ip 网络层协议
ip地址 点分十进制分为4段,范围 0-255
ip分类
A 占据1段,最左侧一段第一位固定为0
0 000 0000 - 0 111 1111
0 - 127:其中0为网络,127 本地主机内部通信。
网络数: 2^7-2=126个
每个网络中的主机数: 2^24=16777216 (1677736)
默认子网掩码: 255.0.0.0
私网地址: 10.0.0.0/8 (8:网络段全为1,有8位)
B 占据2段,最左侧一段第一位固定为10
10 00 0000 - 10 11 1111
128 - 191
网络数:2^(6+8)=2^14=16384个
每个网络中的主机数: 2^16=65536
默认子网掩码:255.255.0.0
私网地址: 172.16.0.0/16 - 172.31.0.0/16 (网络变化位第2位)
C 占据3段,最左侧一段第一位固定为110
110 0 0000 - 110 1 1111
192 - 223
网络数:2^(5+8+8)=2^21=2097152个
每个网络中的主机数: 2^16=65536
默认子网掩码:255.255.255.0
私网地址: 192.168.0.0/24 - 192.168.255.0/24 (网络变化位第3位)
D 占据4段,最左侧一段第一位固定为1110
1110 0000 - 1110 1111
224 - 239
网络数:2^(4+8+8+8)=2^28=268435456个
E 240 - 255
子网掩码:计算ip地址所在的网络
网络相同,本地通信
网络不同,跨网络通信借助路由器(网络层、数据链路层、物理层)
例如:IP:145.239.123.0 MASK 224.239.234.123 网络?
IP地址的二进制 1001 0001 . 1110 1111 . 0111 1011 . 0000 0000
MASK的二进制 1110 0000 . 1110 1111 . 1110 1010 . 0111 1011
网络的二进制 1000 0000 . 1110 1111 . 0110 1010 . 0000 0000
网络地址: 128.239.106.0
路由配置:在未梢网络中,路由器一般指的是默认网关
主机路由:目标是主机
网络路由:目标是网络
默认网关:目标无论为主机或是网络
路由选择:选择匹配精度越高,匹配结果越少
主机路由 > 网络路由 > 默认网关
0.0.0.0
网关: 到达本地的路由信息
目标: 到达任意网络或主机的路由信息
网络接口命名
centos6 根据MAC,eth[0,1,2,...] 在重启后可能会改变
centos7 根据插口/根据PCI-E总线的槽 ,重启后不变
网络属性配置: 让CentOS主机能够接入至网络中
1、配置IP
2、配置路由ROUTE
3、配置DNS服务
配置方式
1、命令行配置: 配置在内核中的内存地址中,下次重启失效
1)ifcfg家族,ip家族
2)nmcli
2、编辑配置文件配置: 永久有效
/etc/sysconfig/network-scripts/ifcfg-NAME
/etc/sysconfig/network-scripts/route-NAME
3、图形接口配置
system-config-network-tui(setup)
nmtui
命令行配置
ifcfg家族:ifconfig,route,netstat
ip家族:ip,ss
特点
1、netstat和ss使用基本相似
1)ss响应比netstat快
2)ss选项 -m,memory。 -o 。 state TCP-STATE [EXPRESSION]
2、ip和ifcfg家族,实现的功能查看IP,设置IP,查看ROUTE,设定ROUTE.基本相似。
1)ip比ifcfg多出 同 yum 比rpm命令多出:查看时支持Glob通配字符的使用,
ip支持过滤功能 scope SCOPE_NA, label LABEL , dev NAME , to PREFIX ,primary or secondary
3、ip命令不修改网卡地址,ifconfig修改网卡地址。ip命令给网卡添加辅助地址,可有别名
1.1、命令行配置
ifcfg家庭:ifconfig,route,netstat
ifconfig命令
网络属性显示和配置
ifconfig [options...] [interface] [up|down]
-a 显示所有接口
[-]promise 启用混杂模式
metric N 到达目标的开销值
ifconfig interface address [up|down]
address: ip/mask 或 ip netmask MASK
例如 1.1.1.1/8或1.1.1.1 netmask 255.0.0.0
# ifconfig IFACE address
# ifconfig IFACE address up | down
route命令
route -n 显示内核中的路由表
Destination Gateway Genmask Flags Metric Ref Use Iface
Destination 到达的目标:主机、网络、默认,最终到达主机
Gateway 网关
Genmask 目标的掩码
Flags 标识位
Metric 开销,到达目标的开销
Iface 报文离开本主机经过的网卡
route add|del -host|-net address gw GW dev interface
添加:route add -host|-net address gw GW dev interface
添加主机路由:
route add -host ip/32 gw GW dev interface
route add -host ip netmask MASK gw GW dev interface
添加网络路由:
route add -net ip/mask gw GW dev interface
route add -net ip netmask MASK gw GW dev interface
删除: route del -host|-net address
删除主机路由
route del -host address
删除网络路由
route del -net address
默认路由: -net 0.0.0.0 mask 0.0.0.0
route add|del default gw GW dev IFACE
dig命令
dig -t A FQDN
dig -x IP
host命令
host -t A FQDN
host -t PTR IP
netstat命令
1、network connection:
netstat OPTIONS
-t tcp连接
-u udp连接
-w raw裸套接字
-n numeric不反解IP
-a all所有t,u,..
-l listen监听,等待别人访问
-p program和Pid
-e user和inode
2、routing tables:
netstat OPTIONS
-r 显示内核中的路由表
-n numeric
3、interface statistics
netstat OPTIONS
-i 显示所有接口
-I<dev> 显示指定接口
1、查看IP: ifconfig interface
1)查看激活
|
1
2
3
4
|
[root@localhost ~]
# ifconfig
eth0
lo
|
2)查看所有
|
1
2
3
4
|
[root@localhost ~]
# ifconfig -a
eth0
lo
|
3)查看指定
|
1
2
|
[root@localhost ~]
# ifconfig lo
lo
|
2、配置IP: ifconfig interface { ip/mask | ip netmask MASK }
|
1
2
|
[root@localhost ~]
# ifconfig eth0 172.16.100.1/16
[root@localhost ~]
# ifconfig eth0 172.16.100.1 netmask 255.255.0.0
|
3、查看路由: route -n
|
1
2
|
[root@localhost ~]
# netstat -rn
[root@localhost ~]
# route -n
|
4、配置路由: route add -host | -net { ip/mask | ip netmask MASK} gw GW dev interface
|
1
2
3
4
5
6
|
[root@localhost ~]
# route add -host 172.16.100.9/32 gw 192.168.3.1 dev eth0
[root@localhost ~]
# route add -host 172.16.100.9 netmask 255.255.255.255 gw 192.168.3.1 dev eth0
[root@localhost ~]
# route add -host 172.16.100.9 gw 192.168.3.1 dev eth0
[root@localhost ~]
# route add -net 0.0.0.0/0 gw 192.168.3.1 dev eth0
[root@localhost ~]
# route add default gw 192.168.3.1 dev eth0
|
5、配置DNS: /etc/resolv.conf
nameserver DNS_SERVER_IP1
nameserver DNS_SERVER_IP2
nameserver DNS_SERVER_IP3
测试DNS服务器
正解: FQDN -->IP
dig -t A FQDN
host -t A FQDN
反解: IP --> FQDN
dig -x IP
host -t PTR IP
|
1
2
3
4
|
[root@localhost ~]
# vim /etc/resolv.conf
nameserver 192.168.3.1
nameserver 8.8.8.8
nameserver 4.4.4.4
|
6、网络状态查看: netstat option , options: -t tcp,-u udp,-r raw,-n numeric,-a all,-l listen,-p program,-e extend,
|
1
2
3
4
5
6
7
|
# netstat -tan
# netstat -uan
# netstat -tnl
# netstat -unl(无状态)
# netstat -rnl -ran
# netstat -tunlp
# netstat -tunlpe
|
裸套接字:不经过传输层,由应用层直接调用IP实现数据传输
numeric: netstat命令默认将Ip反解为字母,-n选项关闭此特性
extend: user,inode扩展信息
program:PID和名字
7、查看内核中的路由表: route -nr
|
1
|
# route -rn
|
8、查看接口数据: netstat -i查看所有接口数据 , netstat -I<dev>查看由dev指定接口的数据
|
1
2
|
# netstat -i
# netsta -Ieth0
|
Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0 1500 1837695 0 0 0 1160482 0 0 0 BMRU
lo 65536 20083 0 0 0 20083 0 0 0 LRU
RX-OK receive?接收时正确数据包
RX-ERR 错误
RX-DRP DROPPED dropped received packets (due to memory lack ?) 丢弃接收的包,由于内存不足吗?
RX-OVR packets that we were unable to receive that fast way. 不能快速接收的包
TX-OK transport?
TX-ERR
TX-DRP
TX-OVR
Flg flag?
1.2、命令行配置:
ip家庭:ip,ss
ip命令
显示ip命令由哪个程序包生成
1、rpm -qf `which --skip-alias ip`
|
1
2
|
[root@localhost ~]
# rpm -qf `which --skip-alias ip`
iproute-2.6.32-54.el6.i686
|
2、rpm -q --whatprovides /sbin/ip
|
1
2
|
[root@localhost ~]
# rpm -q --whatprovides `which --skip-alias ip`
iproute-2.6.32-54.el6.i686
|
3、yum whatprovides /sbin/ip
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
[root@localhost ~]
# yum whatprovides `which --skip-alias ip`
Failed to
set
locale, defaulting to C
??????fastestmirror, security
Loading mirror speeds from cached hostfile
* base: mirrors.btte.net
* extras: mirrors.zju.edu.cn
* updates: mirrors.zju.edu.cn
iproute-2.6.32-54.el6.i686 : Advanced IP routing and network device configuration tools
Repo : base
?????:
Filename :
/sbin/ip
iproute-2.6.32-54.el6.i686 : Advanced IP routing and network device configuration tools
Repo : installed
?????:
Other : ???????
/sbin/ip
|
4、dnf whatprovides /sbin/ip
|
1
2
3
4
5
6
7
|
[root@izpo45bh60h6bsz ~]
# dnf whatprovides /bin/bash
Using metadata from Fri Aug 18 16:46:51 2017
bash
-4.2.46-20.el7_2.x86_64 : The GNU Bourne Again shell
仓库 :@System
bash
-4.2.46-20.el7_2.x86_64 : The GNU Bourne Again shell
仓库 :base
|
显示程序包生成的内容
rpm -q -l iproute
|
1
2
3
4
5
6
7
8
9
10
11
12
13
|
/sbin/bridge
/sbin/cbq
/sbin/ifcfg
/sbin/ip
/sbin/rtmon
/sbin/tc
/usr/lib/tc
/usr/lib/tc/m_xt
.so
/usr/sbin/arpd
/usr/sbin/lnstat
/usr/sbin/nstat
/usr/sbin/rtacct
/usr/sbin/ss
|
获取命令帮助: ip OBJECT help
语法格式: ip OBJECT
OBJECT: link , addr , route
+++++++
ip link SUB_CMD 管理网络设备
SUB_CMD:
set ,设备启动或禁止
show , 显示设备的属性
获取帮助: ip link help
ip link show [ dev IFACE | up ]
显示所有接口: ip link show
显示指定接口: ip link show dev IFACE
显示处于激活状态的接口: ip link show up
接口状态描述
eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link/ether 00:0c:29:cf:cd:ae brd ff:ff:ff:ff:ff:ff scope global
1)网卡名: eth0
2)设备支持的功能: <BROADCAST,MULTICAST,UP,LOWER_UP>
3) 设备的特性: mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
4) 设备的地址: link/ether 00:0c:29:cf:cd:ae brd ff:ff:ff:ff:ff:ff
BROADCAST: 广播
MULTICAST: 多播
UP: 当前网卡的状态
mtu 1500: 以太网的MTU值最大为1500字节
qdisc pfifo_fast :流控算法或实现的机制
state UNKNOWN 网卡当前的状态
qlen 1000 队列长度
link/ether 00:0c:29:cf:cd:ae 当前网卡的MAC地址
brd ff:ff:ff:ff:ff:ff 当前网卡的广播地址
ip link set dev IFACE [ up | down ]
IFACE 网卡接口名
激活接口: ip link set dev IFACE up
关闭接口: ip link set dev IFACE down
使用ip link 管理设备示例
1、显示所有接口
|
1
2
3
4
5
|
[root@localhost ~]
# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link
/loopback
00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link
/ether
00:0c:29:cf:
cd
:ae brd ff:ff:ff:ff:ff:ff
|
2、显示指定设备
|
1
2
3
|
[root@localhost ~]# ip link show dev eth0
2
: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu
1500
qdisc pfifo_fast state UNKNOWN qlen
1000
link/ether
00
:0c:
29
:cf:cd:ae brd ff:ff:ff:ff:ff:ff
|
3、显示启用的设备
|
1
2
3
4
5
|
[root@localhost ~]
# ip link show up
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link
/loopback
00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link
/ether
00:0c:29:cf:
cd
:ae brd ff:ff:ff:ff:ff:ff
|
4、禁用某个设备
|
1
2
3
4
5
6
7
8
9
10
11
12
13
|
[root@localhost ~]
# ip link set dev lo down
##显示启用的设备
[root@localhost ~]
# ip link show up
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link
/ether
00:0c:29:cf:
cd
:ae brd ff:ff:ff:ff:ff:ff
##显示所有的设备
[root@localhost ~]
# ip link show
1: lo: <LOOPBACK> mtu 65536 qdisc noqueue state DOWN
link
/loopback
00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link
/ether
00:0c:29:cf:
cd
:ae brd ff:ff:ff:ff:ff:ff
|
|
1
|
state DOWN
|
5、激活某个设备
|
1
2
3
4
5
6
|
[root@localhost ~]
# ip link set dev lo up
[root@localhost ~]
# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link
/loopback
00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link
/ether
00:0c:29:cf:
cd
:ae brd ff:ff:ff:ff:ff:ff
|
|
1
|
|
+++++++
ip addr SUB_CMD 管理接口地址
SUB_CMD:
add | del 添加或删除地址
show | flush 显示或删除地址,支持显示的过滤功能
获取帮助: ip addr help
ip addr add | del address dev IFACE [ broadcast ADDRESS ] [ label LABEL ] [ scope {*global*|site|link|host} ]
默认在网卡在添加多个地址,并非修改网卡地址
broadcast ADDRESS 添加地址时设定广播地址
label LABEL 添加地址,给出别名
scope SCOPE 设定级别
address: ip/mask
ip addr show|flush [ dev IFACE ] [ scope {global|site|link|host} ] [ to PREFIX ] [ label PATTERN ] [ primary | secondary ] 显示、查询 或清空
global默认。
link 只响应ping此接口的主机 。
host 只响应当前主机Ping对此接口。
ip addr 管理接口地址使用示例
1、设定接口辅助地址
|
1
|
# ip addr add 172.16.100.9/16
|
2、以别名添加接口辅助地址
|
1
2
3
|
[root@localhost ~]
# ip addr add 172.16.100.1/16 dev eth0 label eth0:12
[root@localhost ~]
# ip addr show label eth0:12
inet 172.16.100.1
/16
scope global eth0:12
|
3、以级别添加接口辅助地址
|
1
2
3
4
5
6
7
8
9
10
|
[root@localhost ~]
# ip addr add 172.16.100.100/32 dev eth0 scope host
[root@localhost ~]
# ip addr show scope host
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link
/loopback
00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1
/8
scope host lo
inet6 ::1
/128
scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link
/ether
00:0c:29:cf:
cd
:ae brd ff:ff:ff:ff:ff:ff
inet 172.16.100.100
/32
scope host eth0
|
4、显示接口的地址
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
1
)、显示所有
[root@localhost ~]# ip addr show
1
: lo: <LOOPBACK,UP,LOWER_UP> mtu
65536
qdisc noqueue state UNKNOWN
link/loopback
00
:
00
:
00
:
00
:
00
:
00
brd
00
:
00
:
00
:
00
:
00
:
00
inet
127.0
.
0.1
/
8
scope host lo
inet6 ::
1
/
128
scope host
valid_lft forever preferred_lft forever
2
: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu
1500
qdisc pfifo_fast state UNKNOWN qlen
1000
link/ether
00
:0c:
29
:cf:cd:ae brd ff:ff:ff:ff:ff:ff
inet
192.168
.
1.103
/
24
brd
192.168
.
1.255
scope global eth0
2
)、显示单个
[root@localhost ~]# ip addr show dev eth0
2
: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu
1500
qdisc pfifo_fast state UNKNOWN qlen
1000
link/ether
00
:0c:
29
:cf:cd:ae brd ff:ff:ff:ff:ff:ff
inet
192.168
.
1.103
/
24
brd
192.168
.
1.255
scope global eth0
|
5、显示别名的地址
|
1
2
3
|
[root@localhost ~]
# ip addr add 172.16.100.1/16 dev eth0 label eth0:12
[root@localhost ~]
# ip addr show label eth0:12
inet 172.16.100.1
/16
scope global eth0:12
|
6、显示前缀的地址
|
1
2
3
|
[root@localhost ~]
# ip addr show to 172.16.100.1
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
inet 172.16.100.1
/16
scope global eth0:12
|
7、显示主地址
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
##显示所有地址
[root@localhost ~]
# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link
/loopback
00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1
/8
scope host lo
inet6 ::1
/128
scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link
/ether
00:0c:29:cf:
cd
:ae brd ff:ff:ff:ff:ff:ff
inet 172.16.100.100
/32
scope host eth0
inet 192.168.1.103
/24
brd 192.168.1.255 scope global eth0
inet 172.16.100.1
/16
scope global eth0:12
##显示主地址
[root@localhost ~]
# ip addr show scope global
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link
/loopback
00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link
/ether
00:0c:29:cf:
cd
:ae brd ff:ff:ff:ff:ff:ff
inet 192.168.1.103
/24
brd 192.168.1.255 scope global eth0
inet 172.16.100.1
/16
scope global eth0:12
##显示primary
[root@localhost ~]
# ip addr show primary
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link
/loopback
00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1
/8
scope host lo
inet6 ::1
/128
scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link
/ether
00:0c:29:cf:
cd
:ae brd ff:ff:ff:ff:ff:ff
inet 172.16.100.100
/32
scope host eth0
inet 192.168.1.103
/24
brd 192.168.1.255 scope global eth0
inet 172.16.100.1
/16
scope global eth0:12
##显示secondary
[root@localhost ~]
# ip addr show secondary
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link
/loopback
00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link
/ether
00:0c:29:cf:
cd
:ae brd ff:ff:ff:ff:ff:ff
|
8、清空设备的地址
|
1
2
|
[root@localhost ~]
# ip addr flush dev lo
[root@localhost ~]
# ip addr flush dev eth0
|
9、清空别名的地址
|
1
2
3
4
5
6
7
|
[root@localhost ~]
# ip addr show label eth0:0
inet 172.16.100.1
/16
scope global eth0:0
[root@localhost ~]
# ip addr flush label eth0:0
[root@localhost ~]
# ip addr show label eth0:0
[root@localhost ~]
#
|
10、清空主地址
|
1
2
3
4
5
6
7
8
|
# ip addr flush primary
Connection closed by foreign host.
Disconnected from remote host(
192.168
.
1.103
:
22
) at
19
:
06
:
58
.
Type `help' to learn how to
use
Xshell prompt.
[c:\~]$
|
11、清空所有从地址
|
1
2
3
4
5
|
[root@localhost ~]
# ip addr show secondary
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link
/loopback
00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link
/ether
00:0c:29:cf:
cd
:ae brd ff:ff:ff:ff:ff:ff
|
12、清空前缀地址
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
##显示所有地址
[root@localhost ~]
# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link
/loopback
00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1
/8
scope host lo
inet6 ::1
/128
scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link
/ether
00:0c:29:cf:
cd
:ae brd ff:ff:ff:ff:ff:ff
inet 172.16.100.100
/32
scope host eth0
inet 192.168.1.103
/24
brd 192.168.1.255 scope global eth0
inet 172.16.100.1
/16
scope global eth0:12
##清空前缀
[root@localhost ~]
# ip addr flush to 172.16.100.1 dev eth0
##查看前缀
[root@localhost ~]
# ip addr show to 172.16.100.1
[root@localhost ~]
#
|
+++++++
ip route SUB_CMD 管理接口地址
SUB_CMD:
add | del 添加或删除地址
show | flush 显示或删除地址,支持显示的过滤功能
ip route add address via GW dev IFACE [ src ADDRESS ]
address: ip/mask
ip route del address
ip route show|flush [ dev NAME ] [ src PREFIX ] [ via PREFIX ] 显示、查询 或清空
使用示例
1、查看路由表
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
1
、route
[root@izpo45bh60h6bsz ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0
.
0.0
172.18
.
63.253
0.0
.
0.0
UG
0
0
0
eth0
169.254
.
0.0
0.0
.
0.0
255.255
.
0.0
U
1002
0
0
eth0
172.18
.
48.0
0.0
.
0.0
255.255
.
240.0
U
0
0
0
eth0
2
、netstat
[root@izpo45bh60h6bsz ~]# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0
.
0.0
172.18
.
63.253
0.0
.
0.0
UG
0
0
0
eth0
169.254
.
0.0
0.0
.
0.0
255.255
.
0.0
U
0
0
0
eth0
172.18
.
48.0
0.0
.
0.0
255.255
.
240.0
U
0
0
0
eth0
3
、ip
[root@izpo45bh60h6bsz ~]# ip route show
default
via
172.18
.
63.253
dev eth0
169.254
.
0.0
/
16
dev eth0 scope link metric
1002
172.18
.
48.0
/
20
dev eth0 proto kernel scope link src
172.18
.
59.185
|
2、添加路由条目
|
1
2
3
4
5
6
7
8
9
10
11
|
1、添加主机路由
[root@localhost ~]
# ip route add 172.16.100.100/32 via 192.168.1.100 dev eth0
[root@localhost ~]
# ip route show via 192.168.1.100
172.16.100.100 dev eth0
2、添加网络路由
[root@localhost ~]
# ip route add 172.16.100.100/32 via 192.168.1.100 dev eth0
[root@localhost ~]
# ip route show dev eth0
172.16.100.100 via 192.168.1.100
192.168.1.0
/24
proto kernel scope link src 192.168.1.103
172.16.0.0
/16
via 192.168.1.100
default via 192.168.1.1
|
3、删除路由条目
|
1
2
3
4
5
6
7
8
9
10
|
[root@localhost ~]
# ip route show dev eth0
172.16.100.100 via 192.168.1.100
192.168.1.0
/24
proto kernel scope link src 192.168.1.103
172.16.0.0
/16
via 192.168.1.100
default via 192.168.1.1
[root@localhost ~]
# ip route del 172.16.0.0/16
[root@localhost ~]
# ip route show dev eth0
172.16.100.100 via 192.168.1.100
192.168.1.0
/24
proto kernel scope link src 192.168.1.103
default via 192.168.1.1
|
4、清空via
|
1
2
3
4
5
6
7
8
9
10
|
[root@localhost ~]
# ip route show dev eth0
172.16.100.100 via 192.168.1.100
192.168.1.0
/24
proto kernel scope link src 192.168.1.103
default via 192.168.1.1
[root@localhost ~]
# ip route flush via 192.168.1.1
[root@localhost ~]
# ip route show dev eth0
172.16.100.100 via 192.168.1.100
192.168.1.0
/24
proto kernel scope link src 192.168.1.103
|
5、清空src
|
1
2
3
4
5
6
7
8
9
10
11
12
|
root@localhost ~]
# ip route add 172.16.100.9/32 via 192.168.1.1 dev eth0 src 192.168.1.103
[root@localhost ~]
# ip route show src 192.168.1.103
172.16.100.9 via 192.168.1.1 dev eth0
192.168.1.0
/24
dev eth0 proto kernel scope link
查看所有src
[root@localhost ~]
# ip route show
172.16.100.9 via 192.168.1.1 dev eth0 src 192.168.1.103
172.16.100.100 via 192.168.1.100 dev eth0
192.168.1.0
/24
dev eth0 proto kernel scope link src 192.168.1.103
[root@localhost ~]
# ip route flush src 192.168.1.103
|
6、清空dev
|
1
|
# ip route flush dev eth0
|
ss命令
用法基本同netstat
-t tcp查看tcp协议的连接
-u ucp
-w raw
-a all
-l listen
-n numeric
-e extend,usr,inode
-p pid/progranm,
-m memory
-o
state TCP-STAT [EXPRESSION]
建立套接字有一组套接字,源ip和源端口,目标ip和目标端口
源端口: 源ip对应的端口
目标端口: 目标ip对应的端口
TCP-STATE
TCP FINITE STATE MACHINE
LISTEN
SYC-SENT
SYC-RECV
ESTABLISHED
FIN_WAIT_1
FIN_WAIT_2
CLOSED
使用示例
1、查看tcp状态的所有连接
|
1
|
ss -tan
|
2、查看udp状态的所有连接
|
1
|
ss -uan
|
3、查看tcp处于监听状态的连接
|
1
|
ss -tnl
|
4、查看udp处于监听状态的连接
|
1
|
ss -unl
|
5、查看tcp/udp处于监听状态的连接
|
1
|
ss -tunl
|
6、查看tcp/udp扩展信息
|
1
|
ss -tunle
|
7、查看每个程序的pid和程序名
|
1
|
ss -tunlp
|
8、查看处于ESTABLISHED状态的连接
|
1
|
ss -o state ESTABLISHED
'( sport = :ssh or dport = :ssh )'
|
编辑配置文件配置网络属性
1、/etc/sysconfig/network-scripts/ifcfg-NAME配置IP
2、/etc/sysconfig/network-scripts/route-NAME配置route
3、配置DNS服务器
1、配置IP
DEVICE: 此配置文件应用到的设备,此名称应该和IFACE保持一致
HWADDR: 此配置文件应用到的网络设备的MAC地址
BOOTPROTO 引导协议,启动此设备命令的协议(static|none|dhcp|bootp)
NM_CONTROLLED NM NetworkManager的简写,取代network脚本控制网络服务,不建议CentOS6使用
ONBOOT 系统引导时,是否激活此设备
TYPE 接口类型,Enthernet,Bridge
UUID 设备的唯一标识
IPADDR 主地址
NETMASK 掩码
GATEWAY 默认网关
DNS1 DNS服务器(优先级高于/etc/resolv.conf,普通用户不能修改/etc/resolv.conf)
DNS2
DNS3
USERCTL 普通用户是否可控制
PEERDNS 如果BOOTPROTO的值为dhcp,是否允许dhcp服务器分配的DNS服务器指向信息直接覆盖resolv.conf
使用示例: 当前所在网络 192.168.1.1/24
1、进入/etc/sysconfig/network-scripts/目录,编辑ifcfg-eth0文件
2、用:wq或ZZ退出编辑,重启网络,使之生效
|
1
2
|
# /etc/rc.d/init.d/network restart
# service network restart
|
3、查看路由表
|
1
2
3
4
5
|
# netstat -rn
# route -n
# ip route show dev eth0
# ip route show src 192.168.1.103
# ip route show via 192.168.1.1
|
4、查看DNS解析表
|
1
|
cat
/etc/resolv
.conf
|
2、配置route
格式:
1、address via GW
2、
ADDRESS#=
NETMASK#=
GATEWAY#=
1、进入/etc/sysconfig/network-scripts/目录,编辑route-eth0文件
2、重启网络服务
|
1
|
# service network restart
|
3、查看路由表
|
1
2
3
|
# ip route show [ dev IFACE ] [ to PRIFIX] [ via ADDRESS ]
# netstat -rn
# route -n
|
1、进入/etc/sysconfig/network-scripts/目录,编辑route-eth0文件
2、重启网络服务
|
1
|
# service network restart
|
3、查看路由表
|
1
2
3
|
# ip route show [ dev IFACE ] [ to PRIFIX] [ via ADDRESS ]
# netstat -rn
# route -n
|
图形接口配置
1、进入图形界面 # system-config-network-tui (setup)
2、配置IP及路由信息
[ * ] 代表ture
NAME: 网卡名
DEVICE:设备名
Use DHCP: 是否使用DHCP, BOOTPROTO={dhcp|bootp|none|static}
Static IP:静态IP地址 , IPADDR
NETMASK: 掩码
DEFAULT GATEWAY IP: 默认网关, GATEWAY
primary dns server: 主DNS服务器 DNS1
secondary dns serve: 从DNS服务器 DNS2
在配置文件中支持配置3个DNS, DNS3
PEERDNS: BOOTPROTO为DHCP时是否将DHCP分配的DNS服务器及domain search覆盖至resolv.conf文件中
ONBOOT: 系统引导时,是否自动激活
CONTROL MANAGER: NM_CONTROLLED 是否由network manager脚本代为管理网络服务,centos6不建议使用
3、配置DNS
HOSTNAME:设定主机名,/etc/sysconfig/network文件中设定
Primary DNS:第一个DNS nameserver DNS_SERVER_IP1
Secondary DNS:第二个DNS nameserver DNS_SERVER_IP2
Tertiary DNS: DNS3
DNS searchpath:DNS搜索域。当只有域名时,自动补全
4、退出,重启服务
5、查看路由表
6、查看ip地址
|
1
2
3
|
# ifconfig eth0
# ip addr show dev eth0
# ip link show dev eth0
|
补充
1、给网卡配置多个地址(ip命令默认给单个网卡配置多个附加的地址)
|
1
2
3
4
|
1、ip addr add|del address dev IFACE label LABEL scope {global|host|link} broadcast BROADCAST
2、
ifconfig
IFACE address up | down
3、配置文件
/etc/sysconfig/network-scripts/ifcfg-IFACE
4、图形接口配置: system-config-network-tui 或 setup
|
2、主机名配置
|
1
2
3
4
5
6
7
8
9
|
1、命令行:
查看:
hostname
设定临时生效:
hostname
HOSTNAME
2、配置文件:
/etc/sysconfig/network
3、图形界面:
system-config-network-tui (setup)
|
3、网络接口识别命名相关的配置文件
|
1
|
/etc/udev/rules.d/
70
-persistent-net.rules
70
....net
|
