Network Attribute Configuration
Keywords:
Linux
network
DNS
vim
Mac
When we have a brand new computer, the first step is to download all kinds of software, watch videos, listen to music and so on. The key point here is to have a network. Nowadays, most personal computers are based on windows operating system. It is very simple to access network. It may be possible to access the Internet by plugging in the internet. The most troublesome thing is to find a network and sharing center and manually configure an ip address, gateway address and dns server to access the internet. Of course, this is due to the graphical interface. But now many servers are linux operating system and there is no graphical interface. At this time, we need to know how to configure the network attributes correctly for the linux host. This blog is about opening the network attributes configuration of linux operating system in the right way (this blog is based on the distribution and version: centOS7, centOS6.5).
Two Ways of Accessing Network
Manual designation
1. Use commands
Generally, temporary modifications, such as ifconfig, route, ip addr, fail after restart.
2. Modify configuration files
Modify the file configuration to be permanent, but may not take effect immediately, requiring a restart of the service.
II. Dynamic Acquisition
If DHCP service exists in the local network, it can dynamically obtain the ip address, gateway address, DNS server address and so on.
Commonly used management and configuration commands
I. ifconfig
1. View the active interface without any options. The - a option displays all interfaces, including those in inactive state:
[root@localhost ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:9F:AA:AD
inet addr:192.168.172.136 Bcast:192.168.172.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe9f:aaad/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2168 errors:0 dropped:0 overruns:0 frame:0
TX packets:404 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:149715 (146.2 KiB) TX bytes:29251 (28.5 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
[root@localhost ~]# ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:0C:29:9F:AA:AD
inet addr:192.168.172.136 Bcast:192.168.172.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe9f:aaad/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2223 errors:0 dropped:0 overruns:0 frame:0
TX packets:425 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:153927 (150.3 KiB) TX bytes:32473 (31.7 KiB)
eth1 Link encap:Ethernet HWaddr 00:0C:29:9F:AA:B7
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Naming of interfaces:
1. Traditional command mode:
Ethernet: eth1, eth2... ethn # centos6 is a common naming method
PPP network: ppp1,ppp2...pppn
2. Predictable Command Scheme
If the index information provided by firmware or BIOS for integrated devices on the motherboard is available, commands are made based on this index, such as eno1,eno2....enon;
If the index information provided by firmware or BIOS on the PCI-E expansion slot is available, commands are made according to this index, such as ens1,ens2...ensn;
If the physical location information of the hardware interface is available, the command is based on this information, such as enp2s0.
If the user displays the definition, it can also be based on the MAC address command, such as enx1232131231.
3. Composition of Naming Format
en: Ethernet
wl: wireless network
ww: WAN
4. Name type
O < index >: device index number of integrated devices
S < slot >: index number of expansion slot
X < MAC >: Naming based on MAC address
P < bus > s < slot >: naming based on bus slot topology
Interface naming
2. Two ways to configure interface ip address mask:
ifconfig INTERFACE IP/MASK [up|down] #up and down are optional
ifconfig INTERFACE IP netmask NETMASK [up|down]
Give an example:
[root@localhost ~]# ifconfig eth1 192.168.1.1/24 up
[root@localhost ~]#
[root@localhost ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:9F:AA:AD
inet addr:192.168.172.136 Bcast:192.168.172.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe9f:aaad/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2392 errors:0 dropped:0 overruns:0 frame:0
TX packets:510 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:168403 (164.4 KiB) TX bytes:43303 (42.2 KiB)
eth1 Link encap:Ethernet HWaddr 00:0C:29:9F:AA:B7
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe9f:aab7/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:5 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:398 (398.0 b)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
3. Open the hybrid mode of the interface, here do not do too much description, the following blog will explain:
[root@localhost ~]# ifconfig eth1 promisc
[root@localhost ~]#
[root@localhost ~]# ifconfig eth1
eth1 Link encap:Ethernet HWaddr 00:0C:29:9F:AA:B7
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe9f:aab7/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1 #Here's an additional PROMISC
RX packets:29 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2985 (2.9 KiB) TX bytes:468 (468.0 b)
4. Added and deleted IPv6 addresses
ifconfig INTERFACE add addr/prefixlen
ifconfig INTERFACE del addr/prefixlen
Give an example:
[root@localhost ~]# ifconfig eth1 add 2001:0:0:12::1/64 #Added an IPV6 address
[root@localhost ~]#
[root@localhost ~]# ifconfig eth1
eth1 Link encap:Ethernet HWaddr 00:0C:29:9F:AA:B7
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: 2001:0:0:12::1/64 Scope:Global
inet6 addr: fe80::20c:29ff:fe9f:aab7/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:57 errors:0 dropped:0 overruns:0 frame:0
TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:6604 (6.4 KiB) TX bytes:836 (836.0 b)
[root@localhost ~]# ifconfig eth1 del 2001:0:0:12::1/64 #Delete ipv6 address
[root@localhost ~]#
[root@localhost ~]# ifconfig eth1
eth1 Link encap:Ethernet HWaddr 00:0C:29:9F:AA:B7
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe9f:aab7/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:62 errors:0 dropped:0 overruns:0 frame:0
TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:7468 (7.2 KiB) TX bytes:1016 (1016.0 b)
If we do not configure the ipv6 address, we will find that each interface has an ipv6 address with the beginning of fe80. This address is called link local address. The first 64 bits are fixed format, and the second 64 bits are generated based on EUI-64. Generally speaking, it is based on MAC address. Link local address can only communicate locally with users if we want to realize it. The function of the network must configure the interface with a global address, that is, the global aggregable unicast address. The configuration is shown as Global as above.
Multiple IP addresses can be configured for interface aliases:
[root@localhost ~]# ifconfig ens34:1 192.168.179.130 netmask 255.255.255.0
[root@localhost ~]#
[root@localhost ~]# ifconfig
ens32: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.172.134 netmask 255.255.255.0 broadcast 192.168.172.255
inet6 fe80::4:ed31:efad:25d0 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:db:7f:47 txqueuelen 1000 (Ethernet)
RX packets 25157 bytes 12826364 (12.2 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 11651 bytes 2175604 (2.0 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens34: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.179.128 netmask 255.255.255.0 broadcast 192.168.179.255
ether 00:0c:29:db:7f:51 txqueuelen 1000 (Ethernet)
RX packets 666 bytes 91944 (89.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 220 bytes 29356 (28.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens34:1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.179.130 netmask 255.255.255.0 broadcast 192.168.179.255
ether 00:0c:29:db:7f:51 txqueuelen 1000 (Ethernet)
Then add a configuration file for the alias. Remember that DEVICE is an alias name and BOOTPROTO: Dynamic address acquisition is not supported.
Note: When ifconfig is executed, the command takes effect immediately after execution, but fails after restart!
Two, route
1. View routing entries
route -n #Numerically, without the - n option, the address may be displayed with the host name and other symbols
Give an example:
[root@localhost ~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.172.0 * 255.255.255.0 U 0 0 0 eth0
link-local * 255.255.0.0 U 1002 0 0 eth0
default 192.168.172.2 0.0.0.0 UG 0 0 0 eth0
[root@localhost ~]#
[root@localhost ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.172.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
0.0.0.0 192.168.172.2 0.0.0.0 UG 0 0 0 eth0
2. Adding routing entries
route add [-net|-host] target [netmask Nm] [gw GW] [[dev] If]
Give an example:
[root@localhost ~]# route add -net 100.100.100.0/24 gw 192.168.1.1 #Interfaces can be omitted
[root@localhost ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
100.100.100.0 192.168.1.1 255.255.255.0 UG 0 0 0 eth1
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.172.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
0.0.0.0 192.168.172.2 0.0.0.0 UG 0 0 0 eth0
[root@localhost ~]# route add default gw 192.168.1.1 dev eth1 #Create default routes using default parameters
[root@localhost ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
100.100.100.0 192.168.1.1 255.255.255.0 UG 0 0 0 eth1
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.172.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth1
0.0.0.0 192.168.172.2 0.0.0.0 UG 0 0 0 eth0
3. Delete routing
route del [-net|-host] target [gw GW] [netmask Nm] [[dev] If]
Give an example:
[root@localhost ~]# route del -net 100.100.100.0/24
[root@localhost ~]# route del -net 0.0.0.0/0 gw 192.168.1.1 #If there are multiple destination IP addresses, gateway addresses can be specified to avoid deletion by mistake.
[root@localhost ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.172.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
0.0.0.0 192.168.172.2 0.0.0.0 UG 0 0 0 eth0
3. netstat command
Specialized for displaying commands
1. Display routing table
netstat -rn
-r: Display the kernel routing table
-n: Digital format
Give an example:
[root@localhost ~]# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.172.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 192.168.172.2 0.0.0.0 UG 0 0 0 eth0
2. Display network connection
netstat [--tcp|-t] [--udp|-u] [--udplite|-U] [--sctp|-S] [--raw|-w] [--listening|-l] [--all|-a] [--numeric|-n] [--extend|-e[--extend|-e]] [--program|-p]
- t: Related Connections of TCP
- u: UDP related connection
- w: raw socket related connection
- l: Connections in the listening state
- a: All States
- n: Display ip and port in digital format
- e: Extended format
- p: Display related processes and PID
Common combinations:
-tan -uan -tnl -unl -tunlp
Give an example:
[root@localhost ~]# netstat -tan
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 64 192.168.172.136:22 192.168.172.1:60645 ESTABLISHED
tcp 0 0 :::22 :::* LISTEN
tcp 0 0 ::1:25 :::* LISTEN
[root@localhost ~]# netstat -uan
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
udp 0 0 0.0.0.0:68 0.0.0.0:*
[root@localhost ~]# netstat -tnl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 0 :::22 :::* LISTEN
tcp 0 0 ::1:25 :::* LISTEN
[root@localhost ~]# netstat -unl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
udp 0 0 0.0.0.0:68 0.0.0.0:*
[root@localhost ~]# netstat -tunlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1008/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1084/master
tcp 0 0 :::22 :::* LISTEN 1008/sshd
tcp 0 0 ::1:25 :::* LISTEN 1084/master
udp 0 0 0.0.0.0:68 0.0.0.0:* 904/dhclient
3. Display interface statistics
netstat {--interfaces|-I|-i} [iface] [--all|-a] [--extend|-e] [--verbose|-v] [--program|-p] [--numeric|-n]
Information for all interfaces: netstat-i
Designated interface: netstat-I<INTERFACE>
Give an example:
[root@localhost ~]# netstat -i
Kernel Interface table
Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0 1500 0 2288 0 0 0 1099 0 0 0 BMRU
eth1 1500 0 8 0 0 0 6 0 0 0 BMRU
lo 16436 0 0 0 0 0 0 0 0 0 LRU
[root@localhost ~]# netstat -Ieth1
Kernel Interface table
Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth1 1500 0 8 0 0 0 6 0 0 0 BMRU
IV. ifup and ifdown
Open or close the interface, identify the interface through the configuration file and complete the configuration. If the interface does not have a configuration file, it will not work.
ifup INTERFACE
ifdown INTERFACE
Five, ip
The function of ip is very powerful. Here, we only introduce some common usage. See man's manual for details.
NAME: show / manipulate routing, devices, policy routing and tunnels
ip [ OPTIONS ] OBJECT { COMMAND | help }
OBJECT := { link | addr | route | netns } #Note that when writing commands, OBJECT can be abbreviated, as can subcommands of each OBJECT.
1. ip link: network equipment management
ip link set: modifying device properties
dev NAME: The default parameter specifies the device to be managed, and the keyword dev can be omitted.
{up|down}: Turn on or off devices
{multicast on|multicast off}: Turn on or off multicast functionality
{name NAME}: Rename the interface and shut down the device first
netns PID|netnsname: netns is a namespace that moves the interface to the specified network namespace
ip link show: view device status
ip link help: display help information
Give an example:
[root@localhost ~]# ip link set ens34 down #Close ens34
[root@localhost ~]# ip link set ens34 name eth34 #rename
[root@localhost ~]#
[root@localhost ~]# ifconfig -a
ens32: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.172.134 netmask 255.255.255.0 broadcast 192.168.172.255
inet6 fe80::4:ed31:efad:25d0 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:db:7f:47 txqueuelen 1000 (Ethernet)
RX packets 14177 bytes 10140644 (9.6 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 5848 bytes 1208376 (1.1 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth34: flags=4098<BROADCAST,MULTICAST> mtu 1500
ether 00:0c:29:db:7f:51 txqueuelen 1000 (Ethernet)
RX packets 399 bytes 55093 (53.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 102 bytes 15624 (15.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@localhost ~]# ip link set eth34 name ens34
[root@localhost ~]# ip link set ens34 up
[root@localhost ~]# ifconfig
ens32: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.172.134 netmask 255.255.255.0 broadcast 192.168.172.255
inet6 fe80::4:ed31:efad:25d0 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:db:7f:47 txqueuelen 1000 (Ethernet)
RX packets 14382 bytes 10157346 (9.6 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 5954 bytes 1220936 (1.1 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens34: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.179.128 netmask 255.255.255.0 broadcast 192.168.179.255
inet6 fe80::3062:d2dc:471:6045 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:db:7f:51 txqueuelen 1000 (Ethernet)
RX packets 403 bytes 55727 (54.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 112 bytes 16702 (16.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
2.ip netns: manage network namespaces
ip netns list: List all network namespaces
ip netns add NAME: Create the specified network namespace
ip netns del NAME: Delete the specified network namespace
ip netns exec NAME COMMAND: Run commands in specified netns
Give an example:
[root@localhost ~]# ip netns add mynetns #Create a namespace
[root@localhost ~]#
[root@localhost ~]# ip netns list #View namespaces
mynetns
[root@localhost ~]# ip link set ens34 netns mynetns #Binding ens34 to namespace mynetns
[root@localhost ~]# ifconfig -a #At this point we will find that the equipment is missing.
ens32: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.172.134 netmask 255.255.255.0 broadcast 192.168.172.255
inet6 fe80::4:ed31:efad:25d0 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:db:7f:47 txqueuelen 1000 (Ethernet)
RX packets 14892 bytes 10199499 (9.7 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 6234 bytes 1258060 (1.1 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 72 bytes 6260 (6.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 72 bytes 6260 (6.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@localhost ~]# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:db:7f:47 brd ff:ff:ff:ff:ff:ff
[root@localhost ~]# ip netns exec mynetns ip link show #Only by executing commands in the namespace can you see that using ifconfig is invalid
1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN mode DEFAULT qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
3: ens34: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT qlen 1000
link/ether 00:0c:29:db:7f:51 brd ff:ff:ff:ff:ff:ff
[root@localhost ~]# ip netns exec mynetns ip link set ens34 up #Enable interface
[root@localhost ~]# ip netns exec mynetns ip link show
1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN mode DEFAULT qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
3: ens34: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:db:7f:51 brd ff:ff:ff:ff:ff:ff
3.ip address: protocol address management
ip address IFADDR dev INTERFACE: Added address, an interface can have multiple addresses
ip address delete IFADDR dev INTERFACE: Delete the address of the interface
ip address show [INTERFACE]: Display interface address
ip address flush dev INTERFACE: Delete interface address
Give an example:
[root@localhost ~]# ip address flush ens34
[root@localhost ~]# ifconfig
ens32: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.172.134 netmask 255.255.255.0 broadcast 192.168.172.255
inet6 fe80::4:ed31:efad:25d0 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:db:7f:47 txqueuelen 1000 (Ethernet)
RX packets 15955 bytes 10285157 (9.8 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 6762 bytes 1356066 (1.2 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens34: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
ether 00:0c:29:db:7f:51 txqueuelen 1000 (Ethernet)
RX packets 413 bytes 57483 (56.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 138 bytes 18976 (18.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@localhost ~]# ip address add 192.168.179.22/24 dev ens34
[root@localhost ~]#
[root@localhost ~]# ifconfig ens34
ens34: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.179.22 netmask 255.255.255.0 broadcast 0.0.0.0
ether 00:0c:29:db:7f:51 txqueuelen 1000 (Ethernet)
RX packets 416 bytes 57775 (56.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 141 bytes 19212 (18.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@localhost ~]# ip address delete 192.168.179.22/24 dev ens34
[root@localhost ~]# ifconfig ens34
ens34: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
ether 00:0c:29:db:7f:51 txqueuelen 1000 (Ethernet)
RX packets 424 bytes 58479 (57.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 149 bytes 19804 (19.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@localhost ~]# ip address show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:db:7f:47 brd ff:ff:ff:ff:ff:ff
inet 192.168.172.134/24 brd 192.168.172.255 scope global dynamic ens32
valid_lft 1180sec preferred_lft 1180sec
inet6 fe80::4:ed31:efad:25d0/64 scope link
valid_lft forever preferred_lft forever
3: ens34: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:db:7f:51 brd ff:ff:ff:ff:ff:ff
4.ip route: routing table management
IP route add TYPE PREFIX via GW [dev IFACE] [src SOURCE_IP]: Add a new route
ip route delete TYPE PREFIX: Delete routing
ip route show [TYPE PRIFIX]: View routes
ip route flush: empty routing
ip route get TYPE PREFIX: Get a separate routing information
See Help Information for more details: man IP route
Give an example:
[root@localhost ~]# ip route show
default via 192.168.172.2 dev ens32 proto static metric 100
192.168.172.0/24 dev ens32 proto kernel scope link src 192.168.172.134 metric 100
192.168.179.0/24 dev ens34 proto kernel scope link src 192.168.179.128
192.168.179.0/24 dev ens34 proto kernel scope link src 192.168.179.128 metric 100
[root@localhost ~]#
[root@localhost ~]# ip route add 100.100.100.0/24 via 192.168.179.128 dev ens34
[root@localhost ~]#
[root@localhost ~]# ip route show
default via 192.168.172.2 dev ens32 proto static metric 100
100.100.100.0/24 via 192.168.179.128 dev ens34
192.168.172.0/24 dev ens32 proto kernel scope link src 192.168.172.134 metric 100
192.168.179.0/24 dev ens34 proto kernel scope link src 192.168.179.128
192.168.179.0/24 dev ens34 proto kernel scope link src 192.168.179.128 metric 100
[root@localhost ~]# ip route show 100.100.100.0/24
100.100.100.0/24 via 192.168.179.128 dev ens34
[root@localhost ~]# ip route get 100.100.100.0/24
100.100.100.0 dev ens34 src 192.168.179.128
cache
6. ss command
ss and netstat have similar functions, but they are more powerful than netstat.
net [options] [FILTER]
options:
-t:TCP Relevant Connections
-u: UDP Relevant Connections
-w: raw socket Relevant Connections
-l: Connection of listening state
-a: Connections of all States
-n: Digital format display
-p: Relevant Procedures and Related Procedures PID
-e: Extended format information
-m: Memory usage
-o: Timer information
FILTER:
[ state TCP-STATE ] [ EXPRESSION ]
TCP-STATE:
LISTEN: Monitor
ESTABLISEHD: Connections have been established
FIN_WAIT_1:
FIN_WAIT_2:
SYN_SENT:
SYN_RECV:
CLOSED:
EXPRESSION:
dport: Destination port
sport: Source port
...
Give an example:
[root@localhost ~]# ss -tan
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
ESTAB 0 0 192.168.172.134:22 192.168.172.1:57461
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
[root@localhost ~]# ss -tanp
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:* users:(("sshd",pid=943,fd=3))
LISTEN 0 100 127.0.0.1:25 *:* users:(("master",pid=1038,fd=13))
ESTAB 0 180 192.168.172.134:22 192.168.172.1:57461 users:(("sshd",pid=1074,fd=3))
LISTEN 0 128 :::22 :::* users:(("sshd",pid=943,fd=4))
LISTEN 0 100 ::1:25 :::* users:(("master",pid=1038,fd=14))
[root@localhost ~]# ss -uan
State Recv-Q Send-Q Local Address:Port Peer Address:Port
ESTAB 0 0 192.168.172.134:60204 61.216.153.106:123
UNCONN 0 0 127.0.0.1:323 *:*
UNCONN 0 0 *:1524 *:*
UNCONN 0 0 *:68 *:*
UNCONN 0 0 *:68 *:*
UNCONN 0 0 *:30403 *:*
UNCONN 0 0 :::27349 :::*
UNCONN 0 0 ::1:323 :::*
UNCONN 0 0 :::5011 :::*
[root@localhost ~]# ss -tan '( dport = :22 or sport = :22 )'
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
ESTAB 0 52 192.168.172.134:22 192.168.172.1:57461
LISTEN 0 128 :::22 :::*
[root@localhost ~]#
[root@localhost ~]# ss -tan state ESTABLISHED
Recv-Q Send-Q Local Address:Port Peer Address:Port
0 52 192.168.172.134:22 192.168.172.1:57461
Configuring Host Name
hostname
Hostname: View hostname
Host name HOSTNAME: Modify host name, invalid after restart
In centos7:
Hostname CTL status: Displays current hostname and other information
Host name CTL set-host name HOSTNAME: Set host name, permanent
Network Property Profile
Configuration file for host name
/ etc/sysconfig/network (there is this file in centos7, but it is empty because hostname CTL set-hostname is added in centos7, which can set a permanent and valid hostname):
centos6:
[root@localhost ~]# vim /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=localhost.localdomain
Note: Modifying the configuration file will not take effect immediately, but will remain valid for the future.
Configuration files for DNS
/ etc/hosts: a file responsible for fast resolution of IP address and domain name. The hosts file contains the mapping between IP address and host name. In the process of domain name resolution, we will first check whether there is mapping relationship between domain name and IP address in the hosts file. If not, we will send a request for domain name resolution to DNS server:
[root@frankhost ~]# vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
/ etc/resolv.conf: Configured with the address of the DNS server, when the host wants to access a domain name, it sends a request for parsing to the DNS server in resolv.conf:
[root@localhost ~]# vim /etc/resolv.conf
# Generated by NetworkManager
search localdomain
nameserver 192.168.172.2
nameserver 192.168.179.1
Configuration files for interfaces and routing
/ etc/sysconfig/network-scripts/ifcfg-IFACE: The properties of the interface are defined by a large number of parameters, which can be directly modified by text editors such as vim:
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens32
TYPE=Ethernet #Interface type
BOOTPROTO=dhcp #What protocols are used to configure the properties of the interface to activate this interface, such as dhcp, bootp, static, none, etc.
DEFROUTE=yes #Whether to create default routing with this interface
PEERDNS=yes #If the value of BOOTPROTO is DHCP, is it allowed for the DNS server allocated by dhcp server to point to the DNS server that overrides the locally manually specified DNS server?
PEERROUTES=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes #Whether to initialize IPV6
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens32 #The device name for this configuration file
UUID=a3471195-913d-4e38-b521-47ffa1859ffe #Unique identification of this device
DEVICE=ens32 #The device name for this device file
ONBOOT=yes
In addition to some of the above parameters, there are other important parameters:
DNS1: DNS pointing, up to three
DOMAIN:DNS Search Domain
IPADDR: ip Address
NETMASK: Subnet mask; supports the use of PREFIX to specify subnet mask in length in centos7
GATEWAY: Default Gateway
USERCTL: Allow Ordinary User Control
HWADDR: MAC address of device
NM_CONTROLLED: Whether to use the Network Manager service to control the interface
/ etc/sysconfig/network-scripts/route-IFACE: There are two configurations for each interface, but they can't be mixed:
(1) Configure one route per line:
target/prefix via GW
(2) Configure one route every three rows:
ADDRESS#=target
NETWORK#=mask
GATEWAY#=NEXTHOP
#For number 0.1.2.3....
Give an example:
[root@frankhost ~]# vim /etc/sysconfig/network-scripts/route-eth0
100.100.100.0/24 via 192.168.172.136
[root@frankhost ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
100.100.100.0 192.168.172.136 255.255.255.0 UG 0 0 0 eth0
192.168.172.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
0.0.0.0 192.168.172.2 0.0.0.0 UG 0 0 0
[root@frankhost ~]# vim /etc/sysconfig/network-scripts/route-eth0
ADDRESS0=192.168.1.0
NETMASK0=255.255.255.0
GATEWAY0=192.168.172.136
[root@frankhost ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 192.168.172.136 255.255.255.0 UG 0 0 0 eth0
192.168.172.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
0.0.0.0 192.168.172.2 0.0.0.0 UG 0 0 0 eth0
Image-based way to configure network attributes
In CentOS 6:
Execute the system-config-network or setup commands:
Installation: yum-y install system-config-network-tui
Installation: yum-y install setuptool
setup interface:
Execute the nmtui command
I don't say much about how to use it. After all, it's a fool-like configuration that works forever.
There is a very powerful and complex network configuration management command in centos7: nmcli, which is not introduced here for the time being. There is a chance to write a blog independently in the future. The nmcli reference link is https://linux.cn/article-6241-1.html, or see the man manual.