一 网络相关文件
[root@serv01 data]# vim/etc/sysconfig/network-scripts/ifcfg-eth0 [root@serv01 data]# cd/etc/sysconfig/network-scripts/ [root@serv01 network-scripts]# ifconfig #其他的Linux:不一定是eth0,名字不重要,可以修改 [root@serv01 network-scripts]# ls ifcfg-* ifcfg-eth0 ifcfg-lo [root@serv01 network-scripts]# catifcfg-eth0 #设备名 DEVICE="eth0" #MAC地址,全局唯一。一个局域网里两个相同的MAC地址:ARP欺骗 #00:0C:29:厂家ID #07:DD:3B:厂家定义 HWADDR="00:0C:29:07:DD:3B" NM_CONTROLLED="yes" #是否启动生效 ONBOOT="yes" #IP地址 IPADDR=192.168.1.11 #子网掩码:和IP地址一起计算得到网络号,判断是否属于一个网络段 NETMASK=255.255.255.0 #网关:跨网段传输数据 GATEWAY=192.168.1.11 #网关可以配置到该文件下:network。多张网卡都可以走这个网关。全局配置 #主机名 网关配置 [root@serv01 network-scripts]# vim/etc/sysconfig/network #IP地址和主机名的对应关系 [root@serv01 network-scripts]# ls/etc/hosts /etc/hosts [root@larrywen ~]# vim /etc/hosts [root@serv01 network-scripts]# tail -n2/etc/hosts 192.168.0.29 up01.host.com 192.168.0.185 up02.host.com #ping域名,也可以ping通 [root@larrywen ~]# ping up01.host.com [root@larrywen ~]# ping up02.host.com #DNS配置 [root@serv01 network-scripts]# vim/etc/resolv.conf [root@serv01 network-scripts]# cat/etc/resolv.conf nameserver 8.8.8.8
二 基本网络命令
1.ping命令
#默认一直ping下去,按Ctrl+C结束 [root@larrywen ~]# ping 192.168.1.11 #ping三次 [root@larrywen ~]# ping -c 3 192.168.1.1 #ping三次,并每隔三秒ping一次 [root@serv01 ~]# ping -c 3 -i 3192.168.1.11 #-s:表示可以跟包的大小 [root@serv01 ~]# ping 192.168.1.1 -s 1024 PING 192.168.1.1 (192.168.1.1) 1024(1052)bytes of data. 1032 bytes from 192.168.1.1: icmp_seq=1ttl=64 time=0.130 ms [root@serv01 ~]# ping --help #I:指定从哪个设备出去 [root@serv01 ~]# ping -I eth0 192.168.1.11 # [root@serv01 ~]# ping -I eth1 192.168.1.11 [root@serv02 ~]# ifconfig eth1 172.xxxnetmask=255.255.255.0
2. netstat命令
[root@serv01 ~]# netstat -lanput #服务的配置文件:端口和服务相对应 [root@serv01 ~]# vim /etc/services #修改IP地址和子网掩码 [root@serv01 ~]# ifconfig eth1 172.6.13.11netmask 255.255.255.0 #手动修改MAC地址 [root@serv01 ~]# ifconfig eth1 hw ether00:0C:29:07:DD:3C [root@serv01 ~]# ifconfig eth0 #手动修改MTU [root@serv01 ~]# ifconfig eth1 mtu 2000 #修改IP地址和子网掩码并取别名,临时有效 [root@serv01 ~]# ifconfig eth1:zk172.6.13.131 netmask 255.255.255.0 [root@serv01 network-scripts]# cpifcfg-eth0 ifcfg-eth1 [root@serv01 network-scripts]# vimifcfg-eth1 [root@serv01 network-scripts]# cpifcfg-eth1 ifcfg-eth1:zk [root@serv01 network-scripts]# vimifcfg-eth1:zk #删除 [root@serv01 ~]# ifconfig eth1:zk del172.6.13.131
3.route命令
#路由 [root@serv01 ~]# route -n #删除route [root@serv02 ~]# route del -net 169.254.0.0netmask 255.255.0.0 dev eth0 [root@serv02 ~]# route del -net 169.254.0.0netmask 255.255.0.0 dev eth1 [root@serv02 ~]# service iptables stop [root@serv02 ~]# setenforce 0
4.ip命令
#命令强大,不通用 [root@serv02~]# ip address #这些简写都可以 [root@serv02~]# ip addr [root@serv02~]# ip add [root@serv02~]# ip ad [root@serv02 ~]# ip a #link:修改网卡的基本信息 [root@serv02 ~]# ip link set eth1 mtu 2000 [root@serv02 ~]# ip link [root@serv02 ~]# ip link show [root@serv02 ~]# ip link list [root@serv02 ~]# ip link set eth1 qlen 1500 [root@serv02 ~]# ip link #ifconfig 无法改网卡名字 [root@serv02 ~]# ip link set eth1 namezhink [root@serv02 ~]# ip link help #开启网络 [root@serv02 ~]# ip link set eth1 up #关闭网络 [root@serv02 ~]# ip link set eth1 down [root@serv02 ~]# ip address add172.16.1.12/255.255.255.0 broadcast 172.16.1.255 dev eth1 [root@serv02 ~]# ip address add172.16.1.12/255.255.255.0 brd 172.16.1.255 dev eth1 #设置IP [root@serv03 ~]# ip address add172.16.1.13/255.255.255.0 brd 172.16.1.255 dev eth1 [root@serv03 ~]# ip link [root@serv03 ~]# ip link set eth1 up [root@serv03 ~]# ip link #删除IP 地址 [root@serv03 ~]# ip addr del 172.16.1.15/24dev eth1 #查看路由 [root@serv03 ~]# ip route 172.16.1.0/24 dev eth0 proto kernel scope link src 172.16.1.13 172.16.1.0/24 dev eth1 proto kernel scope link src 172.16.1.14 #添加默认路由 [root@serv02 ~]# ip route add default via192.168.1.12 dev eth0 [root@serv02 ~]# ip route [root@serv02 ~]# route -n #删除默认路由 [root@serv02 ~]# ip route del default via192.168.1.12 dev eth0 [root@serv02 ~]# ip route 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.12 172.16.1.0/24 dev eth1 proto kernel scope link src 172.16.1.12 169.254.0.0/16 dev eth0 scope link metric 1003 [root@serv02 ~]# ip route help
三 实验一(route命令实现)
3.1小实验:网络拓扑图如下
3.2目标
client01(192.168.1.11)可以ping通client2(10.10.1.14) [root@client01 ~]# ping 10.10.1.14 connect: Network is unreachable
3.3 准备工作
3.3.1.关闭防火墙和SELINUX
[root@client01 ~]# service iptables stop [root@client01 ~]# setenforce 0
3.3.2.虚拟机配置
Client01:使用Vmnet1 Serv02:使用Vmnet1、Vmnet2 Serv03:使用Vmnet2、Vmnet3 Client02:使用Vmnet3
3.3.3.配置IP,并测试相邻机器的IP地址是否能ping通
#第一台机器 [root@client01 ~]# ifconfig eth0192.168.1.11 netmask 255.255.255.0 [root@client01 ~]# ping 192.168.1.12 [root@client01 ~]# ping 192.168.1.1 #第二台机器 [root@serv02 ~]# ifconfig eth0 192.168.1.12netmask 255.255.255.0 [root@serv02 ~]# ifconfig eth1 172.16.1.12netmask 255.255.255.0 [root@serv02 ~]# ping 192.168.1.11 [root@serv02 ~]# ping 192.168.1.1 #第三台机器 [root@serv03 ~]# ifconfig eth0 172.16.1.13netmask 255.255.255.0 [root@serv03 ~]# ifconfig eth1 10.10.1.13netmask 255.255.255.0 [root@serv03 ~]# ping 172.16.1.12 [root@serv03 ~]# ping 172.16.1.1 #第四台机器 [root@client02 ~]# ifconfig eth0 10.10.1.14netmask 255.255.255.0 [root@client02 ~]# ping 10.10.1.14 [root@client02 ~]# ping 10.10.1.1
3.4.解决
#第一台机器 #添加默认网关 [root@client01 ~]# route add default gw192.168.1.12 #修改sysctl.conf文件,net.ipv4.ip_forward改为1,然后执行sysctl-p让修改生效 [root@serv02 ~]# vi /etc/sysctl.conf [root@serv02 ~]# sysctl -p [root@client01 ~]# sed "7p"/etc/sysctl.conf -n net.ipv4.ip_forward = 1 #第二台机器 #添加路由,指定10.10.1.0网段的IP从172.16.1.13出去 [root@serv02 ~]# route add -net 10.10.1.0netmask 255.255.255.0 gw 172.16.1.13 #修改sysctl.conf文件,net.ipv4.ip_forward改为1,然后执行sysctl-p让修改生效 [root@serv02 ~]# vi /etc/sysctl.conf [root@serv02 ~]# sysctl -p [root@serv02 ~]# sed "7p"/etc/sysctl.conf -n net.ipv4.ip_forward = 1 #第三台机器 #添加路由,指定192.168.1.0网段的IP从172.16.1.12出去 [root@serv03 /]# route add -net 192.168.1.0netmask 255.255.255.0 gw 172.16.1.12 #修改sysctl.conf文件,net.ipv4.ip_forward改为1,然后执行sysctl-p让修改生效 [root@serv02 ~]# vi /etc/sysctl.conf [root@serv02 ~]# sysctl -p [root@serv03 /]# sed "7p"/etc/sysctl.conf -n net.ipv4.ip_forward = 1 #第四台机器 [root@client02 ~]# route add default gw10.10.1.13 #修改sysctl.conf文件,net.ipv4.ip_forward改为1,然后执行sysctl-p让修改生效 [root@serv02 ~]# vi /etc/sysctl.conf [root@serv02 ~]# sysctl -p [root@client02 ~]# sed "7p"/etc/sysctl.conf -n net.ipv4.ip_forward = 1
3.5效果
#客户机1ping客户机2 [root@client01 ~]# ping 10.10.1.14 PING 10.10.1.14 (10.10.1.14) 56(84) bytesof data. 64 bytes from 10.10.1.14: icmp_seq=1 ttl=62time=1.84 ms 64 bytes from 10.10.1.14: icmp_seq=2 ttl=62time=0.856 ms 64 bytes from 10.10.1.14: icmp_seq=3 ttl=62time=1.13 ms 64 bytes from 10.10.1.14: icmp_seq=4 ttl=62time=0.805 ms 64 bytes from 10.10.1.14: icmp_seq=5 ttl=62time=0.866 ms 64 bytes from 10.10.1.14: icmp_seq=6 ttl=62time=0.730 ms 64 bytes from 10.10.1.14: icmp_seq=7 ttl=62time=0.596 ms 64 bytes from 10.10.1.14: icmp_seq=8 ttl=62time=0.788 ms 64 bytes from 10.10.1.14: icmp_seq=9 ttl=62time=0.741 m #路由器1抓取来自客户机1的包 [root@serv02 ~]# tcpdump -i eth0 host192.168.1.11 tcpdump: verbose output suppressed, use -vor -vv for full protocol decode listening on eth0, link-type EN10MB(Ethernet), capture size 65535 bytes 01:10:02.177598 IP 192.168.1.11 >10.10.1.14: ICMP echo request, id 26629, seq 65, length 64 01:10:02.178496 IP 10.10.1.14 >192.168.1.11: ICMP echo reply, id 26629, seq 65, length 64 01:10:02.179861 IP 192.168.1.1.51524 >192.168.1.11.ssh: Flags [.], ack 1140604063, win 472, options [nop,nop,TS val30797133 ecr 5038478], length 0 01:10:02.179882 IP 192.168.1.11.ssh > 192.168.1.1.51524:Flags [P.], seq 4294967201:1, ack 0, win 429, options [nop,nop,TS val 5038478ecr 30796131], length 96 #路由器2抓取来自客户机1的包 [root@serv03 /]# tcpdump -i eth0 host 192.168.1.11 tcpdump: verbose output suppressed, use -vor -vv for full protocol decode listening on eth0, link-type EN10MB(Ethernet), capture size 65535 bytes 01:10:18.038232 IP 192.168.1.11 >10.10.1.14: ICMP echo request, id 26629, seq 81, length 64 01:10:18.038655 IP 10.10.1.14 >192.168.1.11: ICMP echo reply, id 26629, seq 81, length 64 01:10:19.039708 IP 192.168.1.11 >10.10.1.14: ICMP echo request, id 26629, seq 82, length 64 01:10:19.040050 IP 10.10.1.14 >192.168.1.11: ICMP echo reply, id 26629, seq 82, length 64 #客户机2抓取来自客户机1的包 [root@client02 ~]# tcpdump -i eth0 host192.168.1.11 tcpdump: verbose output suppressed, use -vor -vv for full protocol decode listening on eth0, link-type EN10MB(Ethernet), capture size 65535 bytes 01:10:31.341271 IP 192.168.1.11 >10.10.1.14: ICMP echo request, id 26629, seq 94, length 64 01:10:31.341298 IP 10.10.1.14 >192.168.1.11: ICMP echo reply, id 26629, seq 94, length 64 01:10:32.341282 IP 192.168.1.11 >10.10.1.14: ICMP echo request, id 26629, seq 95, length 64 01:10:32.341310 IP 10.10.1.14 >192.168.1.11: ICMP echo reply, id 26629, seq 95, length 64 #客户机2ping客户机1 [root@client02 ~]# ping 192.168.1.11 PING 192.168.1.11 (192.168.1.11) 56(84)bytes of data. 64 bytes from 192.168.1.11: icmp_seq=1ttl=62 time=0.752 ms 64 bytes from 192.168.1.11: icmp_seq=2ttl=62 time=0.951 ms 64 bytes from 192.168.1.11: icmp_seq=3ttl=62 time=0.604 ms 64 bytes from 192.168.1.11: icmp_seq=4ttl=62 time=1.02 ms #路由器1抓取来自客户机2的包 [root@serv02 ~]# tcpdump -i eth0 host10.10.1.14 tcpdump: verbose output suppressed, use -vor -vv for full protocol decode listening on eth0, link-type EN10MB(Ethernet), capture size 65535 bytes 01:11:36.589348 IP 10.10.1.14 >192.168.1.11: ICMP echo request, id 51205, seq 44, length 64 01:11:36.589971 IP 192.168.1.11 >10.10.1.14: ICMP echo reply, id 51205, seq 44, length 64 01:11:37.590849 IP 10.10.1.14 >192.168.1.11: ICMP echo request, id 51205, seq 45, length 64 01:11:37.591093 IP 192.168.1.11 >10.10.1.14: ICMP echo reply, id 51205, seq 45, length 64 #路由器2抓取来自客户机2的包 [root@serv03 /]# tcpdump -i eth0 host 10.10.1.14 tcpdump: verbose output suppressed, use -vor -vv for full protocol decode listening on eth0, link-type EN10MB(Ethernet), capture size 65535 bytes 01:11:20.425712 IP 10.10.1.14 >192.168.1.11: ICMP echo request, id 51205, seq 28, length 64 01:11:20.426316 IP 192.168.1.11 >10.10.1.14: ICMP echo reply, id 51205, seq 28, length 64 01:11:21.426282 IP 10.10.1.14 >192.168.1.11: ICMP echo request, id 51205, seq 29, length 64 01:11:21.426769 IP 192.168.1.11 >10.10.1.14: ICMP echo reply, id 51205, seq 29, length 64 01:11:22.426792 IP 10.10.1.14 >192.168.1.11: ICMP echo request, id 51205, seq 30, length 64 01:11:22.427346 IP 192.168.1.11 >10.10.1.14: ICMP echo reply, id 51205, seq 30, length 64 #客户机1抓取来自客户机2的包 [root@client01 ~]# tcpdump -i eth0 host10.10.1.14 tcpdump: verbose output suppressed, use -vor -vv for full protocol decode listening on eth0, link-type EN10MB(Ethernet), capture size 65535 bytes 01:12:27.549172 IP 10.10.1.14 >192.168.1.11: ICMP echo request, id 51205, seq 95, length 64 01:12:27.549198 IP 192.168.1.11 >10.10.1.14: ICMP echo reply, id 51205, seq 95, length 64 01:12:28.549233 IP 10.10.1.14 >192.168.1.11: ICMP echo request, id 51205, seq 96, length 64 01:12:28.549259 IP 192.168.1.11 >10.10.1.14: ICMP echo reply, id 51205, seq 96, length 64
四 实验——ip命令实现
#准备条件 [root@client01 ~]# service iptables stop [root@client01 ~]# setenforce 0 [root@client01 ~]# chkconfig iptables off [root@client01 ~]# chkconfig ip6tables off #第一台机器的配置 [root@client01 ~]# ip route add default via192.168.1.12 dev eth0 [root@client01 ~]# route -n [root@client01 ~]# sysctl -wnet.ipv4.ip_forward=1 net.ipv4.ip_forward = 1 #第二台机器的配置 [root@serv02 ~]# ip route add10.10.1.0/255.255.255.0 via 172.16.1.13 dev eth1 [root@serv02 ~]# ip route [root@serv02 ~]# sysctl -w net.ipv4.ip_forward=1 net.ipv4.ip_forward = 1 #第三台机器 [root@serv03 ~]# ip route add192.168.1.0/255.255.255.0 via 172.16.1.12 dev eth0 [root@serv03 ~]# route -n [root@serv03 ~]# sysctl -wnet.ipv4.ip_forward=1 net.ipv4.ip_forward = 1 #第四台机器 [root@client02 ~]# sysctl -wnet.ipv4.ip_forward=1 net.ipv4.ip_forward = 1 [root@client02 ~]# cat/proc/sys/net/ipv4/ip_forward 1 [root@client02 ~]# ip route add default via10.10.1.13 dev eth0 [root@client02 ~]# route -n
我的邮箱:wgbno27@163.com 新浪微博:@Wentasy27 微信公众平台:JustOracle(微信号:justoracle) 数据库技术交流群:336882565(加群时验证 From CSDN XXX) Oracle交流讨论组:https://groups.google.com/d/forum/justoracle By Larry Wen
@Wentasy 博文仅供参考,欢迎大家来访。如有错误之处,希望批评指正。原创博文如需转载请注明出处,谢谢 [CSDN博客] |