目录
一、网络配置命令
1、ifconfig
查看当前主机中已启用的网络接口信息
[root@localhost ~]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.223.100 netmask 255.255.255.0 broadcast 192.168.223.255
inet6 fe80::5fdb:87ae:1437:4f17 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:be:56:ac txqueuelen 1000 (Ethernet)
RX packets 709538 bytes 1056180961 (1007.2 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 95739 bytes 5966018 (5.6 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
ether 52:54:00:bc:81:4b txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
1.1ifconfig 常用的格式
ifconfig 具体网卡名称-----只显示网卡的详细信息
ifconfig -a-------表示显示所有的网卡包,包括没有启动的网卡
ifconfig 网卡名称 [up/down]-------开启或关闭网卡
2、hostname
查看或设置当前主机名
2.1查看主机名
hostname [主机名]
[root@localhost ~]# hostname
localhost.localdomain
2.2修改主机名
2.2.1通过修改/etc/hostname文件来修改主机名
[root@localhost ~]# vim /etc/hostname
localhost.localdomain #把这个名字改成你想改的
2.2.2 通过hostnamectl来修改主机名
[root@localhost ~]# hostnamectl set-hostname www.bdqn.com
[root@localhost ~]# bash
[root@www ~]# hostname
www.bdqn.com
3、route
查看或设置主机中路由表信息
-n:将路由记录中的地址信息显示为数字形式
[root@localhost ~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default gateway 0.0.0.0 UG 100 0 0 ens33
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
192.168.223.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
[root@localhost ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.223.2 0.0.0.0 UG 100 0 0 ens33
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
192.168.223.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
[root@localhost ~]#
添加指定网段的路由记录:route add -net 网段地址 gw IP地址
删除指定网络的路由记录:route del -net 网段地址
向路由表中添加默认网关记录:route add default gw IP地址
删除路由表中默认的网关记录:route del default gw IP地址
4、netstat
查看网络连接情况
netstat 选项
常用的选项:
-a:显示主机中所有活动的网络连接信息(包括监听、非监听状态的服务端口)
-n:以数字的形式显示相关的主机地址、端口等信息
-r:显示路由表信息
-l:显示处于监听(Listening)状态的网络连接及端口信息
-t:查看 TCP(Transmission Control Protocol,传输控制协议)相关的信息
-u:显示 UDP(User Datagram Protocol,用户数据报协议)协议相关的信息
-p:显示与网络连接相关联的进程号、进程名称信息(该选项需要 root 权限)
5、ss(socket statistics)
ss [选项]
ss 命令:也可以查看网络连接情况,主要用于获取 socket 统计信息,它可以显示和 netstat 命令类似的输出内容。 但 ss 的优势在于它能够显示更多更详细的有关 TCP 和连接状态的信息,而且比 netstat 更快速更高效 当服务器的socket连接数量变得非常大时,无论是使用netstat命令还是直接cat /proc/net/tcp,执行速度都会很慢。 ss快的秘诀在于,它利用到了TCP协议栈中tcp_diag。tcp_diag是一个用于分析统计的模块,可以获得Linux 内核中第一手的信息,这就确保了ss的快捷高效 ss命令是Linux CentOS 7中iproute软件包的一部分,默认已经安装。
常用选项
-t:tcp协议相关
-u:udp协议相关
-w:裸套接字相关
-x:unix sock相关
-l:listen状态的连接
-a:所有
-n:数字格式
-p:相关程序及PID
-e:扩展的信息
-m:内存用量
-o:计时器信息
-r:--resolve 把IP解释为域名,把端口号解释为协议名称
6、ping
测试网络连通性
格式:ping [选项] 目标主机
选项:-c:发送多少个包;-w:等待时间
[root@localhost ~]# ping -c 3 192.168.223.100
PING 192.168.223.100 (192.168.223.100) 56(84) bytes of data.
64 bytes from 192.168.223.100: icmp_seq=1 ttl=64 time=0.097 ms
64 bytes from 192.168.223.100: icmp_seq=2 ttl=64 time=0.045 ms
64 bytes from 192.168.223.100: icmp_seq=3 ttl=64 time=0.048 ms
--- 192.168.223.100 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 0.045/0.063/0.097/0.024 ms
[root@localhost ~]# ping 192.168.223.100 -w 10
PING 192.168.223.100 (192.168.223.100) 56(84) bytes of data.
64 bytes from 192.168.223.100: icmp_seq=1 ttl=64 time=0.025 ms
64 bytes from 192.168.223.100: icmp_seq=2 ttl=64 time=0.046 ms
64 bytes from 192.168.223.100: icmp_seq=3 ttl=64 time=0.042 ms
64 bytes from 192.168.223.100: icmp_seq=4 ttl=64 time=0.040 ms
64 bytes from 192.168.223.100: icmp_seq=5 ttl=64 time=0.042 ms
64 bytes from 192.168.223.100: icmp_seq=6 ttl=64 time=0.040 ms
64 bytes from 192.168.223.100: icmp_seq=7 ttl=64 time=0.069 ms
64 bytes from 192.168.223.100: icmp_seq=8 ttl=64 time=0.083 ms
64 bytes from 192.168.223.100: icmp_seq=9 ttl=64 time=0.057 ms
64 bytes from 192.168.223.100: icmp_seq=10 ttl=64 time=0.070 ms
--- 192.168.223.100 ping statistics ---
10 packets transmitted, 10 received, 0% packet loss, time 9015ms
rtt min/avg/max/mdev = 0.025/0.051/0.083/0.018 ms
7、tracerout
路由跟踪
格式:traceroute IP地址
[root@localhost ~]# traceroute 192.168.223.100
traceroute to 192.168.223.100 (192.168.223.100), 30 hops max, 60 byte packets
1 localhost.localdomain (192.168.223.100) 0.049 ms 0.006 ms 0.005 ms
8、nslookup
域名解析
格式:nslookup 域名
[root@localhost ~]# nslookup www.baidu.com
Server: 8.8.8.8
Address: 8.8.8.8#53
Non-authoritative answer:
www.baidu.com canonical name = www.a.shifen.com.
Name: www.a.shifen.com
Address: 14.215.177.39
Name: www.a.shifen.com
Address: 14.215.177.38
dig 可以显示更多详细信息
[root@localhost ~]# dig www.baidu.com
; <<>> DiG 9.9.4-RedHat-9.9.4-50.el7 <<>> www.baidu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23562
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;www.baidu.com. IN A
;; ANSWER SECTION:
www.baidu.com. 334 IN CNAME www.a.shifen.com.
www.a.shifen.com. 123 IN CNAME www.wshifen.com.
www.wshifen.com. 123 IN A 103.235.46.39
;; Query time: 35 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: 五 10月 08 14:53:51 CST 2021
;; MSG SIZE rcvd: 111
9、永久修改网络相关配置文件
网卡
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static #网卡获取地址模式
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=41ceb681-2813-4b90-933e-bdd0f21bcc92
DEVICE=ens33
ONBOOT=yes #开机是否自启动
IPADDR=192.168.223.100 #配置IP地址
NETMASK=255.255.255.0 #子网掩码
GATEWAY=192.168.223.2 #网关
DNS1=8.8.8.8 #dns
[root@localhost ~]# systemctl restart network #重启网卡服务
[root@localhost ~]# ping 192.168.223.100 #测试通信
PING 192.168.223.100 (192.168.223.100) 56(84) bytes of data.
64 bytes from 192.168.223.100: icmp_seq=1 ttl=64 time=0.034 ms
64 bytes from 192.168.223.100: icmp_seq=2 ttl=64 time=0.042 ms
64 bytes from 192.168.223.100: icmp_seq=3 ttl=64 time=0.113 ms
64 bytes from 192.168.223.100: icmp_seq=4 ttl=64 time=0.066 ms
64 bytes from 192.168.223.100: icmp_seq=5 ttl=64 time=0.039 ms
^C
--- 192.168.223.100 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4004ms
rtt min/avg/max/mdev = 0.034/0.058/0.113/0.030 ms
二、DHCP
1、DHCP概述
DHCP (Dynamic Host Configuration Prottocol,动态主机配置协议),是由Internet工作任务小组设计开发的,专门用于为TCP/IP网络中的计算机自动分配TCP/TP参数的协议。DHCP服务避免了因手动设置IP地址所产生的错误,同时也避免了把一个IP靠且简单的TCP/IP地址分配给多台工作站所造成的地址冲突。
2、DHCP好处
减少管路员的工作量
避免输入错误的可能
避免IP地址的冲突
当网络更改IP地址段时,不需要再重新配置每个用户的IP地址
提高了IP地址的利用率
方便了客户端的配置
3、DHCP的分配方式
1.自动分配
自动分配是当DHCP客户机第一次成功地从DHCP服务器获取到一个IP地址后,就永久地使用这个IP地址
2.手动分配
手动分配是由DHCP服务器管理员专门指定的IP地址
3.动态分配
动态分配是当DHCP客户机第一次从DHCP服务器获取到IP地址后,并非永久使用该地址,而是再每次使用完后,DHCP客户机就会释放这个IP地址,供其他客户机使用
4、DHCP工作原理
1.客户机请求IP地址
当一个DHCP客户机启动时,客户机还没有IP地址,所以客户机要通过DHCP获取一个合法的地址
此时DHCP客户机以广播方式发送DHCP Discover发现信息来寻找DHCP服务器
2.服务器响应
oDHCP服务器接收到来自客户机请求lP地址的信息时,在自己的IP地址池中查找是否有合法的IP地址提供给客户机,如果有,DHCP服务器将此IP地址做上标记,加入到DHCP Offer的消息中,然后广播─则DHCP Offer消息
3.客户机选择IP地址
DHCP客户机从接收到的第一个DHCP Offer消息中提取IP地址,发出IP地址的DHCP服务器将该地址保留,这样该地址就不能再分配给另一个DHCP客户机
4.服务器确定租约
DHCP服务器接收到DHCP Request消息后,以DHCPACK消息的形式向客户机广播成功确认,该消息包含有IP地址的有效租约和其他可配置的信息
当客户机收到DHCP ACK消息时,配置lP地址,完成TCP/IP的初始化
5.重新登录
DHCP客户机每次重新登录网络时,不需要再发送DHCPDiscover信息,而是直接发送包含前一次所分配的IP地址的DHCP Request请求信息
6.更新续约
当DHCP服务器向客户机出租的IP地址租期达到50%时,就需要更新租约
客户机直接向提供租约的服务器发送DHCP Request包,要求更新现有的地址租约
5、DHCP实验
1.安装DHCP服务
[root@localhost ~]# yum install dhcp -y
[root@localhost ~]# rpm -qc dhcp #查看
/etc/dhcp/dhcpd.conf
/etc/dhcp/dhcpd6.conf
/etc/openldap/schema/dhcp.schema
/etc/sysconfig/dhcpd
/var/lib/dhcpd/dhcpd.leases
/var/lib/dhcpd/dhcpd6.leases
[root@localhost ~]# cd /etc/dhcp/
[root@localhost dhcp]# ls
dhclient.d dhclient-exit-hooks.d dhcpd6.conf dhcpd.conf scripts
[root@localhost dhcp]# cat dhcpd.conf
#
# DHCP Server Configuration file.
# see /usr/share/doc/dhcp*/dhcpd.conf.example
# see dhcpd.conf(5) man page
#
[root@localhost dhcp]# cp /usr/share/doc/dhcp*/dhcpd.conf.example ./dhcpd.conf
cp:是否覆盖"./dhcpd.conf"? y
[root@localhost dhcp]# ls
dhclient.d dhclient-exit-hooks.d dhcpd6.conf dhcpd.conf scripts
[root@localhost dhcp]# cat dhcpd.conf
# dhcpd.conf
#
# Sample configuration file for ISC dhcpd
#
# option definitions common to all supported networks...
option domain-name "example.org";
option domain-name-servers ns1.example.org, ns2.example.org;
default-lease-time 600;
max-lease-time 7200;
# Use this to enble / disable dynamic dns updates globally.
#ddns-update-style none;
# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
#authoritative;
# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection).
log-facility local7;
# No service will be given on this subnet, but declaring it helps the
# DHCP server to understand the network topology.
subnet 10.152.187.0 netmask 255.255.255.0 {
}
# This is a very basic subnet declaration.
subnet 10.254.239.0 netmask 255.255.255.224 {
range 10.254.239.10 10.254.239.20;
option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;
}
# This declaration allows BOOTP clients to get dynamic addresses,
# which we don't really recommend.
subnet 10.254.239.32 netmask 255.255.255.224 {
range dynamic-bootp 10.254.239.40 10.254.239.60;
option broadcast-address 10.254.239.31;
option routers rtr-239-32-1.example.org;
}
# A slightly different configuration for an internal subnet.
subnet 10.5.5.0 netmask 255.255.255.224 {
range 10.5.5.26 10.5.5.30;
option domain-name-servers ns1.internal.example.org;
option domain-name "internal.example.org";
option routers 10.5.5.1;
option broadcast-address 10.5.5.31;
default-lease-time 600;
max-lease-time 7200;
}
# Hosts which require special configuration options can be listed in
# host statements. If no address is specified, the address will be
# allocated dynamically (if possible), but the host-specific information
# will still come from the host declaration.
host passacaglia {
hardware ethernet 0:0:c0:5d:bd:95;
filename "vmunix.passacaglia";
server-name "toccata.fugue.com";
}
# Fixed IP addresses can also be specified for hosts. These addresses
# should not also be listed as being available for dynamic assignment.
# Hosts for which fixed IP addresses have been specified can boot using
# BOOTP or DHCP. Hosts for which no fixed address is specified can only
# be booted with DHCP, unless there is an address range on the subnet
# to which a BOOTP client is connected which has the dynamic-bootp flag
# set.
host fantasia {
hardware ethernet 08:00:07:26:c0:a5;
fixed-address fantasia.fugue.com;
}
# You can declare a class of clients and then do address allocation
# based on that. The example below shows a case where all clients
# in a certain class get addresses on the 10.17.224/24 subnet, and all
# other clients get addresses on the 10.0.29/24 subnet.
class "foo" {
match if substring (option vendor-class-identifier, 0, 4) = "SUNW";
}
shared-network 224-29 {
subnet 10.17.224.0 netmask 255.255.255.0 {
option routers rtr-224.example.org;
}
subnet 10.0.29.0 netmask 255.255.255.0 {
option routers rtr-29.example.org;
}
pool {
allow members of "foo";
range 10.17.224.10 10.17.224.250;
}
pool {
deny members of "foo";
range 10.0.29.10 10.0.29.230;
}
设置完成后,把网卡改成仅主机模式
[root@localhost dhcp]#vim dhcpd.conf
#第8行 修改默认的全局dns地址
8 option domain-name-servers 8.8.8.8;
#直接修改27 行
27 subnet 192.168.100.0 netmask 255.255.255.0 {
28 range 192.168.100.128 192.168.100.200;
29 option routers 192.168.100.1;
30 option domain-name-servers 114.114.114.114;
31 }
在 windows中 使用
ipconfig 查看网卡信息
ipcongfig /release 释放地址
ipcongfig /renew 重新获取地址
ipconfig /all 全部信息
三、FTP
FTP(File Transfer Protocol: 文件传输协议)作用:Internet 上用来传送文件的协议。 VSFTP全称 (very secure FTP) VSFTP模式: C/S模式 FTP服务器默认使用TCP协议的20、21端口与客户端进行通信 20端口用于建立数据连接,并传输文件数据 21端口用于建立控制连接,并传输FTP控制命令 FTP数据连接分为主动模式和被动模式 主动模式:服务器主动发起数据连接 被动模式:服务器被动等待数据
yum info vsftpd 查看信息
四、总结
掌握网络命令