Detailed configuration of Linux Network

1: files related to network configuration

1、Network card name configuration related files

Back to the top

NIC naming rule file:

/etc/udev/rules.d/70-persistent-net.rules

# PCI device 0x8086:0x100f (e1000)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0c:29:db:c9:5c", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0"

# PCI device 0x8086:0x100f (e1000)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0c:29:db:c9:66", ATTR{type}=="1", KERNEL=="eth*", NAME="eth1"

Modify the naming example of network card:

1、View the driver of the NIC and uninstall the NIC driver.

[root@rhel6 ~]# ethtool -i eth0
driver: e1000 #Network card driver
[root@rhel6 ~]# modprobe -r e1000 #Uninstall NIC driver

2、Modify 70-persistent-net.rules file

3、Reloading the NIC driver and restarting the network service

[root@rhel6 ~]# modprobe e1000   #Reload the NIC driver[root@rhel6 ~] /etc/rc.d/init.d/network restart restart network service
Back to the top

Change the CentOS7.x NIC name to the traditional naming method:

1、Modify /etc/default/grbu file

# sed -i.bak -r 's/(GRUB_CMDLINE_LINUX=.*)"/\1 net.ifnames=0"/' /etc/default/grub

2、Generate a new grub configuration file and restart it.

grub2-mkconfig -o /etc/grub2.cfg

2、Network configuration related files

Network configuration reference: /usr/share/doc/initscripts-9.03.53/sysconfig.txt

The configuration of the network card is: /etc/sysconfig/network-scripts/, configuration file: ifcfg- network name.

Configuration file example:

Copy code ></span></div>
<p>[root@rhel6 ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0 <br />DEVICE=eth0<br />BOOTPROTO=static|dhcp|none<br />IPADDR=192.168.0.6<br />NETMASK=255.255.255.0<br />#PREFIX=24 #Subnet mask<br />GATEWAY=192.168.0.1<br />DNS1=114.114.114.114<br />DNS2=8.8.8.8<br />DNS3=1.1.1.1<br />TYPE=Ethernet<br />ONBOOT=yes<br />HWADDR=00:0C:29:DB:C9:5C<br />#MACADDR=00:0C:29:DB:C9:5A	#Modify MAC address<br />UUID=38d329c5-b1bb-491b-a669-47422cfda764<br />NM_CONTROLLED=no</p>
<div class=Copy code ></span></div>
</div>
<p><strong>Detailed configuration parameters for network configuration files are as follows:</strong></p>
<ul>
<li>DEVICE:The device that this configuration file applies to</li>
<li>HWADDR:The corresponding device’s MAC address</li>
<li>BOOTPROTO:The address configuration protocol used to activate this device, commonly used DHCP, static, none, BOOTP</li>
<li>NM_CONTROLLED:NMShort for Network Manager, this card is NM controlled or not; recommended as “no” (Network Manager: GUI Network Configuration Tool, does not support bridging, strongly recommended to close)</li>
<li>ONBOOT:Do you want to activate this device when the system is boot?</li>
<li>TYPE:Interface types, common Ethernet, Bridge</li>
<li>UUID:Unique identification of device</li>
<li>IPADDR:Specify IP address</li>
<li>NETMASK:Subnet mask</li>
<li>GATEWAY: Default gateway</li>
<li>DNS1:The first DNS server points.</li>
<li>DNS2:Second DNS servers pointing</li>
<li>USERCTL:Can ordinary users control this device?</li>
<li>PEERDNS:If the value of BOOTPROTO is “dhcp”, do you allow the DNS server allocated by the DHCP server to point to information that is directly overwritten in the / etc / resolv. conf file</li>
</ul>
<h2>3、Other related configuration files</h2>
<p>Routing configuration: /etc/sysconfig/network-scripts/route-interface</p>
<ul>
<li>NETWOEK/NETMASK via GATEWAY</li>
</ul>
<p>DNSConfiguration file: /etc/resolv.conf</p>
<ul>
<li>nameserver DNS_IP</li>
</ul>
<p>Local network resolution configuration file: /etc/hosts</p>
<ul>
<li>IP  hostname alias</li>
</ul>
<p>Host name configuration file:</p>
<ul>
<li>centos6.x:/etc/sysconfig/network</li>
<li>centos7.x:/etc/hostname</li>
</ul>
<h1>Two: about network configuration Tools</h1>
<h2>①ifconfig</h2>
<ul>
<li>-a:View enabled and disabled NIC information</li>
<li>interface {up|down}:Enabling or disabling network cards</li>
<li>interface IP/NETMASK:Temporary setup of IP</li>
<li>interface [-]promisc:Setting up NIC is in mixed mode.</li>
<li>-s interface:View the flow information of the specified NIC</li>
</ul>
<h2>②route</h2>
<ul>
<li>-n:Digital display, no resolution, increase efficiency</li>
<li>add {-net | -host} NETWORK/NETMASK gw GATEWAY dev DEVICE Add routing</li>
<li>{add | del} default gw GATEWAY Add or remove default route</li>
<li>del {-net | -host} NETWORK/NETMASK gw GATEWAY Delete route</li>
</ul>
<div class=
route add -net 10.0.0.0/8 gw 172.20.0.1 dev eth1 #Add a route to 10.0.0.0 segment.
route del -net 10.0.0.0/8 gw 172.20.0.1 #Deleting 10.0.0.0 segment routing

③netstat

  • -n:Digital display, no resolution, increase efficiency
  • -r:View routing table
  • -t:TCPRelevant
  • -u:UDPRelevant
  • -w:Bare socket
  • -l:View ports in the listening state
  • -a:View all status ports
  • -e:Display more detailed information
  • -p:View related processes PID
  • -i:Display network card traffic
  • -Iinterface:View the flow information of the specified network card = = ifconfig -s interface
[root@centos7 ~]# netstat -tnulp  #Displays the listener status of TCP, UDP and port of related processes.

④ip

  • link
    • set interface {up|down}:Enabling or disabling network cards
    • show interface:Display specified NIC information
  • addr
    • add IP/NETMASK [label interface:#] [scope {global | link | host}] [broadcast IP] dev interface:Add temporary address
      • label:assign an alias
      • scope:Scope of action
        • global:Scope is global.
        • link:Only the network connected to this NIC will take effect.
        • host:Host only available
      • broadcast:Set broadcast address
    • del dev interface [label interface:#]:Delete IP
    • flush dev interface [label interface:#]:Emptying IP
  • route
    • add IP/NETMASK via GATEWAY dev interface:Add routing
    • add default via GATEWAY dev interface:Add default route
    • del IP/NETMASK via GATEWAY dev interface:Delete route
    • flush:Empty routing table
    • show:View routing table
[root@centos7 ~]# ip addr add 192.168.1.100/24 label eth0:0 dev eth0 #Set temporary IP address

 

⑤ss

  • -n:Digital display, no resolution, increase efficiency
  • -t:TCPRelevant
  • -u:UDPRelevant
  • -w:Bare socket
  • -x:Display UNIX sock related information
  • -l:View ports in the listening state
  • -a:View all status ports
  • -e:Display more detailed information
  • -p:View related processes PID
  • -m:Amount of memory
  • -o:Timer information
  • -s:Display current socket details
  • state TCP_STATE ‘( dport = :ssh or sport = :ssh )’
    • established
    • listen
    • fin_wait_1
    • fin_wait_2
    • syn_sent
    • syn_recv
[root@centos7 ~]# ss state established '( dport = :ssh or sport = :ssh )' #View connected SSH

 

⑥nmcli:Address configuration tool (CentOS7.x)

Subcommand completion function: Yum install bash-completion, depending on EPEL source.

1、see information

[root@centos7 ~]# nmcli device status
[root@centos7 ~]# nmcli connection show

2、Delete configuration

[root@centos7 ~]# nmcli connection delete ens33

3、Add configuration

[root@centos7 ~]# nmcli connection add con-name ens33 ifname ens33 type ethernet ipv4.method auto connection.autoconnect yes
  • con-name ens33:Configuration file name
  • ifname ens33:Designated network card device
  • type ethernet:Network type Ethernet
  • ipv4.method auto:Automatic acquisition of IP
  • connection.autoconnect yes:Boot self starting

 4、Switch configuration

[root@centos7 ~]# nmcli connection up ens33

 5、Modify configuration file name ens33 –> ens33-static

[root@centos7 ~]# nmcli connection modify ens33 con-name ens33-static

 6、Modify configuration IP

[root@centos7 ~]# nmcli connection modify ens33-static ipv4.addresses 192.168.0.100/24 ipv4.gateway 192.168.0.1 ipv4.method manual
  • ipv4.addresses 192.168.0.100/24:IPaddress
  • ipv4.gateway 192.168.0.1:gateway
  • ipv4.method manual:Manual access, static address must be configured to manual, otherwise default dynamic.

7、Re read configuration files

[root@centos7 ~]# nmcli connection reload

8、Disconnect and connect network connections

[root@centos7 ~]# nmcli device disconnect ens33
[root@centos7 ~]# nmcli device connect ens33

9、View details of network configuration

[root@centos7 ~]# nmcli connection show ens33

10、Add another address to the configuration.

[root@centos7 ~]# nmcli connection modify ens33-static +ipv4.addresses 10.0.0.2/8

Three: other related tools

ping:Test network command

  • -c count:pingThe number of times
  • -W timeout:Overtime, cooperate with -c
  • -I ipaddress:Specify IP to use your host’s Ping to host each other’s host.
  • -s size:The maximum size of packet size per ping is 65507.
  • -f:Send data packets to the best of your host’s capabilities.
[root@centos7 ~]# ping -c1 -W1 192.168.0.6 #Ping test commonly used in scripts, Ping once, timeout 1s[root @ centos7 ~]# ping-s 65507-f 192.168.0.6 # sent large packets to 192.168.0.6 as much as it couldDDoS Attacks

tcpdump:Bag tool

  • -n:Prohibit parsing IP
  • -i interface:Designated NIC interface
  • tcp|udp|icmp|arp:Specified packet protocol

mtr:Network diagnostic tool

traceroute:Tracking routing

tracepath:Tracking routing

ifup:Enable network card

ifdown:Disable network card

setup:Character interface configuration tool (centos6.x)

system-config-network-tui:Character interface network configuration tool (centos6.x)

hostnamectl:Set up host name tool (centos7.x)

  • status
  • set-hostname HOSTNAME

mm-connection-editor:Graphical interface network configuration tool (centos7.x)

nmtui:Character interface configuration tool (centos7.x)

  • nmtui-connect
  • nmtui-edit
  • nmtui-hostname

lftp | lftp [-u user[,pass]] [-p port] [-e cmd] FTPSERVER:FTPClient tools

  • get
  • mget
  • put
  • mput
  • mirror DIR

lftpget URL:Non interactive downloading of FTP server files

wget:Network download tool

  • -q:silent mode
  • -c:Broken point
  • -P /path/DIRNAME:The saved files are saved to the specified folder.
  • -O /path/FILENAME:The saved file is saved to the specified location and renamed.
  • –limit-rate=# K|M:Speed limit to K|M

elinks | links:Character interface web browser

  • -source:View web page source code
  • -dump:Display text only

Four: Bonding and Team

++Bonding++

Binding: Binding multiple network cards to the same IP address to provide services, can achieve high availability or load balancing.

Back to the top

Working mode:

mode 0:balance-rr Rotation strategy: multiple network cards can send packets in turn to achieve load balancing functions.

mode 1:active-backup Main and backup strategy: the sending packets of active network card and other spare parts.

mode 3:broadcast Broadcast strategy: each network card will send a package.

Back to the top

Configuration example:

1、Create device configuration file for bonding

Copy code ></span></div>
<pre># cat >/etc/sysconfig/network-scripts/ifcfg-bond0 <<EOF
DEVICE=bond0
BOOTPROTO=none
BONDING_OPTS=
Copy code ></span></div>
</div>
<p>miimon=100:A link detection is performed per 100ms.</p>
<p>2、Subordinate network adapter configured with bonding</p>
<div class=
Copy code ></span></div>
<pre>[root@rhel6 ~]# cat >/etc/sysconfig/network-scripts/ifcfg-eth0 <<EOF
DEVICE=eth0
BOOTPROTO=none
MASTER=bond0
SLAVE=yes
EOF
[root@rhel6 ~]# cat >/etc/sysconfig/network-scripts/ifcfg-eth1 <<EOF
DEVICE=eth1
BOOTPROTO=none
MASTER=bond0
SLAVE=yes
EOF</pre>
<div class=Copy code ></span></div>
</div>
<p>3、Restart network services and view bonding status</p>
<div class=
Copy code ></span></div>
<pre># /etc/rc.d/init.d/network restart
[root@rhel6 ~]# cat /proc/net/bonding/bond0 |head
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)

Bonding Mode: fault-tolerance (active-backup)
Primary Slave: None
<strong>Currently Active Slave: eth0</strong> #Now eth0 is working.MII Status: upMII Polling Interval (MS): 100Up Delay (MS): 0Down Delay (MS): 0</pre>
<div class=Copy code ></span></div>
</div>
<div>Back to the top</div>
<h3>Delete bonding configuration example:</h3>
<p>1、Disable bond0 and uninstall bonding module</p>
<div class=
# ip link set bond0 down
# modprobe -r bonding

2、Restore configuration files and restart network

Attachment: official document link

++Team++

Network group: multiple network cards are aggregated together to achieve redundancy and increase throughput.

Working mode: runner

  • broadcast:Radio broadcast
  • roundrobin:Wheel tune
  • activebackup:Main preparation

1、Create a network group interface

[root@centos7 ~]# nmcli connection add type team con-name team0 ifname team0 config '{"runner":{"name":"activebackup"}}'

2、Configuring team0

[root@centos7 ~]# nmcli connection modify team0 ipv4.addresses 172.20.108.244/16 ipv4.method manual ipv4.gateway 172.20.0.1

3、Create port interface

[root@centos7 ~]# nmcli connection add con-name team0-eth1 type team-slave ifname eth1 master team0
[root@centos7 ~]# nmcli connection add con-name team0-eth2 type team-slave ifname eth2 master team0

 4、Start team0 and slave interface

[root@centos7 ~]# nmcli connection up team0
[root@centos7 ~]# nmcli connection up team0-eth1
[root@centos7 ~]# nmcli connection up team0-eth2

5、View work status

[root@centos7 ~]# teamdctl team0 state

6、Configuration file example:

 ifcfg-team0configuration file

7、Delete team0

[root@centos7 ~]# nmcli connection down team0
[root@centos7 ~]# nmcli connectioni delete team0-eth0
[root@centos7 ~]# nmcli connectioni delete team0-eth1

Five: Bridge

Bridging: connecting a number of network interfaces on a machine. As a result, messages received from one network port will be copied to other network ports and sent out. So that messages between the ports can be forwarded to each other. A bridge is such a device, it has several network ports, and these nets are bridged.It’s up. The host connected to the bridge can communicate with each other through the packet forwarding of the switch.

The message sent by host A is sent to eth0 port of switch S1. Because eth0 is bridged with eth1 and eth2, the message is copied to eth1 and eth2, sent out and received by host B and switch S2. S2 will forward the message to the host C.D.

1、Create a bridge

[root@centos7 ~]# nmcli connection add type bridge con-name br0 ifname br0

 

2、Configuration network bridge

[root@centos7 ~]# nmcli connection modify br0 ipv4.addresses 192.168.0.7/24 ipv4.method manual

 

3、Adding dependent network adapter to bridge

[root@centos7 ~]# nmcli connection add type bridge-slave con-name br0-eth0 ifname eth0 master br0

 

4、Enable bridge and view status

[root@centos7 ~]# nmcli connection up br0
[root@centos7 ~]# nmcli connection up br0-eth0
[root@centos7 ~]# brctl show
bridge name     bridge id               STP enabled     interfaces
br0             8000.000c295df21e       yes             eth0

 

5、Configuration file example:

 Bridge configuration file

 

Leave a Reply

Your email address will not be published. Required fields are marked *