网络属性配置(二)
本文接上篇。。。
ip address -protocol address management.
ip address add -add new protocol address
ip addr add IFADDR
label NAME :为额外添加的地址指明接口别名
[broadcast ADDRESS]: 广播地址;会根据IP和ENTMASK自动计算得到;
[scope SCOPE_VALUE];
global : 全局可用;
link : 接口可用;
host : 仅本机可用;
ip address add -delete - protocol address
ip addr delete IFADDR dev IFACE
ip address add -show - look at protocol addresses
[IFACE]:仅显示指定接口的地址;
ip address add -flush -flush protocol addresses
ip addr flush dev IFACE
ip route -routing table management
ip route add -add new route
ip route change -change route
ip route replace - change or add new one
ip route add TYPE PREFIX via GW[dev IFACE] [src SOURCE_IP]
示例:
#ip route add 192.168.0.0/24 via 10.0.0.0.1 dev eth1 src 10.0.20.100
#ip route add default bia GW
ip route delete -delete route
示例:
# ip route delete 192.168.1.0/24
ip route show -list routes
TYPE PRIFIX
ip route flush -flush routing tables
TYPE PRIFIX
ip route get-get a single route
ip route get TYPE PRIFIX
示例ip route get 192.168.0.0/24
ss命令:
ss [option] [FILTER]
选项:
-t: TCP协议的相关连接
-u:UDP相关的连接
-w: raw socket 相关的连接
-l :监听状态的连接
-a:所有状态的连接
-n:数字格式
-p: 相关的程序及PID
-e:扩展格式
-m:内存用量
-o:计时器信息
TCP的常见状态:
TCP FSM:
LISTEN: 监听
ESTABLISEHD:建立的连接
FIN _WAIT_1:
FIN_WAIT_2:
SYN_SENT:
SYN_RECV :
CLOSED:
EXPRESSION:
dport= 目标端口
sport= 原端口
示例:‘(dport = :22 or sport = :22 )'
~]# ss -tan '( dport = :22 or sport = :22 )'
~]# ss -tan state ESTABLISHED
配置文件:
IP/NATMASK/GW/DNS等属性的配置文件:
IFACE:接口名称;
路由的相关配置文件:
/etc/sysconfig/network-scripts/ifcfg-IFACE
配置文件 /etc/sysconfig/networkj-scripts/route-IFACE通过大量参数来定义接口的属性;
也可通过vim等文本来编辑器直接修改。
也可以使用专用的命令的进行修改(Centos 6:system-config-network(setup),centos7:nmtui)
ifcfg-IFACE配置文件参数:
DEVICE:此配置文件对应的设备的名称:
ONBOOT: 系统引导过程中,是否激活此接口;
UUID:此设备的唯一标志
IPV6INIT: 是否初始化IPv6;
BOOTPROTO:激活此接口是使用什么协议来配置接口属性,常用的有dhcp,bootp,static,none;
TYPE:接口类型,常见的有Ethernet,Bridge;
DNS1:第一DNS服务器指向;
DNS2:备用DNS服务器指向;
DOMAIN:DNS搜索域;
GATEWAY: 默认网关;
USERCTL:是否允许普通用户控制此设备;
PEERNDS: 如果BOOTPROTO的值为“dhcp", 是否允许dhcp server 分配的dns
服务器指向覆盖本地手动指定的DNS服务器指向;默认为允许;
HWADDR:设备的MAC地址;
NM_CONTROLLED:是否使用NetworkManager服务来控制接口;
网络服务:
network
NetworkManager
管理网络服务:
Centos6: service SERVICE {start | stop | restart | status}
Centos7:ossystemctl {start | stop | restart | status } SERVICE [ .service]
配置文件修改之后,如果要生效,需要重启网络服务;
# service network restart
Centos6:service network restart
Centos7: # systemctl restart network.service
用到非默认网关路由:/etc/sysconfig/network-scripts/route-IFACE
支持两种配置方式,但不可混用;
(1)每行一个路由条目:
TARGET via GW
(2)没三行一个路由条目;
ADDRESS#=TARGET
NETMASK#=MASK
GATEWAY#=NEXTHOP
给接口配置多个地址:
ip addr之外,ifconfig或配置文件都可以;
(1)ifconfig IFACE_LABEL IPADDR/NETMASK
IFACE_LABEL : eth0:0, eth0:1,.....
(2)为别名添加配置文件:
DEVICE=IFACE_LABEL
BOOTPROTO : 网上别名不支持动态获取地址;
static, none
nmcli命令:Centos7 专用
nmcli :[OPTIONS] OBJET{ COMMAND | help }
cevice - show and manage network interfaces
COMMAND : = { status | show |connect | delete | wifi |wimax }
connection - start, stop, and manage network connections
COMMAND : = { show | up | down | add | edit | modify | delete | reload | load }
modify [ id | uuid | path ] <ID> [+ | -]<setting>.<property><value>
如何修改IP地址等属性:
# nmcli conn modify IFACE [+ | - ]setting.property value
ipv4,address
ipv4.gateway
ipv4.dns1
ipv4.method
manual