设为首页收藏本站
开启辅助访问

Linux配置文件和网络常用命令总结

 您所在的位置:网站首页 linux显示网络配置 Linux配置文件和网络常用命令总结

Linux配置文件和网络常用命令总结

2023-08-27 22:56| 来源: 网络整理| 查看: 265

Linux应用配置大全 Linux网络基本配置

最小化安装的话是没有ifconfig命令的需要使用yum search ifconfig查找,然后yum install net-tools.x86_64软件包

Linux网络配置文件 /etc/sysconfig/network-scripts/ifcfg-eth0

在Linux系统中,系统网络设备的配置文件保存在/etc/sysconfig/network-scripts目录下,其中文件ifcfg-eth0包含第一块网卡的配置信息,文件ifcfg-eth1包含第二块网卡的配置信息,文件ifcfg-lo包含回路IP地址信息。

[root@ansible ~]# ls /etc/sysconfig/network-scripts/ ifcfg-ens33 ifdown-isdn ifdown-tunnel ifup-isdn ifup-Team ifcfg-lo ifdown-post ifup ifup-plip ifup-TeamPort ifdown ifdown-ppp ifup-aliases ifup-plusb ifup-tunnel ifdown-bnep ifdown-routes ifup-bnep ifup-post ifup-wireless ifdown-eth ifdown-sit ifup-eth ifup-ppp init.ipv6-global ifdown-ippp ifdown-Team ifup-ippp ifup-routes network-functions ifdown-ipv6 ifdown-TeamPort ifup-ipv6 ifup-sit network-functions-ipv6 [root@ansible ~]#

以下是/etc/sysconfig/network-scripts/ifcfg-eth0文件内容的示例。

DEVICE=eth0 //表示网卡物理设备的名字 TYPE=Ethernet //表示网络类型 UUID="9a6cf3a6-3947-495f-b721-f8cdd44576ee" //表示网卡的UUID ONBOOT="yes" //表示启动系统时是否激活该网卡,yes激活,no不激活 BOOTPROTO=none //表示为网卡配置静态还是动态IP地址,none:表示无需启动协议,dhcp:表示使用DHCP动态获取IP地址。static:表示手工设置静态IP地址。, IPADDR="192.168.0.100" //表示网卡的IP地址 NETMASK=255.255.255.0 //表示子网掩码 BROADCAST=192.168.0.255 //表示网络广播地址 GATEWAY=192.168.0.1 //表示该网关地址 DNS1=114.114.114.114 //表示DNS服务器的IP地址 NAME="eth0" /etc/resolv.conf文件

/etc/resolv.conf文件是由域名解析器(resolver,一个根据主机名解析IP地址的库)使用的配置文件,下面是/etc/resolv.conf文件内容的示例。

# Generated by NetworkManager nameserver 8.8.8.8 search sh.com

改文件中包含的内容描述:

nameserver:表示解析域名时使用该IP地址指定的主机为域名服务器,其中域名服务器是按照文件中出现的顺序来查询的。

search:表示DNS搜索路径,即解析不完整名称时默认的附加域名后缀,这样可以在解析名称时用简短的主机名而不是完全合格域名(FQDN)。

/etc/host.conf文件

/etc/host.conf文件指定如何解析主机名,Linux系统通过解析器来获得主机名对应的IP地址,下面是/etc/host.conf文件内容的示例。

[root@ansible ~]# cat /etc/host.conf multi on multi on:表示在/etc/hosts文件中指定的主机是否可以有多个地址,拥有多个IP地址的主机一般称为多穴主机。 /etc/hosts文件

当计算机启动时,在可以查询DNS以前,计算机需要查询一些主机名到IP地址的匹配。这些匹配信息存放在/etc/hosts文件中。在没有域名服务器的情况下,系统上的所有网络程序都通过查询该文件来解析对应于某个主机名的IP地址。

[root@ansible sysconfig]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 /etc/networks文件

定义了网络名和网络地址之间的映射关系,下面是内容示例:

default 0.0.0.0 loopback 127.0.0.0 link-local 169.254.0.0 /etc/protocols文件

定义了计算机主机使用的协议,以及每个协议的协议号等相关信息

# /etc/protocols: # $Id: protocols,v 1.11 2011/05/03 14:45:40 ovasik Exp $ # # Internet (IP) protocols # # from: @(#)protocols 5.1 (Berkeley) 4/17/89 # # Updated for NetBSD based on RFC 1340, Assigned Numbers (July 1992). # Last IANA update included dated 2011-05-03 # # See also http://www.iana.org/assignments/protocol-numbers 协议名 协议号 协议全名 注释 ip 0 IP # internet protocol, pseudo protocol number hopopt 0 HOPOPT # hop-by-hop options for ipv6 icmp 1 ICMP # internet control message protocol igmp 2 IGMP # internet group management protocol ggp 3 GGP # gateway-gateway protocol ipv4 4 IPv4 # IPv4 encapsulation st 5 ST # ST datagram mode tcp 6 TCP # transmission control protocol cbt 7 CBT # CBT, Tony Ballardie egp 8 EGP # exterior gateway protocol igp 9 IGP # any private interior gateway (Cisco: for IGRP) bbn-rcc 10 BBN-RCC-MON # BBN RCC Monitoring nvp 11 NVP-II # Network Voice Protocol pup 12 PUP # PARC universal packet protocol argus 13 ARGUS # ARGUS emcon 14 EMCON # EMCON xnet 15 XNET # Cross Net Debugger chaos 16 CHAOS # Chaos udp 17 UDP # user datagram protocol mux 18 MUX # Multiplexing protocol dcn 19 DCN-MEAS # DCN Measurement Subsystems hmp 20 HMP # host monitoring protocol prm 21 PRM # packet radio measurement protocol xns-idp 22 XNS-IDP # Xerox NS IDP trunk-1 23 TRUNK-1 # Trunk-1 trunk-2 24 TRUNK-2 # Trunk-2 leaf-1 25 LEAF-1 # Leaf-1 leaf-2 26 LEAF-2 # Leaf-2 rdp 27 RDP # "reliable datagram" protocol irtp 28 IRTP # Internet Reliable Transaction Protocol iso-tp4 29 ISO-TP4 # ISO Transport Protocol Class 4 netblt 30 NETBLT # Bulk Data Transfer Protocol mfe-nsp 31 MFE-NSP # MFE Network Services Protocol merit-inp 32 MERIT-INP # MERIT Internodal Protocol dccp 33 DCCP # Datagram Congestion Control Protocol 3pc 34 3PC # Third Party Connect Protocol idpr 35 IDPR # Inter-Domain Policy Routing Protocol xtp 36 XTP # Xpress Tranfer Protocol ddp 37 DDP # Datagram Delivery Protocol idpr-cmtp 38 IDPR-CMTP # IDPR Control Message Transport Proto tp++ 39 TP++ # TP++ Transport Protocol il 40 IL # IL Transport Protocol ipv6 41 IPv6 # IPv6 encapsulation sdrp 42 SDRP # Source Demand Routing Protocol ipv6-route 43 IPv6-Route # Routing Header for IPv6 ipv6-frag 44 IPv6-Frag # Fragment Header for IPv6 idrp 45 IDRP # Inter-Domain Routing Protocol rsvp 46 RSVP # Resource ReSerVation Protocol gre 47 GRE # Generic Routing Encapsulation dsr 48 DSR # Dynamic Source Routing Protocol bna 49 BNA # BNA esp 50 ESP # Encap Security Payload ipv6-crypt 50 IPv6-Crypt # Encryption Header for IPv6 (not in official list) ah 51 AH # Authentication Header ipv6-auth 51 IPv6-Auth # Authentication Header for IPv6 (not in official list) i-nlsp 52 I-NLSP # Integrated Net Layer Security TUBA swipe 53 SWIPE # IP with Encryption narp 54 NARP # NBMA Address Resolution Protocol mobile 55 MOBILE # IP Mobility tlsp 56 TLSP # Transport Layer Security Protocol skip 57 SKIP # SKIP ipv6-icmp 58 IPv6-ICMP # ICMP for IPv6 ipv6-nonxt 59 IPv6-NoNxt # No Next Header for IPv6 ipv6-opts 60 IPv6-Opts # Destination Options for IPv6 # 61 # any host internal protocol cftp 62 CFTP # CFTP # 63 # any local network sat-expak 64 SAT-EXPAK # SATNET and Backroom EXPAK kryptolan 65 KRYPTOLAN # Kryptolan rvd 66 RVD # MIT Remote Virtual Disk Protocol ippc 67 IPPC # Internet Pluribus Packet Core # 68 # any distributed file system sat-mon 69 SAT-MON # SATNET Monitoring visa 70 VISA # VISA Protocol ipcv 71 IPCV # Internet Packet Core Utility cpnx 72 CPNX # Computer Protocol Network Executive cphb 73 CPHB # Computer Protocol Heart Beat wsn 74 WSN # Wang Span Network pvp 75 PVP # Packet Video Protocol br-sat-mon 76 BR-SAT-MON # Backroom SATNET Monitoring sun-nd 77 SUN-ND # SUN ND PROTOCOL-Temporary wb-mon 78 WB-MON # WIDEBAND Monitoring wb-expak 79 WB-EXPAK # WIDEBAND EXPAK iso-ip 80 ISO-IP # ISO Internet Protocol vmtp 81 VMTP # Versatile Message Transport secure-vmtp 82 SECURE-VMTP # SECURE-VMTP vines 83 VINES # VINES ttp 84 TTP # TTP nsfnet-igp 85 NSFNET-IGP # NSFNET-IGP dgp 86 DGP # Dissimilar Gateway Protocol tcf 87 TCF # TCF eigrp 88 EIGRP # Enhanced Interior Routing Protocol (Cisco) ospf 89 OSPFIGP # Open Shortest Path First IGP sprite-rpc 90 Sprite-RPC # Sprite RPC Protocol larp 91 LARP # Locus Address Resolution Protocol mtp 92 MTP # Multicast Transport Protocol ax.25 93 AX.25 # AX.25 Frames ipip 94 IPIP # Yet Another IP encapsulation micp 95 MICP # Mobile Internetworking Control Pro. scc-sp 96 SCC-SP # Semaphore Communications Sec. Pro. etherip 97 ETHERIP # Ethernet-within-IP Encapsulation encap 98 ENCAP # Yet Another IP encapsulation # 99 # any private encryption scheme gmtp 100 GMTP # GMTP ifmp 101 IFMP # Ipsilon Flow Management Protocol pnni 102 PNNI # PNNI over IP pim 103 PIM # Protocol Independent Multicast aris 104 ARIS # ARIS scps 105 SCPS # SCPS qnx 106 QNX # QNX a/n 107 A/N # Active Networks ipcomp 108 IPComp # IP Payload Compression Protocol snp 109 SNP # Sitara Networks Protocol compaq-peer 110 Compaq-Peer # Compaq Peer Protocol ipx-in-ip 111 IPX-in-IP # IPX in IP vrrp 112 VRRP # Virtual Router Redundancy Protocol pgm 113 PGM # PGM Reliable Transport Protocol # 114 # any 0-hop protocol l2tp 115 L2TP # Layer Two Tunneling Protocol ddx 116 DDX # D-II Data Exchange iatp 117 IATP # Interactive Agent Transfer Protocol stp 118 STP # Schedule Transfer srp 119 SRP # SpectraLink Radio Protocol uti 120 UTI # UTI smp 121 SMP # Simple Message Protocol sm 122 SM # SM ptp 123 PTP # Performance Transparency Protocol isis 124 ISIS # ISIS over IPv4 fire 125 FIRE crtp 126 CRTP # Combat Radio Transport Protocol crudp 127 CRUDP # Combat Radio User Datagram sscopmce 128 SSCOPMCE iplt 129 IPLT sps 130 SPS # Secure Packet Shield pipe 131 PIPE # Private IP Encapsulation within IP sctp 132 SCTP # Stream Control Transmission Protocol fc 133 FC # Fibre Channel rsvp-e2e-ignore 134 RSVP-E2E-IGNORE mobility-header 135 Mobility-Header # Mobility Header udplite 136 UDPLite mpls-in-ip 137 MPLS-in-IP manet 138 manet # MANET Protocols hip 139 HIP # Host Identity Protocol shim6 140 Shim6 # Shim6 Protocol wesp 141 WESP # Wrapped Encapsulating Security Payload rohc 142 ROHC # Robust Header Compression # 143-252 Unassigned [IANA] # 253 Use for experimentation and testing [RFC3692] # 254 Use for experimentation and testing [RFC3692] # 255 Reserved [IANA] /etc/services 文件

定义了Linux系统中所有服务的名称、协议类型、服务器的端口等信息。是一个服务名和服务端口对应的数据库文件。

# /etc/services: # $Id: services,v 1.55 2013/04/14 ovasik Exp $ # # Network services, Internet style # IANA services version: last updated 2013-04-10 # # Note that it is presently the policy of IANA to assign a single well-known # port number for both TCP and UDP; hence, most entries here have two entries # even if the protocol doesn't support UDP operations. # Updated from RFC 1700, ``Assigned Numbers'' (October 1994). Not all ports # are included, only the more common ones. # # The latest IANA port assignments can be gotten from # http://www.iana.org/assignments/port-numbers # The Well Known Ports are those from 0 through 1023. # The Registered Ports are those from 1024 through 49151 # The Dynamic and/or Private Ports are those from 49152 through 65535 # # Each line describes one service, and is of the form: # # service-name port/protocol [aliases ...] [# comment] tcpmux 1/tcp # TCP port service multiplexer tcpmux 1/udp # TCP port service multiplexer rje 5/tcp # Remote Job Entry rje 5/udp # Remote Job Entry echo 7/tcp echo 7/udp discard 9/tcp sink null discard 9/udp sink null systat 11/tcp users systat 11/udp users daytime 13/tcp daytime 13/udp qotd 17/tcp quote qotd 17/udp quote msp 18/tcp # message send protocol (historic) msp 18/udp # message send protocol (historic) chargen 19/tcp ttytst source chargen 19/udp ttytst source ftp-data 20/tcp ftp-data 20/udp # 21 is registered to ftp, but also used by fsp ftp 21/tcp ftp 21/udp fsp fspd ssh 22/tcp # The Secure Shell (SSH) Protocol ssh 22/udp # The Secure Shell (SSH) Protocol telnet 23/tcp telnet 23/udp # 24 - private mail system lmtp 24/tcp # LMTP Mail Delivery lmtp 24/udp # LMTP Mail Delivery smtp 25/tcp mail smtp 25/udp mail time 37/tcp timserver time 37/udp timserver rlp 39/tcp resource # resource location rlp 39/udp resource # resource location nameserver 42/tcp name # IEN 116 nameserver 42/udp name # IEN 116 nicname 43/tcp whois nicname 43/udp whois tacacs 49/tcp # Login Host Protocol (TACACS) tacacs 49/udp # Login Host Protocol (TACACS) re-mail-ck 50/tcp # Remote Mail Checking Protocol re-mail-ck 50/udp # Remote Mail Checking Protocol domain 53/tcp # name-domain server domain 53/udp whois++ 63/tcp whoispp whois++ 63/udp whoispp bootps 67/tcp # BOOTP server bootps 67/udp bootpc 68/tcp dhcpc # BOOTP client bootpc 68/udp dhcpc tftp 69/tcp tftp 69/udp gopher 70/tcp # Internet Gopher gopher 70/udp netrjs-1 71/tcp # Remote Job Service netrjs-1 71/udp # Remote Job Service netrjs-2 72/tcp # Remote Job Service netrjs-2 72/udp # Remote Job Service netrjs-3 73/tcp # Remote Job Service netrjs-3 73/udp # Remote Job Service netrjs-4 74/tcp # Remote Job Service netrjs-4 74/udp # Remote Job Service finger 79/tcp finger 79/udp http 80/tcp www www-http # WorldWideWeb HTTP http 80/udp www www-http # HyperText Transfer Protocol http 80/sctp # HyperText Transfer Protocol kerberos 88/tcp kerberos5 krb5 # Kerberos v5 kerberos 88/udp kerberos5 krb5 # Kerberos v5 ...... linux 网络命令

在Linux系统中提供了大量的网络命令用于网络配置、网络测试以及网络诊断,如traceroute、mii-tool、ifconfig、ifdown、ifup、ping、netstat、arp、rpcinfo和ip等

traceroute

可以显示数据包到目标主机之间的路径。使用户可以追踪网路数据包的路由途径,预设数据包大小是60字节,用户可以另外设置。

命令语法:

traceroute [选项] [主机名|IP地址] [数据包大小]

例如:跟踪从本地计算机到百度网址的路径。

[root@ansible ~]# traceroute www.baidu.com traceroute to www.baidu.com (103.235.46.39), 30 hops max, 60 byte packets 1 gateway (192.168.0.2) 0.087 ms 0.050 ms 0.067 ms 2 * * * mii-tool

可以查看和设置网卡的工作模式

命令语法:

mii-tool [选项] [接口] ifconfig

可以显示和配置网络接口,如设置IP地址、MAC地址,激活或关闭网络接口。

ifconfig [接口] [选项| IP地址]

命令中个选项的含义

配置网卡ens33的ip地址,同时激活该设备

[root@ansible ~]# ifconfig ens33 192.168.0.100 netmask 255.255.255.0 up

查看所有的网卡设备

ifconfig -a ifdown

关闭网络接口

ifdown [网卡设备名] ifup

开启网络接口

ifup [网卡设备名] ping

可以用来测试与目标计算机之间的连通性。执行ping命令会使用ICMP传输协议发出要求回应的信息,如果远程主机的网络功能没有问题,就会回应该信息。

ping [选项] [目标]

测试与www.baidu.com的连通性

[root@ansible ~]# ping www.baidu.com PING www.wshifen.com (103.235.46.39) 56(84) bytes of data. 64 bytes from 103.235.46.39 (103.235.46.39): icmp_seq=2 ttl=128 time=213 ms 64 bytes from 103.235.46.39 (103.235.46.39): icmp_seq=3 ttl=128 time=216 ms

测试与计算机192.168.0.200的连通性,每次发送的ICMP数据包大小为128字节

[root@ansible ~]# ping -s 128 192.168.0.200 PING 192.168.0.200 (192.168.0.200) 128(156) bytes of data. 136 bytes from 192.168.0.200: icmp_seq=1 ttl=64 time=0.277 ms 136 bytes from 192.168.0.200: icmp_seq=2 ttl=64 time=0.171 ms 136 bytes from 192.168.0.200: icmp_seq=3 ttl=64 time=0.185 ms 136 bytes from 192.168.0.200: icmp_seq=4 ttl=64 time=0.159 ms

测试与计算机192.168.0.200的连通性,发送4个ICMP数据包

[root@ansible ~]# ping -c 4 192.168.0.200 PING 192.168.0.200 (192.168.0.200) 56(84) bytes of data. 64 bytes from 192.168.0.200: icmp_seq=1 ttl=64 time=0.106 ms 64 bytes from 192.168.0.200: icmp_seq=2 ttl=64 time=0.146 ms 64 bytes from 192.168.0.200: icmp_seq=3 ttl=64 time=0.136 ms 64 bytes from 192.168.0.200: icmp_seq=4 ttl=64 time=0.225 ms --- 192.168.0.200 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3003ms rtt min/avg/max/mdev = 0.106/0.153/0.225/0.044 ms netstat

可以显示网络状态的信息,得知整个linux系统的网络情况,比如网络连接、路由表、接口统计、伪装连接和组播成员。

netstat [选项] [延迟]

显示网络接口状态信息

[root@ansible ~]# netstat -i Kernel Interface table Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg ens33 1500 17082 0 0 0 10153 0 0 0 BMRU lo 65536 20 0 0 0 20 0 0 0 LRU

显示内核路由表的信息

[root@ansible ~]# netstat -r Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface default gateway 0.0.0.0 UG 0 0 0 ens33 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 ens33

显示端口号为22的连接情况。

[root@ansible ~]# netstat -antu |grep 22 tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 48 192.168.0.100:22 192.168.0.3:60368 ESTABLISHED tcp 0 0 192.168.0.100:22 192.168.0.3:60369 ESTABLISHED tcp6 0 0 :::22 :::* LISTEN

检查系统上开放端口的情况

[root@ansible ~]# netstat -tulnp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 1228/mysqld tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 924/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1281/master tcp6 0 0 :::22 :::* LISTEN 924/sshd tcp6 0 0 ::1:25 :::* LISTEN 1281/master arp

可以增加,删除和显示ARP缓存条目。

arp [选项] [IP地址] [MAC地址]

查看系统ARP缓存信息。

[root@ansible ~]# arp Address HWtype HWaddress Flags Mask Iface 192.168.0.200 ether 00:0c:29:f8:32:9a C ens33 gateway ether 00:50:56:e2:9e:51 C ens33 192.168.0.3 ether 00:50:56:c0:00:08 C ens33

添加一个新的arp条目

[root@ansible ~]# arp -s 192.168.0.99 00:60:08:27:CE:B2 [root@ansible ~]# arp Address HWtype HWaddress Flags Mask Iface 192.168.0.201 (incomplete) ens33 192.168.0.200 ether 00:0c:29:f8:32:9a C ens33 gateway ether 00:50:56:e2:9e:51 C ens33 192.168.0.3 ether 00:50:56:c0:00:08 C ens33 192.168.0.99 ether 00:60:08:27:ce:b2 CM ens33 192.168.0.101 ether 00:0c:29:d4:5e:94 C ens33 //可以看到刚刚添加的静态ARP记录

删除一个ARP条目

[root@ansible ~]# arp -d 192.168.0.99 [root@ansible ~]# arp Address HWtype HWaddress Flags Mask Iface 192.168.0.201 (incomplete) ens33 192.168.0.200 ether 00:0c:29:f8:32:9a C ens33 gateway ether 00:50:56:e2:9e:51 C ens33 192.168.0.3 ether 00:50:56:c0:00:08 C ens33 192.168.0.101 ether 00:0c:29:d4:5e:94 C ens33 rpcinfo

可以显示那些使用protmap注册的程序的信息,并向程序进行RPC调用,检查他们是否正常运行

rpcinfo的安装包在yum install rpcbind-*

rpcinfo [选项] [主机] [RPC程序编号] [版本号]

显示使用protmap注册的程序的信息

[root@ansible ~]# rpcinfo program version netid address service owner 100000 4 tcp6 ::.0.111 portmapper superuser 100000 3 tcp6 ::.0.111 portmapper superuser 100000 4 udp6 ::.0.111 portmapper superuser 100000 3 udp6 ::.0.111 portmapper superuser 100000 4 tcp 0.0.0.0.0.111 portmapper superuser 100000 3 tcp 0.0.0.0.0.111 portmapper superuser 100000 2 tcp 0.0.0.0.0.111 portmapper superuser 100000 4 udp 0.0.0.0.0.111 portmapper superuser 100000 3 udp 0.0.0.0.0.111 portmapper superuser 100000 2 udp 0.0.0.0.0.111 portmapper superuser 100000 4 local /var/run/rpcbind.sock portmapper superuser 100000 3 local /var/run/rpcbind.sock portmapper superuser

显示主机192.168.0.100上所有已注册的RPC程序的简明列表。

[root@ansible ~]# rpcinfo -s 192.168.0.100 program version(s) netid(s) service owner 100000 2,3,4 local,udp,tcp,udp6,tcp6 portmapper superuser

显示端口映射操作统计信息表

[root@ansible ~]# rpcinfo -m PORTMAP (version 2) statistics NULL SET UNSET GETPORT DUMP CALLIT 0 0/0 0/0 0/0 0 0/0 RPCBIND (version 3) statistics NULL SET UNSET GETADDR DUMP CALLIT TIME U2T T2U 0 0/0 0/0 0/0 2 0/0 0 0 0 RPCBIND (version 4) statistics NULL SET UNSET GETADDR DUMP CALLIT TIME U2T T2U 0 0/0 0/0 0/0 0 0/0 0 0 0 VERADDR INDRECT GETLIST GETSTAT 0 0 0 1 ip

可以显示和操作路由、设备、策略路由和隧道。

ip [选项] [对象] [命令]

对象是要管理或者获取信息的对象,所有对象的名称可以写成完整或缩写形式,如address被缩写为addr或a。目前ip命令认识的对象如表

ip address

实现协议地址管理

查看网卡协议地址

[root@ansible ~]# ip address 1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:b5:ba:4d brd ff:ff:ff:ff:ff:ff inet 192.168.0.100/24 brd 192.168.0.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever [root@ansible ~]#

显示网卡ens33

[root@ansible ~]# ip address show ens33 2: ens33: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:b5:ba:4d brd ff:ff:ff:ff:ff:ff inet 192.168.0.100/24 brd 192.168.0.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever

列出网卡ens33

[root@ansible ~]# ip address list ens33 2: ens33: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:b5:ba:4d brd ff:ff:ff:ff:ff:ff inet 192.168.0.100/24 brd 192.168.0.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever

在网卡ens33上增加一个IP地址192.168.0.13/24,标准广播地址,指定别名为eth33:0

ip address add 192.168.0.13/24 brd + dev ens33 label ens33:0

删除网卡ens33上的IP地址 192.168.0.100/24

ip address del 192.168.0.100/24 dev ens33

添加静态主机路由

[root@ansible ~]# ip address add local 192.169.1.1/24 brd + dev ens33 ip link

可以实现网络设备配置

列出网卡ens33 的属性

[root@ansible ~]# ip link list ens33 2: ens33: mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 00:0c:29:b5:ba:4d brd ff:ff:ff:ff:ff:ff

列出网卡ens33的属性的详细信息

[root@ansible ~]# ip -s link list ens33 2: ens33: mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 00:0c:29:b5:ba:4d brd ff:ff:ff:ff:ff:ff RX: bytes packets errors dropped overrun mcast 16993002 19146 0 0 0 0 TX: bytes packets errors dropped carrier collsns 2128419 11404 0 0 0 0

启用网卡 ens33

ip link set dev ens33 up

停用网卡 ens33

ip link set dev ens33 down

更改网络设备 ens33传输队列的长度为900

ip link set dev ens33 txqueuelen 900

更改网络设备 ens33 的MTU的值为1400

ip link set dev ens33 mtu 1400 ip route

实现路由管理

显示路由表

[root@ansible ~]# ip route default via 192.168.0.2 dev ens33 proto static metric 100 192.168.0.0/24 dev ens33 proto kernel scope link src 192.168.0.100 metric 100 192.169.1.0/24 dev ens33 proto kernel scope link src 192.169.1.1

添加静态网络路由

[root@ansible ~]# ip route add 192.168.1/24 via 192.168.0.1

添加静态主机路由

ip route add 192.168.1.2 via 192.168.0.1

更改静态网路路由

ip route chg 192.168.1/24 dev ens33

获取到IP地址192.168.0.101路径的路由

[root@ansible ~]# ip route get 192.168.0.101 192.168.0.101 dev ens33 src 192.168.0.100 cache

计算路由缓存里面的条数

[root@ansible ~]# ip -o route list cloned | wc 0 0 0

列出网络192.168.0.0的路由表

[root@ansible ~]# ip route list 192.168.0/24 192.168.0.0/24 dev ens33 proto kernel scope link src 192.168.0.100 metric 100 ip rule

实现路由策略数据库管理

列出规则

[root@ansible ~]# ip rule list 0: from all lookup local 32766: from all lookup main 32767: from all lookup default ip neigh

实现邻居/ARP表管理

查看系统ARP缓存信息

[root@ansible ~]# ip neigh list 192.168.0.201 dev ens33 FAILED 192.168.0.200 dev ens33 lladdr 00:0c:29:f8:32:9a STALE 192.168.0.2 dev ens33 lladdr 00:50:56:e2:9e:51 STALE 192.168.0.3 dev ens33 lladdr 00:50:56:c0:00:08 REACHABLE 192.168.0.101 dev ens33 lladdr 00:0c:29:d4:5e:94 STALE

查看IP地址192.168.0.101的系统ARP缓存信息。

[root@ansible ~]# ip -s neigh list 192.168.0.101 192.168.0.101 dev ens33 lladdr 00:0c:29:d4:5e:94 used 4780/4780/4754 probes 4 STALE 捕获网络数据包 tcpdump

可以将网络中传送的数据包的头完全截获下来提供分析。他支持针对网络层、协议、主机或端口的过滤,并提供and、or、not等逻辑语言来删选信息。

tcpdump [选项] [表达式]



【本文地址】


今日新闻

推荐新闻

CopyRight 2018-2019 办公设备维修网 版权所有 豫ICP备15022753号-3