#宽带运营商的计算和计算机的下载单位不一样 100Mbps=100/8M #网络的拓扑结构: 总线 环线 令牌环网 星型 #网络的标准OSI模型和分层: physic 解决电器特效,传递高低电平0101这样的, 数据位 bit data link 识别数据帧,物理地址的识别,区分唯一的MAC地址,同一局域网之间的通信,链路之间的通信 含有校验帧可以校验数据 数据帧 网卡工作的地方 network 网路地址的识别、层层的将数据报文转发过来 数据包 transport 负责数据的可靠的传输 数据不能丢失 数据段 session 建立会话 消息 presentation application 应用协议 http mysql数据库
单播 unicast 一对一 适合点对点 广播 broadcast 一对多 组播 multicast 部分,例如,微信里面的一个群 冲突域 广播域
单工 只有一个方向 例如:收音机 半双工 不能同时发,也不能同时接受 例如:对讲机 全双工 电话
[root03:16 PMcentos8 ~]#mii-tool -v eth0 eth0: negotiated 1000baseT-FD flow-control, link ok #表示网卡是连接状态 product info: Yukon 88E1011 rev 3 basic mode: autonegotiation enabled basic status: autonegotiation complete, link ok capabilities: 1000baseT-FD 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD advertising: 1000baseT-FD 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD link partner: 1000baseT-HD 1000baseT-FD 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD [root03:31 PMcentos8 ~]#ethtool eth0 Settings for eth0: Supported ports: [ TP ] Supported link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full 1000baseT/Full Supported pause frame use: No Supports auto-negotiation: Yes Supported FEC modes: Not reported Advertised link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full 1000baseT/Full Advertised pause frame use: No Advertised auto-negotiation: Yes # auto-negotiation 自动协商 Advertised FEC modes: Not reported Speed: 1000Mb/s #支持的结果 Duplex: Full #全双工模式 Port: Twisted Pair PHYAD: 0 Transceiver: internal Auto-negotiation: on MDI-X: off (auto) Supports Wake-on: d Wake-on: d Current message level: 0x00000007 (7) drv probe link Link detected: yes #当前网卡的状态是连接的 [root03:32 PMcentos8 ~]#
[root03:32 PMcentos8 ~]#ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:41:8d:2a brd ff:ff:ff:ff:ff:ff # UP 开启状态 inet 10.0.0.8/24 brd 10.0.0.255 scope global noprefixroute eth0 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fe41:8d2a/64 scope link # BROADCAST,MULTICAST 组播 多播 valid_lft forever preferred_lft forever 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:41:8d:34 brd ff:ff:ff:ff:ff:ff
[root03:36 PMcentos8 ~]#ip link 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 #安装TCP协议以后的虚拟网卡 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000 link/ether 00:0c:29:41:8d:2a brd ff:ff:ff:ff:ff:ff 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000 link/ether 00:0c:29:41:8d:34 brd ff:ff:ff:ff:ff:ff
国际电子电器工程师协会 IEEE 802.1 IEEE 802.2 IEEE 802.3 IEEE 802.11 无线网络标准 载波侦听多路访问 ,有冲突就不发报
RJ-45水晶头 T568B 橙白 橙 绿白 蓝 蓝白绿 棕白 棕 T568A 绿白 棕 橙白 蓝 蓝白绿 棕白 橙 直连线 交叉线
前导信息 8个字节 目标地址 6 源地址 6 类型 2个字节的类型(作用是:注明为下一层提供什么服务) 数据 可大可小 校验信息 FCS
前24位:分配给厂家的 后24位
#vlan 虚拟局域网 分割广播域 在交换机上隔离广播域的效果
都是传输层的两个协议 TCP :传输控制协议 [root06:45 PMcentos7 ]#yum install man-pages [root06:45 PMcentos7 ]#man 7 tcp 可靠,对文件的可靠型要求比较高 UDP : 非面向连接,传输速度快,提供不可靠的网络访问
[root07:19 PMcentos7 ]#cat /proc/sys/net/ipv4/ip_local_port_range 32768 60999 #0-1023 系统端口和特权端口 1024-49151 用户端口或注册端口 49152-65535 动态端口或私有端口,客服端随机端口 #查看服务的端口号 [root07:29 PMcentos7 ]#less /etc/services #windows上也可以查看: C:\Windows\System32\drivers\etc\services #查看这个端口号没有被使用 [root07:31 PMcentos7 ]#grep 9527 /etc/services
#服务端安装nc开启9527服务 [root07:32 PMcentos7 ]#yum install nc -y [root07:36 PMcentos7 ]#nc -l 9527 hello #客服端连接服务端发信息 [root07:36 PMcentos8 ~]#nc 10.0.0.73 9527 hello #服务端收到信息 [root07:36 PMcentos7 ]#nc -l 9527 hello [root07:35 PMcentos8 ~]#ss -nt 客服端用56180连接服务端的9527端口 State Recv-Q Send-Q Local Address:Port Peer Address:Port ESTAB 0 0 10.0.0.8:22 10.0.0.1:57095 ESTAB 0 36 10.0.0.8:22 10.0.0.1:65224 ESTAB 0 0 10.0.0.8:56180 10.0.0.73:9527
[root08:21 PMcentos8 ~]#lsof -i :22 #例如22号端口 [root08:21 PMcentos8 ~]#ss -tlnp
#例如,判断22号端口是否开启 [root09:57 PMcentos7 ]#</dev/tcp/127.0.0.1/22 [root09:57 PMcentos7 ]#echo $? 0
[root09:57 PMcentos7 ]#cat /proc/sys/net/ipv4/tcp_max_syn_backlog 128 [root10:27 PMcentos7 ]#echo 1024 > !$ echo 1024 > /proc/sys/net/ipv4/tcp_max_syn_backlog [root10:27 PMcentos7 ]#cat /proc/sys/net/ipv4/tcp_max_syn_backlog 1024
[root06:52 AMcentos8 ~]#ping 10.0.0.8 -s 655 #发送655个包 PING 10.0.0.8 (10.0.0.8) 655(683) bytes of data. 663 bytes from 10.0.0.8: icmp_seq=1 ttl=64 time=0.027 ms -f 洪水泛滥,尽最大的能力去ping
rarp (mac地址装换为ip)
地址解析协议,利用IP地址把他解析成MAC,ARP发送广播,在数据 [root07:23 AMcentos7 ]#arp -n #ARP广播 Address HWtype HWaddress Flags Mask Iface 10.0.0.3 (incomplete) ens33 10.0.0.1 ether 00:50:56:c0:00:08 C ens33 10.0.0.34 (incomplete) ens33 10.0.0.8 ether 00:0c:29:41:8d:2a C ens33 10.0.0.2 ether 00:50:56:e1:61:4d C ens33 相互通讯以后就会有缓存,相互缓存 [root07:25 AMcentos8 ~]#tcpdump -i eth0 -nn arp #抓包 dropped privs to tcpdump tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes 07:25:51.545311 ARP, Request who-has 10.0.0.73 tell 10.0.0.8, length 28 07:25:51.545512 ARP, Reply 10.0.0.73 is-at 00:0c:29:58:ed:19, length 46 07:25:58.182096 ARP, Request who-has 10.0.0.8 tell 10.0.0.73, length 46 07:25:58.182110 ARP, Reply 10.0.0.8 is-at 00:0c:29:41:8d:2a, length 28 07:26:02.892596 ARP, Request who-has 10.0.0.8 (00:0c:29:41:8d:2a) tell 10.0.0.1, length 46 arp没有任何的确认,直接就说自己是ARP #arp欺骗 arp 静态绑定,防止arp欺骗 arp -s 10.0.0.8 00:0c:29:32:80:38
跟踪命令
C:\Users\Hasee>tracert -d www。baidu.com [root09:50 AMcentos8 ~]#traceroute www.baidu.com [root10:16 AMcentos8 ~]#tracepath 114.114.114.114
mac地址唯一的网卡地址, ip地址有可管理性,IP地址能体现出你的网段,体现出你在哪个网段,一个网段就是一个广播地址 局域网用交换机切换为VLAN,每一个网路 网络ID 主机ID A类 1~127 0 8位的网络号,固定了以0开头 有2^7-2=126个网段 每个网段可有的主机2^24-2=16777214 B类 128~191 10 16位网络号, 固定了以10开头 C类 192~223 110 24位网络号 固定了以110开头 D类 224~239 1110 组播 多播 E类 240 11110 保留未使用 私有IP(不直接用于互联网,在局域网使用,公网地址世界唯一) 10.0.0.0 10.255.255.255 172.16.0.0 172.31.255.255 192.168.0.0 192.168.250.255 特殊地址: 169.254.x.x 主机使用DHCP分配的,但是却分配不到,系统给的 0.0.0.0 所有不清楚的主机和目标网络 255.255.255.255 限制广播地址
CIDR 无类域间路由 #分配给120台主机怎样子网掩码 2^7=128 255.255.255.10000000 255.255.255.128 =/25 拿自己的子网掩码和自己与运算 拿自己的子网掩码和对方与运算 看看是不是同一网段 A 192.168.1.100/24 B 192.168.2.200/16 B认为和A是同一网段,B发出去的包一去无回 B访问A超时 A却不认为和B是同一网段 A A访问B目标主机不可达 #以下的两台机器可以ping通 192.168.1.100/8 /12 /15 192.168.2.100/16 和1相与保留原值 和0相与都是0
#从主机位每次借n位就划分2^n 个子网 给10.0.0.0/8 划分32个子网 #每个子网的子网掩码: 每次从主机位借n位,那么就划分2^n次方个子网 2^5=32 所以要借5位,所以子网掩码为10.11111000.0.0 即 10.248.0.0 #每个省的子网的主机数 2^(32-13) -2= #第十个子网的网络ID 因为第10个子网就是被借的那5位的10进制值为9 所以第10个子网就是10.01001 000.00000000.00000000 10.72.0.0/13 #第十个子网的最小Ip和最大Ip 10.01001 000.00000000.00000001 10.72.0.1 最小Ip 10.01001 111.1111111.11111110 10.79.255.254 最大Ip #所有子网中最小的和最大的网络ID号 10.00000 000.00000000.00000000 10.0.0.0/13 10.11111 000.00000000.00000000 10.248.0.0/13
主机ID向网络ID借位,即将小的子网划分为一个大网,与子网划分正好相反 220.78.168.0/24 220.78.10101 000.0/24 220.78.169.0/24 220.78.10101 001.0/24 220.78.170.0/24 220.78.171.0/24 ....... 220.78.172.0/24 220.78.173.0/24 220.78.174.0/24 220.78.175.0/24 220.78.10101 111.0/24 七个网段一个都不能少,才能正好合并为一个超网 取相同的部分 220.78.168.0/21
[root@centos6 ~]# vi /etc/udev/rules.d/70-persistent-net.rules # program, run by the persistent-net-generator.rules rules file. # This file was automatically generated by the /lib/udev/write_net_rules # program, run by the persistent-net-generator.rules rules file. # # You can modify it, as long as you keep each rule on a single # line, and change only the value of the NAME= key. # PCI device 0x8086:0x100f (e1000) SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0c:29:e2:b4:8a", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0" #修改name就修改了网卡名字 # PCI device 0x8086:0x100f (e1000) SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0c:29:e2:b4:94", ATTR{type}=="1", KERNEL=="eth*", NAME="eth1" reboot 就可以了 或者不重启,修改网卡的驱动 [root@centos6 ~]# ethtool -i eth0 driver: e1000 #这是网卡驱动的名称 version: 7.3.21-k8-NAPI firmware-version: bus-info: 0000:02:01.0 supports-statistics: yes supports-test: yes supports-eeprom-access: yes supports-register-dump: yes supports-priv-flags: no 该命令也可以查看网卡驱动 [root@centos6 ~]# dmesg |grep eth -C 10 卸载网卡驱动 [root@centos6 ~]# modprobe -r e1000 重新加载网卡: [root@centos6 ~]# modprobe e1000
ip link set eth0 down ip link set eth0 name abc ip link set abc up
[root@centos6 ~]# rpm -qf `which ifconfig` net-tools-1.60-114.el6.x86_64 安装生成哪些文件 [root03:10 PMcentos7 ]#rpm -ql net-tools [root03:22 PMcentos7 ]#rpm -qi net-tools Name : net-tools Version : 2.0 Release : 0.25.20131004git.el7 Architecture: x86_64 Install Date: Wed 21 Apr 2021 03:57:11 PM EDT Group : System Environment/Base Size : 938978 License : GPLv2+ Signature : RSA/SHA256, Thu 22 Aug 2019 05:36:04 PM EDT, Key ID 24c6a8a7f4a80eb5 Source RPM : net-tools-2.0-0.25.20131004git.el7.src.rpm Build Date : Thu 08 Aug 2019 09:10:26 PM EDT Build Host : x86-02.bsys.centos.org Relocations : (not relocatable) Packager : CentOS BuildSystem <http://bugs.centos.org> Vendor : CentOS URL : http://sourceforge.net/projects/net-tools/ Summary : Basic networking tools Description : The net-tools package contains basic networking tools, including ifconfig, netstat, route, and others. Most of them are obsolete. For replacement check iproute package. # 被iproute 代替了 [root03:22 PMcentos7 ]#
#关闭网卡 ifconfig eth1 down #临时配置IP: ifconfig ens33 192.168.1.2/24 #清空地址 [root03:30 PMcentos7 ]#ifconfig ens37 0.0.0.0/0 #给一个网卡多个地址 [root03:33 PMcentos7 ]#ifconfig ens33:1 192.168.1.200/24 #清理ip [root03:37 PMcentos7 ]#ifconfig ens33:1 down -s 统计网卡的流量 [root03:40 PMcentos7 ]#ifconfig -s Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg ens33 1500 445 0 0 0 302 0 0 0 BMRU ens37 1500 7 0 0 0 12 0 0 0 BMRU lo 65536 1 0 0 0 1 0 0 0 LRU
[root03:40 PMcentos7 ]#route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 10.0.0.2 0.0.0.0 UG 100 0 0 ens33 10.0.0.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 ens37
#添加路由 route add 例如:route add -net 172.16.0.0/16 gw 172.18.0.200/16 dev eth1 添加的路由的网段是 172.16.0.0 网关是172.18.0.200 最边界的路由器可以配置成默认的路由: route add default gw 172.18.0.200/16 #查看修改内核参数 [root07:25 PMcentos8 ~]#sysctl -a |grep ip_forward net.ipv4.ip_forward = 1 net.ipv4.ip_forward_update_priority = 1 net.ipv4.ip_forward_use_pmtu = 0 #修改内核参数,重启以后数据就丢失了 [root04:54 PMcentos8 ~]#cat /proc/sys/net/ipv4/ip_forward 0 [root07:08 PMcentos8 ~]#echo 1 > /proc/sys/net/ipv4/ip_forward [root07:22 PMcentos8 ~]#cat /proc/sys/net/ipv4/ip_forward 1 每经过一个路由器就是一跳,防火墙要禁用,selinux
chkconf NetworkManage off 禁用 service NetworkManage stop 关闭服务
[root08:48 PMcentos8 ~]#rpm -ql iproute
该命令ss 也可以用 -r -nr [root08:45 PMcentos8 ~]#netstat -r Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface default _gateway 0.0.0.0 UG 0 0 0 eth0 10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 [root08:46 PMcentos8 ~]#netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 0.0.0.0 10.0.0.2 0.0.0.0 UG 0 0 0 eth0 10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 [root08:46 PMcentos8 ~]#netstat -Ieth0 选项和参数连接一起 Kernel Interface table Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg eth0 1500 131326 0 0 0 163581 0 0 0 BMRU
ip link 查看设置链路层 ip link set etho down ip link set etho up ip link set eth0 name NAME #添加一条ip地址 [root08:59 PMcentos8 ~]#ip address add 10.0.0.200/24 dev eth0 label eth0:2 [root09:01 PMcentos8 ~]#ip address add 10.0.0.100/24 dev eth0 #不加标签添加IP
# route -n 和 ip route 显示的是一样的 [root09:12 PMcentos8 ~]#route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 10.0.0.2 0.0.0.0 UG 100 0 0 eth0 10.0.0.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0 [root09:10 PMcentos8 ~]#ip route default via 10.0.0.2 dev eth0 proto static metric 100 10.0.0.0/24 dev eth0 proto kernel scope link src 10.0.0.8 metric 100 #添加一条路由的地址为1.1.1.0的网段,网关为10.0.0.2 (参考格式直接复制) [root09:16 PMcentos8 ~]#ip route add 1.1.1.0/24 via 10.0.0.2 dev eth0 proto static metric 100 [root09:18 PMcentos8 ~]#route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 10.0.0.2 0.0.0.0 UG 100 0 0 eth0 1.1.1.0 10.0.0.2 255.255.255.0 UG 100 0 0 eth0 10.0.0.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0 #删除路由表: [root09:23 PMcentos8 ~]#ip route del 1.1.1.0/24 via 10.0.0.2 #删除默认路由 [root09:25 PMcentos8 ~]#ip route del default via 10.0.0.2
#删除所有的路由,添加新的IP自动生成新的路由 [root10:43 PMcentos7 ]#route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.0.0.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33 [root10:44 PMcentos7 ]#ip a a 7.7.7.7/24 dev ens33 label ens33:1 [root10:46 PMcentos7 ]#route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 7.7.7.0 0.0.0.0 255.255.255.0 U 0 0 0 ens33 10.0.0.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33 [root10:47 PMcentos7 ]#ping 8.8.8.8 connect: Network is unreachable #没有路由无法通(Gateway那里没有地址) [root10:43 PMcentos8 ~]#route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.0.0.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0 [root10:44 PMcentos8 ~]#ip a a 8.8.8.8/24 dev eth0 label eth0:1 [root10:47 PMcentos8 ~]#route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 8.8.8.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 10.0.0.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0 [root10:47 PMcentos8 ~]#ping 7.7.7.7 #没有路由无法通 connect: Network is unreachable # 新开一台虚拟机做模拟的路由器,添加两个ip [root10:56 PMcentos7 ~]#ip a a 7.7.7.200/24 dev ens33:7 [root10:57 PMcentos7 ~]#ip a a 8.8.8.200/24 dev ens33:8 #两台主机分别添加路由,即:路由器的两个ip [root11:01 PMcentos7 ]#ip route add default via 7.7.7.200 [root11:12 PMcentos8 ~]#ip route add default via 8.8.8.200 #开启转发 [root11:16 PMcentos7 ~]#echo 1 > /proc/sys/net/ipv4/ip_forward 方法二:不添加模拟路由器,各自添加一条默认路由,指定接口 #不用单臂路由,不同网段的两台机器相互通讯的底层原理 [root10:46 PMcentos7 ]#ip route 7.7.7.0/24 dev ens33 proto kernel scope link src 7.7.7.7 10.0.0.0/24 dev ens33 proto kernel scope link src 10.0.0.73 metric 100 [root11:27 PMcentos7 ]#ping 8.8.8.8 connect: Network is unreachable [root11:28 PMcentos7 ]#ip route add default dev ens33 [root11:24 PMcentos8 ~]#ip route 8.8.8.0/24 dev eth0 proto kernel scope link src 8.8.8.8 10.0.0.0/24 dev eth0 proto kernel scope link src 10.0.0.8 metric 100 [root11:27 PMcentos8 ~]#ping 7.7.7.7 connect: Network is unreachable [root11:27 PMcentos8 ~]#ip route add default dev eth0
[root08:07 AMcentos8 ~]#ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 路由解决跨主机之间的通信,本机的通信是不需要路由表的,这个网卡上的地址是不会放在路由表上的 #添加回环地址不会生成路由记录 [root08:07 AMcentos8 ~]#ip a a 1.1.1.1/24 dev lo label lo:1 [root08:11 AMcentos8 ~]#ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet 1.1.1.1/24 scope global lo:1 valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever [root08:11 AMcentos8 ~]#ping 1.1.1.125 PING 1.1.1.125 (1.1.1.125) 56(84) bytes of data. 64 bytes from 1.1.1.125: icmp_seq=1 ttl=64 time=0.013 ms #和回环网在一个网段 64 bytes from 1.1.1.125: icmp_seq=2 ttl=64 time=0.023 ms #删除默认路由 [root08:19 AMcentos8 ~]#ip route default via 10.0.0.2 dev eth0 proto static metric 100 10.0.0.0/24 dev eth0 proto kernel scope link src 10.0.0.8 metric 100 [root08:19 AMcentos8 ~]#ip route del default via 10.0.0.2 dev eth0 proto static metric 100 [root08:20 AMcentos8 ~]#ip route 10.0.0.0/24 dev eth0 proto kernel scope link src 10.0.0.8 metric 100 两台主机上: [root08:27 AMcentos7 ~]#ip a a 7.7.7.7 dev lo label lo:1 [root08:20 AMcentos8 ~]#ip a a 8.8.8.8 dev lo label lo:1 [root08:38 AMcentos7 ~]#ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet 7.7.7.7/32 scope global lo:1 #32位子网掩码而且绑在回环网卡 valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever [root08:37 AMcentos8 ~]#ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet 1.1.1.1/24 scope global lo:1 valid_lft forever preferred_lft forever inet 8.8.8.8/32 scope global lo:1 #子网掩码32位,而且绑在回环网卡 valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 现在无法两台机器相互ping通的,所以两台主机要要添加路由 [root08:36 AMcentos8 ~]#ip route add default dev eth0 [root08:37 AMcentos7 ~]#ip route add default dev ens33
centos6 [root@centos6 ~]# cat /etc/sysconfig/network NETWORKING=yes HOSTNAME=centos6 centos7 centos8 [root08:40 AMcentos7 ~]#cat /etc/hostname centos7
保存在配置文件里面,以routek开头的文件命名,重启生效 [root10:28 AMcentos8 ~]#cat /etc/sysconfig/network-scripts/route-eth0 172.16.0.0/16 via 10.0.0.100
[root10:34 AMcentos8 /etc/sysconfig/network-scripts]#cp ifcfg-eth0 ifcfg-eth0:1 [root10:34 AMcentos8 /etc/sysconfig/network-scripts]#vim ifcfg-eth0:1 [root10:39 AMcentos8 /etc/sysconfig/network-scripts]#vim ifcfg-eth0:1 BOOTPROTO="static" NAME="eth0" DEVICE=eth0:1 #修改此项,此后的10.0.0.88 这个ip地址就会永久保存 ONBOOT="yes" IPADDR=10.0.0.88 GATEWAY=10.0.0.2 NETMASK=255.255.255.0 DNS=10.0.0.8 HWADDR=00:0c:29:41:8d:2a ~
[root11:02 AMcentos8 /etc/sysconfig/network-scripts]#ls ifcfg-ens34 ifcfg-eth0 ifcfg-eth0:1 route-eth0 [root11:01 AMcentos8 /etc/sysconfig/network-scripts]#cat ifcfg-eth0 设置为自动获取 BOOTPROTO=dhcp NAME="eth0" DEVICE=eth0 ONBOOT="yes" [root11:02 AMcentos8 /etc/sysconfig/network-scripts]#cat ifcfg-eth0:1 设置为手工配置 BOOTPROTO="static" NAME="eth0" DEVICE="eth0:1" ONBOOT="yes" IPADDR=10.0.0.8 GATEWAY=10.0.0.2 NETMASK=255.255.255.0 DNS=10.0.0.8 #注意:只能把eth0 设置为自动或取 eth0:1 设置为手动配置
逻辑上共用一个MAC地址
#添加两张网卡,手动编写配置文件 [root11:46 AMcentos8 /etc/sysconfig/network-scripts]#ls ifcfg-bond0 ifcfg-ens34 ifcfg-eth0 ifcfg-eth1 [root11:38 AMcentos8 /etc/sysconfig/network-scripts]#cat ifcfg-eth0 DEVICE="eth0" ONBOOT="yes" SLAVE=yes MASTER=bond0 [root11:38 AMcentos8 /etc/sysconfig/network-scripts]#cat ifcfg-eth1 DEVICE="eth1" ONBOOT="yes" SLAVE=yes MASTER=bond0 [root11:38 AMcentos8 /etc/sysconfig/network-scripts]#cat ifcfg-bond0 TYPE=bond DEVICE=bond0 BOOTPROTO=none IPADDR=10.0.0.100 PREFIX=24 BONDING_OPTS="mode=1 miimon=100 " #查看bond里面的 [root11:55 AMcentos8 /etc/sysconfig/network-scripts]#cat /proc/net/bonding/bond0 Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011) Bonding Mode: fault-tolerance (active-backup) Primary Slave: None Currently Active Slave: eth1 MII Status: up MII Polling Interval (ms): 100 Up Delay (ms): 0 Down Delay (ms): 0 Peer Notification Delay (ms): 0 Slave Interface: eth0 MII Status: up Speed: 1000 Mbps Duplex: full Link Failure Count: 1 Permanent HW addr: 00:0c:29:41:8d:2a Slave queue ID: 0 Slave Interface: eth1 MII Status: up Speed: 1000 Mbps Duplex: full Link Failure Count: 0 Permanent HW addr: 00:0c:29:41:8d:34 Slave queue ID: 0
#禁用网卡 [root12:07 PMcentos8 /etc/sysconfig/network-scripts]#ifconfig bond0 down #卸载模块 modprobe -r bonding #删除配置文件
不同的场合有不同的Ip,家里有家里的Ip 办公区有办公区的Ip
# 安装包,开启NetworkManager [root04:31 PMcentos8 ~]#yum install NetworkManager -y [root04:33 PMcentos8 ~]#yum -y install bash-completion #改名字: [root04:37 PMcentos8 /etc/sysconfig/network-scripts]#ls ifcfg-eth0 [root04:38 PMcentos8 ~]#nmcli connection NAME UUID TYPE DEVICE Wired connection 1 16a1180c-a32e-312d-a7bb-1d7f1c0fe463 ethernet eth1 eth0 5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03 ethernet eth0 [root04:39 PMcentos8 ]#nmcli connection modify Wired\ connection\ 1 con-name eth1-home [root04:40 PMcentos8 ]#nmcli connection NAME UUID TYPE DEVICE eth1-home 16a1180c-a32e-312d-a7bb-1d7f1c0fe463 ethernet eth1 eth0 5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03 ethernet eth0 #手工修改一个eth1-home的静态Ip [root04:40 PMcentos8 /etc/sysconfig/network-scripts]#nmcli connection modify eth1-home ipv4.addresses 192.168.0.100/24 ipv4.gateway 192.168.0.1 ipv4.dns 223.6.6.6 ipv4.method manual [root04:41 PMcentos8]#nmcli connection NAME UUID TYPE DEVICE eth0 5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03 ethernet eth0 eth1-home 16a1180c-a32e-312d-a7bb-1d7f1c0fe463 ethernet eth1 [root04:41 PMcentos8 ]#ls ifcfg-eth0 ifcfg-eth1-home #自动获取一个eth1-work 的动态Ip [root04:42 PMcentos8]#nmcli connection add con-name eth1-work ipv4.method manual ipv4.addresses 172.16.0.100/16 type ethernet ifname eth1 Connection 'eth1-work' (f4094db8-c105-4fba-a706-61a8fbc644fc) successfully added. #加载 [root04:43 PMcentos8 /etc/sysconfig/network-scripts]#nmcli connection reload [root04:43 PMcentos8 /etc/sysconfig/network-scripts]#nmcli connection NAME UUID TYPE DEVICE eth0 5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03 ethernet eth0 eth1-home 16a1180c-a32e-312d-a7bb-1d7f1c0fe463 ethernet eth1 eth1-work f4094db8-c105-4fba-a706-61a8fbc644fc ethernet -- #切换以后自由变换Ip [root04:43 PMcentos8 /etc/sysconfig/network-scripts]#nmcli connection up eth1-work Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/8) [root04:57 PMcentos8 /etc/sysconfig/network-scripts]#ifconfig eth1 eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.16.0.100 netmask 255.255.0.0 broadcast 172.16.255.255 inet6 fe80::f9bd:63b5:82d9:a169 prefixlen 64 scopeid 0x20<link> ether 00:0c:29:41:8d:34 txqueuelen 1000 (Ethernet) RX packets 9 bytes 1289 (1.2 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 99 bytes 13143 (12.8 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [root04:57 PMcentos8 /etc/sysconfig/network-scripts]#ls #这样eth1 就有两份配置文件了 ifcfg-eth0 ifcfg-eth1-home ifcfg-eth1-work 一套物理网卡有多个Ip
#创建一个名字叫 mybond0的bond [root05:12 PMcentos8]#nmcli connection add con-name mybond0 ifname bond0 type bond ipv4.method manual ipv4.addresses 10.0.0.100/24 Connection 'mybond0' (3e7d1d3f-0615-475d-ac78-8c30c52f0c77) successfully added. #将eth1网卡命名为 mybond0-eth1添加到bond中 [root05:24 PMcentos8 /etc/sysconfig/network-scripts]#nmcli connection add con-name mybond0-eth1 ifname eth1 type bond-slave master bond0 Connection 'mybond0-eth1' (d8ac4db5-9c62-440a-88fc-80b61457d77a) successfully added. [root05:27 PMcentos8 /etc/sysconfig/network-scripts]#nmcli connection NAME UUID TYPE DEVICE eth0 5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03 ethernet eth0 mybond0 3e7d1d3f-0615-475d-ac78-8c30c52f0c77 bond bond0 mybond0-eth1 d8ac4db5-9c62-440a-88fc-80b61457d77a ethernet eth1 #将eth0网卡命名为 mybond0-eth0添加到bond中 root05:29 PMcentos8 /etc/sysconfig/network-scripts]#nmcli connection add con-name mybond0-eth0 ifname eth0 type bond-slave master bond0 Connection 'mybond0-eth0' (fb22a8c7-ece4-4436-9239-a1dc7acb137b) successfully added. #清除上次实验的eth0 root05:31 PMcentos8 /etc/sysconfig/network-scripts]#nmcli connection delete eth0 Connection 'eth0' (5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03) successfully deleted. [root05:34 PMcentos8 ~]#cat /proc/net/bonding/bond0 Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011) Bonding Mode: load balancing (round-robin) MII Status: up MII Polling Interval (ms): 100 Up Delay (ms): 0 Down Delay (ms): 0 Peer Notification Delay (ms): 0 Slave Interface: eth1 MII Status: up Speed: 1000 Mbps Duplex: full Link Failure Count: 0 Permanent HW addr: 00:0c:29:41:8d:34 Slave queue ID: 0 Slave Interface: eth0 MII Status: up Speed: 1000 Mbps Duplex: full Link Failure Count: 0 Permanent HW addr: 00:0c:29:41:8d:2a Slave queue ID: 0 #两张网卡绑定在bond上了,查看一下 [root05:34 PMcentos8 ~]#nmcli connection NAME UUID TYPE DEVICE mybond0 3e7d1d3f-0615-475d-ac78-8c30c52f0c77 bond bond0 mybond0-eth0 fb22a8c7-ece4-4436-9239-a1dc7acb137b ethernet eth0 mybond0-eth1 d8ac4db5-9c62-440a-88fc-80b61457d77a ethernet eth1
[root05:54 PMcentos8 ~]#nmcli connection add con-name myteam0 ifname team0 type team config '{"runner":{"name":"activebackup"}}' ipv4.addresses 10.0.0.200/24 Connection 'myteam0' (a7257089-5e10-47a5-abd4-12b2bf1e0905) successfully added. [root06:03 PMcentos8 /etc/sysconfig/network-scripts]#nmcli connection delete mybond0 Connection 'mybond0' (3e7d1d3f-0615-475d-ac78-8c30c52f0c77) successfully deleted. #############不是很会
和交换机一个原理,隔离冲突域