2. it
  3. 关于Linux网络配置

关于Linux网络配置

mac2024-04-22  47

1.网络协议

1.以太网传输协议:CSMA/CD即载波侦听多路访问/冲突检测

是广播型信道中采用一种随机访问技术的竞争型访问方法,具有多目标地址的特点它处于一种总线型局域网结构,其物理拓扑结构正逐步向星型发展采用分布式控制方法,所有结点之间不存在控制与被控制的关系早期主要是以太网络中数据传输方式,广泛应用于以太网中

2.IPv4,Internet Protocol version 4即网际协议版本4,又称互联网通信协议第四版

是网际协议开发过程中的第四个修订版本,也是此协议第一个被广泛部署的版本是一种无连接的协议,操作在使用分组交换的链路层(如以太网)上此协议会尽最大努力交付数据包,意即它不保证任何数据包均能送达目的地,也不保证所有数据包均按照正确的顺序无重复地到达这些方面是由上层的传输协议(如传输控制协议)处理的IPv4使用32位(4字节)地址,因此地址空间中只有4,294,967,296(2)个地址IPv4地址可被写作任何表示一个32位整数值的形式,但为了方便人类阅读和分析,它通常被写作点分十进制的形式,即四个字节被分开用十进制写出,中间用点分隔一个IPv4地址可以分为网络地址和主机地址两部分,其中网络地址可以使用如下形式描述:192.168.0.0/16,其中斜线后的数字表示网络地址部分的长度是16位,这对应2个字节,即网络地址部分是192.168.0.0,/24则表示前24位为1,/24=/255.255.255.0。而对于ip为172.255.254.89,网络位为172.255.254,主机位为89IPv4地址可以分为以下五类:A类:0~127 ,B类:128~191, C类:192~223, D类:224~239,组播地址, E类:240~254,保留为研究测试使用

3.IP,Intermet Protocol即网际互连协议,是TCP/IP体系中的网络层协议

IP是整个TCP/IP协议族的核心,也是构成互联网的基础设计IP的目的是提高网络的可扩展性:一是解决互联网问题,实现大规模、异构网络的互联互通;二是分割顶层网络应用和底层网络技术之间的耦合关系,以利于两者的独立发展IP只为主机提供一种无连接、不可靠的、尽力而为的数据报传输服务位于TCP/IP模型的网络层(相当于OSI模型的网络层),对上可载送传输层各种协议的信息,例如TCP、UDP等;对下可将IP信息包放到链路层,通过以太网、令牌环网络等各种技术来传送为了能适应异构网络,IP强调适应性、简洁性和可操作性,并在可靠性做了一定的牺牲IP不保证分组的交付时限和可靠性,所传送分组有可能出现丢失、重复、延迟或乱序等问题

4.IPv4地址与IP地址的区别:

IPv4是一个版本,而IP是一个很大的概念,他们有着本质上的区别IPv4地址是广电网络的内网IPIP地址中A类、B类、C类地址的区别,IP地址的长度决定了IPv4的地址空间,决定了地址的有限IP包含了私网IP、公网IP、IPv4、IPv6

2.相关概念

直连网络: 直连网络与外部网络相连,其自身不包含任何网络资源,在直连网络中创建虚拟机时实际使用的是外部网络中的IP地址资源,外部网络可以是公司现有网络或者公网,可直接进行通信子网掩码: 它是一种用来指明一个IP地址的哪些位标识的是主机所在的子网,以及哪些位标识的是主机的位掩码子网掩码不能单独存在,它必须结合IP地址一起使用子网掩码的作用,就是将某个IP地址划分成网络地址和主机地址两部分,还可用于将一个大的IP网络划分为若干小的子网络子网掩码是一个32位地址,用于屏蔽IP地址的一部分以区别网络标识和主机标识,并说明该IP地址是在局域网上,还是在广域网上当网络位一致时,主机位不一致的两个ip可以直接通讯,处于同一个局域网下

3.网络设定工具

1.ping

ping检测网络是否通畅ping -c 1ping1次ping -w 1等待一秒ping -c1 -w1 ipping一次等待一秒 [root@foundation79 ~]# ping 172.25.254.80 ##检测网络是否通畅 PING 172.25.254.80 (172.25.254.80) 56(84) bytes of data. 64 bytes from 172.25.254.80: icmp_seq=1 ttl=64 time=0.137 ms 64 bytes from 172.25.254.80: icmp_seq=2 ttl=64 time=0.148 ms ^C --- 172.25.254.80 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1000ms rtt min/avg/max/mdev = 0.137/0.142/0.148/0.013 ms [root@foundation79 ~]# ping -c 1 172.25.254.80 ##ping一次 PING 172.25.254.80 (172.25.254.80) 56(84) bytes of data. 64 bytes from 172.25.254.80: icmp_seq=1 ttl=64 time=0.244 ms --- 172.25.254.80 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.244/0.244/0.244/0.000 ms [root@foundation79 ~]# ping -w 1 172.25.254.80 ##等待一秒 PING 172.25.254.80 (172.25.254.80) 56(84) bytes of data. 64 bytes from 172.25.254.80: icmp_seq=1 ttl=64 time=0.162 ms 64 bytes from 172.25.254.80: icmp_seq=2 ttl=64 time=0.189 ms --- 172.25.254.80 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 999ms rtt min/avg/max/mdev = 0.162/0.175/0.189/0.018 ms [root@foundation79 ~]# ping -c1 -w1 172.25.254.80 ##ping一次等待一秒 PING 172.25.254.80 (172.25.254.80) 56(84) bytes of data. 64 bytes from 172.25.254.80: icmp_seq=1 ttl=64 time=0.247 ms --- 172.25.254.80 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.247/0.247/0.247/0.000 ms

2.ifconfig

ifconfig查看或设定网络接口ifconfig device ip/24设定某一特定device的ipifconfig device down关闭ifconfig device up开启 [root@localhost ~]# ifconfig ##查看所有的网络接口 eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.25.254.80 netmask 255.255.255.0 broadcast 172.25.254.255 inet6 fe80::5054:ff:fe00:4f0a prefixlen 64 scopeid 0x20<link> ether 52:54:00:00:4f:0a txqueuelen 1000 (Ethernet) RX packets 55 bytes 7089 (6.9 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 66 bytes 9254 (9.0 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 ether 52:54:00:4e:69:17 txqueuelen 1000 (Ethernet) RX packets 41 bytes 4963 (4.8 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 0 (Local Loopback) RX packets 8 bytes 556 (556.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 8 bytes 556 (556.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [root@localhost ~]# ifconfig eth1 1.1.1.50/24 ##设定eth1的ip为1.1.1.50/24 [root@localhost ~]# ifconfig eth1 ##查看网络接口eth1 eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 1.1.1.50 netmask 255.255.255.0 broadcast 1.1.1.255 ether 52:54:00:4e:69:17 txqueuelen 1000 (Ethernet) RX packets 41 bytes 4963 (4.8 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 10 bytes 1769 (1.7 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [root@localhost ~]# ifconfig eth1 down ##关闭 [root@localhost ~]# ifconfig ##查看 eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.25.254.80 netmask 255.255.255.0 broadcast 172.25.254.255 inet6 fe80::5054:ff:fe00:4f0a prefixlen 64 scopeid 0x20<link> ether 52:54:00:00:4f:0a txqueuelen 1000 (Ethernet) RX packets 206 bytes 20828 (20.3 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 138 bytes 18518 (18.0 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 0 (Local Loopback) RX packets 8 bytes 556 (556.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 8 bytes 556 (556.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [root@localhost ~]# ifconfig eth1 up ##开启 [root@localhost ~]# ifconfig ##查看 eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.25.254.80 netmask 255.255.255.0 broadcast 172.25.254.255 inet6 fe80::5054:ff:fe00:4f0a prefixlen 64 scopeid 0x20<link> ether 52:54:00:00:4f:0a txqueuelen 1000 (Ethernet) RX packets 241 bytes 24600 (24.0 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 152 bytes 21050 (20.5 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 1.1.1.50 netmask 255.255.255.0 broadcast 1.1.1.255 ether 52:54:00:4e:69:17 txqueuelen 1000 (Ethernet) RX packets 41 bytes 4963 (4.8 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 19 bytes 3329 (3.2 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 0 (Local Loopback) RX packets 8 bytes 556 (556.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 8 bytes 556 (556.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

3.ip addr

ip addr检测或设定网络接口ip addr show检测ip addr add ip/24 dev device设定某一特定device的ipip addr del dev device ip/24删除某一特定device的ipip addr flush device刷新某一特定device,刷新完成后需重启网络服务network [root@localhost ~]# ip addr ##检测 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 52:54:00:00:4f:0a brd ff:ff:ff:ff:ff:ff inet 172.25.254.80/24 brd 172.25.254.255 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::5054:ff:fe00:4f0a/64 scope link valid_lft forever preferred_lft forever 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 52:54:00:4e:69:17 brd ff:ff:ff:ff:ff:ff inet 1.1.1.50/24 brd 1.1.1.255 scope global eth1 valid_lft forever preferred_lft forever [root@localhost ~]# ip addr show eth0 ##检测eth0的信息 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 52:54:00:00:4f:0a brd ff:ff:ff:ff:ff:ff inet 172.25.254.80/24 brd 172.25.254.255 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::5054:ff:fe00:4f0a/64 scope link valid_lft forever preferred_lft forever [root@localhost ~]# ip addr add 1.1.1.100/24 dev eth1 ##设定eth1的ip 为1.1.1.100/24 [root@localhost ~]# ip addr show eth1 ##检测eth1的信息 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 52:54:00:4e:69:17 brd ff:ff:ff:ff:ff:ff inet 1.1.1.50/24 brd 1.1.1.255 scope global eth1 valid_lft forever preferred_lft forever inet 1.1.1.100/24 scope global secondary eth1 valid_lft forever preferred_lft forever [root@localhost ~]# ip addr del 1.1.1.100/24 dev eth1 ##删除eth1的ip为1.1.1.100/24 [root@localhost ~]# ip addr show eth1 ##检测eth1 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 52:54:00:4e:69:17 brd ff:ff:ff:ff:ff:ff inet 1.1.1.50/24 brd 1.1.1.255 scope global eth1 valid_lft forever preferred_lft forever [root@localhost ~]# ip addr flush eth1 ##刷新eth1 [root@localhost ~]# systemctl restart network ##重启网络服务 [root@localhost ~]# ip addr show ##检测 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqu eue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 52:54:00:00:4f:0a brd ff:ff:ff:ff:ff:ff inet 172.25.254.80/24 brd 172.25.254.255 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::5054:ff:fe00:4f0a/64 scope link valid_lft forever preferred_lft forever 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 52:54:00:4e:69:17 brd ff:ff:ff:ff:ff:ff ##临时设定的eth1的ip会清空

4.注意:

device的名字是一个物理事实,系统中有什么用什么使用命令ifconfig与ip addr 设定的ip都为临时设定记录当前网络状态的服务:NetworkManager

4.图形方式设定ip

1.使用命令 nm-connection-editor 打开设定ip的图形界面,打开之后具体操作步骤如下图所示:

先将原有的ip删除: 删除完之后在进行添加 添加成功

2.若图形界面显示不出来时,可使用命令 nmtui 打开设定ip的界面,打开之后具体操作步骤如下图所示:

输入命令 nmuti 添加ip 添加成功

3.注意: 图形方式设定ip为永久性设定

5.命令方式设定网络

前提:NetworkManager必须开启注意: 此种方式设定的ip为永久设定在动态改静态时先设定ip,静态改动态则不用更改ipnmcli nmcli device connect eth1启用网卡eth1nmcli device disconnect eth1关闭网卡eth1nmcli device show eth1查看网卡eth1的信息nmcli device status eth1查看网卡eth1的服务接口信息nmcli connection show查看网络nmcli connection down aaa断开链接名称为aaa的网络nmcli connection up aaa开启链接名称为aaa的网络nmcli connection delete aaa删除链接名称为aaa的网络nmcli connection delete uuid xxxxxx若一个链接名称下有多个uuid则删除特定的uuidnmcli connection add type ethernet con-name aaa ifname eth1 ip4 172.25.254.90/24添加网络nmcli connection modify aaa ipv4.method auto动态分配ipnmcli connection modify aaa ipv4.method manual静态分配ipnmcli connection modify aaa ipv4.addresses 172.25.254.100/24添加网络 [root@localhost ~]# nmcli device disconnect eth1 ##关闭网卡eth1 [root@localhost ~]# nmcli device show eth1 ##查看网卡eth1的信息 GENERAL.DEVICE: eth1 GENERAL.TYPE: ethernet GENERAL.HWADDR: 52:54:00:4E:69:17 GENERAL.MTU: 1500 GENERAL.STATE: 30 (disconnected) GENERAL.CONNECTION: -- GENERAL.CON-PATH: -- WIRED-PROPERTIES.CARRIER: on [root@localhost ~]# nmcli device connect eth1 ##开启网卡eth1 Device 'eth1' successfully activated with 'b73122d2-c6d4-4ba8-8a72-066076b137ea'. [root@localhost ~]# nmcli device show eth1 ##查看网卡eth1的信息 GENERAL.DEVICE: eth1 GENERAL.TYPE: ethernet GENERAL.HWADDR: 52:54:00:4E:69:17 GENERAL.MTU: 1500 GENERAL.STATE: 100 (connected) GENERAL.CONNECTION: eth1 GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/9 WIRED-PROPERTIES.CARRIER: on IP4.ADDRESS[1]: ip = 1.1.1.50/24, gw = 0.0.0.0 IP6.ADDRESS[1]: ip = fe80::5054:ff:fe4e:6917/64, gw = :: [root@localhost ~]# nmcli device status eth1 ##查看网卡eth1的服务接口信息 Unknown parameter: eth1 DEVICE TYPE STATE CONNECTION eth0 ethernet connected eth0 eth1 ethernet connected eth1 lo loopback unmanaged -- [root@localhost ~]# nmcli connection show ##查看网络信息 NAME UUID TYPE DEVICE eth0 2cfc1e21-4835-4159-9a67-42450a514527 802-3-ethernet eth0 eth1 b73122d2-c6d4-4ba8-8a72-066076b137ea 802-3-ethernet eth1 [root@localhost ~]# nmcli connection del eth1 ##删除链接名称为eth1的网络 [root@localhost ~]# nmcli connection show ##查看网络信息 NAME UUID TYPE DEVICE eth0 2cfc1e21-4835-4159-9a67-42450a514527 802-3-ethernet eth0 ##只剩下了eth0 [root@localhost ~]# nmcli connection add type ethernet con-name aaa ifname eth1 ip4 172.25.254.90/24 ##添加网络,类型为以太网,名称为aaa,网卡名称为eth1,ip为172.25.254.90/24 Connection 'aaa' (6ce4db04-1707-4ac7-8d58-937f9152cb97) successfully added. [root@localhost ~]# nmcli connection show ##查看网络信息 NAME UUID TYPE DEVICE eth0 2cfc1e21-4835-4159-9a67-42450a514527 802-3-ethernet eth0 aaa 6ce4db04-1707-4ac7-8d58-937f9152cb97 802-3-ethernet eth1 ##添加成功 [root@localhost ~]# nmcli connection down aaa ##断开 [root@localhost ~]# nmcli connection show ##查看网络信息 NAME UUID TYPE DEVICE eth0 2cfc1e21-4835-4159-9a67-42450a514527 802-3-ethernet eth0 aaa 6ce4db04-1707-4ac7-8d58-937f9152cb97 802-3-ethernet -- ##断开成功 [root@localhost ~]# nmcli connection up aaa ##开启 Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/12) [root@localhost ~]# nmcli connection show ##查看网络信息 NAME UUID TYPE DEVICE eth0 2cfc1e21-4835-4159-9a67-42450a514527 802-3-ethernet eth0 aaa 6ce4db04-1707-4ac7-8d58-937f9152cb97 802-3-ethernet eth1 ##开启成功 [root@localhost ~]# nmcli connection add type ethernet con-name aaa ifname eth1 ip4 172.25.254.90/24 ##添加网络 Connection 'aaa' (f98e7092-912c-408d-8bac-99dc78f1dffc) successfully added. [root@localhost ~]# nmcli connection add type ethernet con-name aaa ifname eth1 ip4 172.25.254.90/24 ##添加网络 Connection 'aaa' (ec13b4f6-871f-4677-bc6d-1867f0b29036) successfully added. [root@localhost ~]# nmcli connection add type ethernet con-name aaa ifname eth1 ip4 172.25.254.90/24 ##添加网络 Connection 'aaa' (08b92445-58fa-4b85-a104-d208808ee6c9) successfully added. [root@localhost ~]# nmcli connection show ##查看网络信息 NAME UUID TYPE DEVICE eth0 2cfc1e21-4835-4159-9a67-42450a514527 802-3-ethernet eth0 aaa 08b92445-58fa-4b85-a104-d208808ee6c9 802-3-ethernet -- aaa ec13b4f6-871f-4677-bc6d-1867f0b29036 802-3-ethernet -- aaa f98e7092-912c-408d-8bac-99dc78f1dffc 802-3-ethernet -- aaa 6ce4db04-1707-4ac7-8d58-937f9152cb97 802-3-ethernet eth1 [root@localhost ~]# nmcli connection delete uuid 08b92445-58fa-4b85-a104-d208808ee6c9 ##删除uuid为08b92445-58fa-4b85-a104-d208808ee6c9的网络信息 [root@localhost ~]# nmcli connection show ##查看网络信息 NAME UUID TYPE DEVICE eth0 2cfc1e21-4835-4159-9a67-42450a514527 802-3-ethernet eth0 aaa ec13b4f6-871f-4677-bc6d-1867f0b29036 802-3-ethernet -- aaa f98e7092-912c-408d-8bac-99dc78f1dffc 802-3-ethernet -- aaa 6ce4db04-1707-4ac7-8d58-937f9152cb97 802-3-ethernet eth1 ##已删除 [root@localhost ~]# nmcli connection add type ethernet con-name aaa ifname eth1 ##添加网络,不设置ip Connection 'aaa' (c4f2fd0a-f72b-4b10-89f2-3071a2c7aff9) successfully added. [root@localhost ~]# nmcli connection modify aaa ipv4.addresses 172.25.254.100/24 ##设置静态ip [root@localhost ~]# nmcli connection modify aaa ipv4.method manual ##静态分配ip [root@localhost ~]# systemctl restart network ##重启网络服务 [root@localhost ~]# ip addr show eth1 ##查看eth1信息 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 52:54:00:4e:69:17 brd ff:ff:ff:ff:ff:ff inet 172.25.254.100/24 brd 172.25.254.255 scope global eth1 ##设置成功 valid_lft forever preferred_lft forever inet6 fe80::5054:ff:fe4e:6917/64 scope link valid_lft forever preferred_lft forever

6.管理网络配置文件

网络配置目录 /etc/sysconfig/network-scripts/网络配置文件的命名规则:(ifcfg-xxxx)内容如下:DEVICE=xxx #设备名称BOOTPROTO=dhcp / static / none #设备工作方,dhcp为动态static / none为静态ONBOOT=yes #网络服务开启时自动激活网卡上面三行必写IPADDR=xxx #IP地址PREFIX=24 #子网掩码NETMASK=255.255.255.0 #子网掩码NAME=xxx #接口名称,可以不写

1.设置动态ip

[root@localhost ~]# cd /etc/sysconfig/network-scripts/ ##切换到目录/etc/sysconfig/network-scripts/,方便查看 [root@localhost network-scripts]# ls ##显示目录内容 ifcfg-eth0-1 ifdown-isdn ifdown-tunnel ifup-isdn ifup-Team ifcfg-lo ifdown-post ifup ifup-plip ifup-TeamPort ifdown ifdown-ppp ifup-aliases ifup-plusb ifup-tunnel ifdown-bnep ifdown-routes ifup-bnep ifup-post ifup-wireless ifdown-eth ifdown-sit ifup-eth ifup-ppp init.ipv6-global ifdown-ippp ifdown-Team ifup-ippp ifup-routes network-functions ifdown-ipv6 ifdown-TeamPort ifup-ipv6 ifup-sit network-functions-ipv6 [root@localhost network-scripts]# vim ifcfg-eth1 ##编辑文件ifcfg-eth1 [root@localhost network-scripts]# ls ##显示文件内容,出现ifcfg-eth1 ifcfg-eth0-1 ifdown-isdn ifup ifup-plusb ifup-wireless ifcfg-eth1 ifdown-post ifup-aliases ifup-post init.ipv6-global ifcfg-lo ifdown-ppp ifup-bnep ifup-ppp network-functions ifdown ifdown-routes ifup-eth ifup-routes network-functions-ipv6 ifdown-bnep ifdown-sit ifup-ippp ifup-sit ifdown-eth ifdown-Team ifup-ipv6 ifup-Team ifdown-ippp ifdown-TeamPort ifup-isdn ifup-TeamPort ifdown-ipv6 ifdown-tunnel ifup-plip ifup-tunnel [root@localhost network-scripts]# ifconfig eth1 ##查看eth1 eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet6 fe80::5054:ff:fe4e:6917 prefixlen 64 scopeid 0x20<link> ether 52:54:00:4e:69:17 txqueuelen 1000 (Ethernet) RX packets 679 bytes 68988 (67.3 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 595 bytes 82955 (81.0 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

编辑文件的内容如下:

DEVICE=eth1 BOOTPROTO=dhcp ONBOOT=yes

2.设置静态ip

[root@localhost network-scripts]# vim ifcfg-eth1 ##编辑文件ifcfg-eth1 [root@localhost network-scripts]# systemctl restart network ##重启网络 [root@localhost network-scripts]# ifconfig eth1 ##查看eth1 eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.25.254.90 netmask 255.255.255.0 broadcast 172.25.254.255 inet6 fe80::5054:ff:fe4e:6917 prefixlen 64 scopeid 0x20<link> ether 52:54:00:4e:69:17 txqueuelen 1000 (Ethernet) RX packets 707 bytes 72887 (71.1 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 680 bytes 97091 (94.8 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

编辑文件内容如下:

DEVICE=eth1 BOOTPROTO=none ONBOOT=yes PREFIX=24 IPADDR=172.25.254.90

3.注意:

/etc/sysconfig/network-scripts/目录中的文件在每次开机后都会读取一个网卡只有一个配置文件所有的ifcfg文件都会被读取若存在多个ifcfg文件,则只读取一个,其他不生效若重启网络服务时失败,有2个原因:ifcfg文件内容写错、ifcfg文件不唯一在设定ip时可设定多个,但要标注IPADDR0、IPADDR1、IPADDR2…

7.回环接口

回环接口是些逻辑的接口,即虚拟的软件接口,它们并不是真正的路由器接口在ospf路由协议中配置使用回环接口是为了确保在ospf进程中总有一个激活的接口,回环接口可以用于ospf的配置和诊断该接口是稳定的,如果配置了,其IP地址常用来作为路由选择协议如BGP和OSPF的路由在LINUX系统中,除了网络接口eth0,还可以有别的接口,比如lo(本地环路接口)假如包是由一个本地进程为另一个本地进程产生的, 它们将通过外出链的’lo’接口,然后返回进入链的’lo’接口所有人的回环接口都为:127.0.0.1回环接口是自己给自己用回环接口-----人的神经-----127.0.0.1-----locajhost

8.网关

网关(Gateway)又称网间连接器、协议转换器网关在网络层以上实现网络互连,是复杂的网络互连设备,仅用于两个高层协议不同的网络互连既可以用于广域网互连,也可以用于局域网互连是一种充当转换重任的计算机系统或设备使用在不同的通信协议、数据格式或语言,甚至体系结构完全不同的两种系统之间,网关是一个翻译器与网桥只是简单地传达信息不同,网关对收到的信息要重新打包,以适应目的系统的需求简单来说,网关 就是一个网络连接到另一个网络的“关口”,也就是网络关卡只有设置好网关的IP地址,TCP/IP协议才能实现不同网络之间的相互通信网关的IP地址是具有路由功能的设备的IP地址,具有路由功能的设备有路由器、启用了路由协议的服务器(实质上相当于一台路由器)、代理服务器(也相当于一台路由器)

9.如何实现不同网段主机之间进行通信

两台主机分别为(172.25.254.80与1.1.1.100)

1.在具有两个网卡的主机上进行设置

开启内核路由功能sysctl -a | grep ip_forward#查看内核路由功能net.ipv4.ip_forward = 0#0为关闭,1为开启vim /etc/sysctl.conf#编辑文件/etc/sysctl.conf使内核路由功能开启sysctl -p#使/etc/sysctl.conf文件中的设定生效net.ipv4.ip_forward = 1sysctl -a | grep ip_forward#显示为开启net.ipv4.ip_forward = 1 [root@localhost ~]# sysctl -a | grep ip_forward ##查看内核路由功能 net.ipv4.ip_forward = 0 ##0为关闭,1为开启 [root@localhost ~]# vim /etc/sysctl.conf ##编辑文件/etc/sysctl.conf使内核路由功能开启 [root@localhost ~]# sysctl -p ##使/etc/sysctl.conf文件中的设定生效 net.ipv4.ip_forward = 1 [root@localhost ~]# sysctl -a | grep ip_forward ##显示为开启 net.ipv4.ip_forward = 1

文件/etc/sysctl.conf内容如下:

# System default settings live in /usr/lib/sysctl.d/00-system.conf. # To override those settings, enter new settings here, or in an /etc/sysctl.d/<name>.conf file # # For more information, see sysctl.conf(5) and sysctl.d(5). net.ipv4.ip_forward = 1 ##添加的内容

开启地址伪装功能

systemctl start firewalld#开启防火墙

irewall-cmd --list-all#查看火墙的所有状态

public (default, active) interfaces: eth0 eth1 sources: services: dhcpv6-client ssh ports: masquerade: no #地址伪装功能关闭 forward-ports: icmp-blocks: rich rules:

firewall-cmd --permanent --add-masquerade#永久开启火墙的地址伪装功能

firewall-cmd --reload#重新加载

firewall-cmd --list-all#查看火墙的所有状态

public (default, active) interfaces: eth0 eth1 sources: services: dhcpv6-client ssh ports: masquerade: yes #地址伪装功能开启 forward-ports: icmp-blocks: rich rules:

[root@localhost ~]# systemctl start firewalld ##开启防火墙 [root@localhost ~]# firewall-cmd --list-all ##查看火墙的所有状态 public (default, active) interfaces: eth0 eth1 sources: services: dhcpv6-client ssh ports: masquerade: no ##地址伪装功能关闭 forward-ports: icmp-blocks: rich rules: [root@localhost ~]# firewall-cmd --permanent --add-masquerade ##永久开启火墙的地址伪装功能 success [root@localhost ~]# firewall-cmd --reload ##重新加载 success [root@localhost ~]# firewall-cmd --list-all ##查看火墙的所有状态 public (default, active) interfaces: eth0 eth1 sources: services: dhcpv6-client ssh ports: masquerade: yes ##地址伪装功能开启 forward-ports: icmp-blocks: rich rules:

2.在只有一块网卡的客户端进行设置

vim /etc/sysconfig/network#全局网关,针对所有没有设定的网关的网卡生效编辑的内容为:GATEWAY=1.1.1.50vim /etc/sysconfig/network-scripts/ifcfg-eth0#网卡为eth0的网关编辑内容为:GATEWAY=1.1.1.50#当网卡中只有一个ip时GATEWAY0=1.1.1.50#当网卡中有多个ip时,对指定的那个ip生效两种设置网关的方式皆可route -n#查看网关

具体操作步骤如下图所示:

10.如何使虚拟机上网

1.开启真机路由功能:

[root@foundation79 ~]# ip addr show br0 ##查看真机的ip 4: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000 link/ether 54:e1:ad:ed:91:d5 brd ff:ff:ff:ff:ff:ff inet 172.25.79.250/24 brd 172.25.79.255 scope global br0 valid_lft forever preferred_lft forever inet 172.25.254.79/24 brd 172.25.254.255 scope global br0 valid_lft forever preferred_lft forever inet6 fe80::2cc4:8ff:fea3:cb1e/64 scope link valid_lft forever preferred_lft forever [root@foundation79 ~]# sysctl -a | grep ip_forward ##查看内核路由功能 net.ipv4.ip_forward = 1 ##内核路由功能开启 net.ipv4.ip_forward_use_pmtu = 0 [root@foundation79 ~]# systemctl restart firewalld ##重新开启防火墙 [root@foundation79 ~]# firewall-cmd --list-all ##查看防火墙所有状态 trusted (active) target: ACCEPT icmp-block-inversion: no interfaces: br0 enp2s0 wlp3s0 sources: services: ports: protocols: masquerade: yes ##地址伪装功能开启 forward-ports: sourceports: icmp-blocks: rich rules:

2.设置有两个网卡的虚拟机的网关:

[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0-1 ##编辑文件设置网关 [root@localhost ~]# systemctl restart network ##重启网络 [root@localhost ~]# route -n ##查看网关 Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 172.25.254.79 0.0.0.0 UG 1024 0 0 eth0 1.1.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 172.25.254.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0

在/etc/sysconfig/network-scripts/ifcfg-eth0-1文件中添加GATEWAY0=172.25.254.79

3.测试:在虚拟机中ping14.215.177.39

[root@localhost ~]# ping 14.215.177.39 ##成功 PING 14.215.177.39 (14.215.177.39) 56(84) bytes of data. 64 bytes from 14.215.177.39: icmp_seq=1 ttl=52 time=2943 ms 64 bytes from 14.215.177.39: icmp_seq=2 ttl=52 time=1959 ms 64 bytes from 14.215.177.39: icmp_seq=3 ttl=52 time=959 ms 64 bytes from 14.215.177.39: icmp_seq=4 ttl=52 time=112 ms ^C --- 14.215.177.39 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3000ms rtt min/avg/max/mdev = 112.004/1493.716/2943.896/1062.329 ms, pipe 3 [root@localhost ~]# ping www.baidu.com ##失败 ^C 虚拟机可以ping通而不能上网的原因是www.baidu.com域名没有解析

11.如何使用域名连接网站

1.本地解析

本地解析文件:/etc/hosts需要手动添加网址和其对应的ip地址主机自己给自己答案 ,所有的ip地址都是自己给解析就是把域名变成IP [root@localhost ~]# vim /etc/hosts ##编辑本地解析文件 [root@localhost ~]# ping www.baidu.com ##连接成功 PING www.baidu.com (14.215.177.39) 56(84) bytes of data. 64 bytes from www.baidu.com (14.215.177.39): icmp_seq=1 ttl=52 time=35.3 ms 64 bytes from www.baidu.com (14.215.177.39): icmp_seq=2 ttl=52 time=57.5 ms 64 bytes from www.baidu.com (14.215.177.39): icmp_seq=3 ttl=52 time=41.5 ms ^C --- www.baidu.com ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2004ms rtt min/avg/max/mdev = 35.360/44.796/57.507/9.333 ms 编辑文件/etc/hosts内容:14.215.177.39 www.baidu.com效果如下图所示:

2.域名解析服务:dns

能提供客户本地解析服务的主机dns服务器的地址,即dns指向文件:/etc/resolv.conf并且更改完/etc/resolv.conf文件之后,不用重启,即改即生效不需手动写,没有问题的答案,但有指向固定dns分两种情况:若为静态的网络,则重启网络后,(重启network还在,则重启NetworkManager)指向文件内容会被更改,若不更改,在/etc/sysconfig/network-scripts/ifcfg-eth文件里添加dns1=114.114.114.114,dns有1、2、3共3个若为动态的网络(dhcp),则将PEERDNS改为no,再在/etc/resolv.conf中添加114.114.114.114在这种情况下更改需要重启网络 [root@localhost ~]# vim /etc/resolv.conf ##编辑文件 [root@localhost ~]# ping www.baidu.com ##成功连接百度网站 PING www.a.shifen.com (14.215.177.38) 56(84) bytes of data. 64 bytes from 14.215.177.38: icmp_seq=1 ttl=54 time=35.1 ms 64 bytes from 14.215.177.38: icmp_seq=2 ttl=54 time=35.3 ms ^C --- www.a.shifen.com ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1002ms rtt min/avg/max/mdev = 35.132/35.226/35.320/0.094 ms [root@localhost ~]# ping www.taobao.com ##成功连接淘宝网站 PING www.taobao.com.danuoyi.tbcache.com (113.137.55.234) 56(84) bytes of data. 64 bytes from 113.137.55.234: icmp_seq=1 ttl=49 time=5.27 ms 64 bytes from 113.137.55.234: icmp_seq=2 ttl=49 time=4.95 ms ^C --- www.taobao.com.danuoyi.tbcache.com ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1001ms rtt min/avg/max/mdev = 4.956/5.114/5.272/0.158 ms 编辑文件/etc/resolv.conf内容:nameserver 114.114.114.114效果如下图所示:

3.本地解析与域名解析服务的优先级

默认:本地解析文件的优先级高更改文件优先级:vim /etc/nsswitch.conf :39行 [root@localhost ~]# vim /etc/hosts ##设定本地解析 [root@localhost ~]# vim /etc/resolv.conf ##设定dns解析 [root@localhost ~]# vim /etc/nsswitch.conf ##查看优先级,本地的优先级高 [root@localhost ~]# ping www.baidu.com ##连接百度的网站 PING www.baidu.com (14.215.177.39) 56(84) bytes of data. ##ip为本地解析设定的ip 64 bytes from www.baidu.com (14.215.177.39): icmp_seq=1 ttl=54 time=35.0 ms 64 bytes from www.baidu.com (14.215.177.39): icmp_seq=2 ttl=54 time=34.7 ms ^C --- www.baidu.com ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1001ms rtt min/avg/max/mdev = 34.736/34.906/35.076/0.170 ms [root@localhost ~]# vim /etc/nsswitch.conf ##更改优先级,使dns高于本地 [root@localhost ~]# ping www.baidu.com ##连接百度的网站 PING www.a.shifen.com (14.215.177.38) 56(84) bytes of data. ##ip为询问114.114.114.114得到的ip 64 bytes from 14.215.177.38: icmp_seq=1 ttl=54 time=35.2 ms 64 bytes from 14.215.177.38: icmp_seq=2 ttl=54 time=35.4 ms 64 bytes from 14.215.177.38: icmp_seq=3 ttl=54 time=35.2 ms ^C --- www.a.shifen.com ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2003ms rtt min/avg/max/mdev = 35.227/35.306/35.410/0.230 ms 编辑/etc/hosts文件内容为:14.215.177.39 www.baidu.com编辑/etc/resolv.conf文件内容为:nameserver 114.114.114.114更改优先级的内容为:39 hosts: dns files

12.搭建DHCP服务器

1.DHCP协议

DHCP(动态主机配置协议)是一个局域网的网络协议指的是由服务器控制一段lP地址范围,客户机登录服务器时就可以自动获得服务器分配的lP地址和子网掩码通常被应用在大型的局域网络环境中,主要作用是集中的管理、分配IP地址,使网络环境中的主机动态的获得IP地址、Gateway地址、DNS服务器地址等信息,并能够提升地址的使用率采用客户端/服务器模型,主机地址的动态分配任务由网络主机驱动当DHCP服务器接收到来自网络主机申请地址的信息时,才会向网络主机发送相关的地址配置等信息,以实现网络主机地址信息的动态配置

2.DHCP具有以下功能:

保证任何IP地址在同一时刻只能由一台DHCP客户机所使用DHCP应当可以给用户分配永久固定的IP地址DHCP应当可以同用其他方法获得IP地址的主机共存(如手工配置IP地址的主机)DHCP服务器应当向现有的BOOTP客户端提供服务

3.DHCP服务器

DHCP服务器指的是由服务器控制一段IP地址范围,客户端登录服务器时就可以自动获得服务器分配的IP地址和子网掩码DHCP服务器提供了三种IP分配方式:自动分配(Automatic allocation)、手动分配和动态分配(Dynamic Allocation)自动分配是当DHCP客户端第一次成功的从DHCP服务器获取一个IP地址后,就永久的使用这个IP地址手动分配是由DHCP服务器管理员专门指定的IP地址动态分配是当客户端第一次从DHCP服务器获取到IP地址后,并非永久使用该地址,每次使用完后,DHCP客户端就需要释放这个IP,供其他客户端使用

4.若主机没有获取其他ip的能力,则不能设置dhcp,要搭建dhcp服务器

scp /home/kiosk/Desktop/dhcp-4.2.5-47.el7.x86_64.rpm root@172.25.254.80:/root/Desktop将dhcp安装包从真机上传到虚拟机里面rpm -ivh dhcp-4.2.5-47.el7.x86_64.rpm将安装包在虚拟机中进行安装ls /etc/dhcp/查看配置目录下的文件dhclient.d dhcpd6.conf dhcpd.conf出现这三个文件说明安装成功vim /dhcpd.conf查看dhcp的配置文件cp /usr/share/doc/dhcp * /dhcpd.conf.example dhcpd.conf将文件放置在配置文件中ls /etc/dhcp/再次查看配置目录下的文件vim dhcpd.conf编辑dhcp的配置文件systemctl restart dhcpd重启服务systemctl status dhcpd查看dhcp服务的状态

编辑内容为:

删除27、28行及35行以后的内容

改域名westos.org 改服务dns为114.114.114.114

改下面的网络位 172.25.254.0 改子网掩码 255.255.255.0

改动态分配的范围172.25.254.50 172.25.254.99

改网关172.25.254.250

另一台主机连接此台,使之主动分配动态ipvim /etc/sysconfig/network-scripts/ifcfg-eth0编辑网络配置文件编辑内容为:BOOTPROTO=dhcp DEVICE=eth0 ONBOOT=yessystemctl restart network重启网络ip addr show eth0查看分配的ip是否在50~99之间
最新回复(0)