Linux 网络基础
本篇写一些关于Linux网络相关的基础命令、配置等。
hostname
1.查看主机名
[root@localhost ~]# hostname
localhost.localdomain
2.临时修改主机名
[root@localhost ~]# hostname server
[root@localhost ~]# bash
[root@server ~]# hostname
server
[root@server ~]# cat /etc/hostname
localhost.localdomain
[root@server ~]# hostnamectl status
Static hostname: localhost.localdomain
Transient hostname: server
Icon name: computer-vm
Chassis: vm
Machine ID: ec132d04a74d4b7e828b3905a6b83437
Boot ID: 8d0046a6366944b08b3eb7e69b431f6b
Virtualization: vmware
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-693.el7.x86_64
Architecture: x86-64
3.永久修改主机名
[root@server ~]# hostnamectl set-hostname client
[root@server ~]# bash
[root@client ~]# hostname
client
[root@client ~]# cat /etc/hostname
client
[root@client ~]# hostnamectl status
Static hostname: client
Icon name: computer-vm
Chassis: vm
Machine ID: ec132d04a74d4b7e828b3905a6b83437
Boot ID: 8d0046a6366944b08b3eb7e69b431f6b
Virtualization: vmware
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-693.el7.x86_64
Architecture: x86-64
ifconfig
1.查看已启用的网络接口信息
[root@localhost ~]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.28.128 netmask 255.255.255.0 broadcast 192.168.28.255
inet6 fe80::605e:3c48:bafd:e550 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:bc:ab:96 txqueuelen 1000 (Ethernet)
RX packets 471 bytes 520023 (507.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 241 bytes 19798 (19.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 68 bytes 5916 (5.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 68 bytes 5916 (5.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
ether 52:54:00:c3:55:5a txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens33:第一块以太网卡的名称。ens33中的en是EtherNet的缩写,表示网卡类型为以太网,s表示热插拔插槽上的设备hot-plug Slot,数字33表示插槽编号。
lo:回环网络接口,lo是loopback的缩写,它不代表真正的网络接口,而是一个虚拟的网络接口,其IP地址默认是127.0.0.1。回环地址通常仅用于对本机的网络测试。
virbr0:虚拟网桥的连接接口,默认为0号。其作用是连接主机上的虚机网卡提供外网的功能。
2.查看指定的网络接口信息
[root@localhost ~]# ifconfig ens33
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.28.129 netmask 255.255.255.0 broadcast 192.168.28.255
inet6 fe80::eb90:4805:2c20:18ac prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:5b:e0:09 txqueuelen 1000 (Ethernet)
RX packets 899 bytes 207777 (202.9 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 205 bytes 26253 (25.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
inet:表示网络接口的IP地址。
netmask:表示网络接口的子网掩码。
broadcast:表示网络接口所在网络的广播地址。
ether:表示网络接口的MAC地址。
3.设置网络接口的IP地址、子网掩码
-
ifconfig 接口名 IP地址 [netmask 子网掩码]
-
ifconfig 接口名 IP地址[/掩码长度]
[root@localhost ~]# ifconfig ens33 192.168.100.10 netmask 255.255.255.0
[root@localhost ~]# ifconfig ens33
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.100.10 netmask 255.255.255.0 broadcast 192.168.100.255
inet6 fe80::605e:3c48:bafd:e550 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:bc:ab:96 txqueuelen 1000 (Ethernet)
RX packets 626 bytes 562243 (549.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 262 bytes 23344 (22.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
临时配置,重启失效。不指定子网掩码时,将使用
IP地址所在分类的默认子网掩码。
4.临时禁用或者重新激活网卡
- ifconfig 接口名 down
[root@localhost ~]# ifconfig ens33 down
[root@localhost ~]# ifconfig ens33
ens33: flags=4098<BROADCAST,MULTICAST> mtu 1500
ether 00:0c:29:bc:ab:96 txqueuelen 1000 (Ethernet)
RX packets 1067 bytes 667057 (651.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 263 bytes 23404 (22.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
- ifconfig 接口名 up
[root@localhost ~]# ifconfig ens33 up
[root@localhost ~]# ifconfig ens33
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.28.128 netmask 255.255.255.0 broadcast 192.168.28.255
inet6 fe80::605e:3c48:bafd:e550 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:bc:ab:96 txqueuelen 1000 (Ethernet)
RX packets 1078 bytes 668954 (653.2 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 285 bytes 26835 (26.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
5.设置虚拟网络接口
- ifconfig 接口名:序号 IP地址
[root@localhost ~]# ifconfig ens33:0 192.168.100.10
[root@localhost ~]# ifconfig ens33:0
ens33:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.100.10 netmask 255.255.255.0 broadcast 192.168.100.255
ether 00:0c:29:bc:ab:96 txqueuelen 1000 (Ethernet)
[root@localhost ~]# ifconfig ens33:0 down
route
1.查看当前主机中的路由表信息
-n:将路由记录中的地址显示位数字形式
[root@localhost ~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default gateway 0.0.0.0 UG 100 0 0 ens33
192.168.28.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
[root@localhost ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.28.2 0.0.0.0 UG 100 0 0 ens33
192.168.28.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
2.添加、删除到指定网段的路由记录
- route add -net 网段地址 gw IP地址
[root@localhost ~]# route add -net 192.168.100.0/24 gw 192.168.28.1
[root@localhost ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.28.2 0.0.0.0 UG 100 0 0 ens33
192.168.28.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
192.168.100.0 192.168.28.1 255.255.255.0 UG 0 0 0 ens33
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
- route del -net 网段地址
[root@localhost ~]# route del -net 192.168.100.0/24
[root@localhost ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.28.2 0.0.0.0 UG 100 0 0 ens33
192.168.28.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
3。添加、删除默认网关记录
- route add default gw IP地址
[root@localhost ~]# route add default gw 192.168.28.1
[root@localhost ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.28.1 0.0.0.0 UG 0 0 0 ens33
0.0.0.0 192.168.28.2 0.0.0.0 UG 100 0 0 ens33
192.168.28.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
- route del default gw IP地址
[root@localhost ~]# route del default gw 192.168.28.1
[root@localhost ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.28.2 0.0.0.0 UG 100 0 0 ens33
192.168.28.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
netstat
- 查看当前的网络连接状态、路由表、接口统计等信息。
-n:以数字的形式显示相关的主机地址、端口等信息。
-t:查看TCP传输控制协议相关的信息。
-u:显示UDP用户数据报协议相关的信息。
-a:显示当前主机中所有活动的网络连接信息,包括监听、非监听状态的服务端口。
-l:显示处于监听Listening状态的网络连接及端口信息。
-p:显示与网络连接相关联的进程号、进程名称信息,该选项需要root权限。
-r:显示路由表信息。
[root@localhost ~]# netstat -ntap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/systemd
tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN 1335/dnsmasq
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1009/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1012/cupsd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1306/master
tcp6 0 0 :::111 :::* LISTEN 1/systemd
tcp6 0 0 :::22 :::* LISTEN 1009/sshd
tcp6 0 0 ::1:631 :::* LISTEN 1012/cupsd
tcp6 0 0 ::1:25 :::* LISTEN 1306/master
[root@localhost ~]# netstat -nuap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
udp 0 0 0.0.0.0:5353 0.0.0.0:* 578/avahi-daemon: r
udp 0 0 0.0.0.0:12162 0.0.0.0:* 799/dhclient
udp 0 0 192.168.122.1:53 0.0.0.0:* 1335/dnsmasq
udp 0 0 0.0.0.0:67 0.0.0.0:* 1335/dnsmasq
udp 0 0 0.0.0.0:68 0.0.0.0:* 799/dhclient
udp 0 0 127.0.0.1:323 0.0.0.0:* 624/chronyd
udp 0 0 0.0.0.0:51570 0.0.0.0:* 578/avahi-daemon: r
udp6 0 0 :::25751 :::* 799/dhclient
udp6 0 0 ::1:323 :::* 624/chronyd
[root@localhost ~]# netstat -r
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
default promote.cache-d 0.0.0.0 UG 0 0 0 ens33
192.168.28.0 0.0.0.0 255.255.255.0 U 0 0 0 ens33
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
[root@localhost ~]# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.28.2 0.0.0.0 UG 0 0 0 ens33
192.168.28.0 0.0.0.0 255.255.255.0 U 0 0 0 ens33
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
ping
- 测试网络连通性
[root@localhost ~]# ping -c 4 127.0.0.1
PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.036 ms
64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.084 ms
64 bytes from 127.0.0.1: icmp_seq=3 ttl=64 time=0.085 ms
64 bytes from 127.0.0.1: icmp_seq=4 ttl=64 time=0.096 ms
--- 127.0.0.1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3009ms
rtt min/avg/max/mdev = 0.036/0.075/0.096/0.023 ms
traceroute
- 跟踪数据包的路由途径
[root@localhost ~]# traceroute 127.0.0.1
traceroute to 127.0.0.1 (127.0.0.1), 30 hops max, 60 byte packets
1 localhost (127.0.0.1) 0.040 ms 0.010 ms 0.008 ms
traceroute命令能够比ping命令更加准确地定位网络连接的故障点,因此执行速度会比ping命令稍慢。在网络测试与排错过程中,通常会先使用ping命令测试与目的主机的网络连接,如果发现网络连接有故障,再使用traceroute命令跟踪查看是在哪个中间结点存在故障。
nslookup
- 测试 DNS 域名解析
[root@localhost ~]# nslookup www.baidu.com
Server: 192.168.28.2
Address: 192.168.28.2#53
Non-authoritative answer:
www.baidu.com canonical name = www.a.shifen.com.
Name: www.a.shifen.com
Address: 183.232.231.174
Name: www.a.shifen.com
Address: 183.232.231.172
ifcfg-*
- 修改网络接口配置文件
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet
BOOTPROTO=static
DEVICE=ens33
ONBOOT=yes
IPADDR=192.168.100.10
NETMASK=255.255.255.0
GATEWAY=192.168.100.1
TYPE:设置网卡类型,Ethernet表示以太网。
BOOTPROTO:设置网络接口的配置方式,值为static时表示使用静态指定的IP地址,为dhcp时表示通过DHCP的方式动态获取地址。
DEVICE:设置网络接口的名称。
ONBOOT:设置网络接口是否在Linux操作系统启动时激活。
IPADDR:设置网络接口的IP地址。
NETMASK:设置网络接口的子网掩码。
GATEWAY:设置网络接口的默认网关地址。
- 启用、禁用单个网络接口配置
[root@localhost ~]# ifdown ens33
Device 'ens33' successfully disconnected.
[root@localhost ~]# ifup ens33
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/5)
[root@localhost ~]# ifconfig ens33
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.100.10 netmask 255.255.255.0 broadcast 192.168.100.255
inet6 fe80::20c:29ff:febc:ab96 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:bc:ab:96 txqueuelen 1000 (Ethernet)
RX packets 5640 bytes 1889047 (1.8 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 410 bytes 37045 (36.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
- 重启网络服务(会先关闭所有的网络接口,再根据配置文件重新启用所有的网络接口)
[root@localhost ~]# service network restart
Restarting network (via systemctl): [ OK ]
[root@localhost ~]# systemctl restart network
/etc/hosts
- 本地主机映射文件
[root@localhost ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
当访问一个未知的域名时,先查找该文件中是否有相应的映射记录,如果找不到再去向
DNS服务器查询。
/etc/resolv.conf
- 指定为本机提供DNS解析的服务器地址,最多可以指定
3个,第3个后面的会被忽略。
[root@localhost ~]# cat /etc/resolv.conf
# Generated by NetworkManager
search localdomain
nameserver 192.168.28.2
search localdomain:设置默认的搜索域(域名扩展名)。
例如,当访问主机localhost时,就相当于访问localhost.localdomain。
scp
- 远程复制
本地 → 对方
[root@localhost ~]# scp /etc/hosts root@192.168.28.129:/etc/hosts
The authenticity of host '192.168.28.129 (192.168.28.129)' can't be established.
ECDSA key fingerprint is SHA256:QmZtJT0piBUSkF9P3GfYf3uEogzBWs08sI7j0eBE/cI.
ECDSA key fingerprint is MD5:ef:e6:06:22:8a:0f:24:00:f8:af:a5:59:5b:a2:b8:b1.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.28.129' (ECDSA) to the list of known hosts.
root@192.168.28.129's password:
hosts 100% 158 172.5KB/s 00:00
对方 → 本地
[root@localhost ~]# scp root@192.168.28.129:/etc/hosts /etc/hosts
root@192.168.28.129's password:
hosts 100% 158 90.5KB/s 00:00
