标签:repo 00 0.0 绑定 192.168 网卡 IP地址 root eth0
1、IP分类以及每个分类可以分配的IP数量
1.1 IP地址组成
唯一标识 IP 网络中的每台设备 ,每台主机(计算机、网络设备、外围设备)必须具有唯一的地址
IP地址由两部分组成
网络ID:标识网络,每个网段分配一个网络ID,处于高位
主机 ID:标识单个主机,由组织分配给各设备,处于低位
IPv4地址格式:点分十进制记法
IP地址是一个32位二进制数,如:10101100 00010000 10000000 00010001
| 可将此32位二进制数划分为四组8位二进制数 | 10101100 | 00010000 | 10000000 | 00010001 |
|---|---|---|---|---|
| 每组二进制八位数(或字节)均可转换成十进制数 | 172 | 16 | 128 | 17 |
| 地址可使用点分十进制记法记录 | 172. | 16. | 128. | 17 |
1.2 IP地址分类
| A类 | B类 | C类 | D类 | E类 | |
|---|---|---|---|---|---|
| 二进制表示 | 0 0000000 - 0 1111111.X.Y.Z | 10 000000 - 10 111111.X.Y.Z | 110 00000 - 110 1 1111.X.Y.Z | 1110 0000 - 1110 1111.X.Y.Z | 保留未使用 |
| 十进制表示法 | 0-127.X.Y.Z | 128-191.X.Y.Z | 192-223.X.Y.Z | 224-239.X.Y.Z | 240-255 |
| 网络ID | 网络ID位是最高8位 | 网络ID位是最高16位 | 网络ID位是最高24位 | 组(多)播 | |
| 主机ID | 主机ID是24位低位 | 主机ID是16位低位 | 主机ID是8位低位 | ||
| 网络数 | 126=2^7(可变是的网络ID位数)-2 | 2^14=16384 | 2^21=2097152 | ||
| 每个网络中的主机数 | 2^24-2=16777214 | 2^16-2=65534 | 2^8-2=254 | ||
| 默认子网掩码 | 255.0.0.0 | 255.255.0.0 | 255.255.255.0 | ||
| 私网地址 | 10.0.0.0 | 172.16.0.0-172.31.0.0 | 192.168.0.0-192.168.255.0 | ||
| 范例 | 114.114.114.114,1.1.1.1,58.87.87.99119.29.29.29 | 180.76.76.76,172.16.0.1 | 223.6.6.6 |
1.3 公共和私有IP地址
私有IP地址:不直接用于互联网,通常在局域网中使用
- A类:10.0.0.0到10.255.255.255 (一个网段)
- B类:172.16.0.0到172.31.255.255 (16个网段)
- C类:192.168.0.0到192.168.255.255 (256个网段)
公共IP地址:互联网上设备拥有的唯一地址
A类:1.0.0.0到9.255.255.255 11.0.0.0到126.255.255.255
B类:128.0.0.0到172.15.255.255 172.32.0.0到191.255.255.255
C类:192.0.0.0到192.167.255.255 192.169.0.0到223.255.255.255
1.4 特殊地址
-
0.0.0.0:
不是一个真正意义上的IP地址。它表示所有不清楚的主机和目的网络。
-
255.255.255.255:
限制广播地址。对本机来说,这个地址指本网段内(同一广播域)的所有主机。
-
127.0.0.1~127.255.255.254:
本机回环地址,主要用于测试。在传输介质上永远不应该出现目的地址为“127.0.0.1”的 数据包。
-
224.0.0.0到239.255.255.255:
组播地址,224.0.0.1特指所有主机,224.0.0.2特指所有路由器。224.0.0.5指OSPF 路由器,地址多用于一些特定的程序以及多媒体程序。
- 169.254.x.x:
如果Windows主机使用了DHCP自动分配IP地址,而又无法从DHCP服务器获取地址,系统会为主机分配这样地址。
1.5 保留地址
主机位是全0或全1
范例:
172.16.0.0 网络中的两个地址:172.16.0.0和172.16.255.2551.6 子网掩码
CIDR:无类域间路由,目前的网络已不再按A,B,C类划分网段,可以任意指定网段的范围。
CIDR 无类域间路由表示法:IP/网络ID位数,如:172.16.0.100/16
netmask子网掩码:32位或128位(IPv6)的数字,和IP成对使用,用来确认IP地址中的网络ID和主机ID,对应网络ID的位为1,对应主机ID的位为0。
范例:255.255.255.0 ,表现为连续的高位为1,连续的低位为0
子网掩码的八位
相关公式:
- 一个网络的最多的主机数=2^主机ID位数-2
- 网络(段)数=2^网络ID中可变的位数
- 网络ID=IP与netmask
范例:
netmask: 255.255.224.0,即网络ID位是19,那么主机ID位是13,主机数=2^13-2=8190判断对方主机是否在同一个网段
用自已的子网掩码分别和自已的IP及对方的IP相与,比较结果,相同则同一网络,不同则不同网段。
范例:判断A和B是否在网一个网段
A: 192.168.1.100 netmask:255.255.255.0
B: 192.168.2.100 netmask:255.255.0.0
1)用A主机子网掩码分别与A及B的IP与
A主机网络地址11000000.10101000.00000001.01100100与
A主机子网掩码11111111.11111111.11111111.00000000得
11000000.10101000.00000001.00000000即
192.168.1.0
B主机网络地址11000000.10101000.00000010.01100100与
A主机子网掩码11111111.11111111.11111111.00000000得
11000000.10101000.00000010.00000000即
192.168.2.0
192.168.1.0<>192.168.2.0,所以A和B不在同一网段
2)用B主机子网掩码分别与A及B的IP与
A主机网络地址11000000.10101000.00000001.01100100与
B主机子网掩码11111111.11111111.00000000.00000000得
11000000.10101000.00000000.00000000即
192.168.0.0
B主机网络地址11000000.10101000.00000010.01100100与
B主机子网掩码11111111.11111111.00000000.00000000得
11000000.10101000.00000000.00000000即
192.168.0.0
192.168.0.0<>192.168.0.0,所以A和B在同一网段
通过以上比较判断,两次的结果不一致,A和B是无法通讯的。范例:计算网络ID、主机数
1)主机IP:172.16.1.100/28
#此主机所在的网段最多有多少主机?
#主机数=2^主机ID位数-2,即2^(32-28)-2=14
#网络ID? IP和子网掩码相与,172.16.1.96
#即IP地址和子网掩码都转换成二进制后相与的结果
172.16.1.100转换成二进制是:10101100.00010000.00000001.01100100
28位子网掩码转换成二进制是: 11111111.11111111.11111111.11110000
相与的结果是: 10101100.00010000.00000001.01100000
即: 172.16.1.96
#此网段的主机中最小的IP:主机位是0001,即172.16.1.0110 0001,转换成十进制是:172.16.1.97
#此网段的主机中最大的IP:主机位是1110,即172.16.1.0110 1110,转换成十进制是:172.16.1.110
2)主机IP:203.110.228.200/26
#主机数:2^(32-26)-2=62
#网络ID:因26=24+2,所以前3位不变203.110.228,最后一位11001000和掩码11000000相与,即11000000=192,所以网络ID就是203.110.228.192
#此网段的主机中最小的IP:主机位是00 0001,即203.110.228.1100 0001,转换成十进制是:203.110.228.193
#此网段的主机中最大的IP:主机位是00 1110,即203.110.228.1111 1110,转换成十进制是:203.110.228.254
1.7 划分子网
划分子网:将一个大的网络(主机数多)划分成多个小的网络(主机数少),主机ID位数变少,网络ID位数变多,网络ID位向主机ID位借位。
范例:
1、把10.0.0.0/8网段划分为2个子网
#首先需要向主机ID借位,因为是2个子网,所以借1位就可以了
10.0 0000000.0.0/8 10.0.0.1~10.255.255.254
#网络ID向主机ID借1位,划分了2^1=2个子网
10.0 0000000.0.0
10.1 0000000.0.0
第一个子网:10.0.0.0/9 主机数:2^23-2
第二个子网:10.128.0.0/9 主机数:2^23-2
2、把10.0.0.0/8网段划分为4个子网
#网络ID需向主机ID借2位,划分2^2=4个子网
10.00 000000.0.0
10.01 000000.0.0
10.10 000000.0.0
10.11 000000.0.0
第一个子网:10.0.0.0/10 主机数:2^22-2
第二个子网:10.64.0.0/10 主机数:都同上
第三个子网:10.128.0.0/10
第四个子网:10.192.0.0/10范例:
中国移动10.0.0.0/8 给32个各省公司划分对应的子网
1)每个省公司的子网的netmask?
32个分公司,需要至少32个子网,因为2^5=32,所以需要借5位主机的ID。
即网络位就是8+5=13
子网掩码就是:11111111.11111000.0.0即255.248.0.0
2)每个省公司的子网的主机数有多少?
2^(32-13)-2=524286
3)河南省得到第10个子网,网络ID是多少?
因为10.00000 000.0.0/13是第1个子网,所以第10个子网就是10.01001 000.0.0/13,
转换成二进制就是10.72.0.0/13
4)河南省得到第10个子网的最小IP和最大的IP?
最小IP地址:10.01001 000.0.1,即10.72.0.1
最大IP地址:10.01001 111.11111111.11111110,即10.79.255.254
5)所有子网中最小和最大的子网的netid?
最小的网络ID:10.00000 000.0.0/13,即10.0.0.0/13
最大的网络ID:10.11111 000.0.0/13,即10.248.0.0/13
范例:
中国移动10.0.0.0/8 给32个各省公司划分对应的子网,河南省得到第10个子网,再给省内的16个地市划分子
网。
#由上例得知,河南省得到的第10个子网的网络ID是10.01001 000.0.0/13,即10.72.0.0/13
#省内需再划分16个子网,即再从主机ID借4位,那网络ID就是17
1)每个市公司的子网的netmask?
#网络ID是17,所以子网掩码是255.255.128.0
2)每个市公司的子网的主机数有多少?
2^(32-17)-2=32766
3)各地市的最小netid和最大的netid?
最小的网络ID:10.01001 000.0 0000000.0,即10.72.0.0/17
最大的网络ID:10.01001 111.1 0000000.0,即10.79.128.0/17
4)洛阳市第2个子网,最小IP和最大IP?
第一个子网是10.01001 000.0 0000000.0,即10.72.0.0/17
第二个子网是10.01001 000.1 0000000.0,即10.72.128.0/17
第3~16个子网是:
10.73.0.0/17
10.73.128.0
10.74.0.0
10.74.128.0
10.75.0.0
10.75.128.0
10.76.0.0
10.76.128.0
10.77.0.0
10.77.128.0
10.78.0.0
10.78.128.0
10.79.0.0
10.79.128.0
洛阳第二个子网,最小IP和最大IP
最小IP:10.01001 000.1 0000000.00000001,即10.72.128.1/17
最大IP:10.01001 000.1 1111111.11111110,即10.72.255.254/17
1.8 优化IP地址分配
合并超网:将多个小网络合并成一个大网,主机ID位向网络ID位借位,实现路由表的优化,可以一条命令覆盖几个小网段。
范例:
有8条路由记录,分别是
220.78.168.0/24
220.78.169.0/24
220.78.170.0/24
220.78.171.0/24
220.78.172.0/24
220.78.173.0/24
220.78.174.0/24
220.78.175.0/24
合并成一个大网,主机ID向网络ID借位,需要转换成二进制
220.78.10101 000.0
220.78.10101 001.0
220.78.10101 010.0
220.78.10101 011.0
202.78.10101 100.0
202.78.10101 101.0
202.78.10101 110.0
202.78.10101 111.0
可以看到168~175的前5位二进制相同,所以需要借5位给网络ID
网络ID:202.78.10101 000.0/21,即202.78.168.0/212、IP配置方法
2.1 网络配置方式
静态IP地址配置方法:
- ifconfig命令
- ip命令
- system-config-network-tui,setup
-
添加配置文件
- 动态分配:DHCP: Dynamic Host Configuration Protocol
2.2 ifconfig命令
来自于net-tools包,建议使用 ip 代替
[root@repo-client ~]# rpm -qi net-tools
Name : net-tools
Version : 2.0
Release : 0.25.20131004git.el7
Architecture: x86_64
Install Date: Sat 19 Dec 2020 08:05:53 PM CST
Group : System Environment/Base
Size : 938978
License : GPLv2+
Signature : RSA/SHA256, Fri 23 Aug 2019 05:36:04 AM CST, Key ID 24c6a8a7f4a80eb5
Source RPM : net-tools-2.0-0.25.20131004git.el7.src.rpm
Build Date : Fri 09 Aug 2019 09:10:26 AM CST
Build Host : x86-02.bsys.centos.org
Relocations : (not relocatable)
Packager : CentOS BuildSystem <http://bugs.centos.org>
Vendor : CentOS
URL : http://sourceforge.net/projects/net-tools/
Summary : Basic networking tools
Description :
The net-tools package contains basic networking tools,
including ifconfig, netstat, route, and others.
Most of them are obsolete. For replacement check iproute package.
常用选项:
ifconfig [interface]
ifconfig -a
ifconfig IFACE [up|down]
ifconfig interface [aftype] options | address ...
ifconfig IFACE IP/netmask [up]
ifconfig IFACE IP netmask NETMASK范例:
[root@repo-client ~]# ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.100.11 netmask 255.255.255.0 broadcast 192.168.100.255
inet6 fe80::20c:29ff:feca:8ca2 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:ca:8c:a2 txqueuelen 1000 (Ethernet)
RX packets 207 bytes 20062 (19.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 165 bytes 24380 (23.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@repo-client ~]# ifconfig -a
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.100.11 netmask 255.255.255.0 broadcast 192.168.100.255
inet6 fe80::20c:29ff:feca:8ca2 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:ca:8c:a2 txqueuelen 1000 (Ethernet)
RX packets 257 bytes 24070 (23.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 192 bytes 27358 (26.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
ether 00:50:56:22:6f:2a txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 59 bytes 9494 (9.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
#添加ip地址
[root@repo-client ~]# ifconfig eth1 172.16.0.11 netmask 255.255.0.0
[root@repo-client ~]# ifconfig eth1
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.16.0.11 netmask 255.255.0.0 broadcast 172.16.255.255
ether 00:50:56:22:6f:2a txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 59 bytes 9494 (9.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
#清除eth1上的ip地址
[root@repo-client ~]# ifconfig eth1 0.0.0.0
[root@repo-client ~]# ifconfig eth1
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
ether 00:50:56:22:6f:2a txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 59 bytes 9494 (9.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
#禁用eth1
[root@repo-client ~]# ifconfig eth1 172.16.0.11/16
[root@repo-client ~]# ifconfig eth1
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 ##UP状态
inet 172.16.0.11 netmask 255.255.0.0 broadcast 172.16.255.255
ether 00:50:56:22:6f:2a txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 59 bytes 9494 (9.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@repo-client ~]# ifconfig eth1 down
[root@repo-client ~]# ifconfig eth1
eth1: flags=4098<BROADCAST,MULTICAST> mtu 1500 #禁用,无UP
inet 172.16.0.11 netmask 255.255.0.0 broadcast 172.16.255.255
ether 00:50:56:22:6f:2a txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 59 bytes 9494 (9.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
#启用
[root@repo-client ~]# ifconfig eth1 up
[root@repo-client ~]# ifconfig eth1
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.16.0.11 netmask 255.255.0.0 broadcast 172.16.255.255
ether 00:50:56:22:6f:2a txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 59 bytes 9494 (9.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
#对一个网卡设置多个IP地址
[root@repo-client ~]# ifconfig eth1:1 192.168.0.11/24
[root@repo-client ~]# ifconfig eth1:1
eth1:1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.0.11 netmask 255.255.255.0 broadcast 192.168.0.255
ether 00:50:56:22:6f:2a txqueuelen 1000 (Ethernet)
[root@repo-client ~]# ifconfig eth1:aaa 192.168.0.111/24 #可以用字符,一般用数字表示
[root@repo-client ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.100.11 netmask 255.255.255.0 broadcast 192.168.100.255
inet6 fe80::20c:29ff:feca:8ca2 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:ca:8c:a2 txqueuelen 1000 (Ethernet)
RX packets 1054 bytes 90065 (87.9 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 649 bytes 73792 (72.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.16.0.11 netmask 255.255.0.0 broadcast 172.16.255.255
ether 00:50:56:22:6f:2a txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 59 bytes 9494 (9.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth1:1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.0.11 netmask 255.255.255.0 broadcast 192.168.0.255
ether 00:50:56:22:6f:2a txqueuelen 1000 (Ethernet)
eth1:aaa: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.0.111 netmask 255.255.255.0 broadcast 192.168.0.255
ether 00:50:56:22:6f:2a txqueuelen 1000 (Ethernet)
[root@repo-client ~]# ifconfig eth1:aaa down
[root@repo-client ~]# ifconfig eth1:1 down
范例:
#统计当前网卡的流量
[root@repo-client ~]# ifconfig -s
Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0 1500 1255 0 0 0 766 0 0 0 BMRU
eth1 1500 0 0 0 0 59 0 0 0 BMRU
lo 65536 0 0 0 0 0 0 0 0 LRU
#监控当前网卡流量的变化(每秒)
[root@repo-client ~]# watch -n1 ifconfig -s
Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0 1500 1331 0 0 0 818 0 0 0 BMRU
eth1 1500 0 0 0 0 59 0 0 0 BMRU
lo 65536 0 0 0 0 0 0 0 0 LRU
2.3 ip命令
来自于iproute包,可用于代替ifconfig
2.3.1 配置Linux网络属性
ip命令格式:
ip [ OPTIONS ] OBJECT { COMMAND | help }ip 命令说明:
OBJECT := { link | addr | route }
ip link - network device configuration
ip link set [dev IFACE] [up|down] #可设置属性,激活或禁用指定接口,相当于 ifup/ifdown
ip link show [dev IFACE] [up] #指定接口,up仅显示处于激活状态的接口ip 地址管理:
ip addr { add | del } IFADDR dev STRING [label LABEL] [scope {global|link|host}]
[broadcast ADDRESS]
[label LABEL] #添加地址时指明网卡别名
[scope {global|link|host}] #指明作用域,global全局可用;link仅链接可用;host本机可用
[broadcast ADDRESS] #指明广播地址
ip address show #同 ip a
ip addr flush #清除网络地址范例:
#禁用网卡
[root@repo-client ~]# ip link set eth1 down
[root@repo-client ~]# ip a |grep eth1
3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
inet 172.16.0.11/16 brd 172.16.255.255 scope global eth1
#网卡改名并启用
[root@repo-client ~]# ip link set eth1 up
[root@repo-client ~]# ip link set eth1 name wangnet #网卡使用时不能改名
RTNETLINK answers: Device or resource busy
[root@repo-client ~]# ip link set eth1 down
[root@repo-client ~]# ip link set eth1 name wangnet #eth1 down后,就能修改名字了
[root@repo-client ~]# ip link set eth1 up
Cannot find device "eth1"
[root@repo-client ~]# ip link set wangnet up #使用修改后的名字
[root@repo-client ~]# ip a |grep wangnet
3: wangnet: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
inet 172.16.0.11/16 brd 172.16.255.255 scope global wangnet
#网卡别名
#添加网卡别名
[root@repo-client ~]# ip addr add 172.16.100.100/16 dev eth0 label eth0:0
[root@repo-client ~]# ip a |grep eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
inet 192.168.100.11/24 brd 192.168.100.255 scope global noprefixroute eth0
inet 172.16.100.100/16 scope global eth0:0
#删除网卡别名
[root@repo-client ~]# ip addr del 172.16.100.100/16
Not enough information: "dev" argument is required.
[root@repo-client ~]# ip addr del 172.16.100.100/16 dev eth0
[root@repo-client ~]# ip a |grep eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
inet 192.168.100.11/24 brd 192.168.100.255 scope global noprefixroute eth0
[root@repo-client ~]#
#清除网络地址
[root@repo-client ~]# ip a|grep wangnet
3: wangnet: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
inet 172.16.0.11/16 brd 172.16.255.255 scope global wangnet
[root@repo-client ~]# ip a flush dev wangnet
[root@repo-client ~]# ip a|grep wangnet
3: wangnet: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
[root@repo-client ~]#
ip route:
常用选项:
ip route { list | flush } SELECTOR
ip route { add | del | change | append | replace } ROUTE
ip route add TARGET via GW dev IFACE src SOURCE_IP
TARGET:主机路由:IP网络路由:NETWORK/MASK
范例:
#添加ip地址
[root@repo-client ~]# ip a a 172.16.0.11/16 dev wangnet
[root@repo-client ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:ca:8c:a2 brd ff:ff:ff:ff:ff:ff
inet 192.168.100.11/24 brd 192.168.100.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
3: wangnet: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:50:56:22:6f:2a brd ff:ff:ff:ff:ff:ff
inet 172.16.0.11/16 scope global wangnet
valid_lft forever preferred_lft forever
#查看路由
[root@repo-client ~]# ip route
default via 192.168.100.2 dev eth0 proto static metric 100
172.16.0.0/16 dev wangnet proto kernel scope link src 172.16.0.11
192.168.100.0/24 dev eth0 proto kernel scope link src 192.168.100.11 metric 100
#增加一条路由
[root@repo-client ~]# ip route add default via 172.16.0.1 dev wangnet
[root@repo-client ~]# ip route
default via 172.16.0.1 dev wangnet
default via 192.168.100.2 dev eth0 proto static metric 100
172.16.0.0/16 dev wangnet proto kernel scope link src 172.16.0.11
192.168.100.0/24 dev eth0 proto kernel scope link src 192.168.100.11 metric 100
[root@repo-client ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.16.0.1 0.0.0.0 UG 0 0 0 wangnet
0.0.0.0 192.168.100.2 0.0.0.0 UG 100 0 0 eth0
172.16.0.0 0.0.0.0 255.255.0.0 U 0 0 0 wangnet
192.168.100.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0
#删除路由
[root@repo-client ~]# ip route del default via 172.16.0.1
[root@repo-client ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.100.2 0.0.0.0 UG 100 0 0 eth0
172.16.0.0 0.0.0.0 255.255.0.0 U 0 0 0 wangnet
192.168.100.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0
[root@repo-client ~]# ip route show
default via 192.168.100.2 dev eth0 proto static metric 100
172.16.0.0/16 dev wangnet proto kernel scope link src 172.16.0.11
192.168.100.0/24 dev eth0 proto kernel scope link src 192.168.100.11 metric 100
#清空wangnet的路由表
[root@repo-client ~]# ip route flush dev wangnet
[root@repo-client ~]# ip route show
default via 192.168.100.2 dev eth0 proto static metric 100
192.168.100.0/24 dev eth0 proto kernel scope link src 192.168.100.11 metric 100
[root@repo-client ~]#
#添加路由
[root@repo-client ~]# ip route add 1.1.1.0/24 via 172.16.0.11 dev wangnet proto static metric 100
[root@repo-client ~]# ip route show
default via 192.168.100.2 dev eth0 proto static metric 100
1.1.1.0/24 via 172.16.0.11 dev wangnet proto static metric 100
192.168.100.0/24 dev eth0 proto kernel scope link src 192.168.100.11 metric 100
[root@repo-client ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.100.2 0.0.0.0 UG 100 0 0 eth0
1.1.1.0 172.16.0.11 255.255.255.0 UG 100 0 0 wangnet
192.168.100.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0
[root@repo-client ~]# ip route del 1.1.1.0/24
[root@repo-client ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.100.2 0.0.0.0 UG 100 0 0 eth0
192.168.100.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0
[root@repo-client ~]# ip route show
default via 192.168.100.2 dev eth0 proto static metric 100
192.168.100.0/24 dev eth0 proto kernel scope link src 192.168.100.11 metric 100
[root@repo-client ~]#
2.4 网络配置文件
2.4.1 网络基本配置文件
IP、MASK、GW、DNS相关的配置文件路径:
/etc/sysconfig/network-scripts/ifcfg-IFACE说明参考:
/usr/share/doc/initcripts-*/sysconfig.txt常用配置:
| 设置 | 说明 |
|---|---|
| ***TYPE | 接口类型常见有的Ethernet, Bridge |
| ***NAME | 此配置文件应用到的设备,nmcli c中显示的name名称 |
| ***DEVICE | 设备名 |
| HWADDR | 对应的设备的MAC地址 |
| UUID | 设备的惟一标识 |
| ***BOOTPROTO | 激活此设备时使用的地址配置协议,常用的dhcp, static, none, bootp |
| ***IPADDR | 指明IP地址 |
| ***NETMASK | 子网掩码,如:255.255.255.0 |
| ***PREFIX | 网络ID的位数, 如:24 |
| ***GATEWAY | 默认网关 |
| ***DNS1 | 第一个DNS服务器地址 |
| DNS2 | 第二个DNS服务器地址 |
| DOMAIN | 主机不完整时,自动搜索的域名后缀 |
| ***ONBOOT | 在系统引导时是否激活此设备 |
| USERCTL | 普通用户是否可控制此设备 |
| PEERDNS | 如果BOOTPROTO的值为“dhcp”,YES将允许dhcp server分配的<br>dns服务器信息直接覆盖至/etc/resolv.conf文件,NO不允许修改resolv.conf |
| NM_CONTROLLED | NM是NetworkManager的简写,此网卡是否接受NM控制 |
2.4.2 配置当前主机的主机名
#centos6系统之前版本
/etc/sysconfig/network
HOSTNAME=
#centos7系统以后版本
/etc/hostname
HOSTNAME
hostnamectl set-hostname centos7.magedu.com #直接修改主机名并生效2.4.3 本地主机名数据库和IP地址的映射
优先于使用DNS前检查
getent hosts #查看/etc/hosts 内容
[root@repo-client ~]# getent hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
127.0.0.1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.100.12 repo-server
172.16.100.11 moban
172.16.100.21 lb01
172.16.100.22 lb02
172.16.100.31 web01
172.16.100.32 web02
172.16.100.33 web03
172.16.100.41 db01 db01.etiantian.org
172.16.100.51 backup
172.16.100.61 nfs01
172.16.100.10 m01
2.4.4 DNS域名解析
/etc/resolv.conf
nameserver DNS_SERVER_IP1
nameserver DNS_SERVER_IP2
nameserver DNS_SERVER_IP3
search DOMAIN
[root@repo-client ~]# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.100.2
2.4.5 修改 /etc/hosts和DNS的优先级
[root@repo-client ~]# cat /etc/nsswitch.conf |grep host
#hosts: db files nisplus nis dns
hosts: files dns myhostname
2.4.6 路由相关的配置文件
/etc/sysconfig/network-scripts/route-IFACE #需手动创建这个文件,配置好后,重启能保存
#两种风格:
1) TARGET via GW
10.0.0.0/8 via 172.16.0.1
2) 每三行定义一条路由,比较繁琐,建议使用第一种
ADDRESS#=TARGET
NETMASK#=mask
GATEWAY#=GW2.5 网卡别名
将多个IP地址绑定到一个NIC上
每个IP绑定到独立逻辑网卡,即网络别名,命名格式: ethX:Y,如:eth0:1 、eth0:2、eth0:3
范例:ifconfig命令
ifconfig eth0:0 192.168.1.100/24 up
ifconfig eth0:0 down
[root@repo-client ~]# ifconfig|grep eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
[root@repo-client ~]# ifconfig eth0:0 176.16.100.11/16
[root@repo-client ~]# ifconfig|grep eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
eth0:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
[root@repo-client ~]# ifconfig eth0:0 down
[root@repo-client ~]# ifconfig|grep eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
范例:ip 命令
ip addr add 172.16.1.1/16 dev eth0
ip addr add 172.16.1.2/16 dev eth0 label eth0:0
ip addr del 172.16.1.2/16 dev eth0 label eth0:0
ip addr flush dev eth0 label eth0:0
[root@repo-client ~]# ip addr add 172.16.1.100/16 dev eth0 label eth0:0
[root@repo-client ~]# ifconfig|grep eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
eth0:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
[root@repo-client ~]# ip a|grep eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
inet 192.168.100.11/24 brd 192.168.100.255 scope global noprefixroute eth0
inet 172.16.1.100/16 scope global eth0:0
[root@repo-client ~]# ip addr del 172.16.1.100/16
Not enough information: "dev" argument is required.
[root@repo-client ~]# ip addr del 172.16.1.100/16 dev eth0
[root@repo-client ~]# ip a|grep eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
inet 192.168.100.11/24 brd 192.168.100.255 scope global noprefixroute eth0
[root@repo-client ~]# ip addr flush dev eth0 #清除eth0的ip地址
注:ip和ifconfig都是临时生效,重启后无法保存配置。
为每个设备别名生成独立的接口配置文件,格式为:ifcfg-ethX:xxx,保存后,重启也不丢失。
范例:配置eth0:1网卡别名的格式文件,别名中的IP地址只能是静态IP地址,不能使用DHCP服务器分配。
#配置文件
[root@repo-client ~]# cd /etc/sysconfig/network-scripts/
[root@repo-client network-scripts]# cat ifcfg-eth0:1
DEVICE=eth0:1
IPADDR=172.16.100.11
PREFIX=16
[root@repo-client network-scripts]# ls
ifcfg-eth0 ifcfg-eth0:1
#配置后不会立即生效
[root@repo-client network-scripts]# ip a|grep eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
inet 192.168.100.11/24 brd 192.168.100.255 scope global noprefixroute eth0
#需要重新挂载eth0,才能生效
[root@repo-client network-scripts]# nmcli c reload
[root@repo-client network-scripts]# nmcli c up eth0
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/6)
[root@repo-client network-scripts]# ip a|grep eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
inet 192.168.100.11/24 brd 192.168.100.255 scope global noprefixroute eth0
inet 172.16.100.11/16 brd 172.16.255.255 scope global noprefixroute eth0:1
注意:
- 建议 CentOS 6 关闭 NetworkManager 服务
- 网卡别名必须使用静态地址
3、使用配置文件实现bonding
3.1 多网卡 bonding
将多块网卡绑定同一IP地址对外提供服务,可以实现高可用或者负载均衡。直接给两块网卡设置同一IP地址是不可以的。通过 bonding,虚拟一块网卡对外提供连接,物理网卡的被修改为相同的MAC地址。
3.1.1 Bonding 工作模式
==Bonding共7种模式:0-6 Mode==
- Mode 0 (balance-rr): 轮询(Round-robin)策略,从头到尾顺序的在每一个slave接口上面发送数据包。本模式提供负载均衡和容错的能力
- Mode 1 (active-backup): 活动-备份(主备)策略,只有一个slave被激活,当且仅当活动的slave接口失败时才会激活其他slave.为了避免交换机发生混乱此时绑定的MAC地址只有一个外部端口上可见。
- Mode 3 (broadcast):广播策略,在所有的slave接口上传送所有的报文,提供容错能力。
说明:
active-backup、balance-tlb 和 balance-alb 模式不需要交换机的任何特殊配置。
其他绑定模式需要配置交换机以便整合链接。如:Cisco 交换机需要在模式 0、2 和 3 中使用 EtherChannel,但在模式4中需要 LACP和 EtherChannel。
3.1.2 创建bonding设备的配置文件
/etc/sysconfig/network-scripts/ifcfg-bond0
TYPE=bond
DEVICE=bond0
BOOTPROTO=none
IPADDR=10.0.0.100
PREFIX=8
#miimon指定链路监测时间间隔。如果miimon=100,那么系统每100ms 监测一次链路连接状态,如果有一条线路不通就转入另一条线路
BONDING_OPTS="mode=1 miimon=100"
查看bond0状态:
/proc/net/bonding/bond03.2 实例:bond mode=1模式
1、配置bond和其他两块网卡
[root@centos8 network-scripts]# cat ifcfg-bond0 ifcfg-ens33 ifcfg-ens37
TYPE=bond
DEVICE=bond0
BOOTPROTO=none
IPADDR=192.168.100.222
PREFIX=24
BONDING_OPTS="mode=1 miimon=100"
DEVICE=ens33
BOOTPROTO=none
MASTER=bond0
SLAVE=yes
ONBOOT=yes
DEVICE=ens37
BOOTPROTO=none
MASTER=bond0
SLAVE=yes
ONBOOT=yes
[root@centos8 network-scripts]# reboot
2、重启后,重新连接
[root@centos8 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc fq_codel master bond0 state UP group default qlen 1000
link/ether 00:0c:29:f9:bb:44 brd ff:ff:ff:ff:ff:ff
3: ens37: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc fq_codel master bond0 state UP group default qlen 1000
link/ether 00:0c:29:f9:bb:44 brd ff:ff:ff:ff:ff:ff
4: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:0c:29:f9:bb:44 brd ff:ff:ff:ff:ff:ff
inet 192.168.100.222/24 brd 192.168.100.255 scope global noprefixroute bond0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fef9:bb44/64 scope link
valid_lft forever preferred_lft forever
[root@centos8 ~]# nmcli c
NAME UUID TYPE DEVICE
Bond bond0 ad33d8b0-1f7b-cab9-9447-ba07f855b143 bond bond0
System ens33 c96bc909-188e-ec64-3a96-6a90982b08ad ethernet ens33
System ens37 4a5516a4-dfa4-24af-b1c4-e843e312e2fd ethernet ens37
3、查看bond0状态
[root@centos8 ~]# cat /proc/net/bonding/bond0
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
Bonding Mode: fault-tolerance (active-backup)
Primary Slave: None
Currently Active Slave: ens33 #当前使用ens33
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0
Peer Notification Delay (ms): 0
Slave Interface: ens33
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:f9:bb:44
Slave queue ID: 0
Slave Interface: ens37
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:f9:bb:4e
Slave queue ID: 0
#查看使用的mac地址
[root@centos7 ~]# ping 192.168.100.222
PING 192.168.100.222 (192.168.100.222) 56(84) bytes of data.
64 bytes from 192.168.100.222: icmp_seq=1 ttl=64 time=0.321 ms
64 bytes from 192.168.100.222: icmp_seq=2 ttl=64 time=0.610 ms
64 bytes from 192.168.100.222: icmp_seq=3 ttl=64 time=0.371 ms
64 bytes from 192.168.100.222: icmp_seq=4 ttl=64 time=0.454 ms
64 bytes from 192.168.100.222: icmp_seq=5 ttl=64 time=1.29 ms
[root@centos7 ~]# arp -n
Address HWtype HWaddress Flags Mask Iface
192.168.100.222 ether 00:0c:29:f9:bb:44 C eth0
4、拔掉ens33网线
[root@centos8 ~]# cat /proc/net/bonding/bond0
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
Bonding Mode: fault-tolerance (active-backup)
Primary Slave: None
Currently Active Slave: ens37 #使用第二块网卡
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0
Peer Notification Delay (ms): 0
Slave Interface: ens33 #ens33网卡down
MII Status: down
Speed: Unknown
Duplex: Unknown
Link Failure Count: 1
Permanent HW addr: 00:0c:29:f9:bb:44
Slave queue ID: 0
Slave Interface: ens37
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:f9:bb:4e
Slave queue ID: 0
#查看网卡的状态,ethtool命令或mii-tool命令
[root@centos8 ~]# ethtool ens33
Settings for ens33:
Link detected: no
[root@centos8 ~]# ethtool ens37
Settings for ens37:
Link detected: yes
实例:mode=3模式
1、修改mode=3,即broadcast广播模式
[root@centos8 network-scripts]# cat ifcfg-bond0
TYPE=bond
DEVICE=bond0
BOOTPROTO=none
IPADDR=192.168.100.222
PREFIX=24
BONDING_OPTS="mode=3 miimon=100"
#查看bond
[root@centos8 ~]# cat /proc/net/bonding/bond0
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
Bonding Mode: fault-tolerance (broadcast)
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0
Peer Notification Delay (ms): 0
Slave Interface: ens33
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:f9:bb:44
Slave queue ID: 0
Slave Interface: ens37
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:f9:bb:4e
Slave queue ID: 0
[root@centos8 ~]#
2、测试,DUP,会收到2个一样的答复。好处是容错能力强。
这两块网卡同时工作,提供一模一样的数据
[root@repo-client ~]# ping 192.168.100.222
PING 192.168.100.222 (192.168.100.222) 56(84) bytes of data.
64 bytes from 192.168.100.222: icmp_seq=1 ttl=64 time=0.524 ms
64 bytes from 192.168.100.222: icmp_seq=1 ttl=64 time=0.637 ms (DUP!)
64 bytes from 192.168.100.222: icmp_seq=2 ttl=64 time=0.431 ms
64 bytes from 192.168.100.222: icmp_seq=2 ttl=64 time=0.447 ms (DUP!)
64 bytes from 192.168.100.222: icmp_seq=3 ttl=64 time=0.307 ms
64 bytes from 192.168.100.222: icmp_seq=3 ttl=64 time=0.324 ms (DUP!)
实例:删除bond0
1)卸载bond0
ifconfig bond0 down
rmmod bonding #同modprobe -r bonding
2)删除ifcfg-bond0配置文件
3)恢复eth0和eth1等的配置文件
4)重启网络服务
centos6:service network restart
centos7以上:nmcli c reload
nmcli c up eth0 eth14、使用nmcli实现bonding
4.1 nmcli命令
nmcli命令相关术语
- 设备即网络接口
- 连接是对网络接口的配置,一个网络接口可有多个连接配置,但同时只有一个连接配置生效
格式:
nmcli [ OPTIONS ] OBJECT { COMMAND | help }
device - show and manage network interfaces
nmcli device help
connection - start, stop, and manage network connections
nmcli connection help修改IP地址等属性
nmcli connection modify IFACE [+|-]setting.property value
setting.property: ipv4.addresses ipv4.gateway ipv4.dns1 ipv4.method manual |auto修改配置文件执行生效
nmcli con reload
nmcli con up con-namenmcli命令对应ifcfg-*文件
| nmcli con mod | ifcfg**-*** 文件 |
|---|---|
| ipv4.method manual | BOOTPROTO=none |
| ipv4.method auto | BOOTPROTO=dhcp |
| ipv4.addresses 192.168.2.1/24 | IPADDR=192.168.2.1 PREFIX=24 |
| ipv4.gateway 172.16.0.200 | GATEWAY=172.16.0.200 |
| ipv4.dns 8.8.8.8 | DNS0=8.8.8.8 |
| ipv4.dns-search example.com | DOMAIN=example.com |
| ipv4.ignore-auto-dns true | PEERDNS=no |
| connection.autoconnect yes | ONBOOT=yes |
| connection.id eth0 | NAME=eth0 |
| connection.interface-name eth0 | DEVICE=eth0 |
| 802-3-ethernet.mac-address . . . | HWADDR= . . . |
范例:
#查看帮助
nmcli con add help
#使用nmcli配置网络
nmcli con show
#显示所有活动连接
nmcli con show --active
[root@centos7 ~]# nmcli c show
NAME UUID TYPE DEVICE
ens33 a91ee66a-f9e5-49f3-9be2-ec3d509b0e69 ethernet ens33
ens37 4a5516a4-dfa4-24af-b1c4-e843e312e2fd ethernet ens37
[root@centos7 ~]# nmcli c down ens37 #down掉ens37
Connection 'ens37' successfully deactivated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/2)
[root@centos7 ~]# nmcli c
NAME UUID TYPE DEVICE
ens33 a91ee66a-f9e5-49f3-9be2-ec3d509b0e69 ethernet ens33
ens37 4a5516a4-dfa4-24af-b1c4-e843e312e2fd ethernet --
[root@centos7 ~]# nmcli c show --active #只显示活动的网卡
NAME UUID TYPE DEVICE
ens33 a91ee66a-f9e5-49f3-9be2-ec3d509b0e69 ethernet ens33
#显示网络连接配置的详细信息
nmcli con show eth0
#显示设备状态
nmcli dev status
[root@centos7 ~]# nmcli dev
DEVICE TYPE STATE CONNECTION
ens33 ethernet connected ens33
ens37 ethernet disconnected --
lo loopback unmanaged --
[root@centos7 ~]# nmcli dev status
DEVICE TYPE STATE CONNECTION
ens33 ethernet connected ens33
ens37 ethernet disconnected --
lo loopback unmanaged --
#显示网络接口属性
nmcli dev show eth0
[root@centos7 ~]# nmcli dev show ens33
GENERAL.DEVICE: ens33
GENERAL.TYPE: ethernet
GENERAL.HWADDR: 00:0C:29:21:F8:76
GENERAL.MTU: 1500
GENERAL.STATE: 100 (connected)
GENERAL.CONNECTION: ens33
GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1
WIRED-PROPERTIES.CARRIER: on
IP4.ADDRESS[1]: 192.168.209.11/24
IP4.GATEWAY: 192.168.209.2
IP4.ROUTE[1]: dst = 192.168.209.0/24, nh = 0.0.0.0, mt = 100
IP4.ROUTE[2]: dst = 0.0.0.0/0, nh = 192.168.209.2, mt = 100
IP4.DNS[1]: 192.168.209.2
IP6.ADDRESS[1]: fe80::9ed9:d4db:e410:64dd/64
IP6.GATEWAY: --
IP6.ROUTE[1]: dst = fe80::/64, nh = ::, mt = 100
IP6.ROUTE[2]: dst = ff00::/8, nh = ::, mt = 256, table=255
[root@centos7 ~]#
#创建新连接default,IP自动通过dhcp获取
nmcli con add con-name default type Ethernet ifname eth0
#删除指定的连接
nmcli con del default
[root@centos7 ~]# nmcli c del ens37
Connection 'ens37' (4a5516a4-dfa4-24af-b1c4-e843e312e2fd) successfully deleted.
[root@centos7 ~]# nmcli c
NAME UUID TYPE DEVICE
ens33 a91ee66a-f9e5-49f3-9be2-ec3d509b0e69 ethernet ens33
[root@centos7 ~]# ll /etc/sysconfig/network-scripts/ifcfg-
ifcfg-ens33 ifcfg-lo ##ens37的配置文件也没有了
#创建新连接static ,指定静态IP,不自动连接
nmcti con add con-name static ifname eth0 autoconnect no type Ethernet
ipv4.addresses 172.25.X.10/24 ipv4.gateway 172.25.X.254
#启用static连接配置
nmcli con up static
#启用default连接配置
nmcli con up default
#修改连接设置
nmcli con mod “static” connection.autoconnect no
nmcli con mod “static” ipv4.dns 172.25.X.254
nmcli con mod “static” +ipv4.dns 8.8.8.8
nmcli con mod “static” -ipv4.dns 8.8.8.8
nmcli con mod “static” ipv4.addresses “172.16.X.10/24 172.16.X.254”
nmcli con mod “static” +ipv4.addresses 10.10.10.10/16
#DNS设置存放在/etc/resolv.conf,PEERDNS=no 表示当IP通过dhcp自动获取时,dns仍是手动设置,
不自动获取等价于下面命令
nmcli con mod “system eth0” ipv4.ignore-auto-dns yes4.2 nmcli实现bonding
常用命令:
#添加bonding接口
nmcli con add type bond con-name mybond0 ifname bond0 mode active-backup
#添加从属接口
nmcli con add type bond-slave ifname ens7 master bond0
nmcli con add type bond-slave ifname ens3 master bond0
#注:如无为从属接口提供连接名,则该名称是接口名称加类型构成
#要启动绑定,则必须首先启动从属接口
nmcli con up bond-slave-eth0
nmcli con up bond-slave-eth1
#启动绑定
nmcli con up mybond0实例:使用nmcli实现bonding
#1)初始化两块网卡及原ip地址信息
[root@centos7 network-scripts]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:21:f8:76 brd ff:ff:ff:ff:ff:ff
inet 192.168.209.11/24 brd 192.168.209.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::9ed9:d4db:e410:64dd/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:21:f8:80 brd ff:ff:ff:ff:ff:ff
[root@centos7 network-scripts]# nmcli c
NAME UUID TYPE DEVICE
ens33 a91ee66a-f9e5-49f3-9be2-ec3d509b0e69 ethernet ens33
#2)添加bond0接口,bond模式为mode1(active-backup)
[root@centos7 network-scripts]# nmcli con add type bond con-name mybond0 ifname bond0 mode active-backup
Connection 'mybond0' (0240cad5-db79-4832-96f1-398cf3a9633c) successfully added.
[root@centos7 network-scripts]# ls ifcfg*
ifcfg-ens33 ifcfg-lo ifcfg-mybond0
#3)添加ens33和ens37为bond0的从属接口
[root@centos7 network-scripts]# nmcli con add type bond-slave ifname ens37 master bond0
Connection 'bond-slave-ens37' (60e13f31-5f0d-45b5-93ac-18a1e24ec175) successfully added.
[root@centos7 network-scripts]# nmcli con add type bond-slave ifname ens33 master bond0
Connection 'bond-slave-ens33' (069c01fc-d7cb-44a9-8ea7-5ae3a5e14d69) successfully added.
[root@centos7 network-scripts]# nmcli c
NAME UUID TYPE DEVICE
mybond0 0240cad5-db79-4832-96f1-398cf3a9633c bond bond0
ens33 a91ee66a-f9e5-49f3-9be2-ec3d509b0e69 ethernet ens33
bond-slave-ens37 60e13f31-5f0d-45b5-93ac-18a1e24ec175 ethernet ens37
bond-slave-ens33 069c01fc-d7cb-44a9-8ea7-5ae3a5e14d69 ethernet --
#4)启用从属接口
[root@centos7 network-scripts]# nmcli con up bond-slave-ens33
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/11)
[root@centos7 network-scripts]# nmcli con up bond-slave-ens37
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/15)
[root@centos7 network-scripts]# ip a
6: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:0c:29:21:f8:80 brd ff:ff:ff:ff:ff:ff
inet6 fe80::6147:711:da31:1859/64 scope link noprefixroute
valid_lft forever preferred_lft forever
#5)bond0设置ip地址等信息
[root@centos7 network-scripts]# nmcli con mod mybond0 ipv4.addresses 192.168.209.12/24 ipv4.gateway 192.168.209.2 ipv4.dns 223.6.6.6 ipv4.method manual
[root@centos7 network-scripts]# cat ifcfg-mybond0
BONDING_OPTS=mode=active-backup
TYPE=Bond
BONDING_MASTER=yes
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=mybond0
UUID=0240cad5-db79-4832-96f1-398cf3a9633c
DEVICE=bond0
ONBOOT=yes
IPADDR=192.168.209.12
PREFIX=24
GATEWAY=192.168.209.2
DNS1=223.6.6.6
[root@centos7 network-scripts]# nmcli c
NAME UUID TYPE DEVICE
ens33 a91ee66a-f9e5-49f3-9be2-ec3d509b0e69 ethernet ens33
mybond0 0240cad5-db79-4832-96f1-398cf3a9633c bond bond0
bond-slave-ens37 60e13f31-5f0d-45b5-93ac-18a1e24ec175 ethernet ens37
bond-slave-ens33 069c01fc-d7cb-44a9-8ea7-5ae3a5e14d69 ethernet --
#6)启用bond-slave-ens33,并删除ens33接口
[root@centos7 network-scripts]# nmcli c up bond-slave-ens33
[root@centos7 ~]# nmcli c del ens33
[root@centos7 ~]# nmcli c
NAME UUID TYPE DEVICE
mybond0 0240cad5-db79-4832-96f1-398cf3a9633c bond bond0
bond-slave-ens33 069c01fc-d7cb-44a9-8ea7-5ae3a5e14d69 ethernet ens33
bond-slave-ens37 60e13f31-5f0d-45b5-93ac-18a1e24ec175 ethernet ens37
[root@centos7 ~]# reboot
[root@centos7 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master bond0 state UP group default qlen 1000
link/ether 00:0c:29:21:f8:76 brd ff:ff:ff:ff:ff:ff
3: ens37: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master bond0 state UP group default qlen 1000
link/ether 00:0c:29:21:f8:76 brd ff:ff:ff:ff:ff:ff
4: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:0c:29:21:f8:76 brd ff:ff:ff:ff:ff:ff
inet 192.168.209.12/24 brd 192.168.209.255 scope global noprefixroute bond0
valid_lft forever preferred_lft forever
inet6 fe80::6147:711:da31:1859/64 scope link noprefixroute
valid_lft forever preferred_lft forever
#7)查看bond0状态,首选是ens33网卡,ens37备用
[root@centos7 ~]# cat /proc/net/bonding/bond0
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
Bonding Mode: fault-tolerance (active-backup)
Primary Slave: None
Currently Active Slave: ens33
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0
Slave Interface: ens33
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:21:f8:76
Slave queue ID: 0
Slave Interface: ens37
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:21:f8:80
Slave queue ID: 0
#8)测试,断掉ens33网卡,就使用第二块网卡
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
Bonding Mode: fault-tolerance (active-backup)
Primary Slave: None
Currently Active Slave: ens37 #使用第二块网卡
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0
Peer Notification Delay (ms): 0
Slave Interface: ens33 #ens33网卡down
MII Status: down
Speed: Unknown
Duplex: Unknown
Link Failure Count: 1
Permanent HW addr: 00:0c:29:f9:bb:44
Slave queue ID: 0
Slave Interface: ens37
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:f9:bb:4e
Slave queue ID: 0标签:repo,00,0.0,绑定,192.168,网卡,IP地址,root,eth0 来源: https://blog.51cto.com/puppydong/2660146
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。