Linux网络属性配置命令
ifcfg命令家族:ifconfig,route,netstat
ifconfig命令:接口及地址查看和管理
ifconfig [INTERFACE]
#ifconfig -a : 显示所有接口,包括inactive状态的接口
ifconfig interface [aftype] options | address ...
#ifconfig IFACE IP/MASK [up|down]
#ifconfig IFACE IP netmask NETMASK options: [-]promisc
注意:立即送往内核中的TCP/IP协议栈,并生效
管理IPv6地址: add addr/prefixlen
del addr/prefixlen
route命令:路由查看及管理
路由条目类型:
主机路由:目标地址为单个IP 网络路由:目标地址为IP网络
默认路由:目标为任意主机,0.0.0.0/0.0.0.0 查看:
#route -n
添加:
route add [-net|-host] target [netmask Nm] [gw GW] [[dev] If]
示例:route add -net 10.0.0.0/8 gw 192.168.10.1 dev eth1
route add -net 0.0.0.0/0.0.0.0 gw 192.168.10.1 route add default gw 192.168.10.1 删除:
route del [-net|-host] target [gw GW] [netmask Nm] [[dev] If]
示例:route del -net 10.0.0.0/8 gw 192.168.10.1 route del defaule
netstat命令:
Print network connections,routing tables,interface statistics,masquerade connections,and multicast memberships
显示路由表:netstat -rn
-r:显示内核路由表
-n:数字格式
显示网络连接:
netstat [--tcp|-t] [--udp|-u] [--udplite|-U] [--sctp|-S] [--raw|-w] [--listening|-l] [--all|-a] [--numeric|-n] [--extend|-e[--extend|-e]] [--program|-p]
-t:TCP协议的相关连接,连接均有其状态;FSM(Finate State Machine);
-u:UDPF相关的连接
-w:raw socket相关的连接
-l:处于监听状态的连接
-a:所有状态
-n:以数字格式显示IP和Port
-e:扩展格式
-p:显示相关的进程及PID
常用组合:
-tan, -uan, -tnl, -unl, -tunlp
传输层协议:
tcp:面向连接的协议;通信开始之前,要建立一个虚链路;通信完成后还要拆除连接;
udp:无连接的协议;直接发送数据报文;
显示接口的统计数据:
netstat {--interfaces|-I|-i} [iface] [--all|-a] [--extend|-e] [--verbose|-v] [--program|-p] [--numeric|-n]
所有接口:
netstat -i
指定接口:
netstat -I<IFace>
ifup/ifdown命令:
注意:通过配置文件/etc/sysconfig/network-scripts/ifcfg-IFACE来识别接口并完成配置
配置主机名:
hostname命令:
查看:hostname
配置:hostname HOSTNAME
当前系统有效,重启后无效
hostnamectl命令(CentOS7):
hostnamectl status:显示当前主机名信息
hostnamectl set-hostname:设定主机名,永久有效
配置文件:/etc/sysconfig/network
HOSTNAME=<HOSTNAME>
注意:此方法的设置不会立即生效;但以后会一直有效
配置DNS服务器指向:
配置文件:/etc/resolv.conf
nameserver DNS_SERVER_IP
如何测试(host/nslookup/dig):
#dig -t A FQDN
FQDN --> IP #dig -x IP IP --> FQDN
iproute2家族: ip命令:
show/manipulate routing,devices,policy routing and tunnels ip [OPTIONS] OBJECT {COMMAND|help} OBJECT:={link|addr|route|netns}
注意:OBJECT可简写,各OBJECT的子命令也可简写 ip OBJECT: ip link : network device configuration ip link set - change device attributes
dev NAME (default):指名要管理的设备,dev关键字可省略 up和down:
multicast on 或 multicast off:启用或禁用多播功能
name NAME:重命名接口
mtu NUMBER:设置MTU的大小,默认为1500 netns PID:ns为namespace,用于将接口移动到指定的网络名称空间 ip link show - display device attributes ip link help - 显示简要使用帮助 ip netns:- manage network namespaces ip netns list:列出所有的netns ip netns add NAME:创建指定的netns ip netns del NAME:删除指定的netns ip netns exec NAME COMMAND:在指定的netns中运行命令 ip address - protocol address management ip address add - add new protocol address ip addr add IFADDR dev IFACE
[label NAME]:为额外添加的地址指明接口别名
[broadcast ADDRESS]:广播地址;会根据IP和NETMASK自动计算得到
[scope SCOPE_VALUE]: global:全局可用
link:接口可用
host:近本机可用 ip address delete - delete protocol address ip addr delete IFADDR dev IFACE ip address show - look at protocol addresses ip addr list [IFACE]:仅显示指定接口的地址 ip address flush - flush protocol addresses ip addr flush dev IFACE ip route - routing table management ip route add - add new route ip route change - change route ip route replace - change or add new one ip route add TYPE PREFIX via GW [dev IFACE] [src SOURCE_IP]
示例:
#ip route add 192.168.0.0/24 via 10.0.0.1 dev eth1 src 10.0.20.100 #ip route add default via GW ip route delete - delete route ip route del TYPE PRIFIX
示例:
#ip route delete 192.168.1.0/24 ip route show - list routes
TYPE PRIFIX ip route flush - flush routing tables
TYPE PRIFIX ip route get - get a single route ip route get TYPE PRIFIX
示例:
#ip route get 192.168.0.0/24 ss命令: ss [options] [FILTER]
选项:
-t:TCP协议的相关链接
-u:UDPF相关的连接
-w:raw socket相关的连接
-l:监听状态的连接
-a:所有状态的连接
-n:数字格式
-p:相关的程序及PID
-e:扩展格式信息
-m:内存用量
-o:计时器信息
FILTER :=[state TCP-STATE] [EXPRESSION]
TCP的常见状态:
TCP FSM:
LISTEN:监听
ESTABLISEHD:建立的连接
FIN_WAIT_1:
FIN_WAIT_2:
SYN_SENT:
SYN_RECV:
CLOSED:
EXPRESSION
dport =
sport =
示例:'(dport = :22 or sport = :22)' ~]#ss -tan '(dport = :22 or sport = :22)' ~]#ss -tan state ESTABLISHED
原创文章,作者:XIAJIDONG,如若转载,请注明出处:http://www.178linux.com/75140
