網絡基礎管理
1. 迴歸傳統命名
//修改網卡配置文件
[root@localhost ~]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# mv ifcfg-ens33 ifcfg-eth0
[root@localhost network-scripts]# vim ifcfg-eth0
TYPE=Ethernet
BOOTPROTO=dhcp
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
NAME=ens33 //此處要把ens33改成eht0
UUID=03be31f5-a3c1-4f8d-88b3-aea6e85c869f
DEVICE=ens33 //此處要把ens33改成eht0
ONBOOT=yes
//編輯/etc/default/grub配置文件,在以GRUB_CMDLINE_LINUX開頭的行內rhgb的前面加上net.ifnames=0 biosdevname=0
[root@localhost ~]# vim /etc/default/grub
//爲grub2生成其配置文件
[root@localhost ~]# grub2-mkconfig -o /etc/grub2.cfg
//重啓系統
[root@localhost ~]# reboot
2. 網絡管理常用命令
2.1 ifconfig
//查看所有處於活動狀態的所有網絡接口
[root@localhost ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.80.128 netmask 255.255.255.0 broadcast 192.168.80.255
inet6 fe80::20c:29ff:fe77:3a04 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:77:3a:04 txqueuelen 1000 (Ethernet)
RX packets 4407 bytes 352888 (344.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3296 bytes 738671 (721.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 4 bytes 348 (348.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4 bytes 348 (348.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
//僅查看eth0網卡狀態
[root@localhost ~]# ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.80.128 netmask 255.255.255.0 broadcast 192.168.80.255
inet6 fe80::20c:29ff:fe77:3a04 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:77:3a:04 txqueuelen 1000 (Ethernet)
RX packets 4457 bytes 356710 (348.3 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3328 bytes 742007 (724.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
//查看所有網卡狀態信息, 包括禁用和啓用
[root@localhost ~]# ifconfig -a
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.80.128 netmask 255.255.255.0 broadcast 192.168.80.255
inet6 fe80::20c:29ff:fe77:3a04 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:77:3a:04 txqueuelen 1000 (Ethernet)
RX packets 4526 bytes 362263 (353.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3374 bytes 745821 (728.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 4 bytes 348 (348.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4 bytes 348 (348.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
//網卡配置信息含義如下:
UP: 網卡處於活動狀態
BROADCAST: 支持廣播
RUNNING: 網線已接入
MULTICAST: 支持組播
MTU: 最大傳輸單元(字節),即此接口一次所能傳輸的最大封包
inet: 顯示IPv4地址行
inet6: 顯示IPv6地址行
link/enther: 指設備硬件(MAC)地址
txqueuelen: 傳輸緩存區長度大小
RX packets: 接收的數據包
TX packets: 發送的數據包
errors: 總的收包的錯誤數量
dropped: 由於各種原因, 導致拷貝在內存過程中被丟棄
collisions: 網絡信號衝突情況, 值不爲0則可能存在網絡故障
2.2 ip
//語法:ip [ OPTIONS ] OBJECT { COMMAND | help }
OBJECT:
link:網絡接口屬性
addr:協議地址
route:路由
//查看網絡接口所有地址
[root@localhost ~]# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:77:3a:04 brd ff:ff:ff:ff:ff:ff
//顯示報文統計信息
[root@localhost ~]# ip -s link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
RX: bytes packets errors dropped overrun mcast
348 4 0 0 0 0
TX: bytes packets errors dropped carrier collsns
348 4 0 0 0 0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:77:3a:04 brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
372705 4659 0 0 0 0
TX: bytes packets errors dropped carrier collsns
753937 3468 0 0 0 0
//啓用或禁用網絡接口ip link set DEV {up|down}
[root@localhost ~]# ip link set lo down
[root@localhost ~]# ip link show
1: lo: <LOOPBACK> mtu 65536 qdisc noqueue state DOWN mode DEFAULT qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:77:3a:04 brd ff:ff:ff:ff:ff:ff
[root@localhost ~]# ip link set lo up
//ip addr add ADDRESS dev DEV:添加IP地址
[root@localhost ~]# ip addr add 192.168.1.1/24 dev eth0
[root@localhost ~]# ip addr show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:77:3a:04 brd ff:ff:ff:ff:ff:ff
inet 192.168.80.128/24 brd 192.168.80.255 scope global eth0
valid_lft forever preferred_lft forever
inet 192.168.1.1/24 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe77:3a04/64 scope link
valid_lft forever preferred_lft forever
//ip addr del ADDRESS dev DEV:刪除IP地址
[root@localhost ~]# ip addr del 192.168.1.1/24 dev eth0
[root@localhost ~]# ip addr show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:77:3a:04 brd ff:ff:ff:ff:ff:ff
inet 192.168.80.128/24 brd 192.168.80.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe77:3a04/64 scope link
valid_lft forever preferred_lft forever
//ip addr show DEV:查看網絡接口的地址
[root@localhost ~]# ip addr show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:77:3a:04 brd ff:ff:ff:ff:ff:ff
inet 192.168.80.128/24 brd 192.168.80.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe77:3a04/64 scope link
valid_lft forever preferred_lft forever
//ip route:routing table management 路由管理
//添加路由:ip route add TARGET via GW dev IFACE src SOURCE_IP
TARGET:
主機路由:IP
網絡路由:NETWORK/MASK
//刪除路由:ip route del TARGET
TARGET:
主機路由:IP
網絡路由:NETWORK/MASK
//查看路由:ip route show
//刷新路由表:ip route flush
[dev IFACE]
[via PREFIX]
2.3 route
//查看當前路由表
[root@localhost ~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default gateway 0.0.0.0 UG 100 0 0 eth0
192.168.80.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0
//以數字方式顯示各主機或端口等相關信息
[root@localhost ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.80.2 0.0.0.0 UG 100 0 0 eth0
192.168.80.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0
//增加路由
//語法:route add [-net|-host] target [netmask Nm] [gw Gw] [[dev] If]
//增加網段路由
[root@localhost ~]# route add -net 172.16.12.0/24 gw 172.16.12.2 dev eth1
[root@localhost ~]# route add -net 0.0.0.0/0 gw 172.16.12.2 dev eth1
//增加主機路由
[root@localhost ~]# route add -host 172.16.12.128 gw 172.16.12.2
//刪除路由
[root@localhost ~]# route del -net 172.16.12.0/24
[root@localhost ~]# route del -net 0.0.0.0/0 gw 172.16.12.2
2.4 hostname與hostnamectl
生產環境中必須配置主機名,同時主機名也需要遵循一定的規範, 比如:
公有云: 地區-項目-業務-服務-節點-地址
wh-shop-register-nginx-node1-192.168.56.13
wh-med-pay-mysql-master01-192.168.56.11
wh-med-pay-mysql-slave01-192.168.56.12
//hostname查看主機名
[root@localhost ~]# hostname
localhost.localdomain
//hostname臨時修改主機名
[root@localhost ~]# hostname wangqing
[root@localhost ~]# cat /etc/hostname
localhost.localdomain
//注意:修改主機名後需要重新登錄用戶纔會顯示效果
//rhel7系統建議使用hostnamectl修改和查看主機名
//設定永久名稱
[root@localhost ~]# hostnamectl set-hostname seancheng
[root@localhost ~]# cat /etc/hostname
seancheng
//查看主機信息
[root@localhost ~]# hostnamectl
Static hostname: seancheng
Icon name: computer-vm
Chassis: vm
Machine ID: fd0bcf5782d24ba5b903b175c35f328e
Boot ID: a060e3a2882f4d2c92884eee9db702bc
Virtualization: vmware
Operating System: Red Hat Enterprise Linux Server 7.4 (Maipo)
CPE OS Name: cpe:/o:redhat:enterprise_linux:7.4:GA:server
Kernel: Linux 3.10.0-693.el7.x86_64
Architecture: x86-64
注意:
在Linux中以命令方式修改網絡配置只在當前狀態有效,重啓後將失效。故若想使修改的配置重啓後依然有效,則必須編輯配置文件進行配置的修改。
3.網絡相關配置文件
3.1 網絡配置文件
//網絡配置文件:/etc/sysconfig/network
NETWORKING={yes|no}:設定整個系統是否啓用網絡功能,若設爲no,則不論網卡如何設置都不能使用網絡功能。
HOSTNAME:設置主機名
3.2 網絡接口配置文件
網絡接口即網卡,其配置文件的路徑是/etc/sysconfig/network-scripts/ifcfg-INTERFACE_NAME
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
TYPE=Ethernet
BOOTPROTO=static
NAME=eth0
DEVICE=eth0
ONBOOT=yes
IPADDR=192.168.80.128
NETMASK=255.255.255.0
GATEWAY=192.168.80.2
DNS1=114.114.114.114
DNS2=8.8.8.8
//網卡配置說明
//參數 說明
BOOTPROTO=none //引導協議,可選值有{static|none|dhcp|bootp}。如果要使用靜態地址,使用static或none都可以
NM_CONTROLLED //NM是NetworkManager的簡寫,NM是由RHEL研發的在RHEL6中取代network腳本來實現網絡管理、配置的服務腳本
//可選值有{ yes | no }
//此項是設定此網卡是否接受NM控制。CentOS6建議設爲“no”
TYPE //接口類型。常見的接口類型有:Ethernet,Bridge
UUID //設備的惟一標識
HWADDR //硬件地址,要與硬件中的地址保持一致,可省
IPADDR=172.16.12.130 //固定IP地址
PREFIX=24 //子網掩碼
NETMASK=255.255.255.0 //子網掩碼
GATEWAY=172.16.12.2 //默認網關
DNS1=172.16.12.2 //第一個DNS服務器指向
DNS2 //第二個DNS服務器指向
DNS3 //第三個DNS服務器指向
DEVICE=eth1 //關聯的設備名稱,要與文件名的後半部"INTERFACE_NAME"保持一致
NAME="eth1" //連接名稱
ONBOOT=yes //在系統引導時是否自動激活此網絡接口,可選值有{ yes | no }
DEFROUTE=yes //將接口設定爲默認路由[yes|no]
USERCTL={yes|no} //是否允許普通用戶控制此接口的啓用與禁用
PEERDNS={yes|no} //是否在BOOTPROTO爲dhcp時接受由dhcp服務器指定的DNS地址,此項設爲yes時獲得的DNS地址將直接覆蓋至/etc/resolv.conf文件中
3.3 路由配置文件
路由配置文件的路徑是/etc/sysconfig/network-scripts/route-INTERFACE_NAME
//添加格式一:DEST via NEXTHOP
[root@localhost ~]# vi /etc/sysconfig/network-scripts/route-ens33
172.16.12.0/24 via 172.16.12.2
//添加格式二:
[root@localhost ~]# vi /etc/sysconfig/network-scripts/route-ens33
ADDRESS0=172.16.12.0
NETMASK0=255.255.255.0
GATEWAY0=172.16.12.2
3.4 DNS配置文件
DNS配置文件的路徑是/etc/resolv.conf
[root@localhost ~]# vi /etc/resolv.conf
nameserver DNS_IP_1
nameserver DNS_IP_2
nameserver DNS_IP_3
4. NetworkManager管理網絡
RHEL/CentOS7系統默認使用NetworkManager來提供網絡服務,這是一種動態管理網絡配置的守護進程,能夠讓網絡設備保持連接狀態。
NetworkManager提供的命令行和圖形配置工具對網絡進行設定, 設定保存的配置文件在/etc/sysconfig/network-scripts
目錄下, 工具有 nmcli, nmtui, nm-connect-editor
device物理設備, 例如 ens33,enp2s0,virbr0,team0
connection連接設置, 具體網絡配置方案
1.不同的網絡連接配置可以應用到相同的物理設備,但物理設備同一時間只能應用其中某個網絡連接
2.針對物理網絡接口, 設定不同的網絡連接, 在不同的使用環境中激活相應的網絡連接,就可以實現網絡配置信息的自動切換了
使用nmcli命令查看設備以及連接情況
[root@localhost ~]# nmcli device
設備 類型 狀態 連接
eth0 ethernet 連接的 eth0
lo loopback 未託管 --
//查看指定設備的詳細狀態
[root@localhost ~]# nmcli device show eth0
GENERAL.設備: eth0
GENERAL.類型: ethernet
GENERAL.硬盤: 00:0C:29:77:3A:04
GENERAL.MTU: 1500
GENERAL.狀態: 100 (連接的)
GENERAL.連接: eth0
GENERAL.連接路徑: /org/freedesktop/NetworkManager/ActiveConnection/2
WIRED-PROPERTIES.載波: 開
IP4.地址[1]: 192.168.80.128/24
IP4.網關: 192.168.80.2
IP4.DNS[1]: 114.114.114.114
IP4.DNS[2]: 8.8.8.8
IP6.地址[1]: fe80::20c:29ff:fe77:3a04/64
IP6.網關: --
//查看連接狀態
[root@localhost ~]# nmcli connection
名稱 UUID 類型 設備
eth0 5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03 802-3-ethernet eth0
eth0 9c92fad9-6ecb-3e6c-eb4d-8a47c6f50c04 802-3-ethernet --
//查看指定設備連接的詳細情況
[root@localhost ~]# nmcli connection show eth0
connection.id: eth0
connection.uuid: 9c92fad9-6ecb-3e6c-eb4d-8a47c6f50c04
connection.stable-id: --
connection.interface-name: eth0
connection.type: 802-3-ethernet
connection.autoconnect: yes
connection.autoconnect-priority: 0
connection.autoconnect-retries: -1 (默認)
connection.timestamp: 0
connection.read-only: no
connection.permissions: --
.....
5. 使用原生network管理網絡
CentOS/RHEL的網絡配置文件默認目錄爲/etc/sysconfig/network-scripts
默認第一塊物理網卡配置文件爲ifcfg-eth0, 如果有第二塊物理網卡, 配置文件則爲ifcfg-eth1以此類推。 注意: 如果新增物理網卡沒有配置文件,可選擇複製系統默認的進行修改。
//設置NetworkManger開機不啓動, 同時停止NetworkManger服務
[root@localhost ~]# systemctl disable NetworkManager
[root@localhost ~]# systemctl stop NetworkManager
//添加一塊物理網卡, 然後新增網絡連接配置文件
//複製配置eth0配置文件爲eth1
[root@localhost ~]# cp /etc/sysconfig/network-scripts/{ifcfg-eth0,ifcfg-eth1}
//編輯網卡配置文件
[root@localhost ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth1
TYPE=Ethernet
BOOTPROTO=static
NAME=eth1
UUID=03be31f5-a3c1-4f8d-88b3-aea6e85c869f
DEVICE=eth1
NM_CONTROLLED=no
ONBOOT=yes
IPADDR=172.16.12.130
NETMASK=255.255.255.0
GATEWAY=172.16.12.2
DNS1=172.16.12.2
//重啓network網絡服務加載網絡並設置開機啓動
[root@localhost ~]# systemctl restart network
[root@localhost ~]# systemctl enable network
6.網絡檢測工具與故障排查
6.1 ping
ping
命令的目的在於測試另一臺主機是否可達, 如果ping不到某臺主機,就說明對方主機已經出現了問題, 但是不排除由於鏈路中的防火牆、ping被丟棄等原因造成ping不通的情況
//ping命令常用選項:
-c 指定ping的次數
-i 指定ping包的發送間隔
-w 如果ping沒有迴應, 則在指定超時時間後退出
[root@localhost ~]# ping -c 2 www.baidu.com
PING www.a.shifen.com (182.61.200.7) 56(84) bytes of data.
64 bytes from localhost (182.61.200.7): icmp_seq=1 ttl=128 time=29.3 ms
64 bytes from localhost (182.61.200.7): icmp_seq=2 ttl=128 time=28.7 ms
--- www.a.shifen.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 28.725/29.040/29.355/0.315 ms
[root@localhost ~]# ping -i 1 www.baidu.com
PING www.a.shifen.com (182.61.200.6) 56(84) bytes of data.
64 bytes from localhost (182.61.200.6): icmp_seq=1 ttl=128 time=23.9 ms
64 bytes from localhost (182.61.200.6): icmp_seq=2 ttl=128 time=24.0 ms
6.2 host與nslookup
host/nslookup
命令用於查詢DNS記錄
[root@localhost ~]# host www.baidu.com
www.baidu.com is an alias for www.a.shifen.com.
www.a.shifen.com has address 182.61.200.7
www.a.shifen.com has address 182.61.200.6
[root@localhost ~]# nslookup www.baidu.com
Server: 114.114.114.114
Address: 114.114.114.114#53
Non-authoritative answer:
www.baidu.com canonical name = www.a.shifen.com.
Name: www.a.shifen.com
Address: 182.61.200.6
Name: www.a.shifen.com
Address: 182.61.200.7
6.3 traceroute
traceroute
命令用於路由跟蹤, 檢測網絡故障出現在ISP運營商或是對端服務無法響應
[root@localhost ~]# traceroute www.baidu.com
traceroute to www.baidu.com (182.61.200.7), 30 hops max, 60 byte packets
1 gateway (192.168.80.2) 0.135 ms 0.136 ms 0.097 ms
2 * * *
3 * * *
4 * * *
6.4 netstat
netstat
用於查看網絡狀態
//顯示路由表
[root@seancheng ~]# netstat -r
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
default gateway 0.0.0.0 UG 0 0 0 ens33
172.16.12.0 0.0.0.0 255.255.255.0 U 0 0 0 ens33
//以數字方式顯示路由表
[root@seancheng ~]# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 172.16.12.2 0.0.0.0 UG 0 0 0 ens33
172.16.12.0 0.0.0.0 255.255.255.0 U 0 0 0 ens33
//顯示建立的tcp連接
[root@seancheng ~]# netstat -t
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 seancheng:ssh 172.16.12.1:56187 ESTABLISHED
tcp 0 0 seancheng:ssh 172.16.12.1:53808 ESTABLISHED
//顯示udp連接
[root@seancheng ~]# netstat -u
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
[root@seancheng ~]#
//顯示監聽狀態的連接
[root@seancheng ~]# netstat -l
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN
tcp 0 0 localhost:smtp 0.0.0.0:* LISTEN
tcp6 0 0 [::]:ssh [::]:* LISTEN
tcp6 0 0 localhost:smtp [::]:* LISTEN
//顯示監聽指定的套接字的進程的進程號及進程名
[root@seancheng ~]# netstat -p
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 seancheng:ssh 172.16.12.1:56187 ESTABLISHED 2094/sshd: root@pts
tcp 0 0 seancheng:ssh 172.16.12.1:53808 ESTABLISHED 1077/sshd: root@pts
//顯示所有狀態的連接
[root@seancheng ~]# netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN
tcp 0 0 localhost:smtp 0.0.0.0:* LISTEN
tcp 0 0 seancheng:ssh 172.16.12.1:56187 ESTABLISHED
tcp 0 0 seancheng:ssh 172.16.12.1:53808 ESTABLISHED
tcp6 0 0 [::]:ssh [::]:* LISTEN
tcp6 0 0 localhost:smtp [::]:* LISTEN
udp 0 0 0.0.0.0:23511 0.0.0.0:*
udp 0 0 0.0.0.0:bootpc 0.0.0.0:*
udp6 0 0 [::]:35299 [::]:*
//常用選項
-antlp
[root@seancheng ~]# netstat -antlp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 889/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1007/master
tcp 0 0 172.16.12.128:22 172.16.12.1:56187 ESTABLISHED 2094/sshd: root@pts
tcp 0 0 172.16.12.128:22 172.16.12.1:53808 ESTABLISHED 1077/sshd: root@pts
tcp6 0 0 :::22 :::* LISTEN 889/sshd
tcp6 0 0 ::1:25 :::* LISTEN 1007/master
6.5 ss
ss是一種網絡狀態查看工具,取代netstat
//語法:ss [options] [ FILTER ]
//常用的options:
-t:tcp協議相關
-u:udp協議相關
-w:裸套接字相關
-x:unix套接字相關
-l:listen狀態的連接
-a:所有
-n:數字格式
-p:相關的程序及pid
-e:擴展的信息
-m:內存用量
-o:顯示計時器信息
//常見的FILTER:
FILTER := [ state TCP-STATE ] [ EXPRESSION ]
如:ss -tan state ESTABLISHED
//常見的state:
//tcp finite state machine:有限狀態機
LISTEN:監聽
ESTABLISHED:已建立的連接
//EXPRESSION:
dport =
sport =
示例:'( dport = :ssh or sport = :ssh)',此處的ssh也即服務名可以使用其對應的端口號代替,等號兩邊必須有空格
//常用組合:
[root@seancheng ~]# ss -tan
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
ESTAB 0 0 172.16.12.128:22 172.16.12.1:56187
ESTAB 0 0 172.16.12.128:22 172.16.12.1:53808
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
[root@seancheng ~]# ss -tanl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
[root@seancheng ~]# ss -antlp
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:* users:(("sshd",pid=889,fd=3))
LISTEN 0 100 127.0.0.1:25 *:* users:(("master",pid=1007,fd=13))
LISTEN 0 128 :::22 :::* users:(("sshd",pid=889,fd=4))
LISTEN 0 100 ::1:25 :::* users:(("master",pid=1007,fd=14))
[root@seancheng ~]# ss -anu
State Recv-Q Send-Q Local Address:Port Peer Address:Port
UNCONN 0 0 *:23511 *:*
UNCONN 0 0 *:68 *:*
UNCONN 0 0 :::35299 :::*
//常見端口
http 80/tcp
https 443/tcp
ssh 22/tcp
ftp 20,21/tcp
mysql 3306/tcp
rsync 873/rsync
redis 6379/tcp
7.網絡故障排查
- 網絡故障分爲硬件/軟件故障
- 網卡損壞
- 鏈路故障
- 網卡驅動不兼容
- 網絡排查思路
- ping本地迴環口, 確定本機TCP/IP協議棧是否正常
- ping本機IP地址, 確定本地設備以及驅動是否正常
- ping同網段主機, 確定二層網絡是否正常工作
- ping網關地址, 確定本地與網絡是否正常
- ping公網地址, 確定本地路由是否正常
- ping公網域名, 確定DNS客戶端是否正常
- 服務故障排查思路
- 使用telnet檢測端口是否開放
- 檢查服務端防火牆以及SElinux
- 檢查相應的權限是否配置正常
- 檢查日誌是否有異常
- 檢查完畢後持續測試
建議: 所有的排查思路都從OSI七層模型由下往上逐一進行排查(學會看日誌)
探討與研究
-
如何查看系統中每個ip的連接數
[root@localhost ~]# netstat -tun Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 36 192.168.80.128:22 192.168.80.1:2227 ESTABLISHED
-
請列出下列服務使用的端口,http,https,ftp,ssh,telnet,mysql,dns
服務 端口 http 80/tcp https 443/tcp ftp 20、21/tcp ssh 22/tcp Telnet 23/tcp MySQL 3306/tcp dns 53/udp rsync 873/rsync redis 6379/tcp -
如何在虛擬機上新增加一塊網卡,並配置IP爲172.16.0.10,指定網關爲172.16.0.1
//添加一塊物理網卡後,方可成功添加新的網絡連接配置文件 [root@localhost ~]# cp /etc/sysconfig/network-scripts/{ifcfg-eth0,ifcfg-eth1} [root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth1 [root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth1 TYPE=Ethernet BOOTPROTO=static NAME=eth1 DEVICE=eth1 ONBOOT=yes IPADDR=172.16.0.10 NETMASK=255.255.255.0 GATEWAY=172.16.0.1 DNS1=114.114.114.114 DNS2=8.8.8.8 [root@localhost ~]# systemctl restart network //重啓網卡服務 [root@localhost ~]# systemctl enable network //設置網卡爲開機自啓
-
詳細描述dns解析過程,以訪問www.baidu.com爲例
1、當應用過程需要將一個主機域名映射爲IP地址時,就調用域名解析函數,解析函數將待轉換的域名放在DNS請求中,以UDP報文方式發給本地域名服務器;
2、本地的域名服務器查到域名後,將對應的IP地址放在應答報文中返回;
3、同時域名服務器還必須具有連向其他服務器的信息以支持不能解析時的轉發;
4、若域名服務器不能回答該請求,則此域名服務器就暫成爲DNS中的另一個客戶,向根域名服務器發出請求解析,根域名服務器一定能找到下面的所有二級域名的域名服務器,這樣以此類推,一直向下解析,直到查詢到所請求的域名。 -
如何查看系統中運行了多少個進程
[root@localhost ~]# ss -a Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port nl UNCONN 0 0 rtnl:2051015450 * nl UNCONN 0 0 rtnl:kernel * nl UNCONN 0 0 rtnl:2051015450 * nl UNCONN 4352 0 tcpdiag:ss/2264 * nl UNCONN 768 0 tcpdiag:kernel * nl UNCONN 0 0 xfrm:kernel * ...... [root@localhost ~]# ss -a |wc -l 189
-
如何查看系統中啓動了哪些端口
[root@localhost ~]# ss -an Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port nl UNCONN 0 0 0:2051015450 * nl UNCONN 0 0 0:0 * nl UNCONN 0 0 0:2051015450 * nl UNCONN 4352 0 4:2275 * nl UNCONN 768 0 4:0 * nl UNCONN 0 0 6:0 * nl UNCONN 0 0 7:0 * nl UNCONN 0 0 7:1 *
-
如何查看是否開啓80端口,及查看sshd進程是否存在
[root@localhost ~]# netstat -tlnp | grep 80 [root@localhost ~]# [root@localhost ~]# ss -ap |grep sshd u_str ESTAB 0 0 * 19241 * 19242 users:(("sshd",pid=1116,fd=2),("sshd",pid=1116,fd=1)) u_dgr UNCONN 0 0 * 20778 * 1340 users:(("sshd",pid=1425,fd=4)) tcp LISTEN 0 128 *:ssh *:* users:(("sshd",pid=1116,fd=3)) tcp ESTAB 0 164 192.168.80.128:ssh 192.168.80.1:di-msg users:(("sshd",pid=1425,fd=3)) tcp LISTEN 0 128 :::ssh :::* users:(("sshd",pid=1116,fd=4))
-
列出所有處於監聽狀態的tcp端口
[root@localhost ~]# netstat -latn Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN tcp 0 36 192.168.80.128:22 192.168.80.1:2227 ESTABLISHED tcp6 0 0 :::22 :::* LISTEN tcp6 0 0 ::1:25 :::* LISTEN
-
查看所有的端口信息, 包括 PID 和進程名稱
[root@localhost ~]# ss -ap Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port nl UNCONN 0 0 rtnl:2051015450 * nl UNCONN 0 0 rtnl:kernel * nl UNCONN 0 0 rtnl:2051015450 * nl UNCONN 768 0 tcpdiag:kernel * nl UNCONN 4352 0 tcpdiag:ss/2254 * nl UNCONN 0 0 xfrm:kernel * nl UNCONN 0 0 selinux:kernel * nl UNCONN 0 0 selinux:systemd/1 * nl UNCONN 0 0 selinux:dbus-daemon/747 * nl UNCONN 0 0 selinux:dbus-daemon/747 * ......