网络补充

1. 网卡配置(ip,dns)

  • 目标:
    • 修改网卡的名字为eth0.
    • 修改网卡配置文件,ip,dns,网关,子网掩码.(物理机,虚拟机(私有云))
    • 公有云自动获取即可,服务器数量巨大自动获取.

1.1 网卡命名

结论: 工作有需求的时候再去修改. 做好记录,后面使用的时候参考即可.

# 网卡命名规则:
ens33 ensxxxxp
eth0 <统一修改为eth0 eth1 eth2 .... 形式.

修改网卡名字为eth0(方案)

方法01:安装系统的时候修改 net.ifnames=0 biosdevname=0 红帽类系统,ubt版本20.04版本及之前

方法02:安装完成系统修改系统启动的配置文件,网卡配置文件.

1.1.1 方法01:安装完成系统

麒麟系统

查看代码
 # 方法01:安装完成系统
[root@Kylin-V10-sp3 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 00:0c:29:8c:ff:3d brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.36/24 brd 10.0.0.255 scope global noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::3596:15a7:b72a:6fee/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
[root@Kylin-V10-sp3 ~]# 

# 第1步: 修改/boot/grub2/grub.cfg配置 (麒麟系统是 linux后面即可)
linux开头的行后面添加 net.ifnames=0 biosdevname=0 或者执行 sed -ri.bak '/\t+linux/s#$# net.ifnames=0 biosdevname=0#g' /boot/grub2/grub.cfg
#修改之后检查内容
[root@Kylin-V10-sp3 ~]# grep -n .*linux.*0$ /boot/grub2/grub.cfg
104:	linux	/vmlinuz-4.19.90-52.22.v2207.ky10.x86_64 root=/dev/mapper/klas-root ro resume=/dev/mapper/klas-swap rd.lvm.lv=klas/root rd.lvm.lv=klas/swap rhgb quiet crashkernel=1024M,high audit=0 net.ifnames=0 biosdevname=0
118:	linux	/vmlinuz-0-rescue-6853e90e34234ee78f85b3b8b3fdc032 root=/dev/mapper/klas-root ro resume=/dev/mapper/klas-swap rd.lvm.lv=klas/root rd.lvm.lv=klas/swap rhgb quiet crashkernel=1024M,high audit=0
[root@Kylin-V10-sp3 ~]# 

# 第2步: 修改网卡配置文件.
1)修改网卡配置文件中NAME和DEVICE两个部分 (vim修改)
2)网卡配置文件名字改为eth0(mv 修改)
[root@Kylin-V10-sp3 /boot/grub2]# vim /etc/sysconfig/network-scripts/ifcfg-ens33 
[root@Kylin-V10-sp3 /boot/grub2]# 
[root@Kylin-V10-sp3 /boot/grub2]# cd /etc/sysconfig/network-scripts/
[root@Kylin-V10-sp3 /etc/sysconfig/network-scripts]# ls
ifcfg-ens33
[root@Kylin-V10-sp3 /etc/sysconfig/network-scripts]# 
[root@Kylin-V10-sp3 /etc/sysconfig/network-scripts]# mv ifcfg-ens33 ifcfg-eth0
[root@Kylin-V10-sp3 /etc/sysconfig/network-scripts]# 

# 修改后结果:
[root@Kylin-V10-sp3 /etc/sysconfig/network-scripts]# grep -n eth0 /etc/sysconfig/network-scripts/ifcfg-eth0 
12:NAME=eth0
14:DEVICE=eth0
[root@Kylin-V10-sp3 /etc/sysconfig/network-scripts]# 
# 重启Linux.
[root@Kylin-V10-sp3 /etc/sysconfig/network-scripts]# reboot

[root@Kylin-V10-sp3 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 00:0c:29:8c:ff:3d brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.36/24 brd 10.0.0.255 scope global noprefixroute eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::15a8:d444:56ed:ae7c/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
[root@Kylin-V10-sp3 ~]# 

centos系统

# 方法01:安装完成系统
# 第1步: 修改/boot/grub2/grub.cfg配置
搜索linux16开头的行,在这行结尾加上 net.ifnames=0 biosdevname=0 

#修改之后检查内容
[root@oldboy-king-v3 ~]# grep -n linux16 /boot/grub2/grub.cfg

# 其他参考麒麟

20.04修改方法

# 1. 修改grub
 sed -i '/linux.*vmlinuz/s#$#biosdevname=0 net.ifnames=0#g' /boot/grub/grub.cfg
# 2. 修改网卡配置文件
sed -i 's#ens33#eth0#g' /etc/netplan/00-installer-config.yaml
# 3. 重启

ubt22.04修改方法

#1.修改/boot/grub/grub.cfg
170,189,226行,增加biosdevname=0 net.ifnames=0
[root@ubuntu2204 ~]# awk '$1~/linux/{print NR,$0}' /boot/grub/grub.cfg
170 	linux	/vmlinuz-5.15.0-121-generic root=/dev/mapper/ubuntu--vg-ubuntu--lv ro  
189 		linux	/vmlinuz-5.15.0-121-generic root=/dev/mapper/ubuntu--vg-ubuntu--lv ro  
207 		linux	/vmlinuz-5.15.0-121-generic root=/dev/mapper/ubuntu--vg-ubuntu--lv ro recovery nomodeset dis_ucode_ldr 
226 		linux	/vmlinuz-5.15.0-119-generic root=/dev/mapper/ubuntu--vg-ubuntu--lv ro  
244 		linux	/vmlinuz-5.15.0-119-generic root=/dev/mapper/ubuntu--vg-ubuntu--lv ro recovery nomodeset dis_ucode_ldr 
[root@ubuntu2204 ~]# 
[root@ubuntu2204 ~]# sed -i '/linux.*vmlinuz/s#$# biosdevname=0 net.ifnames=0#g' /boot/grub/grub.cfg

#2.修改网卡配置文件内容
sed -i 's#ens33#eth0#g' /etc/netplan/00-installerconfig.yaml
#3.重启系统
1.1.2 方法02:安装系统的时候修改

安装系统的时候选择第1个然后按tab键. 在最后写入 net.ifnames=0 biosdevname=0

选择install 然后安装tab键,行尾输入 net.ifnames=0 biosdevname=0

1.2 网卡配置文件 ⭐⭐⭐⭐⭐

物理机,虚拟化(虚拟机)需要改或配置。

公有云保持默认即可。(DHCP自动获取)

#配置文件
红帽类系统:/etc/sysconfig/network-scripts/ifcfg-eth0 或 ifcfg-ens33
debian/ubt: /etc/netplan/xxxx.yaml
debian/ubt:其他文件。。。
#生效
systemctl restart network #centos
ifdown ens33 && ifup ens33 #kylin
netplay apply #ubt/debian

centos,麒麟,红帽系列系统

# /etc/sysconfig/network-scripts/ifcfg-eth0

[root@oldboy-test-video ~]# cat /etc/sysconfig/networkscripts/ifcfg-eth0
#网络类型,就是一个Ethernet 以太网
TYPE=Ethernet
PROXY_METHOD=none #none/static 手动、固定ip
#dhcp 自动获取
BROWSER_ONLY=no
#获取ip的方法
#none/static 手动配置ip
#dhcp 自动获取ip
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
#网卡名字
NAME=eth0
#设备名字
DEVICE=eth0
#每个设备1个唯一的id号,全球唯一.
UUID=c21147b3-6922-4a3a-b7c6-09f6de870496
#网卡是否开机是否自启动,网卡重启后是否自启动
#reboot
#systemctl restart network
ONBOOT=yes
#ip地址
IPADDR=10.0.0.200
#PREFIX或NETMASK子网掩码:控制局域网中最多有多少台机器.
PREFIX=24
#网关
GATEWAY=10.0.0.2
#DNS1,DNS2
DNS1=223.5.5.5
DNS2=223.6.6.6
IPV6_PRIVACY=no

网卡配置文件核心指标:

# 核心: BOOTPROTO,ONBOOT,IPADDR,PREFIX,GATEWAY,DNS

#获取ip的方法
#none/static 手动配置ip
#dhcp 自动获取ip
BOOTPROTO=none
#网卡名字
NAME=eth0
#设备名字
DEVICE=eth0
#网卡是否开机是否自启动,网卡重启后是否自启动
#reboot
#systemctl restart network 
ONBOOT=yes

#ip地址
IPADDR=10.0.0.36
#PREFIX或NETMASK子网掩码:控制局域网中最多有多少台机器.
PREFIX=24
#网关
GATEWAY=10.0.0.2
#DNS1,DNS2
DNS1=223.5.5.5
DNS2=223.6.6.6

iP地址计算器:https://ipv4calc.bmcx.com/

DNS大全: https://dnsdaquan.com/#

# 阿里云 DNS
223.5.5.5
223.6.6.6
114
114.114.114.114
114.114.115.115
# 谷歌DNS
8.8.8.8
8.8.4.4

⚠ DNS地址的选择:授权默认的;如果没有默认的,选择当前网络环境的(找运营商);最后再使用公共DNS.

 

  • DNS配置文件
    • 网卡配置文件DNS1 DNS2 优先.重启网卡后会覆盖/etc/resolv.conf文件
    • /etc/resolv.conf 实时生效.
  • ubt网卡配置文件

  

cat /etc/netplan/00-installer-config.yaml
# This is the network config written by 'subiquity'
network:
ethernets:
eth0: #网卡名字
addresses:
- 10.0.0.37/24 #ip/子网掩码 10.0.0.202/24
nameservers:
addresses:
- 223.5.5.5 #dns1
- 223.6.6.6 #dns2
search: []
routes:
- to: default
via: 10.0.0.2 #默认网关
version: 2
#网卡配置文件生效
netplan apply

1.3 hosts文件 ⭐⭐⭐⭐⭐

 经常用于搭建网站,配置临时域名解析域名主机名对应的ip.

解析为对应的ip. 类似于DNS.

# linux:/etc/hosts
# windows: c:\windows\system32\drivers\etc\hosts
# window键+r输入drivers 然后找etc hosts


# 主要用于访问测试环境
[root@Kylin-V10-sp3 ~]# vim /etc/hosts
[root@Kylin-V10-sp3 ~]#  
[root@Kylin-V10-sp3 ~]# ping qq.com
PING qq.com (10.0.0.36) 56(84) bytes of data.
64 bytes from qq.com (10.0.0.36): icmp_seq=1 ttl=64 time=0.119 ms
64 bytes from qq.com (10.0.0.36): icmp_seq=2 ttl=64 time=0.092 ms
64 bytes from qq.com (10.0.0.36): icmp_seq=3 ttl=64 time=0.098 ms
^C
--- qq.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2036ms
rtt min/avg/max/mdev = 0.092/0.103/0.119/0.011 ms
[root@Kylin-V10-sp3 ~]# ^C
[root@Kylin-V10-sp3 ~]# 
[root@Kylin-V10-sp3 ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
10.0.0.36  qq.com
[root@Kylin-V10-sp3 ~]# 

 子网掩码计算器:https://tool.520101.com/wangluo/ipjisuan/#google_vignette

 

2. TCP 11种状态 ⭐⭐⭐⭐

目标: 掌握tcp三次握手,四次挥手的时候客户端,服务端常见状态.

Tcp3次握手,4次挥手的时候需要经历一个过程,在建立连接和断开连接的时候,服

务端和客户端就有一些状态.1

最容易理解的状态:CLOSED(关闭),establish(建立连接).

3次握手4次挥手状态:https://www.processon.com/view/link/6245136a5653bb072bce3259

2.1 三次握手的状态

TCP三次握手状态转换简单说明:

01.准备:首先,建立连接之前服务器和客户端的状态都为CLOSED。

02.准备:服务器创建socket后开始监听(启动服务),变为LISTEN状态。

03.客户端:SYN请求,客户端请求建立连接,向服务器发送SYN报文,客户端的状态变为SYN_SENT。

04.服务端:服务器收到客户端的报文(SYN)后向客户端发送ACK和SYN报文,此时服务器的状态变为SYN_RCVD(recevide)(收到了客户端发送的SYN请求)。

05.客户端然后,客户端收到ACK、SYN,就向服务器发送ACK,客户端状态变为ESTABLISHED

06.服务端服务器收到客户端的ACK后也变为ESTABLISHED。此时3次握手完成,连接建立!

2.2 四次挥手的状态

四次挥手中:

客户端:发出FIN请求这一方.

服务端:接收请求的.

01.客户端:客户端先向服务器发送FIN报文,请求断开连接,其状态变为FIN_WAIT1。

02.服务端:服务器收到FIN后向客户端发送ACK,服务器状态变为CLOSE_WAIT。

03.客户端:客户端收到ACK后就进入FIN_WAIT2状态。此时连接已经断开了一半了。如果服务器还有数据要发送给客户端,就会继续发送。

04.服务端:直到发完了,就发送FIN报文,此时服务器进入LAST_ACK状态。

05.客户端:客户端收到服务器的FIN后,马上发送ACK给服务器,此时客户端进入TIME_WAIT状态,再过了2MSL长的时间后进入CLOSED状态。

06.服务端:服务器收到客户端的ACK就进入CLOSED状态。

2.3 11种状态补充

CLOSING状态表示:

客户端发了FIN,但客户端在FIN_WAIT1状态时没有收到服务器的ACK确认字段,却收到了服务器的FIN字段,这种情况发生在服务器发送的ACK丢包的时候,因为网络传输有时会有意外。

2.4 11种状态小结

核心必会: CLOSED,ESTABLISHED,LISTEN监听,TIME_WAIT,CLOSE_WAIT

逐渐掌握: FIN_WAIT1,FIN_WAIT2,CLOSING,SYN_SENT,LAST_ACK

3. 网络管理命令 ⭐⭐⭐⭐⭐

检查端口:telnet,ss,netstat,nmap,nc(net cat)....
查看连接情况:ss -ant
网络速度与程序占用情况
DNS解析:dig
追踪命令:tracert(windows), traceroute (linux)
加入到系统巡检脚本中:
################系统的网络信息#####################
1.ip地址
2.系统开放哪些端口
3.统计下每一种连接状态
4.哪些端口占用的带宽速度.
5.检查系统配置的DNS
6.显示路由追踪(www.baidu.com).
################系统的网络信息#####################
yum install -y net-tools lsof nethogs iftop telnet nc nmap

3.1 检查端口

端口是否开启.

端口是否能访问(连接).

ss/netstat

3.1.1 检查是否存在22端口

我们可以连接这台服务器。

查看代码
 # 方法01 推荐
[root@Kylin-V10-sp3 ~]# ss -lntup |grep 22
tcp     LISTEN   0        128              0.0.0.0:22            0.0.0.0:*       users:(("sshd",pid=854,fd=5))                                                  
tcp     LISTEN   0        128                 [::]:22               [::]:*       users:(("sshd",pid=854,fd=6))                                                  
[root@Kylin-V10-sp3 ~]# 
[root@Kylin-V10-sp3 ~]# ss -lntu
Netid            State             Recv-Q            Send-Q                       Local Address:Port                       Peer Address:Port            Process            
udp              UNCONN            0                 0                                127.0.0.1:323                             0.0.0.0:*                                  
udp              UNCONN            0                 0                                    [::1]:323                                [::]:*                                  
tcp              LISTEN            0                 128                                0.0.0.0:22                              0.0.0.0:*                                  
tcp              LISTEN            0                 10                               127.0.0.1:25                              0.0.0.0:*                                  
tcp              LISTEN            0                 128                                   [::]:22                                 [::]:*                                  
[root@Kylin-V10-sp3 ~]#
# -p表示显示端口对应的进程的信息。
[root@Kylin-V10-sp3 ~]# ss -lntup 
Netid         State          Recv-Q         Send-Q                 Local Address:Port                 Peer Address:Port        Process                                     
udp           UNCONN         0              0                          127.0.0.1:323                       0.0.0.0:*            users:(("chronyd",pid=738,fd=6))           
udp           UNCONN         0              0                              [::1]:323                          [::]:*            users:(("chronyd",pid=738,fd=7))           
tcp           LISTEN         0              128                          0.0.0.0:22                        0.0.0.0:*            users:(("sshd",pid=854,fd=5))              
tcp           LISTEN         0              10                         127.0.0.1:25                        0.0.0.0:*            users:(("sendmail",pid=1286,fd=6))         
tcp           LISTEN         0              128                             [::]:22                           [::]:*            users:(("sshd",pid=854,fd=6))              
[root@Kylin-V10-sp3 ~]# 
[root@Kylin-V10-sp3 ~]# ss -lntup | grep -w ssh
[root@Kylin-V10-sp3 ~]# 
[root@Kylin-V10-sp3 ~]# ss -lntup | grep -w sshd
tcp     LISTEN   0        128              0.0.0.0:22            0.0.0.0:*       users:(("sshd",pid=854,fd=5))                                                  
tcp     LISTEN   0        128                 [::]:22               [::]:*       users:(("sshd",pid=854,fd=6))                                                  
[root@Kylin-V10-sp3 ~]# 

#grep -w 精确过滤. grep -w 22 

# 方法02
[root@Kylin-V10-sp3 ~]# netstat -lntup |grep -w 22
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      854/sshd: /usr/sbin 
tcp6       0      0 :::22                   :::*                    LISTEN      854/sshd: /usr/sbin 
[root@Kylin-V10-sp3 ~]# 

# 方法03
[root@Kylin-V10-sp3 ~]# lsof -i :22
COMMAND  PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
sshd     854 root    5u  IPv4  26990      0t0  TCP *:ssh (LISTEN)
sshd     854 root    6u  IPv6  26992      0t0  TCP *:ssh (LISTEN)
sshd    1199 root    5u  IPv4  29892      0t0  TCP Kylin-V10-sp3:ssh->10.0.0.1:64370 (ESTABLISHED)
sshd    1221 root    5u  IPv4  29892      0t0  TCP Kylin-V10-sp3:ssh->10.0.0.1:64370 (ESTABLISHED)
sshd    1570 root    5u  IPv4  35514      0t0  TCP Kylin-V10-sp3:ssh->10.0.0.1:54940 (ESTABLISHED)
sshd    1580 root    5u  IPv4  35514      0t0  TCP Kylin-V10-sp3:ssh->10.0.0.1:54940 (ESTABLISHED)
[root@Kylin-V10-sp3 ~]# 
[root@Kylin-V10-sp3 ~]# lsof -ni :22
COMMAND  PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
sshd     854 root    5u  IPv4  26990      0t0  TCP *:ssh (LISTEN)
sshd     854 root    6u  IPv6  26992      0t0  TCP *:ssh (LISTEN)
sshd    1199 root    5u  IPv4  29892      0t0  TCP 10.0.0.36:ssh->10.0.0.1:64370 (ESTABLISHED)
sshd    1221 root    5u  IPv4  29892      0t0  TCP 10.0.0.36:ssh->10.0.0.1:64370 (ESTABLISHED)
sshd    1570 root    5u  IPv4  35514      0t0  TCP 10.0.0.36:ssh->10.0.0.1:54940 (ESTABLISHED)
sshd    1580 root    5u  IPv4  35514      0t0  TCP 10.0.0.36:ssh->10.0.0.1:54940 (ESTABLISHED)
[root@Kylin-V10-sp3 ~]# 
[root@Kylin-V10-sp3 ~]# lsof -nPi :22
COMMAND  PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
sshd     854 root    5u  IPv4  26990      0t0  TCP *:22 (LISTEN)
sshd     854 root    6u  IPv6  26992      0t0  TCP *:22 (LISTEN)
sshd    1199 root    5u  IPv4  29892      0t0  TCP 10.0.0.36:22->10.0.0.1:64370 (ESTABLISHED)
sshd    1221 root    5u  IPv4  29892      0t0  TCP 10.0.0.36:22->10.0.0.1:64370 (ESTABLISHED)
sshd    1570 root    5u  IPv4  35514      0t0  TCP 10.0.0.36:22->10.0.0.1:54940 (ESTABLISHED)
sshd    1580 root    5u  IPv4  35514      0t0  TCP 10.0.0.36:22->10.0.0.1:54940 (ESTABLISHED)
[root@Kylin-V10-sp3 ~]# 
# lsof -n 不要把ip反向解析为主机名、域名。
# lsof -P 不要把端口解析为对应的服务。
3.1.2 检查是否可以访问22端口

不在对应的服务器上。(是否可以连接,是否存在.)

查看代码
 #方法01
telnet 10.0.0.36 22 #命令行中推荐使用,检查是否有connected 标记。

#方法02
# nmap 网络扫描工具。
[root@ubuntu2204 ~]# nmap -p22 10.0.0.36
Starting Nmap 7.80 ( https://nmap.org ) at 2024-09-18 21:13 CST
Nmap scan report for 10.0.0.36
Host is up (0.00027s latency).

PORT   STATE SERVICE
22/tcp open  ssh
MAC Address: 00:0C:29:8C:FF:3D (VMware)

Nmap done: 1 IP address (1 host up) scanned in 0.14 seconds
[root@ubuntu2204 ~]# 
[root@ubuntu2204 ~]# 
[root@ubuntu2204 ~]# nmap -p80,443,22 baidu.com jd.com 10.0.0.36
Starting Nmap 7.80 ( https://nmap.org ) at 2024-09-18 21:13 CST
Nmap scan report for baidu.com (39.156.66.10)
Host is up (0.0029s latency).
Other addresses for baidu.com (not scanned): 110.242.68.66

PORT    STATE    SERVICE
22/tcp  filtered ssh
80/tcp  open     http
443/tcp open     https

Nmap scan report for jd.com (211.144.27.126)
Host is up (0.0018s latency).
Other addresses for jd.com (not scanned): 211.144.24.218 111.13.149.108 106.39.171.134

PORT    STATE    SERVICE
22/tcp  filtered ssh
80/tcp  open     http
443/tcp open     https

Nmap scan report for 10.0.0.36
Host is up (0.00028s latency).

PORT    STATE    SERVICE
22/tcp  open     ssh
80/tcp  filtered http
443/tcp filtered https
MAC Address: 00:0C:29:8C:FF:3D (VMware)

Nmap done: 3 IP addresses (3 hosts up) scanned in 1.50 seconds
[root@ubuntu2204 ~]# 

PORT STATE SERVICE
22/tcp open ssh #nmap结果中只要有 端口 open就是开启 。
#nmap进阶使用
[root@Kylin-V10-sp3 ~]# nmap -p1-1024 10.0.0.37
Starting Nmap 7.92 ( https://nmap.org ) at 2024-09-18 21:15 CST
Nmap scan report for 10.0.0.37
Host is up (0.00012s latency).
Not shown: 1023 closed tcp ports (reset)
PORT   STATE SERVICE
80/tcp open  http
MAC Address: 00:0C:29:95:37:E0 (VMware)

Nmap done: 1 IP address (1 host up) scanned in 0.12 seconds
[root@Kylin-V10-sp3 ~]# 
[root@Kylin-V10-sp3 ~]# nmap -p22 10.0.0.0/24 jd.com taobao.com
Starting Nmap 7.92 ( https://nmap.org ) at 2024-09-18 21:15 CST
Nmap scan report for 10.0.0.1
Host is up (0.0038s latency).

PORT   STATE  SERVICE
22/tcp closed ssh
MAC Address: 00:50:56:C0:00:08 (VMware)

Nmap scan report for 10.0.0.2
Host is up (0.00011s latency).

PORT   STATE  SERVICE
22/tcp closed ssh
MAC Address: 00:50:56:FE:5A:C2 (VMware)

Nmap scan report for 10.0.0.37
Host is up (0.00034s latency).

PORT   STATE  SERVICE
22/tcp closed ssh
MAC Address: 00:0C:29:95:37:E0 (VMware)

Nmap scan report for 10.0.0.36
Host is up (0.000041s latency).

PORT   STATE SERVICE
22/tcp open  ssh

Nmap scan report for jd.com (211.144.24.218)
Host is up (0.00049s latency).
Other addresses for jd.com (not scanned): 106.39.171.134 211.144.27.126 111.13.149.108

PORT   STATE    SERVICE
22/tcp filtered ssh

Nmap scan report for taobao.com (59.82.122.130)
Host is up (0.00048s latency).
Other addresses for taobao.com (not scanned): 59.82.44.240 59.82.122.165 59.82.43.234 59.82.122.140 59.82.43.239 59.82.43.238 59.82.121.163 2401:b180:7003::25 2401:b180:7003::6b 2401:b180:7003::ed 2408:4001:f00::3c 2408:4001:f00::87 2408:4001:f10::6f 2408:4001:f10::5e 2401:b180:7003::aa

PORT   STATE    SERVICE
22/tcp filtered ssh

Nmap done: 258 IP addresses (6 hosts up) scanned in 3.17 seconds
[root@Kylin-V10-sp3 ~]# 

#方法03 nc netcat ncat
nc -v 10.0.0.37 22 #这个一般用于shell脚本中检查端口是否开启。
[root@Kylin-V10-sp3 ~]# nc -v 10.0.0.37 22
Ncat: Version 7.92 ( https://nmap.org/ncat )
Ncat: Connection refused.
[root@Kylin-V10-sp3 ~]# nc -v 10.0.0.36 22
Ncat: Version 7.92 ( https://nmap.org/ncat )
Ncat: Connected to 10.0.0.36:22.
SSH-2.0-OpenSSH_8.2
^C
[root@Kylin-V10-sp3 ~]# ^C
[root@Kylin-V10-sp3 ~]#
3.1.3 企业面试题: 如何检查端口是否存在
ss -lntup
netstat -lntup
lsof -i:22
telnet 10.0.0.200 22
nmap -p22 10.0.0.200
nc 10.0.0.200 22

3.2 检查tcp连接状态

ss -ant
netstat -ant
root@iZ2zei5cw2j6q770mgp5kvZ:~/packages# ss -ant
State                 Recv-Q             Send-Q                          Local Address:Port                             Peer Address:Port              Process             
LISTEN                0                  80                                  127.0.0.1:3306                                  0.0.0.0:*                                     
LISTEN                0                  511                                   0.0.0.0:80                                    0.0.0.0:*                                     
LISTEN                0                  128                                   0.0.0.0:22                                    0.0.0.0:*                                     
LISTEN                0                  511                                 127.0.0.1:9000                                  0.0.0.0:*                                     
LISTEN                0                  4096                            127.0.0.53%lo:53                                    0.0.0.0:*                                     
ESTAB                 0                  0                              172.28.157.228:22                             221.218.208.28:50185                                 
TIME-WAIT             0                  0                              172.28.157.228:51370                          100.100.18.120:80                                    
ESTAB                 0                  52                             172.28.157.228:22                             221.218.208.28:62721                                 
ESTAB                 0                  0                              172.28.157.228:42796                           100.100.30.26:80                                    
LISTEN                0                  128                                      [::]:22                                       [::]:*                                     
root@iZ2zei5cw2j6q770mgp5kvZ:~/packages# 

未来统计:
企业案例: 每种状态的次数. sort+uniq
企业案例: 网站并发情况
并发: 同一时间内,用户连接数量.
方法:统计estab状态的连接数量(一般是80/443)端口.
root@iZ2zei5cw2j6q770mgp5kvZ:~/packages# ss -ant |awk 'NR>1{print $1}' |sort |uniq -c |sort -rn
      6 LISTEN
      3 ESTAB
      1 TIME-WAIT
      1 SYN-RECV
root@iZ2zei5cw2j6q770mgp5kvZ:~/packages# awk 'NR>2 && /^tcp/{print $NF}' netstat.log |sort |uniq -c |sort -rn

3.3 网络速度

总体速度

查看代码
 # 添加额外的源
wget -O /etc/yum.repos.d/epel.repo https://mirrors.aliyun.com/repo/epel-7.repo
# 下载iftop
yum install -y iftop

top/htop
iotop
# iftop 2s 10s 40s数据传输平均速度
iftop -n #ip反向解析为域名/主机名
iftop -i 指定网卡. 默认eth0 第1个网卡.
iftop -P 显示端口
iftop -N 不要把端口解析为服务名字
# 最终使用
iftop -nNP -i eth0 #显示端口号,不要把ip解析为域名,不要把端口解析为服务, 监视指定网卡eth0

#iftop非交互模式 方便进行过滤与处理.
root@iZ2zei5cw2j6q770mgp5kvZ:~/packages# iftop -nNP -Bt -s 1
interface: eth0
IP address is: 172.28.157.228
MAC address is: 00:16:3e:39:38:2e
Listening on eth0
   # Host name (port/service if enabled)            last 2s   last 10s   last 40s cumulative
--------------------------------------------------------------------------------------------
   1 172.28.157.228:42796                     =>     1.62KB     1.62KB     1.62KB     3.25KB
     100.100.30.26:80                         <=        60B        60B        60B       120B
   2 172.28.157.228:22                        =>        54B        54B        54B       108B
     221.218.208.28:62721                     <=        20B        20B        20B        40B
--------------------------------------------------------------------------------------------
Total send rate:                                     1.68KB     1.68KB     1.68KB
Total receive rate:                                     80B        80B        80B
Total send and receive rate:                         1.75KB     1.75KB     1.75KB
--------------------------------------------------------------------------------------------
Peak rate (sent/received/total):                     1.68KB        80B     1.75KB
Cumulative (sent/received/total):                    3.35KB       160B     3.51KB
============================================================================================

root@iZ2zei5cw2j6q770mgp5kvZ:~/packages# 
# -B以字节为单位进行显示,默认是位
root@iZ2zei5cw2j6q770mgp5kvZ:~/packages# iftop -nNBP -i eth0 -t -s 1
interface: eth0
IP address is: 172.28.157.228
MAC address is: 00:16:3e:39:38:2e
Listening on eth0
   # Host name (port/service if enabled)            last 2s   last 10s   last 40s cumulative
--------------------------------------------------------------------------------------------
   1 172.28.157.228:42796                     =>     1.04KB     1.04KB     1.04KB     2.09KB
     100.100.30.26:80                         <=        40B        40B        40B        80B
   2 172.28.157.228:22                        =>        54B        54B        54B       108B
     221.218.208.28:62721                     <=        20B        20B        20B        40B
--------------------------------------------------------------------------------------------
Total send rate:                                     1.10KB     1.10KB     1.10KB
Total receive rate:                                     60B        60B        60B
Total send and receive rate:                         1.16KB     1.16KB     1.16KB
--------------------------------------------------------------------------------------------
Peak rate (sent/received/total):                     1.10KB        60B     1.16KB
Cumulative (sent/received/total):                    2.19KB       120B     2.31KB
============================================================================================

root@iZ2zei5cw2j6q770mgp5kvZ:~/packages# 

root@iZ2zei5cw2j6q770mgp5kvZ:~/packages# iftop -nNBP -i eth0

进程流量

精确到进程的网络速度

# 查看进程的流量情况.
# 方法01: iftop,ss,ps 一起使用
iftop找出端口.
ss找出端口对应的进程号(pid)
ps根据pid过滤进程名字.

# 方法02: nethogs
nethogs

# 方法03:ntop 可以用docker部署或二进制
https://www.ntop.org/get-started/download/
.......

 

3.4 DNS解析

dig dns解析查询

host

nslookup

whois 查看域名信息. jwhois/whois 过滤 expir

dig www.baidu.com
host www.baidu.com
nslookup www.baidu.com

#方法01 dig
[root@Kylin-V10-sp3 ~]# dig baidu.com

; <<>> DiG 9.11.21-9.11.21-18.ky10 <<>> baidu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65434
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;baidu.com.			IN	A

;; ANSWER SECTION:
baidu.com.		34	IN	A	110.242.68.66
baidu.com.		34	IN	A	39.156.66.10

;; Query time: 53 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: 三 9月 18 21:41:23 CST 2024
;; MSG SIZE  rcvd: 70

[root@Kylin-V10-sp3 ~]# 

#方法02
[root@Kylin-V10-sp3 ~]# host jd.com
jd.com has address 211.144.27.126
jd.com has address 111.13.149.108
jd.com has address 211.144.24.218
jd.com has address 106.39.171.134
jd.com mail is handled by 30 mx1.jd.com.
jd.com mail is handled by 5 mx.jd.com.
[root@Kylin-V10-sp3 ~]# 

#方法03
[root@Kylin-V10-sp3 ~]# nslookup www.baidu.com
Server:		8.8.8.8
Address:	8.8.8.8#53

Non-authoritative answer:
www.baidu.com	canonical name = www.a.shifen.com.
Name:	www.a.shifen.com
Address: 110.242.68.3
Name:	www.a.shifen.com
Address: 110.242.68.4
Name:	www.a.shifen.com
Address: 2408:871a:2100:3:0:ff:b025:348d
Name:	www.a.shifen.com
Address: 2408:871a:2100:2:0:ff:b09f:237

[root@Kylin-V10-sp3 ~]#

3.5 追踪命令

检查线路是否通畅. ping

批量检查是否可以ping通. fping

访问云服务器失败,怀疑是阿里云的问题,阿里云那边就会让你发出路由追踪的结果. tracert(windows) traceroute (linux ) 路径追踪

#01 两点之间.
ping baidu.com

#02
tracert(windows) traceroute (linux yum install -y traceroute)
traceroute -nI www.baidu.com #默认使用udp协议,-I使用icmp协议
icmp表示使用ping.
[root@Kylin-V10-sp3 ~/test]# traceroute -nI www.baidu.com
traceroute to www.baidu.com (110.242.68.4), 30 hops max, 60 byte packets
 1  10.0.0.2  0.477 ms  0.433 ms  0.413 ms
 2  192.168.15.1  1.593 ms  1.576 ms  1.555 ms
 3  192.168.201.1  1.532 ms  1.512 ms  2.527 ms
 4  221.218.208.1  9.184 ms  9.192 ms  9.172 ms
 5  * * *
 6  * * *
 7  * * *
 8  * 110.242.66.170  12.383 ms  12.367 ms
 9  221.194.45.134  14.279 ms  14.204 ms  14.150 ms
10  * * *
11  * * *
12  * * *
13  110.242.68.4  13.963 ms  13.996 ms  13.978 ms
[root@Kylin-V10-sp3 ~/test]# 


[c:\~]$ tracert -d www.baidu.com
通过最多 30 个跃点跟踪
到 www.a.shifen.com [110.242.68.3] 的路由:
1 <1 毫秒 1 ms <1 毫秒 192.168.17.1
2 <1 毫秒 <1 毫秒 <1 毫秒 192.168.1.1
3 7 ms 2 ms 3 ms 125.33.244.1
4 5 ms 3 ms 3 ms 123.126.26.57
5 8 ms 6 ms 8 ms 202.106.34.17
6 5 ms 4 ms 4 ms 61.49.214.5
7 * 6 ms * 219.158.11.66
8 11 ms 11 ms 11 ms 110.242.66.182
9 * * * 请求超时。
10 * * * 请求超时。
11 * * * 请求超时。
12 * * * 请求超时。
13 14 ms 12 ms 12 ms 110.242.68.3

#03 fping批量检查ip或域名
[root@Kylin-V10-sp3 ~]fping 10.0.0.2 baidu.com jd.com taobao.com 12306.cn
cctv.cn
cat url.txt
[root@Kylin-V10-sp3 ~]# cat url.txt
10.0.0.2
baidu.com
jd.com
taobao.com
12306.cn
cctv.cn
[root@Kylin-V10-sp3 ~/test]# fping -f url.txt
jd.com is alive
12306.cn is alive
taobao.com is alive
cctv.cn is alive
10.0.0.1 is alive
10.0.0.36 is alive
idu.com is alive
[root@Kylin-V10-sp3 ~/test]# 

3.6 命令小结

网络命令

linux

windows

查询ip地址

ip/ifconfig

ipconfig

检查端口号

ss/netstat/lsof /

nc/telnet/nmap

netstat -ant

检查连接情况

ss -ant /netstat -ant

netstat -ant

检查速度

iftop /nethogs

 

dns解析

dig/host/nslookup

nslookup

域名信息

nslookup

网站查看

路径追踪

traceroute, -nI

tracert

tracert

检查链路是否通畅

ping,fping

ping

查询当前系统配置的网关/路由

信息

ip ro /route -n

route print

 

[root@Kylin-V10-sp3 ~/test]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.0.0.2        0.0.0.0         UG    100    0        0 eth0
10.0.0.0        0.0.0.0         255.255.255.0   U     100    0        0 eth0
[root@Kylin-V10-sp3 ~/test]# 
[root@Kylin-V10-sp3 ~/test]# ip route
default via 10.0.0.2 dev eth0 proto static metric 100 
10.0.0.0/24 dev eth0 proto kernel scope link src 10.0.0.36 metric 100 
[root@Kylin-V10-sp3 ~/test]#

4. IP-了解

4.1 格式与分类

点分十进制ip(ipv4) 32位 2^32 点分十进制 xxx.xxx.xxx.xxx

ipv6,128位 2^128

ip地址组成:网络位(居住的校区),主机位(楼房间)

通过子网掩码划分网络位.

根据网络位不同划分ip地址分类

4.2 子网掩码

子网掩码: 用来绝对局域网(网段中)最多有多少台机器.

子网掩码控制:网络位,主机位

PREFIX=24

NETMASK=255.255.255.0

子网掩码计算器:https://www.sojson.com/convert/subnetmask.html

子网掩码计算器:https://www.36130.com/subnetmask/

 

posted @ 2024-09-18 21:55  老虎死了还有狼  阅读(20)  评论(0编辑  收藏  举报