Linux网络配置

Linux_network.png

在Linux下可以通过脚本或者Linux内建的命令来进行网络的相关配置,就我而言更倾向于直接编辑网络相关的脚本进行配置,这样看上去更清晰一些。

相关参数配置文件

linux网络比较重要的几个配置文件如下:

/etc/sysconfig/network-scripts/ifcfg-设备名
/etc/sysconfig/network
/etc/resolv.conf
/etc/hosts
/etc/services

1 /etc/sysconfig/network-scripts/ifcfg-设备名
这个文件主要配置IP,网关,子网掩码,DNS等参数。重点需要关注的就是下面注释部分

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
TYPE="Ethernet"
BOOTPROTO="none" ##获取ip的方式,如果手动配置输入static或none,自动获取IP则输入dhcp
DEFROUTE="yes"
PEERDNS="yes"
PEERROUTES="yes"
IPADDR=192.168.1.25 ## ip地址
NETMASK=225.225.225.0 ## 子网掩码
GATEWAY=192.168.1.1 ## 网关地址
DNS1=114.114.114.114 ## DNS地址
DNS2=114.114.114.115
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_PEERDNS="yes"
IPV6_PEERROUTES="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="enp0s3"
UUID="5e711eb7-467e-4e96-8b33-761b43ab27a0"
DEVICE="enp0s3" ##设备名称
ONBOOT="yes" ##是否默认启动此设备

2 /etc/sysconfig/network
配置主机名

1
2
NETWORKING=yes ## 是否使用网络
HOSTNAME=www.l4j.cc

主机名修改后需要重启才能生效。
3 /etc/resolv.conf
配置DNS地址,一般习惯直接在/etc/sysconfig/network-scripts/ifcfg-设备名中配置。

1
2
3
# Generated by NetworkManager
nameserver 192.168.1.1
nameserver fe80::1%enp0s3

4 /etc/hosts
配置私有IP对应的主机名,可以把它理解为一个IP和域名对应的数据库。当你访问一个域名或者主机名时,系统会首先读取这里面的配置。

1
2
3
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.100 www.baidu.com ## 这里我们把百度的地址对应的ip配置成1.100这个ip

当我们访问www.baidu.com的时候就会访问192.168.1.100这个IP

1
2
3
4
5
6
7
8
9
10
11
[root@www ~]# ping www.baidu.com
PING www.baidu.com (192.168.1.100) 56(84) bytes of data.
64 bytes from www.baidu.com (192.168.1.100): icmp_seq=1 ttl=128 time=0.482 ms
64 bytes from www.baidu.com (192.168.1.100): icmp_seq=2 ttl=128 time=0.252 ms
64 bytes from www.baidu.com (192.168.1.100): icmp_seq=3 ttl=128 time=0.337 ms
64 bytes from www.baidu.com (192.168.1.100): icmp_seq=4 ttl=128 time=0.478 ms
64 bytes from www.baidu.com (192.168.1.100): icmp_seq=5 ttl=128 time=0.294 ms
^C
--- www.baidu.com ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4000ms
rtt min/avg/max/mdev = 0.252/0.368/0.482/0.097 ms

5 /etc/services
记录各种协议,服务所定义的端口

网络相关命令

1 重启网络服务
在CENTOS 7中,重启网络服务执行service network restart或者/etc/init.d/network restart
2 启动或关闭某个网络接口
可以通过执行ifup inter_nameifdown inter_name来启动或关闭某个网络接口

1
2
3
[root@localhost ~]# ifdown enp0s3
[root@localhost ~]# ifup enp0s3
Connection successfully activated (D-Bus active path:/org/freedesktop/NetworkManager/ActiveConnection/3)

3 ip
设备接口相关
常用到的有以下命令

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
[root@localhost ~]# ip link show ## 显示所有接口信息
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 08:00:27:8a:b0:16 brd ff:ff:ff:ff:ff:ff
[root@localhost ~]# ip link show enp0s3 ## 显示指定接口信息
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 08:00:27:8a:b0:16 brd ff:ff:ff:ff:ff:ff
[root@localhost ~]# ip -s link show enp0s3 ## -s选项可显示更多统计数据
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 08:00:27:8a:b0:16 brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
3476590 45505 0 51 0 9
TX: bytes packets errors dropped carrier collsns
6237225 57669 0 0 0 0
[root@localhost ~]# ip link set enp0s3 down ## 关闭该网络接口
[root@localhost ~]# ip link set enp0s3 up ## 启动该网络接口

ip设置相关
ip这个命令很强大,ip link可以用来修改查看接口的相关参数,ip address命令可以用来查看修改ip地址,ip route可以用来配置路由表。常用到的有以下命令

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
[root@localhost ~]# ip a ## 查看所有接口的ip参数
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:8a:b0:16 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.25/24 brd 192.168.1.255 scope global dynamic enp0s3
valid_lft 2452sec preferred_lft 2452sec
inet6 240e:da:1308:fb00:d9f9:bf28:a5e8:f36/64 scope global noprefixroute dynamic
valid_lft 259134sec preferred_lft 172734sec
inet6 fe80::9262:3c8e:84fb:3b92/64 scope link
valid_lft forever preferred_lft forever
[root@localhost ~]# ip -s a ## -s选项可显示更多统计数据
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
RX: bytes packets errors dropped overrun mcast
9308 108 0 0 0 0
TX: bytes packets errors dropped carrier collsns
9308 108 0 0 0 0
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:8a:b0:16 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.25/24 brd 192.168.1.255 scope global dynamic enp0s3
valid_lft 2448sec preferred_lft 2448sec
inet6 240e:da:1308:fb00:d9f9:bf28:a5e8:f36/64 scope global noprefixroute dynamic
valid_lft 259130sec preferred_lft 172730sec
inet6 fe80::9262:3c8e:84fb:3b92/64 scope link
valid_lft forever preferred_lft forever
RX: bytes packets errors dropped overrun mcast
3799137 49731 0 51 0 10
TX: bytes packets errors dropped carrier collsns
6826823 63317 0 0 0 0
[root@localhost ~]# ip address add 192.168.1.26/24 broadcast + dev enp0s3 label enp0s3:a ##在enp0s3新增一个仿真网络接口
## 也可以使用ip address change来修改一个已有的IP地址
[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:8a:b0:16 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.25/24 brd 192.168.1.255 scope global dynamic enp0s3
valid_lft 1975sec preferred_lft 1975sec
inet 192.168.1.26/24 brd 192.168.1.255 scope global secondary enp0s3:a
valid_lft forever preferred_lft forever
inet6 240e:da:1308:fb00:d9f9:bf28:a5e8:f36/64 scope global noprefixroute dynamic
valid_lft 258657sec preferred_lft 172257sec
inet6 fe80::9262:3c8e:84fb:3b92/64 scope link
valid_lft forever preferred_lft forever
[root@localhost ~]# ip address del 192.168.1.26/24 dev enp0s3 ## 删除该ip配置
[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:8a:b0:16 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.25/24 brd 192.168.1.255 scope global dynamic enp0s3
valid_lft 1943sec preferred_lft 1943sec
inet6 240e:da:1308:fb00:d9f9:bf28:a5e8:f36/64 scope global noprefixroute dynamic
valid_lft 259184sec preferred_lft 172784sec
inet6 fe80::9262:3c8e:84fb:3b92/64 scope link
valid_lft forever preferred_lft forever

4 ping
这个命令通常用来检测主机之间的网络情况,但是有时候会在主机设置禁ping或者在防火墙配置了icmp包的一些规则会导致ping命令失败

1
2
3
4
5
ping [options] ip_addr
常用的option
-c:ping的次数
-s:icmp包的大小,默认64bytes
-W:等待主机相应的秒数