ifcfg, ip, ss,配置文件 (Blog 7)

逆神陽 ? ? Linux干貨

Linux主機接入網絡:
IP/MASK
GATEWAY
DNS

ifcfg家族:眾多發行版均支持的最古老的linux主機上管理網絡的命令;
ifconfig:IP和接口
route:路由表
netstat:統計狀態
hostname:主機名
system-config-network:命令修改配置,不會立即生效;

ip家族:
ip:IP,接口,路由表
ss:統計狀態數據

CentOS 7:
nmcli:修改配置文件:IP,接口,路由表
nmtui: 修改配置文件:

注意:TCP/IP協議棧在內核空間中實現,用于配置TCP/IP協議相關屬性的命令,會直接修改內核空間的內核內存中的數據;會立即生效,重啟系統后失效;

配置文件:REHL系主機獨有的配置;
/etc/sysconfig/network-scritps/ifcfg-IFACE
/etc/resolv.conf
/etc/hosts

網卡命名格式:
o<> 集成設備的設備索引號
s<slot> 擴展槽索引號
p<bus>s<slot> 總線及槽索引號
x<MAC> MAC地址命名
eth# 傳統
ppp# PPP網絡命名

ifcfg家族

ifconfig命令:
顯示接口:ifconfig [-a] [interface]
顯示激活:ifconfig
顯示所有:ifconfig -a
顯示指定接口:ifconfig IFACE
顯示數據:
MAC地址:C6: HWaddr 00:0C:29:CC:57:50 C7: ether 00:0c:29:63:86:f6
當前接口屬性狀態:UP BROADCAST RUNNING MULTICAST PROMISC
mtu 1500 inet 192.168.3.119 netmask 255.255.255.0 broadcast 192.168.3.255
txqueuelen 1000 (Ethernet) 傳輸隊列
RX packets:111 errors:0 dropped:0 overruns:0 frame:0 <–接收
TX packets:12 errors:0 dropped:0 overruns:0 carrier:0 <–發送
collisions:0 沖突的
RX bytes:10993 (10.7 KiB):總接收 TX bytes:828 (828.0 b):總傳輸

配置接口:ifconfig interface options | address …
接口配置地址:ifconfig IFACE address
address表示方式:192.168.1.2/24
PRIFIX:前綴是一個IP地址,后面有一個斜杠和前綴長度。
例如:
# ifconfig eth1 192.168.1.2/24

配置接口屬性:ifconfig IFACE { up | donw | [-]promisc | mtu N }
Maximum Transfer Unit (MTU) IP報文大?。荒J1500

添加ipv6地址:add addr/prefixlen
移除ipv6地址:del addr/prefixlen

例如:
# ifconfig eth1 up|down
# ifconfig eth1 promisc
# ifconfig eth1 -promisc

注意:
(1) 單接口多地址:IFACE可以是別名:例如:接口名eth0 –> 別名:eth0:0
(2) 如果eth0關閉,其別名也會被關閉;

route命令:
查看內核中的路由表:route [-n]
-n:默認將IP反解為主機名,-n表示不反解主機名;
添加或移除路由條目:route add|del -net|-host target gw Gw [[dev] IFACE]
target表示:
添加主機路由時:IP或IP/32
添加網絡路由時:PREFIX

添加:
~]# route add -host 10.0.0.1 gw 192.168.3.1 dev eno16777736
~]# route add -net 10.0.0.0/8 gw 192.168.3.4 dev eno16777736

注意:添加時,先查看網卡所在網絡;其GW必須與接口處于同一個網絡;

netstat: Print network connections, routing tables, interface statistics(接口統計信息), masquerade connections(隱藏連接),
and multicast memberships(多播成員)

routing tables: netstat -rn
-r 內核路由表
-n 不反解IP–>FQDN

interface statistics:netstat [–tcp|-t] [–udp|-u] [–udplite|-U] [–sctp|-S] [–raw|-w] [–listening|-l] [–all|-a] [–numeric|-n] [–numeric-hosts] [–numeric-ports] [–extend|-e[–extend|-e]] [–program|-p]
協議: tcp, udp, sctp, udplite, raw
-t: TCP,連接均有狀態;均在有限狀態機狀態范圍內轉換[FSM Finate State Machine];
-u: UDP,連接無狀態;只有ESTABLISHED;
-w: raw socket: 裸套接字
-l: listen狀態
-a: 所有狀態
-n: 以數字格式顯示IP和PORT;
-e: 擴展格式;
-p:顯示相關的進程及PID;

Proto 協議
Recv-Q 接收隊列中等待的個數;
Send-Q 發送隊列中等待的個數;
Local Address 本地地址
Foreign Address 遠程主機地址;
State 狀態
User 進程文件的屬主
Inode 進程文件的inode
PID/Program name 進程PID和進程名

常用組合:tan, tnl, tunlp

注意:
tcp有狀態:
LISTEN[守株待兔], ESTABLISHED[熱戀], FIN_WAIT_1[分手], FIN_WAIT_2[確認], SYN_SENT[死纏爛打沒必要,離了誰都可以活], SYN_RECV, CLOSED
udp無狀態: 通信和監聽

interface statistics:netstat {–interfaces|-I|-i} [–all|-a] [–extend|-e] [–verbose|-v] [–program|-p] [–numeric|-n]
顯示所有接口狀態:netstat -i
顯示指定接口狀態:netstat -I<IFACE>

hostname命令:
顯示當前主機名:hostname
設定主機名:hostname [HOSTNAME]
注意:當前系統重啟終端生效,重啟系統后無效;如果重啟有效,則需要定義在配置文件中:/etc/sysconfig/network

hostnamectl命令:C7特有的命令;會修改配置文件;
顯示當前主機名信息:hostnamectl status
設定主機名:hostnamectl set-hostname HOSTNAME
–pretty 好看的主機名
–static 靜態的主機名
set-icon-name NAME Set icon name for host
set-chassis NAME Set chassis type for host

ifup命令: ifdown命令:
啟動或停止接口: ifup | ifdown IFACE

ip家族

ip命令: 設定路由, 策略路由, 遂道;

獲取幫助: # ip COMMAND help
link: 接口屬性
netns: name space “名稱空間”管理
addr: 接口地址
route: 路由設定

#接口屬性管理:
ip link SUB_COMMAND
show [IFACE] 顯示接口屬性;顯示二層設備的屬性;
set IFACE <OPTIONS>
up,down 啟用或禁用接口;
arp {on|off} arp功能
multicast {on|off} 多播功能
promisc {on|off} 混雜模式
mtu MTU 設定MTU大小
name NAME 接口名稱設定,注意需要禁用接口后,方可設定;
peer ADDRESS 對等傳輸地址;
netns PID 將接口移入到指定的名稱空間;ns(name space)

顯示接口屬性: ~]# ip link show eno16777736
<BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
MULTICAST:多播;
UP: 啟用;
mtu: MTU值;
qdisc:隊列;
pfifo_fast: 類型;
qlen: 隊列長度

啟用或禁用接口:注意顯示的UP狀態;
~]# ip link show
3: eno33554976: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:63:86:00 brd ff:ff:ff:ff:ff:ff
—禁用
~]# ip link set eno33554976 down
~]# ip link show
3: eno33554976: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT qlen 1000
link/ether 00:0c:29:63:86:00 brd ff:ff:ff:ff:ff:ff
—啟用
~]# ip link set eno33554976 up
~]# ip link show eno33554976
3: eno33554976: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:63:86:00 brd ff:ff:ff:ff:ff:ff

多播功能啟用或禁用:注意顯示的MULTICAST狀態;
~]# ip link show
3: eno33554976: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:63:86:00 brd ff:ff:ff:ff:ff:ff
—禁用
~]# ip link set eno33554976 multicast off
~]# ip link show eno33554976
3: eno33554976: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:63:86:00 brd ff:ff:ff:ff:ff:ff
—啟用
~]# ip link set eno33554976 multicast on
~]# ip link show eno33554976
3: eno33554976: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:63:86:00 brd ff:ff:ff:ff:ff:ff

arp功能: 注意NOARP
—禁用
~]# ip link set eno33554976 arp off
~]# ip link show eno33554976
3: eno33554976: <BROADCAST,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:63:86:00 brd ff:ff:ff:ff:ff:ff
—啟用
~]# ip link set eno33554976 arp on
~]# ip link show eno33554976
3: eno33554976: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:63:86:00 brd ff:ff:ff:ff:ff:ff

混雜模式: 破解無線密碼必備;注意:PROMISC是否出現
—啟用
~]# ip link set eno33554976 promisc on
~]# ip link show eno33554976
3: eno33554976: <BROADCAST,MULTICAST,NOARP,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:63:86:00 brd ff:ff:ff:ff:ff:ff
—禁用
~]# ip link set eno33554976 promisc off
~]# ip link show eno33554976
3: eno33554976: <BROADCAST,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:63:86:00 brd ff:ff:ff:ff:ff:ff

mtu大?。簃tu
—默認1500
~]# ip link show eno33554976
3: eno33554976: <BROADCAST,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:63:86:00 brd ff:ff:ff:ff:ff:ff
—1600
~]# ip link set eno33554976 mtu 1600
~]# ip link show eno33554976
3: eno33554976: <BROADCAST,MULTICAST,NOARP,UP,LOWER_UP> mtu 1600 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:63:86:00 brd ff:ff:ff:ff:ff:ff
—1500
~]# ip link set eno33554976 mtu 1500
~]# ip link show eno33554976
3: eno33554976: <BROADCAST,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:63:86:00 brd ff:ff:ff:ff:ff:ff

修改接口名稱:
—禁用接口
~]# ip link set eno33554976 down
~]# ip link show eno33554976
3: eno33554976: <BROADCAST,MULTICAST,NOARP> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT qlen 1000
link/ether 00:0c:29:63:86:00 brd ff:ff:ff:ff:ff:ff
—修改名稱
~]# ip link set eno33554976 name eth0
~]# ip link show eth0
3: eth0: <BROADCAST,MULTICAST,NOARP> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT qlen 1000
link/ether 00:0c:29:63:86:00 brd ff:ff:ff:ff:ff:ff

#name space “名稱空間”管理
ip netns SUB_COMMAND
list 列出所有netns;
add NAME 添加Netns;
del NAME 刪除netns;
exec NAME COMMAND 在netns中執行命令;

列出所有netns:
~]# ip netns list

添加netns:
—添加mynet
~]# ip netns add mynet
—列出
~]# ip netns list
mynet

刪除netns:
—刪除mynet
~]# ip netns del mynet
—列出
~]# ip netns list

在netns中列出執行命令:
—添加mynet
~]# ip netns add mynet
—列出
~]# ip netns list
mynet
—將接口加入netns: 隱藏接口
~]# ip link set eth0 netns mynet
~]# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:63:86:f6 brd ff:ff:ff:ff:ff:ff
—列出netns中的接口
~]# ip netns exec mynet ip link show eth0
3: eth0: <BROADCAST,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN mode DEFAULT qlen 1000
link/ether 00:0c:29:63:86:00 brd ff:ff:ff:ff:ff:ff
—移除netns:自動歸還接口
~]# ip netns del mynet
~]# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:63:86:f6 brd ff:ff:ff:ff:ff:ff
3: eno33554976: <BROADCAST,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:63:86:00 brd ff:ff:ff:ff:ff:ff

#接口地址管理:
ip addr SUB_COMMAND
add|del IFADDR [OPTIONS] dev IFACE 添加/刪除地址;
show|flush [OPTIONS] [IFACE] 查看/清空地址;

—-添加或刪除地址:
ip addr add|del IFADDR [OPTIONS] dev IFACE
label NAME 接口別名;可以在Ifconfig中查看;
broadcast ADDRESS 廣播地址,會根據ip和mask自動計算;
scope SCOPE_VALUE 配置的IP的作用域:
global – 全局可用;
link – 接口可用;
host – 本機內部可用;
注意:
IFADDR是IP的前綴及其長度組成;例如:192.168.3.1/24
在同一個網絡內有一個primary地址和多個secondary地址;

—-查看或清空地址:
ip addr show|flush [OPTIONS] [IFACE]
[primary]|[secondary] 顯示主地址;

查看eth0當前地址:
~]# ip addr show eth0
3: eth0: <BROADCAST,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:63:86:00 brd ff:ff:ff:ff:ff:ff
inet 192.168.128.128/24 brd 192.168.128.255 scope global dynamic eth0
valid_lft 1791sec preferred_lft 1791sec
inet6 fe80::20c:29ff:fe63:8600/64 scope link
valid_lft forever preferred_lft forever
清空eth0當前地址:
~]# ip addr flush eth0
~]# ip addr show eth0
3: eth0: <BROADCAST,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:63:86:00 brd ff:ff:ff:ff:ff:ff
添加地址:
~]# ip addr add 10.100.100.1/24 dev eth0
~]# ip addr show eth0
3: eth0: <BROADCAST,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:63:86:00 brd ff:ff:ff:ff:ff:ff
inet 10.100.100.1/24 scope global eth0
valid_lft forever preferred_lft forever
刪除地址:
~]# ip addr del 10.100.100.1/24 dev eth0
~]# ip addr show eth0
3: eth0: <BROADCAST,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:63:86:00 brd ff:ff:ff:ff:ff:ff

添加多個地址:
~]# ip addr add 10.100.100.1/24 dev eth0
~]# ip addr add 10.100.100.2/24 dev eth0
~]# ip addr add 10.100.100.3/24 dev eth0
~]# ip addr show eth0
3: eth0: <BROADCAST,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:63:86:00 brd ff:ff:ff:ff:ff:ff
inet 10.100.100.1/24 scope global eth0
valid_lft forever preferred_lft forever
inet 10.100.100.2/24 scope global secondary eth0
valid_lft forever preferred_lft forever
inet 10.100.100.3/24 scope global secondary eth0
valid_lft forever preferred_lft forever
注意:只有第一個是global, 其它都是secondary

添加別名地址:
~]# ip addr add 10.100.101.2/24 label eth0:0 dev eth0
~]# ip addr show eth0
3: eth0: <BROADCAST,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:63:86:00 brd ff:ff:ff:ff:ff:ff
inet 10.100.100.1/24 scope global eth0
valid_lft forever preferred_lft forever
inet 10.100.101.2/24 scope global eth0:0
valid_lft forever preferred_lft forever
inet 10.100.100.2/24 scope global secondary eth0
valid_lft forever preferred_lft forever
inet 10.100.100.3/24 scope global secondary eth0
valid_lft forever preferred_lft forever
注意:添加別名后ifconfig只能查看別名;其它地址均不能查看;
~]# ifconfig
eth0: flags=4291<UP,BROADCAST,RUNNING,NOARP,MULTICAST> mtu 1500
inet 10.100.100.1 netmask 255.255.255.0 broadcast 0.0.0.0
ether 00:0c:29:63:86:00 txqueuelen 1000 (Ethernet)
RX packets 679 bytes 44011 (42.9 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 64 bytes 7565 (7.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

eth0:0: flags=4291<UP,BROADCAST,RUNNING,NOARP,MULTICAST> mtu 1500
inet 10.100.101.2 netmask 255.255.255.0 broadcast 0.0.0.0
ether 00:0c:29:63:86:00 txqueuelen 1000 (Ethernet)

#路由設定

添加/刪除: ip route add PRIFIX via ADDRESS dev NAME [src ADDRESS]
查看/清空: ip route show/flush [OPTION] dev NAME
PRIFIX: 前綴是一個IP地址,后面有一個斜杠和前綴長度。
src ADDRESS 配置多個地址時,使用哪個地址作為源地址;
NAME: 通過哪個接口出去;

查看路由表:
~]# ip route show
default via 192.168.3.254 dev eno16777736 proto static metric 100
10.100.100.0/24 dev eth0 proto kernel scope link src 10.100.100.1
10.100.101.0/24 dev eth0 proto kernel scope link src 10.100.101.2
192.168.3.0/24 dev eno16777736 proto kernel scope link src 192.168.3.119 metric 100

查看接口地址:
~]# ip addr show eth0
3: eth0: <BROADCAST,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:63:86:00 brd ff:ff:ff:ff:ff:ff
inet 10.100.100.1/24 scope global eth0
valid_lft forever preferred_lft forever
inet 10.100.101.2/24 scope global eth0:0
valid_lft forever preferred_lft forever
inet 10.100.100.2/24 scope global secondary eth0
valid_lft forever preferred_lft forever
inet 10.100.100.3/24 scope global secondary eth0
valid_lft forever preferred_lft forever

添加主機路由,到172.16.0.2經過eth0:0接口至10.100.101.100網關出去;設定源地址為10.100.101.2;
~]# ip route add 172.16.0.2 via 10.100.101.100 dev eth0:0 src 10.100.101.2

添加網絡路由,到172.16.0.0/16經過eth0接口至10.100.100.100網關出去;設定源地址為10.100.100.3;
~]# ip route add 172.16.0.0/16 via 10.100.100.100 dev eth0 src 10.100.100.3

查看路由表:
~]# ip route show
172.16.0.0/16 via 10.100.100.100 dev eth0 src 10.100.100.3
172.16.0.2 via 10.100.101.100 dev eth0 src 10.100.101.2

添加默認路由:
~]# ip route add default via 10.100.100.2 dev eth0
~]# ip route add default via 10.100.101.2 dev eth0:0

清空路由表:
via PRIFIX
~]# ip route show via 10.100.100.222
172.16.100.12 dev eth0
172.16.100.13 dev eth0 src 10.100.100.1
~]# ip route flush via 10.100.100.222
~]# ip route show via 10.100.100.222

src PRIFIX
[root@www ~]# ip route show src 10.100.101.2
10.100.101.0/24 dev eth0 proto kernel scope link
172.16.0.2 via 10.100.101.100 dev eth0
~]# ip route flush src 10.100.101.2
~]# ip route show src 10.100.101.2

dev IFACE
[root@www ~]# ip route show dev eth0
default via 192.168.128.2 proto static metric 101
10.100.100.0/24 proto kernel scope link src 10.100.100.1
172.16.0.0/16 via 10.100.100.100 src 10.100.100.3
192.168.128.0/24 proto kernel scope link src 192.168.128.128 metric 100
~]# ip route flush dev eth0
~]# ip route show dev eth0
..

刪除路由:
[root@www ~]# ip route show
default via 192.168.3.254 dev eno16777736 proto static metric 100
172.16.100.100 via 192.168.3.222 dev eno16777736
192.168.3.0/24 dev eno16777736 proto kernel scope link src 192.168.3.119 metric 100
[root@www ~]# ip route del 172.16.100.100 dev eno16777736
[root@www ~]# ip route show
default via 192.168.3.254 dev eno16777736 proto static metric 100
192.168.3.0/24 dev eno16777736 proto kernel scope link src 192.168.3.119 metric 100

ss命令:
ss [options] [ FILTER ]
[options]
-t: tcp協議相關的連接
-u: udp協議相關的連接
-w: raw scket 相關的連接;
-l: 監聽狀態的連接;
-a: 所有狀態 的連接
-n: 數字格式
-p: 相關程序及PID號
-e: 擴展的信息;

-m: 顯示內存用量;
-o: 顯示計時器信息;

[ FILTER ]
FILTER := [ state TCP-STATE ] [ EXPRESSION ]

注意: udp無狀態的連接;僅有通信和監聽;

顯示tcp/udp相關的正在通信連接:
# ss -tn
# ss -un
顯示tcp/udp相關的監聽的連接:
# ss -tnl
# ss -unl
顯示tcp所有狀態的連接
# ss -tan
顯示tcp/udp監聽的連接:
# ss -tunlp

過濾狀態: ~]# ss -tan state ESTABLISHED
過濾端口: ~]# ss -tan ‘( dport = :22 or sport = :22 )’
注意: 冒號的位置

#配置文件:

命令配置”IP”和”路由”在系統啟動后會失效,要想永久有效需要修改配置文件;
/etc/sysconfig/network-scripts/
ifcfg-IFACE
route-IFACE

ifcfg-IFACE 配置文件參數:
NETBOOT 是否支持網絡引導;
UUID 此設備的唯一標識;
TYPE 接口類型; Ethernet, Bridge;
DOMAIN 自己所處的域名后綴;DNS搜索域;
DEFROUTE 是否為默認路由使用的接口;
HWADDR MAC地址

DEVICE 此配置文件對應的設備的名稱;必須與IFACE保持一致;
ONBOOT 在系統引導過程中,是否激活此接口;
BOOTPROTO 激活此接口時,使用什么協議來配置接口屬性; dhcp, bootp, statics, none
IPADDR IP地址;
NETMASK 子網掩碼;CentOS 7支持以長度方式指明子網掩碼;
GATEWAY 默認網關;
DNS1 第一DNS服務器指向;
DNS2 備用DNS服務器指向,如果主DNS不能連接時才會使用備用DNS;
USERCTL 是否允許普通用戶控制此設備;
PEERDNS 如果BOOTPROTO的值為’dhcp’,是否允許dhcp server分配的dns服務器指向覆蓋本地手動指定的DNS服務器指向;默認為允許;
IPV6_INIT 是否初始化IPv6; 不用不需要初始化;
NM_CONTROLLED 是否使用NetworkManager服務來控制接口;

route-IFACE 配置文件參數:
(1) 每行一個路由條目;
TARGET via GW
(2) 每三行一個路由條目;
ADDRESS#=TARGET
NETMASK#=MASK
GATEWAY#=NEXTHOP

注意:配置時只能有一種風格;

配置后不會立即生效,需要重啟服務生效:
C6: service network restart
C7: systemctl restart network.service

例如:

配置IP
NAME=’eth0′
DEVICE=’eth0′
TYPE=Enthernet
DEFROUTE=no
HWADDR=’00:0c:29:63:86:00′
ONBOOT=yes
BOOTPROTO=none
IPADDR=172.16.100.9
NETMASK=255.255.0.0
GATEWAY=172.16.0.1
DNS1=172.16.0.1
DNS2=172.16.0.2
DNS3=172.16.0.3
USERCTL=no
NM_CONTROLLED=no
IPV6_INIT=no
PEERDNS=no

配置路由表
(1) 每行一個路由條目;
172.31.100.100 via 172.16.100.7
172.30.0.0/16 via 172.16.0.1
[root@www network-scripts]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.30.0.0 172.16.0.1 255.255.0.0 UG 0 0 0 eth0
172.31.100.100 172.16.100.7 255.255.255.255 UGH 0 0 0 eth0

(2) 每三行一個路由條目;
[root@www network-scripts]# rm route-eth0
rm:是否刪除普通文件 “route-eth0″?y
[root@www network-scripts]# cat route-eth0
ADDRESS0=192.168.0.253
NETMASK0=255.255.255.255
GATEWAY0=172.16.254.254

ADDRESS1=192.168.1.0
NETMASK1=255.255.255.0
GATEWAY1=172.16.0.1

[root@www network-scripts]# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.0.253 172.16.254.254 255.255.255.255 UGH 0 0 0 eth0
192.168.1.0 172.16.0.1 255.255.255.0 UG 0 0 0 eth0

本文來自投稿,不代表Linux運維部落立場,如若轉載,請注明出處:http://www.www58058.com/89049

(0)
逆神陽逆神陽
上一篇 2017-11-27 23:09
下一篇 2017-11-27 23:14

相關推薦

  • day6作業

    1、創建用戶gentoo,附加組為bin和root,默認shell為 /bin/csh,注釋信息為"Gentoo Distribution"     2、創建下面的用戶、組和組成員關系 名字為admins 的組 用戶natasha,使用admins …

    系統運維 2016-08-08

  • Python之入門篇

    一、環境準備 環境準備 –> pyenv (安裝python解釋器,管理Python版本,管理python虛擬環境) https://github.com/pyenv/pyenv https://github.com/yyuu/pyenv-installer # yum -y install git # curl -L https://ra…

    Linux干貨 2017-02-05

  • 公鑰和私鑰的原理

          今天上課老師講到公鑰和秘鑰,模模糊糊聽了個大概,始終還是不能夠詳細的理解公鑰怎么會事?私鑰怎么會事?工作原理是怎么的?今天在網上找了半天,通過查看大家對這個密鑰對的理解,總算弄清楚了,咱就把我的心得寫出來給大家對密鑰對有疑問的同志們看看。      公鑰和私鑰就是俗稱…

    Linux干貨 2016-11-30

  • 馬哥教育網絡班21期-第三周課程練習

    1、列出當前系統上所有已經登錄的用戶的用戶名,注意:同一個用戶登錄多次,則只顯示一次即可。 who|cut -d" " -f1|uniq -c|awk '{print $2}' 2、取出最后登錄到當前系統的用戶的相關信息。 last |awk 'NR==1{print $0}' last |sed -n &…

    Linux干貨 2016-07-29

  • 實驗:路由、bonding、team

    實驗:路由實驗 路由表構成目標網絡:網絡ID 子網掩碼接口:到達目標網絡,從哪個接口出來,此接口網關:gateway,下一個鄰近路由器的鄰近接口的IP地址,如果目標網絡和本路由器直接,網關的地址為接口的IP centos6 關閉NetworkManager服務chkconfig NetworkManagerservice NetworkManager sto…

    Linux干貨 2017-05-06

  • CentOS 7 RPM包方式安裝LAMP

    細節要求: (1) 三者分離于兩臺主機; (2) 一個虛擬主機用于提供phpMyAdmin;另一個虛擬主機用于提供wordpress; (3) 提供xcache加速; (4) 為phpMyAdmin提供https虛擬主機; 一、準備CentOS 7主機環境以及Repo倉庫提供基于rpm安裝包方式的程序包安裝源 安裝主機程序包規劃: 主機1:web-serve…

    Linux干貨 2017-02-16
欧美性久久久久