网络管理
作者:互联网
基础概念
#宽带运营商的计算和计算机的下载单位不一样
100Mbps=100/8M
#网络的拓扑结构:
总线
环线 令牌环网
星型
#网络的标准OSI模型和分层:
physic
解决电器特效,传递高低电平0101这样的,
数据位 bit
data link
识别数据帧,物理地址的识别,区分唯一的MAC地址,同一局域网之间的通信,链路之间的通信
含有校验帧可以校验数据
数据帧
网卡工作的地方
network
网路地址的识别、层层的将数据报文转发过来
数据包
transport
负责数据的可靠的传输 数据不能丢失
数据段
session
建立会话
消息
presentation
application
应用协议 http
mysql数据库
三种通信模式
单播 unicast 一对一 适合点对点
广播 broadcast 一对多
组播 multicast 部分,例如,微信里面的一个群
冲突域
广播域
三种通讯机制
单工 只有一个方向 例如:收音机
半双工 不能同时发,也不能同时接受 例如:对讲机
全双工 电话
mii-tool 和 ethtool 来识别网卡的连接状态
[root03:16 PMcentos8 ~]#mii-tool -v eth0
eth0: negotiated 1000baseT-FD flow-control, link ok #表示网卡是连接状态
product info: Yukon 88E1011 rev 3
basic mode: autonegotiation enabled
basic status: autonegotiation complete, link ok
capabilities: 1000baseT-FD 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
advertising: 1000baseT-FD 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
link partner: 1000baseT-HD 1000baseT-FD 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
[root03:31 PMcentos8 ~]#ethtool eth0
Settings for eth0:
Supported ports: [ TP ]
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Supported pause frame use: No
Supports auto-negotiation: Yes
Supported FEC modes: Not reported
Advertised link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Advertised pause frame use: No
Advertised auto-negotiation: Yes # auto-negotiation 自动协商
Advertised FEC modes: Not reported
Speed: 1000Mb/s #支持的结果
Duplex: Full #全双工模式
Port: Twisted Pair
PHYAD: 0
Transceiver: internal
Auto-negotiation: on
MDI-X: off (auto)
Supports Wake-on: d
Wake-on: d
Current message level: 0x00000007 (7)
drv probe link
Link detected: yes #当前网卡的状态是连接的
[root03:32 PMcentos8 ~]#
ip a 识别网卡是不是连接的状态
[root03:32 PMcentos8 ~]#ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:41:8d:2a brd ff:ff:ff:ff:ff:ff # UP 开启状态
inet 10.0.0.8/24 brd 10.0.0.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe41:8d2a/64 scope link # BROADCAST,MULTICAST 组播 多播
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:41:8d:34 brd ff:ff:ff:ff:ff:ff
ip link 看网卡是否连接的状态
[root03:36 PMcentos8 ~]#ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 #安装TCP协议以后的虚拟网卡
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
link/ether 00:0c:29:41:8d:2a brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
link/ether 00:0c:29:41:8d:34 brd ff:ff:ff:ff:ff:ff
IEEE
国际电子电器工程师协会
IEEE 802.1
IEEE 802.2
IEEE 802.3
IEEE 802.11 无线网络标准
载波侦听多路访问 ,有冲突就不发报
RJ-45水晶头
T568B 橙白 橙 绿白 蓝 蓝白绿 棕白 棕
T568A 绿白 棕 橙白 蓝 蓝白绿 棕白 橙
直连线
交叉线
以太网的帧结构
前导信息 8个字节
目标地址 6
源地址 6
类型 2个字节的类型(作用是:注明为下一层提供什么服务)
数据 可大可小
校验信息 FCS
MAC地址
前24位:分配给厂家的
后24位
vln 虚拟局域网
#vlan 虚拟局域网 分割广播域
在交换机上隔离广播域的效果
TCP UDP
都是传输层的两个协议
TCP :传输控制协议
[root06:45 PMcentos7 ]#yum install man-pages
[root06:45 PMcentos7 ]#man 7 tcp
可靠,对文件的可靠型要求比较高
UDP :
非面向连接,传输速度快,提供不可靠的网络访问
端口
[root07:19 PMcentos7 ]#cat /proc/sys/net/ipv4/ip_local_port_range
32768 60999
#0-1023 系统端口和特权端口
1024-49151 用户端口或注册端口
49152-65535 动态端口或私有端口,客服端随机端口
#查看服务的端口号
[root07:29 PMcentos7 ]#less /etc/services
#windows上也可以查看:
C:\Windows\System32\drivers\etc\services
#查看这个端口号没有被使用
[root07:31 PMcentos7 ]#grep 9527 /etc/services
nc
#服务端安装nc开启9527服务
[root07:32 PMcentos7 ]#yum install nc -y
[root07:36 PMcentos7 ]#nc -l 9527
hello
#客服端连接服务端发信息
[root07:36 PMcentos8 ~]#nc 10.0.0.73 9527
hello
#服务端收到信息
[root07:36 PMcentos7 ]#nc -l 9527
hello
[root07:35 PMcentos8 ~]#ss -nt 客服端用56180连接服务端的9527端口
State Recv-Q Send-Q Local Address:Port Peer Address:Port
ESTAB 0 0 10.0.0.8:22 10.0.0.1:57095
ESTAB 0 36 10.0.0.8:22 10.0.0.1:65224
ESTAB 0 0 10.0.0.8:56180 10.0.0.73:9527
端口冲突,发现端口谁在使用
[root08:21 PMcentos8 ~]#lsof -i :22 #例如22号端口
[root08:21 PMcentos8 ~]#ss -tlnp
判断某个端口是否打开
#例如,判断22号端口是否开启
[root09:57 PMcentos7 ]#</dev/tcp/127.0.0.1/22
[root09:57 PMcentos7 ]#echo $?
0
优化连接数
[root09:57 PMcentos7 ]#cat /proc/sys/net/ipv4/tcp_max_syn_backlog
128
[root10:27 PMcentos7 ]#echo 1024 > !$
echo 1024 > /proc/sys/net/ipv4/tcp_max_syn_backlog
[root10:27 PMcentos7 ]#cat /proc/sys/net/ipv4/tcp_max_syn_backlog
1024
ping
[root06:52 AMcentos8 ~]#ping 10.0.0.8 -s 655 #发送655个包
PING 10.0.0.8 (10.0.0.8) 655(683) bytes of data.
663 bytes from 10.0.0.8: icmp_seq=1 ttl=64 time=0.027 ms
-f 洪水泛滥,尽最大的能力去ping
arp (IP装换为MAC)
rarp (mac地址装换为ip)
地址解析协议,利用IP地址把他解析成MAC,ARP发送广播,在数据
[root07:23 AMcentos7 ]#arp -n #ARP广播
Address HWtype HWaddress Flags Mask Iface
10.0.0.3 (incomplete) ens33
10.0.0.1 ether 00:50:56:c0:00:08 C ens33
10.0.0.34 (incomplete) ens33
10.0.0.8 ether 00:0c:29:41:8d:2a C ens33
10.0.0.2 ether 00:50:56:e1:61:4d C ens33
相互通讯以后就会有缓存,相互缓存
[root07:25 AMcentos8 ~]#tcpdump -i eth0 -nn arp #抓包
dropped privs to tcpdump
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
07:25:51.545311 ARP, Request who-has 10.0.0.73 tell 10.0.0.8, length 28
07:25:51.545512 ARP, Reply 10.0.0.73 is-at 00:0c:29:58:ed:19, length 46
07:25:58.182096 ARP, Request who-has 10.0.0.8 tell 10.0.0.73, length 46
07:25:58.182110 ARP, Reply 10.0.0.8 is-at 00:0c:29:41:8d:2a, length 28
07:26:02.892596 ARP, Request who-has 10.0.0.8 (00:0c:29:41:8d:2a) tell 10.0.0.1, length 46
arp没有任何的确认,直接就说自己是ARP
#arp欺骗
arp 静态绑定,防止arp欺骗
arp -s 10.0.0.8 00:0c:29:32:80:38
跟踪命令
C:\Users\Hasee>tracert -d www。baidu.com
[root09:50 AMcentos8 ~]#traceroute www.baidu.com
[root10:16 AMcentos8 ~]#tracepath 114.114.114.114
ip地址
mac地址唯一的网卡地址,
ip地址有可管理性,IP地址能体现出你的网段,体现出你在哪个网段,一个网段就是一个广播地址
局域网用交换机切换为VLAN,每一个网路
网络ID 主机ID
A类 1~127 0 8位的网络号,固定了以0开头 有2^7-2=126个网段 每个网段可有的主机2^24-2=16777214
B类 128~191 10 16位网络号, 固定了以10开头
C类 192~223 110 24位网络号 固定了以110开头
D类 224~239 1110 组播 多播
E类 240 11110 保留未使用
私有IP(不直接用于互联网,在局域网使用,公网地址世界唯一)
10.0.0.0 10.255.255.255
172.16.0.0 172.31.255.255
192.168.0.0 192.168.250.255
特殊地址:
169.254.x.x 主机使用DHCP分配的,但是却分配不到,系统给的
0.0.0.0 所有不清楚的主机和目标网络
255.255.255.255 限制广播地址
子网掩码
CIDR 无类域间路由
#分配给120台主机怎样子网掩码
2^7=128
255.255.255.10000000
255.255.255.128 =/25
拿自己的子网掩码和自己与运算
拿自己的子网掩码和对方与运算 看看是不是同一网段
A 192.168.1.100/24
B 192.168.2.200/16
B认为和A是同一网段,B发出去的包一去无回 B访问A超时
A却不认为和B是同一网段 A A访问B目标主机不可达
#以下的两台机器可以ping通
192.168.1.100/8 /12 /15
192.168.2.100/16
和1相与保留原值
和0相与都是0
子网划分
#从主机位每次借n位就划分2^n 个子网
给10.0.0.0/8 划分32个子网
#每个子网的子网掩码:
每次从主机位借n位,那么就划分2^n次方个子网
2^5=32
所以要借5位,所以子网掩码为10.11111000.0.0 即 10.248.0.0
#每个省的子网的主机数
2^(32-13) -2=
#第十个子网的网络ID
因为第10个子网就是被借的那5位的10进制值为9
所以第10个子网就是10.01001 000.00000000.00000000
10.72.0.0/13
#第十个子网的最小Ip和最大Ip
10.01001 000.00000000.00000001 10.72.0.1 最小Ip
10.01001 111.1111111.11111110 10.79.255.254 最大Ip
#所有子网中最小的和最大的网络ID号
10.00000 000.00000000.00000000 10.0.0.0/13
10.11111 000.00000000.00000000 10.248.0.0/13
合并超网
主机ID向网络ID借位,即将小的子网划分为一个大网,与子网划分正好相反
220.78.168.0/24 220.78.10101 000.0/24
220.78.169.0/24 220.78.10101 001.0/24
220.78.170.0/24
220.78.171.0/24 .......
220.78.172.0/24
220.78.173.0/24
220.78.174.0/24
220.78.175.0/24 220.78.10101 111.0/24
七个网段一个都不能少,才能正好合并为一个超网
取相同的部分 220.78.168.0/21
centos6 修改网卡名字
[root@centos6 ~]# vi /etc/udev/rules.d/70-persistent-net.rules
# program, run by the persistent-net-generator.rules rules file.
# This file was automatically generated by the /lib/udev/write_net_rules
# program, run by the persistent-net-generator.rules rules file.
#
# You can modify it, as long as you keep each rule on a single
# line, and change only the value of the NAME= key.
# PCI device 0x8086:0x100f (e1000)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0c:29:e2:b4:8a", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0" #修改name就修改了网卡名字
# PCI device 0x8086:0x100f (e1000)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0c:29:e2:b4:94", ATTR{type}=="1", KERNEL=="eth*", NAME="eth1"
reboot 就可以了
或者不重启,修改网卡的驱动
[root@centos6 ~]# ethtool -i eth0
driver: e1000 #这是网卡驱动的名称
version: 7.3.21-k8-NAPI
firmware-version:
bus-info: 0000:02:01.0
supports-statistics: yes
supports-test: yes
supports-eeprom-access: yes
supports-register-dump: yes
supports-priv-flags: no
该命令也可以查看网卡驱动
[root@centos6 ~]# dmesg |grep eth -C 10
卸载网卡驱动
[root@centos6 ~]# modprobe -r e1000
重新加载网卡:
[root@centos6 ~]# modprobe e1000
ip link 临时修改网卡名
ip link set eth0 down
ip link set eth0 name abc
ip link set abc up
ifconfig
[root@centos6 ~]# rpm -qf `which ifconfig`
net-tools-1.60-114.el6.x86_64
安装生成哪些文件
[root03:10 PMcentos7 ]#rpm -ql net-tools
[root03:22 PMcentos7 ]#rpm -qi net-tools
Name : net-tools
Version : 2.0
Release : 0.25.20131004git.el7
Architecture: x86_64
Install Date: Wed 21 Apr 2021 03:57:11 PM EDT
Group : System Environment/Base
Size : 938978
License : GPLv2+
Signature : RSA/SHA256, Thu 22 Aug 2019 05:36:04 PM EDT, Key ID 24c6a8a7f4a80eb5
Source RPM : net-tools-2.0-0.25.20131004git.el7.src.rpm
Build Date : Thu 08 Aug 2019 09:10:26 PM EDT
Build Host : x86-02.bsys.centos.org
Relocations : (not relocatable)
Packager : CentOS BuildSystem <http://bugs.centos.org>
Vendor : CentOS
URL : http://sourceforge.net/projects/net-tools/
Summary : Basic networking tools
Description :
The net-tools package contains basic networking tools,
including ifconfig, netstat, route, and others.
Most of them are obsolete. For replacement check iproute package. # 被iproute 代替了
[root03:22 PMcentos7 ]#
ifconfig 的基本配置
#关闭网卡
ifconfig eth1 down
#临时配置IP:
ifconfig ens33 192.168.1.2/24
#清空地址
[root03:30 PMcentos7 ]#ifconfig ens37 0.0.0.0/0
#给一个网卡多个地址
[root03:33 PMcentos7 ]#ifconfig ens33:1 192.168.1.200/24
#清理ip
[root03:37 PMcentos7 ]#ifconfig ens33:1 down
-s 统计网卡的流量
[root03:40 PMcentos7 ]#ifconfig -s
Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
ens33 1500 445 0 0 0 302 0 0 0 BMRU
ens37 1500 7 0 0 0 12 0 0 0 BMRU
lo 65536 1 0 0 0 1 0 0 0 LRU
route
[root03:40 PMcentos7 ]#route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.0.0.2 0.0.0.0 UG 100 0 0 ens33
10.0.0.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 ens37
路由的配置
#添加路由
route add
例如:route add -net 172.16.0.0/16 gw 172.18.0.200/16 dev eth1
添加的路由的网段是 172.16.0.0 网关是172.18.0.200
最边界的路由器可以配置成默认的路由: route add default gw 172.18.0.200/16
#查看修改内核参数
[root07:25 PMcentos8 ~]#sysctl -a |grep ip_forward
net.ipv4.ip_forward = 1
net.ipv4.ip_forward_update_priority = 1
net.ipv4.ip_forward_use_pmtu = 0
#修改内核参数,重启以后数据就丢失了
[root04:54 PMcentos8 ~]#cat /proc/sys/net/ipv4/ip_forward
0
[root07:08 PMcentos8 ~]#echo 1 > /proc/sys/net/ipv4/ip_forward
[root07:22 PMcentos8 ~]#cat /proc/sys/net/ipv4/ip_forward
1
每经过一个路由器就是一跳,防火墙要禁用,selinux
NetworkManage
chkconf NetworkManage off 禁用
service NetworkManage stop 关闭服务
iproute
[root08:48 PMcentos8 ~]#rpm -ql iproute
netstat 来自于net-tools包
该命令ss 也可以用
-r
-nr
[root08:45 PMcentos8 ~]#netstat -r
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
default _gateway 0.0.0.0 UG 0 0 0 eth0
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
[root08:46 PMcentos8 ~]#netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 10.0.0.2 0.0.0.0 UG 0 0 0 eth0
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
[root08:46 PMcentos8 ~]#netstat -Ieth0 选项和参数连接一起
Kernel Interface table
Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0 1500 131326 0 0 0 163581 0 0 0 BMRU
ip
ip link 查看设置链路层
ip link set etho down
ip link set etho up
ip link set eth0 name NAME
#添加一条ip地址
[root08:59 PMcentos8 ~]#ip address add 10.0.0.200/24 dev eth0 label eth0:2
[root09:01 PMcentos8 ~]#ip address add 10.0.0.100/24 dev eth0 #不加标签添加IP
ip route 管理路由表
# route -n 和 ip route 显示的是一样的
[root09:12 PMcentos8 ~]#route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.0.0.2 0.0.0.0 UG 100 0 0 eth0
10.0.0.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0
[root09:10 PMcentos8 ~]#ip route
default via 10.0.0.2 dev eth0 proto static metric 100
10.0.0.0/24 dev eth0 proto kernel scope link src 10.0.0.8 metric 100
#添加一条路由的地址为1.1.1.0的网段,网关为10.0.0.2 (参考格式直接复制)
[root09:16 PMcentos8 ~]#ip route add 1.1.1.0/24 via 10.0.0.2 dev eth0 proto static metric 100
[root09:18 PMcentos8 ~]#route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.0.0.2 0.0.0.0 UG 100 0 0 eth0
1.1.1.0 10.0.0.2 255.255.255.0 UG 100 0 0 eth0
10.0.0.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0
#删除路由表:
[root09:23 PMcentos8 ~]#ip route del 1.1.1.0/24 via 10.0.0.2
#删除默认路由
[root09:25 PMcentos8 ~]#ip route del default via 10.0.0.2
单臂路由:
#删除所有的路由,添加新的IP自动生成新的路由
[root10:43 PMcentos7 ]#route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
[root10:44 PMcentos7 ]#ip a a 7.7.7.7/24 dev ens33 label ens33:1
[root10:46 PMcentos7 ]#route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
7.7.7.0 0.0.0.0 255.255.255.0 U 0 0 0 ens33
10.0.0.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
[root10:47 PMcentos7 ]#ping 8.8.8.8
connect: Network is unreachable #没有路由无法通(Gateway那里没有地址)
[root10:43 PMcentos8 ~]#route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0
[root10:44 PMcentos8 ~]#ip a a 8.8.8.8/24 dev eth0 label eth0:1
[root10:47 PMcentos8 ~]#route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
8.8.8.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
10.0.0.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0
[root10:47 PMcentos8 ~]#ping 7.7.7.7 #没有路由无法通
connect: Network is unreachable
# 新开一台虚拟机做模拟的路由器,添加两个ip
[root10:56 PMcentos7 ~]#ip a a 7.7.7.200/24 dev ens33:7
[root10:57 PMcentos7 ~]#ip a a 8.8.8.200/24 dev ens33:8
#两台主机分别添加路由,即:路由器的两个ip
[root11:01 PMcentos7 ]#ip route add default via 7.7.7.200
[root11:12 PMcentos8 ~]#ip route add default via 8.8.8.200
#开启转发
[root11:16 PMcentos7 ~]#echo 1 > /proc/sys/net/ipv4/ip_forward
方法二:不添加模拟路由器,各自添加一条默认路由,指定接口
#不用单臂路由,不同网段的两台机器相互通讯的底层原理
[root10:46 PMcentos7 ]#ip route
7.7.7.0/24 dev ens33 proto kernel scope link src 7.7.7.7
10.0.0.0/24 dev ens33 proto kernel scope link src 10.0.0.73 metric 100
[root11:27 PMcentos7 ]#ping 8.8.8.8
connect: Network is unreachable
[root11:28 PMcentos7 ]#ip route add default dev ens33
[root11:24 PMcentos8 ~]#ip route
8.8.8.0/24 dev eth0 proto kernel scope link src 8.8.8.8
10.0.0.0/24 dev eth0 proto kernel scope link src 10.0.0.8 metric 100
[root11:27 PMcentos8 ~]#ping 7.7.7.7
connect: Network is unreachable
[root11:27 PMcentos8 ~]#ip route add default dev eth0
本地回环
[root08:07 AMcentos8 ~]#ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
路由解决跨主机之间的通信,本机的通信是不需要路由表的,这个网卡上的地址是不会放在路由表上的
#添加回环地址不会生成路由记录
[root08:07 AMcentos8 ~]#ip a a 1.1.1.1/24 dev lo label lo:1
[root08:11 AMcentos8 ~]#ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet 1.1.1.1/24 scope global lo:1
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
[root08:11 AMcentos8 ~]#ping 1.1.1.125
PING 1.1.1.125 (1.1.1.125) 56(84) bytes of data.
64 bytes from 1.1.1.125: icmp_seq=1 ttl=64 time=0.013 ms #和回环网在一个网段
64 bytes from 1.1.1.125: icmp_seq=2 ttl=64 time=0.023 ms
#删除默认路由
[root08:19 AMcentos8 ~]#ip route
default via 10.0.0.2 dev eth0 proto static metric 100
10.0.0.0/24 dev eth0 proto kernel scope link src 10.0.0.8 metric 100
[root08:19 AMcentos8 ~]#ip route del default via 10.0.0.2 dev eth0 proto static metric 100
[root08:20 AMcentos8 ~]#ip route
10.0.0.0/24 dev eth0 proto kernel scope link src 10.0.0.8 metric 100
两台主机上:
[root08:27 AMcentos7 ~]#ip a a 7.7.7.7 dev lo label lo:1
[root08:20 AMcentos8 ~]#ip a a 8.8.8.8 dev lo label lo:1
[root08:38 AMcentos7 ~]#ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet 7.7.7.7/32 scope global lo:1 #32位子网掩码而且绑在回环网卡
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
[root08:37 AMcentos8 ~]#ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet 1.1.1.1/24 scope global lo:1
valid_lft forever preferred_lft forever
inet 8.8.8.8/32 scope global lo:1 #子网掩码32位,而且绑在回环网卡
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
现在无法两台机器相互ping通的,所以两台主机要要添加路由
[root08:36 AMcentos8 ~]#ip route add default dev eth0
[root08:37 AMcentos7 ~]#ip route add default dev ens33
网络的高级配置和多网卡绑定
主机名的存放文件
centos6
[root@centos6 ~]# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=centos6
centos7 centos8
[root08:40 AMcentos7 ~]#cat /etc/hostname
centos7
路由记录的存放
保存在配置文件里面,以routek开头的文件命名,重启生效
[root10:28 AMcentos8 ~]#cat /etc/sysconfig/network-scripts/route-eth0
172.16.0.0/16 via 10.0.0.100
永久保护网卡设置的Ip地址
[root10:34 AMcentos8 /etc/sysconfig/network-scripts]#cp ifcfg-eth0 ifcfg-eth0:1
[root10:34 AMcentos8 /etc/sysconfig/network-scripts]#vim ifcfg-eth0:1
[root10:39 AMcentos8 /etc/sysconfig/network-scripts]#vim ifcfg-eth0:1
BOOTPROTO="static"
NAME="eth0"
DEVICE=eth0:1 #修改此项,此后的10.0.0.88 这个ip地址就会永久保存
ONBOOT="yes"
IPADDR=10.0.0.88
GATEWAY=10.0.0.2
NETMASK=255.255.255.0
DNS=10.0.0.8
HWADDR=00:0c:29:41:8d:2a
~
两个地址一个是自动获取,一个是手工指定
[root11:02 AMcentos8 /etc/sysconfig/network-scripts]#ls
ifcfg-ens34 ifcfg-eth0 ifcfg-eth0:1 route-eth0
[root11:01 AMcentos8 /etc/sysconfig/network-scripts]#cat ifcfg-eth0 设置为自动获取
BOOTPROTO=dhcp
NAME="eth0"
DEVICE=eth0
ONBOOT="yes"
[root11:02 AMcentos8 /etc/sysconfig/network-scripts]#cat ifcfg-eth0:1 设置为手工配置
BOOTPROTO="static"
NAME="eth0"
DEVICE="eth0:1"
ONBOOT="yes"
IPADDR=10.0.0.8
GATEWAY=10.0.0.2
NETMASK=255.255.255.0
DNS=10.0.0.8
#注意:只能把eth0 设置为自动或取 eth0:1 设置为手动配置
多网卡绑定
逻辑上共用一个MAC地址
#添加两张网卡,手动编写配置文件
[root11:46 AMcentos8 /etc/sysconfig/network-scripts]#ls
ifcfg-bond0 ifcfg-ens34 ifcfg-eth0 ifcfg-eth1
[root11:38 AMcentos8 /etc/sysconfig/network-scripts]#cat ifcfg-eth0
DEVICE="eth0"
ONBOOT="yes"
SLAVE=yes
MASTER=bond0
[root11:38 AMcentos8 /etc/sysconfig/network-scripts]#cat ifcfg-eth1
DEVICE="eth1"
ONBOOT="yes"
SLAVE=yes
MASTER=bond0
[root11:38 AMcentos8 /etc/sysconfig/network-scripts]#cat ifcfg-bond0
TYPE=bond
DEVICE=bond0
BOOTPROTO=none
IPADDR=10.0.0.100
PREFIX=24
BONDING_OPTS="mode=1 miimon=100 "
#查看bond里面的
[root11:55 AMcentos8 /etc/sysconfig/network-scripts]#cat /proc/net/bonding/bond0
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
Bonding Mode: fault-tolerance (active-backup)
Primary Slave: None
Currently Active Slave: eth1
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0
Peer Notification Delay (ms): 0
Slave Interface: eth0
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 1
Permanent HW addr: 00:0c:29:41:8d:2a
Slave queue ID: 0
Slave Interface: eth1
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:41:8d:34
Slave queue ID: 0
卸载bond
#禁用网卡
[root12:07 PMcentos8 /etc/sysconfig/network-scripts]#ifconfig bond0 down
#卸载模块
modprobe -r bonding
#删除配置文件
NetworkManager 一张网卡上自由切换多个Ip
不同的场合有不同的Ip,家里有家里的Ip 办公区有办公区的Ip
# 安装包,开启NetworkManager
[root04:31 PMcentos8 ~]#yum install NetworkManager -y
[root04:33 PMcentos8 ~]#yum -y install bash-completion
#改名字:
[root04:37 PMcentos8 /etc/sysconfig/network-scripts]#ls
ifcfg-eth0
[root04:38 PMcentos8 ~]#nmcli connection
NAME UUID TYPE DEVICE
Wired connection 1 16a1180c-a32e-312d-a7bb-1d7f1c0fe463 ethernet eth1
eth0 5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03 ethernet eth0
[root04:39 PMcentos8 ]#nmcli connection modify Wired\ connection\ 1 con-name eth1-home
[root04:40 PMcentos8 ]#nmcli connection
NAME UUID TYPE DEVICE
eth1-home 16a1180c-a32e-312d-a7bb-1d7f1c0fe463 ethernet eth1
eth0 5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03 ethernet eth0
#手工修改一个eth1-home的静态Ip
[root04:40 PMcentos8 /etc/sysconfig/network-scripts]#nmcli connection modify eth1-home ipv4.addresses 192.168.0.100/24 ipv4.gateway 192.168.0.1 ipv4.dns 223.6.6.6 ipv4.method manual
[root04:41 PMcentos8]#nmcli connection
NAME UUID TYPE DEVICE
eth0 5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03 ethernet eth0
eth1-home 16a1180c-a32e-312d-a7bb-1d7f1c0fe463 ethernet eth1
[root04:41 PMcentos8 ]#ls
ifcfg-eth0 ifcfg-eth1-home
#自动获取一个eth1-work 的动态Ip
[root04:42 PMcentos8]#nmcli connection add con-name eth1-work ipv4.method manual ipv4.addresses 172.16.0.100/16 type ethernet ifname eth1
Connection 'eth1-work' (f4094db8-c105-4fba-a706-61a8fbc644fc) successfully added.
#加载
[root04:43 PMcentos8 /etc/sysconfig/network-scripts]#nmcli connection reload
[root04:43 PMcentos8 /etc/sysconfig/network-scripts]#nmcli connection
NAME UUID TYPE DEVICE
eth0 5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03 ethernet eth0
eth1-home 16a1180c-a32e-312d-a7bb-1d7f1c0fe463 ethernet eth1
eth1-work f4094db8-c105-4fba-a706-61a8fbc644fc ethernet --
#切换以后自由变换Ip
[root04:43 PMcentos8 /etc/sysconfig/network-scripts]#nmcli connection up eth1-work
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/8)
[root04:57 PMcentos8 /etc/sysconfig/network-scripts]#ifconfig eth1
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.16.0.100 netmask 255.255.0.0 broadcast 172.16.255.255
inet6 fe80::f9bd:63b5:82d9:a169 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:41:8d:34 txqueuelen 1000 (Ethernet)
RX packets 9 bytes 1289 (1.2 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 99 bytes 13143 (12.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root04:57 PMcentos8 /etc/sysconfig/network-scripts]#ls #这样eth1 就有两份配置文件了
ifcfg-eth0 ifcfg-eth1-home ifcfg-eth1-work
一套物理网卡有多个Ip
nmcli 实现bond多网卡绑定Ip
#创建一个名字叫 mybond0的bond
[root05:12 PMcentos8]#nmcli connection add con-name mybond0 ifname bond0 type bond ipv4.method manual ipv4.addresses 10.0.0.100/24
Connection 'mybond0' (3e7d1d3f-0615-475d-ac78-8c30c52f0c77) successfully added.
#将eth1网卡命名为 mybond0-eth1添加到bond中
[root05:24 PMcentos8 /etc/sysconfig/network-scripts]#nmcli connection add con-name mybond0-eth1 ifname eth1 type bond-slave master bond0
Connection 'mybond0-eth1' (d8ac4db5-9c62-440a-88fc-80b61457d77a) successfully added.
[root05:27 PMcentos8 /etc/sysconfig/network-scripts]#nmcli connection
NAME UUID TYPE DEVICE
eth0 5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03 ethernet eth0
mybond0 3e7d1d3f-0615-475d-ac78-8c30c52f0c77 bond bond0
mybond0-eth1 d8ac4db5-9c62-440a-88fc-80b61457d77a ethernet eth1
#将eth0网卡命名为 mybond0-eth0添加到bond中
root05:29 PMcentos8 /etc/sysconfig/network-scripts]#nmcli connection add con-name mybond0-eth0 ifname eth0 type bond-slave master bond0
Connection 'mybond0-eth0' (fb22a8c7-ece4-4436-9239-a1dc7acb137b) successfully added.
#清除上次实验的eth0
root05:31 PMcentos8 /etc/sysconfig/network-scripts]#nmcli connection delete eth0
Connection 'eth0' (5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03) successfully deleted.
[root05:34 PMcentos8 ~]#cat /proc/net/bonding/bond0
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
Bonding Mode: load balancing (round-robin)
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0
Peer Notification Delay (ms): 0
Slave Interface: eth1
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:41:8d:34
Slave queue ID: 0
Slave Interface: eth0
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:41:8d:2a
Slave queue ID: 0
#两张网卡绑定在bond上了,查看一下
[root05:34 PMcentos8 ~]#nmcli connection
NAME UUID TYPE DEVICE
mybond0 3e7d1d3f-0615-475d-ac78-8c30c52f0c77 bond bond0
mybond0-eth0 fb22a8c7-ece4-4436-9239-a1dc7acb137b ethernet eth0
mybond0-eth1 d8ac4db5-9c62-440a-88fc-80b61457d77a ethernet eth1
网络组 Networking Teaming
[root05:54 PMcentos8 ~]#nmcli connection add con-name myteam0 ifname team0 type team config '{"runner":{"name":"activebackup"}}' ipv4.addresses 10.0.0.200/24
Connection 'myteam0' (a7257089-5e10-47a5-abd4-12b2bf1e0905) successfully added.
[root06:03 PMcentos8 /etc/sysconfig/network-scripts]#nmcli connection delete mybond0
Connection 'mybond0' (3e7d1d3f-0615-475d-ac78-8c30c52f0c77) successfully deleted.
#############不是很会
网桥
和交换机一个原理,隔离冲突域
标签:10.0,00,网络管理,0.0,PMcentos8,ip,eth0 来源: https://blog.51cto.com/u_14847540/2752649