Linux网络配置

在Linux下可以通过脚本或者Linux内建的命令来进行网络的相关配置，就我而言更倾向于直接编辑网络相关的脚本进行配置，这样看上去更清晰一些。

相关参数配置文件

linux网络比较重要的几个配置文件如下：

/etc/sysconfig/network-scripts/ifcfg-设备名
/etc/sysconfig/network
/etc/resolv.conf
/etc/hosts
/etc/services

1 /etc/sysconfig/network-scripts/ifcfg-设备名
这个文件主要配置IP，网关，子网掩码，DNS等参数。重点需要关注的就是下面注释部分

TYPE="Ethernet"
BOOTPROTO="none"  ##获取ip的方式，如果手动配置输入static或none，自动获取IP则输入dhcp
DEFROUTE="yes"
PEERDNS="yes"
PEERROUTES="yes"
IPADDR=192.168.1.25    ## ip地址
NETMASK=225.225.225.0  ## 子网掩码
GATEWAY=192.168.1.1    ## 网关地址
DNS1=114.114.114.114   ## DNS地址
DNS2=114.114.114.115
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_PEERDNS="yes"
IPV6_PEERROUTES="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="enp0s3"  
UUID="5e711eb7-467e-4e96-8b33-761b43ab27a0"
DEVICE="enp0s3" ##设备名称
ONBOOT="yes"   ##是否默认启动此设备

2 /etc/sysconfig/network
配置主机名

NETWORKING=yes        ## 是否使用网络
HOSTNAME=www.l4j.cc

主机名修改后需要重启才能生效。
3 /etc/resolv.conf
配置DNS地址，一般习惯直接在/etc/sysconfig/network-scripts/ifcfg-设备名中配置。

# Generated by NetworkManager
nameserver 192.168.1.1
nameserver fe80::1%enp0s3

4 /etc/hosts
配置私有IP对应的主机名，可以把它理解为一个IP和域名对应的数据库。当你访问一个域名或者主机名时，系统会首先读取这里面的配置。

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.100 www.baidu.com  ## 这里我们把百度的地址对应的ip配置成1.100这个ip

当我们访问www.baidu.com的时候就会访问192.168.1.100这个IP

[root@www ~]# ping www.baidu.com
PING www.baidu.com (192.168.1.100) 56(84) bytes of data.
64 bytes from www.baidu.com (192.168.1.100): icmp_seq=1 ttl=128 time=0.482 ms
64 bytes from www.baidu.com (192.168.1.100): icmp_seq=2 ttl=128 time=0.252 ms
64 bytes from www.baidu.com (192.168.1.100): icmp_seq=3 ttl=128 time=0.337 ms
64 bytes from www.baidu.com (192.168.1.100): icmp_seq=4 ttl=128 time=0.478 ms
64 bytes from www.baidu.com (192.168.1.100): icmp_seq=5 ttl=128 time=0.294 ms
^C
--- www.baidu.com ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4000ms
rtt min/avg/max/mdev = 0.252/0.368/0.482/0.097 ms

5 /etc/services
记录各种协议，服务所定义的端口

网络相关命令

1 重启网络服务
在CENTOS 7中，重启网络服务执行service network restart或者/etc/init.d/network restart
2 启动或关闭某个网络接口
可以通过执行ifup inter_name和ifdown inter_name来启动或关闭某个网络接口

[root@localhost ~]# ifdown enp0s3
[root@localhost ~]# ifup enp0s3
Connection successfully activated (D-Bus active path:/org/freedesktop/NetworkManager/ActiveConnection/3)

3 ip
设备接口相关
常用到的有以下命令

[root@localhost ~]# ip link show                ## 显示所有接口信息
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
    link/ether 08:00:27:8a:b0:16 brd ff:ff:ff:ff:ff:ff
[root@localhost ~]# ip link show enp0s3        ## 显示指定接口信息
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
    link/ether 08:00:27:8a:b0:16 brd ff:ff:ff:ff:ff:ff
[root@localhost ~]# ip -s link show enp0s3     ## -s选项可显示更多统计数据
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
    link/ether 08:00:27:8a:b0:16 brd ff:ff:ff:ff:ff:ff
    RX: bytes  packets  errors  dropped overrun mcast   
    3476590    45505    0       51      0       9       
    TX: bytes  packets  errors  dropped carrier collsns 
    6237225    57669    0       0       0       0  
[root@localhost ~]# ip link set enp0s3 down  ## 关闭该网络接口
[root@localhost ~]# ip link set enp0s3 up    ## 启动该网络接口

ip设置相关
ip这个命令很强大，ip link可以用来修改查看接口的相关参数，ip address命令可以用来查看修改ip地址，ip route可以用来配置路由表。常用到的有以下命令

[root@localhost ~]# ip a                ## 查看所有接口的ip参数
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 08:00:27:8a:b0:16 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.25/24 brd 192.168.1.255 scope global dynamic enp0s3
       valid_lft 2452sec preferred_lft 2452sec
    inet6 240e:da:1308:fb00:d9f9:bf28:a5e8:f36/64 scope global noprefixroute dynamic 
       valid_lft 259134sec preferred_lft 172734sec
    inet6 fe80::9262:3c8e:84fb:3b92/64 scope link 
       valid_lft forever preferred_lft forever
[root@localhost ~]# ip -s a             ## -s选项可显示更多统计数据
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
    RX: bytes  packets  errors  dropped overrun mcast   
    9308       108      0       0       0       0       
    TX: bytes  packets  errors  dropped carrier collsns 
    9308       108      0       0       0       0       
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 08:00:27:8a:b0:16 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.25/24 brd 192.168.1.255 scope global dynamic enp0s3
       valid_lft 2448sec preferred_lft 2448sec
    inet6 240e:da:1308:fb00:d9f9:bf28:a5e8:f36/64 scope global noprefixroute dynamic 
       valid_lft 259130sec preferred_lft 172730sec
    inet6 fe80::9262:3c8e:84fb:3b92/64 scope link 
       valid_lft forever preferred_lft forever
    RX: bytes  packets  errors  dropped overrun mcast   
    3799137    49731    0       51      0       10      
    TX: bytes  packets  errors  dropped carrier collsns 
    6826823    63317    0       0       0       0    
[root@localhost ~]# ip address add 192.168.1.26/24 broadcast + dev enp0s3 label enp0s3:a  ##在enp0s3新增一个仿真网络接口
## 也可以使用ip address change来修改一个已有的IP地址
[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 08:00:27:8a:b0:16 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.25/24 brd 192.168.1.255 scope global dynamic enp0s3
       valid_lft 1975sec preferred_lft 1975sec
    inet 192.168.1.26/24 brd 192.168.1.255 scope global secondary enp0s3:a
       valid_lft forever preferred_lft forever
    inet6 240e:da:1308:fb00:d9f9:bf28:a5e8:f36/64 scope global noprefixroute dynamic 
       valid_lft 258657sec preferred_lft 172257sec
    inet6 fe80::9262:3c8e:84fb:3b92/64 scope link 
       valid_lft forever preferred_lft forever
[root@localhost ~]# ip address del 192.168.1.26/24 dev enp0s3                            ## 删除该ip配置
[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 08:00:27:8a:b0:16 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.25/24 brd 192.168.1.255 scope global dynamic enp0s3
       valid_lft 1943sec preferred_lft 1943sec
    inet6 240e:da:1308:fb00:d9f9:bf28:a5e8:f36/64 scope global noprefixroute dynamic 
       valid_lft 259184sec preferred_lft 172784sec
    inet6 fe80::9262:3c8e:84fb:3b92/64 scope link 
       valid_lft forever preferred_lft forever
	   

4 ping
这个命令通常用来检测主机之间的网络情况，但是有时候会在主机设置禁ping或者在防火墙配置了icmp包的一些规则会导致ping命令失败

ping [options] ip_addr
常用的option
-c:ping的次数
-s:icmp包的大小，默认64bytes
-W:等待主机相应的秒数