1 IP地址
1.1 IP地址组成
它们可唯一标识IP网络中的每台设备,每台主机(计算机、网络设备、外围设备)必须具有唯一的地址
IP地址由两部分组成:
- 网络ID:标识网络,每个网段分配一个网络ID,处于高位
- 主机ID:标识单个主机,由组织分配给各设备,处于低位
lPv4地址格式:点分十进制记法
1.2 IP地址分类
A类:
0 0000000 - 0 1111111.X.Y.Z: 0-127.X.Y.Z
网络ID位是最高8位,主机ID是24位低位
网络数:126=2^7(可变是的网络ID位数)-2
每个网络中的主机数:2^24-2=16777214
默认子网掩码:255.0.0.0
私网地址:10.0.0.0
例:114.114.114.114,8.8.8.8,1.1.1.1,123.56.174.200,119.29.29.29
B类:
10 000000 - 10 111111.X.Y.Z: 128-191.X.Y.Z
网络ID位是最高16位,主机ID是16位低位
网络数:2^14=16384
每个网络中的主机数:2^16-2=65534
默认子网掩码:255.255.0.0
私网地址:172.16.0.0-172.31.0.0
例:180.76.76.76,172.16.0.1
C类:
110 0 0000 - 110 1 1111.X.Y.Z: 192-223.X.Y.Z
网络ID位是最高24位,主机ID是8位低位
网络数:2^21=2097152
每个网络中的主机数:2^8-2=254
默认子网掩码:255.255.255.0
私网地址:192.168.0.0-192.168.255.0
例: 223.6.6.6,223.5.5.5
D类:组(多)播,1110 0000 - 1110 1111.X.Y.Z: 224-239.X.Y.Z
E类:保留未使用,240-255
1.3 公共和私有IP地址
私有IP地址:不直接用于互联网,通常在局域网中使用
| 类 | 私有地址范围 |
|---|---|
| A | 10.0.0.0到10.255.255.255 |
| B | 172.16.0.0到172.31.255.255 |
| C | 182.168.0.0到192.168.255.255 |
公共IP地址:互联网上设备拥有的唯一地址
| 类 | 公共IP地址范围 |
|---|---|
| A | 1.0.0.0到9.255.255.25511.0.0.0到126.255.255.255 |
| B | 128.0.0.0到172.15.255.255172.32.0.0到191.255.255.255 |
| C | 192.0.0.0到192.167.255.255.255192.169.0.0到223.255.255.255 |
1.4 特殊地址
- 0.0.0.0
0.0.0.0不是一个真正意义上的IP地址。它表示所有不清楚的主机和目的网络
- 255.255.255.255
限制广播地址。对本机来说,这个地址指本网段内(同一广播域)的所有主
- 127.0.0.1~127.255.255.254
本机回环地址,主要用于测试。在传输介质上永远不应该出现目的地址为"127.0.0.1"的数据包
- 224.0.0.0到239.255.255.255
组播地址,224.0.0.1特指所有主机,224.0.0.2特指所有路由器。224.0.0.5指OSPF路由器,地址多用于—些特定的程序以及多媒体程序
- 169.254.x.X
如果Windows主机使用了DHCP自动分配IP地址,而又无法从DHCP服务器获取地址,系统会为主机分配这样地址
1.5 保留地址
例:
172.16.0.0网络中的两个地址:172.16.0.0 172.16.255.255
2 IP地址配置方法
2.1 IP地址分配方式
-
静态指定
ifconfig
ip
nmcli
配置文件 -
动态分配:DHCP:Dynamic Host Configuration Protocol
2.2 ipconfig命令
来自于net-tools包,建议使用ip代替
[root@centos8 ~]# rpm -qi net-tools
Name : net-tools
Version : 2.0
Release : 0.52.20160912git.el8
Architecture: x86_64
Install Date: Tue 18 May 2021 12:20:34 PM CST
Group : System Environment/Base
Size : 964782
License : GPLv2+
Signature : RSA/SHA256, Tue 28 Apr 2020 11:49:03 PM CST, Key ID 05b555b38483c65d
Source RPM : net-tools-2.0-0.52.20160912git.el8.src.rpm
Build Date : Mon 27 Apr 2020 09:59:47 AM CST
Build Host : x86-01.mbox.centos.org
Relocations : (not relocatable)
Packager : CentOS Buildsys <bugs@centos.org>
Vendor : CentOS
URL : http://sourceforge.net/projects/net-tools/
Summary : Basic networking tools
Description :
The net-tools package contains basic networking tools,
including ifconfig, netstat, route, and others.
Most of them are obsolete. For replacement check iproute package.常见使用方法
ifconfig [interface]
ifconfig -a
ifconfig IFACE [up|down]
ifconfig interface [aftype] options | address ...
ifconfig IFACE IP/netmask [up]
ifconfig IFACE IP netmask NETMASK注意:立即生效
启用混杂模式:[-]promisc
[root@centos8 ~]# ifconfig eth0 10.0.0.68 netmask 255.255.0.0
# 清除eth0上的IP地址
[root@centos8 ~]# ifconfig eth0 0.0.0.0
# 启用和禁用网卡
[root@centos8 ~]# ifconfig eth0 down
[root@centos8 ~]# ifconfig eth0 up
# 对一个网卡设置多个IP地址
[root@centos8 ~]# ifconfig eth0:1 172.16.0.8/24
[root@centos8 ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.0.8 netmask 255.255.255.0 broadcast 10.0.0.255
inet6 fe80::20c:29ff:feef:daa4 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:ef:da:a4 txqueuelen 1000 (Ethernet)
RX packets 1693 bytes 330824 (323.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1059 bytes 154214 (150.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth0:1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.16.0.8 netmask 255.255.255.0 broadcast 172.16.0.255
ether 00:0c:29:ef:da:a4 txqueuelen 1000 (Ethernet)
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@centos8 ~]# ifconfig eth0:1 down
[root@centos8 ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.0.8 netmask 255.255.255.0 broadcast 10.0.0.255
inet6 fe80::20c:29ff:feef:daa4 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:ef:da:a4 txqueuelen 1000 (Ethernet)
RX packets 1743 bytes 336274 (328.3 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1089 bytes 159726 (155.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
# 查看所有网卡流量情况
[root@centos8 ~]# ifconfig -s
Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0 1500 1791 0 0 0 1118 0 0 0 BMRU
lo 65536 0 0 0 0 0 0 0 0 LRU
# 查看指定网卡流量信息
[root@centos8 ~]# ifconfig -s eth0
Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0 1500 1806 0 0 0 1128 0 0 0 BMRU2.3 ip命令
来自于iproute包,可用于代替ifconfig
2.3.1 配置linux网络属性
ip [OPTINOS] OBJECT { COMMANG | help }ip命令说明:
OBJECT := {link|addr|route}
ip link - network device configuration
set dev IFACE,可设置属性:up and down:激活或禁用指定接口,相当于ifup/ifdown
show [dev IFACE] [up]:指定接口,up 仅显示处于激活状态的接口
man帮助:ip(8),ip-address(8),ip-link(8),ip-route(8)查看帮助
[root@centos8 ~]# ip link help
Usage: ip link add [link DEV] [ name ] NAME
[ txqueuelen PACKETS ]
[ address LLADDR ]
[ broadcast LLADDR ]
[ mtu MTU ] [index IDX ]
[ numtxqueues QUEUE_COUNT ]
[ numrxqueues QUEUE_COUNT ]
type TYPE [ ARGS ]
ip link delete { DEVICE | dev DEVICE | group DEVGROUP } type TYPE [ ARGS ]
ip link set { DEVICE | dev DEVICE | group DEVGROUP }
[ { up | down } ]
[ type TYPE ARGS ]
[ arp { on | off } ]
[ dynamic { on | off } ]
[ multicast { on | off } ]
[ allmulticast { on | off } ]
[ promisc { on | off } ]
[ trailers { on | off } ]
[ carrier { on | off } ]
[ txqueuelen PACKETS ]
[ name NEWNAME ]
[ address LLADDR ]
[ broadcast LLADDR ]
[ mtu MTU ]
[ netns { PID | NAME } ]
[ link-netns NAME | link-netnsid ID ]
[ alias NAME ]
[ vf NUM [ mac LLADDR ]
[ vlan VLANID [ qos VLAN-QOS ] [ proto VLAN-PROTO ] ]
[ rate TXRATE ]
[ max_tx_rate TXRATE ]
[ min_tx_rate TXRATE ]
[ spoofchk { on | off} ]
[ query_rss { on | off} ]
[ state { auto | enable | disable} ] ]
[ trust { on | off} ] ]
[ node_guid { eui64 } ]
[ port_guid { eui64 } ]
[ { xdp | xdpgeneric | xdpdrv | xdpoffload } { off |
object FILE [ section NAME ] [ verbose ] |
pinned FILE } ]
[ master DEVICE ][ vrf NAME ]
[ nomaster ]
[ addrgenmode { eui64 | none | stable_secret | random } ]
[ protodown { on | off } ]
[ gso_max_size BYTES ] | [ gso_max_segs PACKETS ]
ip link show [ DEVICE | group GROUP ] [up] [master DEV] [vrf NAME] [type TYPE]
ip link xstats type TYPE [ ARGS ]
ip link afstats [ dev DEVICE ]
ip link help [ TYPE ]
TYPE := { vlan | veth | vcan | vxcan | dummy | ifb | macvlan | macvtap |
bridge | bond | team | ipoib | ip6tnl | ipip | sit | vxlan |
gre | gretap | erspan | ip6gre | ip6gretap | ip6erspan |
vti | nlmon | team_slave | bond_slave | bridge_slave |
ipvlan | ipvtap | geneve | vrf | macsec | netdevsim | rmnet |
xfrm }ip地址管理
ip addr {add|del} IFADDR dev STRING [label LABEL] [scope {global|link|host}] [broadcast ADDRESS]
[label LABEL]:添加地址时指明网卡别名
[scope {global|link|host}]:指明作用域,global:全局可用;link:仅链接可用;host:本机可用
[broadcast ADDRESS]:指明广播地址
ip address show
ip addr flush例:
ip link set eth0 down # 禁用网卡
ip link set eth0 name abc # 网卡改名
ip link set abc up # 启用网卡
ip addr add 10.0.0.8/24 dev eth0 label eth0:1 # 添加网卡别名
ip addr del 10.0.0.8/24 dev eth0 label eth0:1 # 删除网卡别名
ip addr fulsh dev eth0 # 清楚网络地址,注意:清楚所有地址增加网卡别名实现一个网卡多个IP
[root@centos8 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:ef:da:a4 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.8/24 brd 10.0.0.255 scope global noprefixroute ens160
valid_lft forever preferred_lft forever
inet6 fe80::aa27:d927:ae26:d310/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@centos8 ~]# ip address add 10.0.0.18/24 dev ens160 label ens160:1
[root@centos8 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:ef:da:a4 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.8/24 brd 10.0.0.255 scope global noprefixroute ens160
valid_lft forever preferred_lft forever
inet 10.0.0.18/24 scope global secondary ens160:1
valid_lft forever preferred_lft forever
inet6 fe80::aa27:d927:ae26:d310/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@centos8 ~]# ip address del 10.0.0.18/24 dev ens160 label ens160:1
[root@centos8 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:ef:da:a4 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.8/24 brd 10.0.0.255 scope global noprefixroute ens160
valid_lft forever preferred_lft forever
inet6 fe80::aa27:d927:ae26:d310/64 scope link noprefixroute
valid_lft forever preferred_lft forever修改IP
[root@centos8 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:ef:da:a4 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.8/24 brd 10.0.0.255 scope global noprefixroute ens160
valid_lft forever preferred_lft forever
inet6 fe80::aa27:d927:ae26:d310/64 scope link noprefixroute
valid_lft forever preferred_lft forever
# 先加新IP,再删除旧的IP
[root@centos8 ~]# ip address add 10.0.0.18/24 dev ens160
[root@centos8 ~]# ip address del 10.0.0.8/24 dev ens160
[root@centos8 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:ef:da:a4 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.18/24 scope global ens160
valid_lft forever preferred_lft forever
inet6 fe80::aa27:d927:ae26:d310/64 scope link noprefixroute
valid_lft forever preferred_lft forever例:
[root@centos8 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:ef:da:a4 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.8/24 scope global ens160
valid_lft forever preferred_lft forever
inet6 fe80::aa27:d927:ae26:d310/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@centos8 ~]# ip address add 10.0.0.18/24 dev ens160
[root@centos8 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:ef:da:a4 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.8/24 scope global ens160
valid_lft forever preferred_lft forever
inet 10.0.0.18/24 scope global secondary ens160
valid_lft forever preferred_lft forever
inet6 fe80::aa27:d927:ae26:d310/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@centos8 ~]# ip address add 10.0.0.18/24 dev ens160
RTNETLINK answers: File exists
[root@centos8 ~]# ip addr change 10.0.0.18/24 dev ens160 preferred_lft 30 valid_lft6
Error: either "local" is duplicate, or "valid_lft6" is a garbage.
[root@centos8 ~]# ip addr change 10.0.0.18/24 dev ens160 preferred_lft 30 valid_lft 6
preferred_lft is greater than valid_lft
[root@centos8 ~]# ip addr change 10.0.0.18/24 dev ens160 preferred_lft 3 valid_lft 10
[root@centos8 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:ef:da:a4 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.8/24 scope global ens160
valid_lft forever preferred_lft forever
inet 10.0.0.18/24 scope global secondary deprecated dynamic ens160
valid_lft 7sec preferred_lft 0sec
inet6 fe80::aa27:d927:ae26:d310/64 scope link noprefixroute
valid_lft forever preferred_lft forever
# 10s后IP地址消失
[root@centos8 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:ef:da:a4 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.8/24 scope global ens160
valid_lft forever preferred_lft forever
inet6 fe80::aa27:d927:ae26:d310/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@centos8 ~]# ip addr change 10.0.0.18/24 dev ens160 preferred_lft 10 valid_lft 20
[root@centos8 ~]# ip addr change 10.0.0.18/24 dev ens160 preferred_lft 20 valid_lft 40
[root@centos8 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:ef:da:a4 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.8/24 scope global ens160
valid_lft forever preferred_lft forever
inet 10.0.0.18/24 scope global secondary dynamic ens160
valid_lft 39sec preferred_lft 19sec
inet6 fe80::aa27:d927:ae26:d310/64 scope link noprefixroute
valid_lft forever preferred_lft forever
# replace 代替现有地址信息
[root@centos8 ~]# ip addr replace 10.0.0.18/24 dev ens160 preferred_lft 30 valid_lft 60
[root@centos8 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:ef:da:a4 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.8/24 scope global ens160
valid_lft forever preferred_lft forever
inet 10.0.0.18/24 scope global secondary dynamic ens160
valid_lft 59sec preferred_lft 29sec
inet6 fe80::aa27:d927:ae26:d310/64 scope link noprefixroute
valid_lft forever preferred_lft forever
# replace 也可以实现新加IP
[root@centos8 ~]# ip addr replace 10.0.0.28/24 dev ens160 preferred_lft 30 valid_lft 60
[root@centos8 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:ef:da:a4 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.8/24 scope global ens160
valid_lft forever preferred_lft forever
inet 10.0.0.28/24 scope global secondary dynamic ens160
valid_lft 46sec preferred_lft 16sec
inet6 fe80::aa27:d927:ae26:d310/64 scope link noprefixroute
valid_lft forever preferred_lft forever2.3.2 管理路由
ip route 用法
# 添加路由:
ip route add TARGET via GW dev IFACE src SOURCE_IP
TARGET:
主机路由:IP
网络路由:NETWORK/MASK
# 添加网关:
ip route add default via GW dev IFACE
# 删除路由
ip route del TARGET
# 显示路由:
ip route show|list
# 清空路由表
ip route flush [dev IFACE] [via PREFIX]例:
ip route add 192.168.0.0/24 via 172.16.0.1
ip route add 192.168.1.100 via 172.16.0.1
ip route add default via 172.16.0.1
ip route flush dev etho查看路由过程:
# 查看到达10.0.0.7所使用的路由
[root@centos8 ~]# ip route get 10.0.0.7
10.0.0.7 dev ens160 src 10.0.0.8 uid 0
cache
# 查看到达8.8.8.8所使用的路由
[root@centos8 ~]# ip route get 8.8.8.8
8.8.8.8 via 10.0.0.2 dev ens160 src 10.0.0.8 uid 0
cache2.4 配置文件
IP、MASK、GW、DNS相关的配置文件:
/etc/sysconfig/networl-scripts/ifcfc-IFACE说明参考:
/usr/share/doc/initscripts/sysconfig.txt常用配置:
| 设置 | 说明 |
|---|---|
| TYPE | 接口类型;常见有的Ethernet,Bridge |
| NAME | 此配置文件应用到的设备 |
| DEVICE | 设备名 |
| HWADDR | 对应的设备的MAC地址 |
| UUID | 设备的惟—标识 |
| BOOTPROTO | 激活此设备时使用的地址配置协议,常用的dhcp,static,none,bootp |
| IPADDR | 指明IP地址 |
| NETMASK | 子网掩码,如:255.255.255.0 |
| PREFIX | 网络ID的位数,如:24 |
| GATEWAY | 默认网关 |
| DNS1 | 第一个DNS服务器地址 |
| DNS2 | 第二个DNS服务器地址 |
| DOMAIN | 主机不完整时,自动搜索的域名后缀 |
| ONBOOT | 在系统引导时是否激活此设备 |
| USERCTL | 普通用户是否可控制此投备 |
| PEERDNS | 如果BOOTPROTO的值为"dhcp",YES将允许dhcpserver分配的dns服务器信息直接覆盖至/etc/resolv.conf文件,NO不允许修改resolv.conf |
| NM_CONTROLLED | NM是NetworkManager的简写,此网卡是否接受NM控制 |
2.5 nmcli
centos7以上版网络配置
CentOS 6之前,网络接口使用连续号码命名: eth0、eth1等,当增加或删除网卡时,名称可能会发生变化,CentOS7以上版使用基于硬件,设备拓扑和设置类型命名
CentOS 8中已弃用network.service,采用NetworkManager(NM)为网卡启用命令。CentOS 8仍可以安装network.service作为网卡服务,只是默认没有安装,具体方法为:dnf install network-scripts,不过官方已明确在下一个大版本中,将彻底放弃network.service,不建议继续使用network.service管理网络。
图形工具:nm-connection-editor
字符配置tui工具:
- nmtui
- nmtui-connect
- nmtui-edit
- nmtui-hostname
命令行工具:nmcli
以上工具都依赖NetworkManager服务,此服务是管理和监控网络设备的守护进程
nmcli命令
nmcli命令相关术语
- 设备即网络接口
- 连接是对网络接口的配置,一个网络接口可有多个连接配置,但同时只有一个连接配置生效
格式:
nmcli [ OPTIONS ] OBJECT { COMMAND | help }
device - show and manage network interfaces
nmcli device help
connection - start,stop,and manage network connections
nmcli connection help修改lIP地址等属性:
nmcli connection modify IFACE [+/-]setting.property value
setting.property: ipv4.addresses ipv4.gateway ipv4.dns1 ipv4.method manual|auto修改配置文件执行生效:
nmcli con re1oad
nmcli con up con-name| nmcli con mod | ifcfg***文件 |
|---|---|
| ipv4.method manual | BOOTPROTO=none |
| ipv4.method auto | BOOTPROTO=dhcp |
| ipv4.addresses 192.168.2.1/24 | IPADDR=192.168.2.1 PREFIX=24 |
| ipv4.gateway 172.16.0.200 | GATEWAY=192.0.2.254 |
| ipv4.dns 8.8.8.8 | DNS0=8.8.8.8 |
| ipv4.dns-search example.com | DOMAIN=example.com |
| ipv4.ignore-auto-dns true | PEERDNS=no |
| connection.autoconnect yes | ONBOOT=yes |
| connection.id eth0 | NAME=etho |
| connection.interface-name eth0 | DEVICE=eth0 |
| 802-3-ethernet.mac-address . . . | HWADDR=... |
例:
# 查看帮助
nmcli con add help
# 使用nmcli配置网络
nmcli con show
# 显示所有活动连接
nmcli con show --active
# 显示网络连接配置
nmcli con show "System eth0"
# 显示设备状态
nmcli dev status
# 显示网络接口属性
nmcli dev show eth0
# 常见新连接default,IP自动通过dhcp获取
nmcli con add con-name default type Ethernet ifname eht0
# 删除连接
nmcli con del default
# 创建新连接static ,指定静态IP,不自动连接
nmcli con add con-name static ifname eth0 autoconnect no type Ethernet ipv4.addresses 172.25.X.10/24 ipv4.gateway 172.25.x.254
# 启用static连接配置
nmcli con up static
# 启用default连接配置
nmcli con up default
# 修改连接设置
nmcli con mod "static" connection.autoconnect no
nmcli con mod "static" ipv4.dns 172.25.x.254
nmcli con mod "static" +ipv4.dns 8.8.8.8
nmcli con mod "static" -ipv4.dns 8.8.8.8
nmcli con mod "static" ipv4.addresses "172.16.X.10/24 172.16.x.254"
nmcli con mod "static" +ipv4.addresses 10.10.10.10/16
# DNS设置存放在/etc/resolv.conf,PEERDNS=no表示当IP通过dhcp自动获取时,dns仍是手动设置,不自动获取等价于下面命令
nmcli con mod "system etho" ipv4.ignore-auto-dns yes2.5.1 使用nmcli实现bonding
#添加bonding接口
nmcli con add type bond con-name mybond0 ifname bond0 mode active-backup
#添加从属接口
nmcli con add type bond-slave ifname ens7 master bond0
nmcli con add type bond-s1ave ifname ens3 master bond0
#注:如无为从属接口提供连接名,则该名称是接口名称加类型构成
#要启动绑定,则必须首先启动从属接口
nmcli con up bond-slave-eth0
nmcli con up bond-slave-eth1
#启动绑定
nmcli con up mybond0
Comments | 2 条评论
贼详细,但是图要是能自己画一遍,就更牛逼了!
@14660463 有时间一定!