[root@localhost ~]# ip -s link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
RX: bytes packets errors dropped overrun mcast
0 0 0 0 0 0
TX: bytes packets errors dropped carrier collsns
0 0 0 0 0 0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:73:01:10 brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
23826 255 0 0 0 0
TX: bytes packets errors dropped carrier collsns
21275 157 0 0 0 0
//启用或禁用网络接口ip link set DEV {up|down}
[root@localhost ~]# ip link set lo down
[root@localhost ~]# ip link set lo up
//ip addr add ADDRESS dev DEV:添加IP地址
[root@localhost ~]# ip addr show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state
UP qlen 1000
link/ether 00:0c:29:73:01:10 brd ff:ff:ff:ff:ff:ff
inet 172.16.12.128/24 brd 172.16.12.255 scope global dynamic eth0
valid_lft 1683sec preferred_lft 1683sec
inet6 fe80::20c:29ff:fe73:110/64 scope link
valid_lft forever preferred_lft forever
[root@localhost ~]# ip addr add 192.168.1.1/24 dev eth0
[root@localhost ~]# ip addr show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:73:01:10 brd ff:ff:ff:ff:ff:ff
inet 172.16.12.128/24 brd 172.16.12.255 scope global dynamic eth0
valid_lft 1657sec preferred_lft 1657sec
inet 192.168.1.1/24 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe73:110/64 scope link
valid_lft forever preferred_lft forever
//ip addr del ADDRESS dev DEV:删除IP地址
[root@localhost ~]# ip addr show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state
UP qlen 1000
link/ether 00:0c:29:73:01:10 brd ff:ff:ff:ff:ff:ff
inet 172.16.12.128/24 brd 172.16.12.255 scope global dynamic eth0
valid_lft 1603sec preferred_lft 1603sec
inet 192.168.1.1/24 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe73:110/64 scope link
valid_lft forever preferred_lft forever
[root@localhost ~]# ip addr del 192.168.1.1/24 dev eth0
[root@localhost ~]# ip addr show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:73:01:10 brd ff:ff:ff:ff:ff:ff
inet 172.16.12.128/24 brd 172.16.12.255 scope global dynamic eth0
valid_lft 1580sec preferred_lft 1580sec
inet6 fe80::20c:29ff:fe73:110/64 scope link
valid_lft forever preferred_lft forever
//ip addr show DEV:查看网络接口的地址
[root@localhost ~]# ip addr show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:73:01:10 brd ff:ff:ff:ff:ff:ff
inet 172.16.12.128/24 brd 172.16.12.255 scope global dynamic eth0
valid_lft 1580sec preferred_lft 1580sec
inet6 fe80::20c:29ff:fe73:110/64 scope link
valid_lft forever preferred_lft forever
//ip route:routing table management 路由管理
//添加路由:ip route add TARGET via GW dev IFACE src SOURCE_IP
TARGET:
主机路由:IP
网络路由:NETWORK/MASK
//删除路由:ip route del TARGET
TARGET:
主机路由:IP
网络路由:NETWORK/MASK
//查看路由:ip route show
//刷新路由表:ip route flush
[dev IFACE]
[via PREFIX]
2.3 route
Between a Linux host communication using IP, it is assumed the host A and B are in the same network segment and the host NIC is active, then A and B have the ability to communicate directly, but if two different host A and the host B is infrastructure network segment, then a and B must communicate via a router to router belonging to the IT equipment, each segment should have at least one gateway
//查看当前路由表
[root@localhost ~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default gateway 0.0.0.0 UG 100 0 0 ens33
172.16.12.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
//以数字方式显示各主机或端口等相关信息
[root@localhost ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.16.12.2 0.0.0.0 UG 100 0 0 ens33
172.16.12.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
//增加路由
//语法:route add [-net|-host] target [netmask Nm] [gw Gw] [[dev] If]
//增加网段路由
[root@localhost ~]# route add -net 172.16.12.0/24 gw 172.16.12.2 dev eth1
[root@localhost ~]# route add -net 0.0.0.0/0 gw 172.16.12.2 dev eth1
//增加主机路由
[root@localhost ~]# route add -host 172.16.12.128 gw 172.16.12.2
//删除路由
[root@localhost ~]# route del -net 172.16.12.0/24
[root@localhost ~]# route del -net 0.0.0.0/0 gw 172.16.12.2
2.4 hostname与hostnamectl
Production environment, you must configure the hostname, while the hostname also need to follow certain norms, such as:
公有云: 地区-项目-业务-服务-节点-地址
wh-shop-register-nginx-node1-192.168.56.13
wh-med-pay-mysql-master01-192.168.56.11
wh-med-pay-mysql-slave01-192.168.56.12
//hostname查看主机名
[root@localhost ~]# hostname
localhost.localdomain
//hostname临时修改主机名
[root@localhost ~]# hostname wangqing
[root@localhost ~]# cat /etc/hostname
localhost.localdomain
//注意:修改主机名后需要重新登录用户才会显示效果
//rhel7系统建议使用hostnamectl修改和查看主机名
//设定永久名称
[root@localhost ~]# hostnamectl set-hostname seancheng
[root@localhost ~]# cat /etc/hostname
seancheng
//查看主机信息
[root@localhost ~]# hostnamectl
Static hostname: seancheng
Icon name: computer-vm
Chassis: vm
Machine ID: fd0bcf5782d24ba5b903b175c35f328e
Boot ID: a060e3a2882f4d2c92884eee9db702bc
Virtualization: vmware
Operating System: Red Hat Enterprise Linux Server 7.4 (Maipo)
CPE OS Name: cpe:/o:redhat:enterprise_linux:7.4:GA:server
Kernel: Linux 3.10.0-693.el7.x86_64
Architecture: x86-64
Note:
modify the network configuration is only valid in the current state as a command in Linux, restart after failure. So if you want to restart the modified configuration is still valid, you must edit the configuration file modification.
3. Network configuration file
3.1 Network Configuration File
//网络配置文件:/etc/sysconfig/network
NETWORKING={yes|no}:设定整个系统是否启用网络功能,若设为no,则不论网卡如何设置都不能使用网络功能。
HOSTNAME:设置主机名
3.2 The network interface configuration files
I.e., a network interface card, which configuration file is the path / etc / sysconfig / network-scripts / ifcfg-INTERFACE_NAME
[root@localhost ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth1
TYPE=Ethernet
BOOTPROTO=static
NAME=eth1
UUID=03be31f5-a3c1-4f8d-88b3-aea6e85c869f
DEVICE=eth1
ONBOOT=yes
IPADDR=172.16.12.130
NETMASK=255.255.255.0
GATEWAY=172.16.12.2
DNS1=172.16.12.2
//网卡配置说明
//参数 说明
BOOTPROTO=none //引导协议,可选值有{static|none|dhcp|bootp}。如果要使用静态地址,使用static或none都可以
NM_CONTROLLED //NM是NetworkManager的简写,NM是由RHEL研发的在RHEL6中取代network脚本来实现网络管理、配置的服务脚本
//可选值有{ yes | no }
//此项是设定此网卡是否接受NM控制。CentOS6建议设为“no”
TYPE //接口类型。常见的接口类型有:Ethernet,Bridge
UUID //设备的惟一标识
HWADDR //硬件地址,要与硬件中的地址保持一致,可省
IPADDR=172.16.12.130 //固定IP地址
PREFIX=24 //子网掩码
NETMASK=255.255.255.0 //子网掩码
GATEWAY=172.16.12.2 //默认网关
DNS1=172.16.12.2 //第一个DNS服务器指向
DNS2 //第二个DNS服务器指向
DNS3 //第三个DNS服务器指向
DEVICE=eth1 //关联的设备名称,要与文件名的后半部"INTERFACE_NAME"保持一致
NAME="eth1" //连接名称
ONBOOT=yes //在系统引导时是否自动激活此网络接口,可选值有{ yes | no }
DEFROUTE=yes //将接口设定为默认路由[yes|no]
USERCTL={yes|no} //是否允许普通用户控制此接口的启用与禁用
PEERDNS={yes|no} //是否在BOOTPROTO为dhcp时接受由dhcp服务器指定的DNS地址,此项设为yes时获得的DNS地址将直接覆盖至/etc/resolv.conf文件中
3.3 Routing Profiles
Routing configuration files are / etc / sysconfig / network-scripts / route-INTERFACE_NAME
//添加格式一:DEST via NEXTHOP
[root@localhost ~]# vi /etc/sysconfig/network-scripts/route-ens33
172.16.12.0/24 via 172.16.12.2
//添加格式二:
[root@localhost ~]# vi /etc/sysconfig/network-scripts/route-ens33
ADDRESS0=172.16.12.0
NETMASK0=255.255.255.0
GATEWAY0=172.16.12.2
3.4 DNS configuration files
Path DNS configuration file is /etc/resolv.conf
[root@localhost ~]# vi /etc/resolv.conf
nameserver DNS_IP_1
nameserver DNS_IP_2
nameserver DNS_IP_3
4. NetworkManager Network management
RHEL / CentOS7 system uses NetworkManager to provide network services by default, this daemon is a dynamic network configuration management, allowing network devices stay connected.
NetworkManager provides command line and graphical configuration tool to network settings, the configuration setting file stored in / etc / sysconfig / network-scripts directory, tools nmcli, nmtui, nm-connection- editor
device physical device, e.g. ens33, enp2s0, virbr0, team0
Connection connection settings, the specific network configuration scheme
1. Different network connection configurations may be applied to the same physical device, the physical device can be applied only where the same time connected to a network
2. For physical network interface, a different set of network connection, a corresponding activation of the different environment of use network connection, the network configuration information can be achieved automatically switched
Use nmcli command to view and connections
//查看设备状态
[root@localhost ~]# nmcli device
DEVICE TYPE STATE CONNECTION
ens33 ethernet connected ens33
lo loopback unmanaged --
//查看指定设备的详细状态
[root@localhost ~]# nmcli device show ens33
GENERAL.DEVICE: ens33
GENERAL.TYPE: ethernet
GENERAL.HWADDR: 00:0C:29:73:01:10
GENERAL.MTU: 1500
GENERAL.STATE: 100 (connected)
GENERAL.CONNECTION: ens33
GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1
WIRED-PROPERTIES.CARRIER: on
IP4.ADDRESS[1]: 172.16.12.128/24
IP4.GATEWAY: 172.16.12.2
IP4.DNS[1]: 172.16.12.2
IP4.DOMAIN[1]: localdomain
IP6.ADDRESS[1]: fe80::20c:29ff:fe73:110/64
IP6.GATEWAY: --
//查看连接状态
[root@localhost ~]# nmcli connection
NAME UUID TYPE DEVICE
ens33 03be31f5-a3c1-4f8d-88b3-aea6e85c869f 802-3-ethernet ens33
//查看所有活动的连接
NAME UUID TYPE DEVICE
ens33 03be31f5-a3c1-4f8d-88b3-aea6e85c869f 802-3-ethernet ens33
//查看指定设备连接的详细情况
[root@localhost ~]# nmcli connection show ens33
connection.id: ens33
connection.uuid: 03be31f5-a3c1-4f8d-88b3-aea6e85c869f
connection.stable-id: --
connection.interface-name: ens33
connection.type: 802-3-ethernet
connection.autoconnect: yes
connection.autoconnect-priority: 0
connection.autoconnect-retries: -1 (default)
connection.timestamp: 1530455962
connection.read-only: no
connection.permissions: --
connection.zone: --
connection.master: --
connection.slave-type: --
connection.autoconnect-slaves: -1 (default)
connection.secondaries: --
connection.gateway-ping-timeout: 0
......
5. Use native network management network
CentOS / RHEL network configuration file is the default directory / etc / sysconfig / network-scripts
default profile of a physical NIC to ifcfg-eth0, if the second block physical NIC, ifcfg-eth1 profile was so. Note: If no new physical NIC configuration file, you can choose to modify the default replication system.
//设置NetworkManger开机不启动, 同时停止NetworkManger服务
[root@localhost ~]# systemctl disable NetworkManager
[root@localhost ~]# systemctl stop NetworkManager
//添加一块物理网卡, 然后新增网络连接配置文件
//复制配置eth0配置文件为eth1
[root@localhost ~]# cp /etc/sysconfig/network-scripts/{ifcfg-eth0,ifcfg-eth1}
//编辑网卡配置文件
[root@localhost ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth1
TYPE=Ethernet
BOOTPROTO=static
NAME=eth1
UUID=03be31f5-a3c1-4f8d-88b3-aea6e85c869f
DEVICE=eth1
NM_CONTROLLED=no
ONBOOT=yes
IPADDR=172.16.12.130
NETMASK=255.255.255.0
GATEWAY=172.16.12.2
DNS1=172.16.12.2
//重启network网络服务加载网络并设置开机启动
[root@localhost ~]# systemctl restart network
[root@localhost ~]# systemctl enable network
6. The network detection and troubleshooting tools
6.1 ping
The purpose of the ping command to test whether another host is reachable if the cause can not ping a host, it means that the other host has a problem, but does not rule out due to link firewall, and other reasons ping ping discarded nowhere Happening
//ping命令常用选项:
-c 指定ping的次数
-i 指定ping包的发送间隔
-w 如果ping没有回应, 则在指定超时时间后退出
6.2 host与nslookup
host / nslookup command queries the DNS record
[root@localhost ~]# host www.baidu.com
www.baidu.com is an alias for www.a.shifen.com.
www.a.shifen.com has address 119.75.216.20
www.a.shifen.com has address 119.75.213.61
[root@localhost ~]# nslookup www.baidu.com
Server: 172.16.12.2
Address: 172.16.12.2#53
Non-authoritative answer:
www.baidu.com canonical name = www.a.shifen.com.
Name: www.a.shifen.com
Address: 119.75.213.61
Name: www.a.shifen.com
Address: 119.75.216.20
6.3 traceroute
traceroute command to trace the route to detect network failure in the operator or ISP fails to respond to end service
[root@seancheng ~]# traceroute www.baidu.com
traceroute to www.baidu.com (119.75.213.61), 30 hops max, 60 byte packets
1 gateway (192.168.1.1) 1.838 ms 1.749 ms 1.654 ms
2 49.222.80.1 (49.222.80.1) 2.506 ms 7.196 ms 7.133 ms
3 * * *
4 * * *
5 * * *
6.4 netstat
netstat is used to view network status
//显示路由表
[root@seancheng ~]# netstat -r
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
default gateway 0.0.0.0 UG 0 0 0 ens33
172.16.12.0 0.0.0.0 255.255.255.0 U 0 0 0 ens33
//以数字方式显示路由表
[root@seancheng ~]# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 172.16.12.2 0.0.0.0 UG 0 0 0 ens33
172.16.12.0 0.0.0.0 255.255.255.0 U 0 0 0 ens33
//显示建立的tcp连接
[root@seancheng ~]# netstat -t
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 seancheng:ssh 172.16.12.1:56187 ESTABLISHED
tcp 0 0 seancheng:ssh 172.16.12.1:53808 ESTABLISHED
//显示udp连接
[root@seancheng ~]# netstat -u
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
[root@seancheng ~]#
//显示监听状态的连接
[root@seancheng ~]# netstat -l
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN
tcp 0 0 localhost:smtp 0.0.0.0:* LISTEN
tcp6 0 0 [::]:ssh [::]:* LISTEN
tcp6 0 0 localhost:smtp [::]:* LISTEN
//显示监听指定的套接字的进程的进程号及进程名
[root@seancheng ~]# netstat -p
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 seancheng:ssh 172.16.12.1:56187 ESTABLISHED 2094/sshd: root@pts
tcp 0 0 seancheng:ssh 172.16.12.1:53808 ESTABLISHED 1077/sshd: root@pts
//显示所有状态的连接
[root@seancheng ~]# netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN
tcp 0 0 localhost:smtp 0.0.0.0:* LISTEN
tcp 0 0 seancheng:ssh 172.16.12.1:56187 ESTABLISHED
tcp 0 0 seancheng:ssh 172.16.12.1:53808 ESTABLISHED
tcp6 0 0 [::]:ssh [::]:* LISTEN
tcp6 0 0 localhost:smtp [::]:* LISTEN
udp 0 0 0.0.0.0:23511 0.0.0.0:*
udp 0 0 0.0.0.0:bootpc 0.0.0.0:*
udp6 0 0 [::]:35299 [::]:*
//常用选项
-antlp
[root@seancheng ~]# netstat -antlp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 889/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1007/master
tcp 0 0 172.16.12.128:22 172.16.12.1:56187 ESTABLISHED 2094/sshd: root@pts
tcp 0 0 172.16.12.128:22 172.16.12.1:53808 ESTABLISHED 1077/sshd: root@pts
tcp6 0 0 :::22 :::* LISTEN 889/sshd
tcp6 0 0 ::1:25 :::* LISTEN 1007/master
6.5 ss
ss is a network status viewer, substituted netstat
//语法:ss [options] [ FILTER ]
//常用的options:
-t:tcp协议相关
-u:udp协议相关
-w:裸套接字相关
-x:unix套接字相关
-l:listen状态的连接
-a:所有
-n:数字格式
-p:相关的程序及pid
-e:扩展的信息
-m:内存用量
-o:显示计时器信息
//常见的FILTER:
FILTER := [ state TCP-STATE ] [ EXPRESSION ]
如:ss -tan state ESTABLISHED
//常见的state:
//tcp finite state machine:有限状态机
LISTENING:监听
ESTABLISHED:已建立的连接
//EXPRESSION:
dport =
sport =
示例:'( dport = :ssh or sport = :ssh)',此处的ssh也即服务名可以使用其对应的端口号代替,等号两边必须有空格
//常用组合:
[root@seancheng ~]# ss -tan
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
ESTAB 0 0 172.16.12.128:22 172.16.12.1:56187
ESTAB 0 0 172.16.12.128:22 172.16.12.1:53808
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
[root@seancheng ~]# ss -tanl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
[root@seancheng ~]# ss -antlp
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:* users:(("sshd",pid=889,fd=3))
LISTEN 0 100 127.0.0.1:25 *:* users:(("master",pid=1007,fd=13))
LISTEN 0 128 :::22 :::* users:(("sshd",pid=889,fd=4))
LISTEN 0 100 ::1:25 :::* users:(("master",pid=1007,fd=14))
[root@seancheng ~]# ss -anu
State Recv-Q Send-Q Local Address:Port Peer Address:Port
UNCONN 0 0 *:23511 *:*
UNCONN 0 0 *:68 *:*
UNCONN 0 0 :::35299 :::*
//常见端口
http 80/tcp
https 443/tcp
ssh 22/tcp
ftp 20,21/tcp
mysql 3306/tcp
rsync 873/rsync
redis 6379/tcp
6.6 Network Troubleshooting
Network failure is divided into hardware / software failure
- NIC damage
- Link failure
- Network card driver is not compatible
Network troubleshooting ideas
- Local loopback port ping, determine the native TCP / IP stack is normal
- ping local IP address, determining whether the local device and a drive normally
- ping with the host network, determine whether the Layer 2 network to work
- ping the gateway address, and determine local network is normal
- ping the public IP address to determine whether the local route normal
- ping public domain name, DNS client to determine whether normal
Service troubleshooting ideas
- Detection using telnet port is open
- Check the server firewall and SElinux
- Check the appropriate permissions are configured properly
- Check whether there are abnormal log
- After checking continuous testing