1. What is IP ADDRESS
internet protocol ADDRESS ## network process address
ipv4 internet protocol version 4 (for specific sub protocols, please refer to the network protocol.)
ip is composed of 32 01s
11111110.11111110.11111110.11111110 = 254.254.254.254
The ip address consists of network bits and host bits,
One 0 and one is called 1bit. 8bit = 1byte 100M broadband represents 100M 0 and 1 transmission rates. 100/8=12.5M
One IP has 4 bytes
2. Subnet mask
Used to divide the network area
The number on the ip corresponding to the non-zero bit of the subnet mask represents the network bit of this ip
The number corresponding to bit 0 of the subnet mask is the host bit of the ip
The network bit represents the network area
The host bit represents a host in the network area
IP communication judgment: two IPS with identical network bits and inconsistent host bits can communicate directly
3. Ping command
| command | function |
|---|---|
| ping | Check whether the network is unobstructed |
| ping -c 1 | Ping once |
| ping -w 1 | Wait 1 second |
| ping -c1 -w1 ip | ping1 time, wait 1 second |
[root@foundation50 network-scripts]# ping 172.25.254.50 check whether the network is unobstructed PING 172.25.254.50 (172.25.254.50) 56(84) bytes of data. 64 bytes from 172.25.254.50: icmp_seq=1 ttl=64 time=0.056 ms 64 bytes from 172.25.254.50: icmp_seq=2 ttl=64 time=0.031 ms 64 bytes from 172.25.254.50: icmp_seq=3 ttl=64 time=0.032 ms [root@foundation50 network-scripts]# ping -c 1 172.25.254.50 test once PING 172.25.254.50 (172.25.254.50) 56(84) bytes of data. 64 bytes from 172.25.254.50: icmp_seq=1 ttl=64 time=0.065 ms --- 172.25.254.50 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.065/0.065/0.065/0.000 ms [root@foundation50 Desktop]# ping -c1 -w1 172.25.254.50 wait for one second at a time PING 172.25.254.50 (172.25.254.50) 56(84) bytes of data. 64 bytes from 172.25.254.50: icmp_seq=1 ttl=64 time=0.039 ms --- 172.25.254.50 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.039/0.039/0.039/0.000 ms
4 ifconfig (view or set network interface)
| command | function |
|---|---|
| ifconfig | see |
| ifconfig device ip/24 | Setting (temporary setting) |
| ifconfig device down | close |
| ifconfig device up | open |
[root@localhost Desktop]# ifconfig ens3 view ip
ens3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.25.254.150 netmask 255.255.255.0 broadcast 172.25.254.255
inet6 fe80::ce75:9c71:7e34:eb1 prefixlen 64 scopeid 0x20<link>
ether 52:54:00:a3:e9:91 txqueuelen 1000 (Ethernet)
RX packets 27234 bytes 7130145 (6.7 MiB)
RX errors 0 dropped 418 overruns 0 frame 0
TX packets 140 bytes 13259 (12.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@localhost Desktop]# ifconfig ens3 172.25.254.200/24 temporary setting ip
[root@localhost Desktop]# ifconfig ens3
ens3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.25.254.200 netmask 255.255.255.0 broadcast 172.25.254.255
inet6 fe80::ce75:9c71:7e34:eb1 prefixlen 64 scopeid 0x20<link>
ether 52:54:00:a3:e9:91 txqueuelen 1000 (Ethernet)
RX packets 30730 bytes 7989295 (7.6 MiB)
RX errors 0 dropped 466 overruns 0 frame 0
TX packets 152 bytes 15137 (14.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@localhost Desktop]# nmcli connection down ens3 shutdown
Connection 'westos' successfully deactivated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/1)
[root@localhost Desktop]# nmcli connection up ens3 on
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/4)
[root@localhost Desktop]# After ifconfig ens3 restarts, the temporarily set ip fails
ens3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.25.254.150 netmask 255.255.255.0 broadcast 172.25.254.255
inet6 fe80::ce75:9c71:7e34:eb1 prefixlen 64 scopeid 0x20<link>
ether 52:54:00:a3:e9:91 txqueuelen 1000 (Ethernet)
RX packets 47971 bytes 12754827 (12.1 MiB)
RX errors 0 dropped 735 overruns 0 frame 0
TX packets 201 bytes 20406 (19.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
5. ip addr (detect or specify network interface)
| command | function |
|---|---|
| ip addr show | testing |
| ip addr add ip/24 dev device | Setting (or adding), you can add multiple |
| ip addr del dev ens160 ip/24 | delete |
| ip addr flush dev ens3 | Refresh |
root@localhost Desktop]# ip addr add 172.25.254.150/24 dev ens3 set or add temporary IP
[root@localhost Desktop]# ifconfig
ens3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.25.254.150 netmask 255.255.255.0 broadcast 0.0.0.0
ether 52:54:00:a3:e9:91 txqueuelen 1000 (Ethernet)
RX packets 75168 bytes 20267640 (19.3 MiB)
RX errors 0 dropped 1181 overruns 0 frame 0
TX packets 311 bytes 32727 (31.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@localhost Desktop]# ip addr del 172.25. 254.150/24 dev ens3 delete IP
[root@localhost Desktop]# ifconfig ens3
ens3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
ether 52:54:00:a3:e9:91 txqueuelen 1000 (Ethernet)
RX packets 85990 bytes 23257806 (22.1 MiB)
RX errors 0 dropped 1361 overruns 0 frame 0
TX packets 321 bytes 33551 (32.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@localhost Desktop]# ip addr add 172.25. 254.150/24 dev ens3 can add multiple IPS
[root@localhost Desktop]# ip addr add 172.25. 254.200/24 dev ens3 can add multiple IPS
[root@localhost Desktop]# ip addr show ens3 view ip
2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 52:54:00:a3:e9:91 brd ff:ff:ff:ff:ff:ff
inet 172.25.254.150/24 scope global ens3
valid_lft forever preferred_lft forever
inet 172.25.254.200/24 scope global secondary ens3
valid_lft forever preferred_lft forever
[root@localhost Desktop]# ip addr flush dev ens3 refresh
[root@localhost Desktop]# ip addr show ens3 ip addr is set to be temporary. After refresh, the ip is gone
2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 52:54:00:a3:e9:91 brd ff:ff:ff:ff:ff:ff
6. Graphic mode setting ip (permanent ip)
Set the ip command nm connection editor
Changing ip requires restarting the service
nmcli connection show
nmcli connection down westos
nmcli connection up westos on
Note that before configuring, the NetworkManager service must be enabled to configure systemctl status NetworkManager. This command cannot be used without graphics
7. Set ip without graphics (permanent ip)
Enter nmtui (text graphics tool)
8. Command mode setting network
| command | function |
|---|---|
| nmcli connection show | Check the connection, followed by the network card name |
| nmcli connection down westos | Close the connection, followed by the network card name |
| nmcli connection up westos | Open the connection, followed by the network card name |
| nmcli connection delete westos | Delete the connection, followed by the network card name |
| nmcli connection add type ethernet ifname ens160 con-name westos ip4 172.25.254.100/24 | Add connection (when adding, the network card cannot be occupied) |
[root@localhost ~]# nmcli connection show view
NAME UUID TYPE DEVICE
westos aff43fbd-81c5-4581-9c6d-76785e991c4c ethernet ens3
virbr0 2bbfc0d5-b384-441a-9969-533d15956d7e bridge virbr0
[root@localhost ~]# nmcli connection up westos on
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/6)
[root@localhost ~]# nmcli connection show westos view specific network card information
connection.id: westos
connection.uuid: aff43fbd-81c5-4581-9c6d-76785e991c4c
connection.stable-id: --
connection.type: 802-3-ethernet
connection.interface-name: ens3
connection.autoconnect: yes
connection.autoconnect-priority: 0
[root@localhost ~]# Nmcli connection delete westos delete connections
[root@localhost ~]# nmcli connection add type ethernet ifname ens3 con-name westos ipv4.method manual ipv4.addresses 172.25.254.150/24 add a connection. Con name indicates the connection name and ifname indicates the device name
Warning: There is another connection with the name 'westos'. Reference the connection by its uuid '38578e2f-23d4-48a6-877c-46d5514c18b9'
Connection 'westos' (38578e2f-23d4-48a6-877c-46d5514c18b9) successfully added.
[root@localhost ~]# ip addr show ens3 added successfully
2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 52:54:00:a3:e9:91 brd ff:ff:ff:ff:ff:ff
inet 172.25.254.150/24 brd 172.25.254.255 scope global noprefixroute ens3
valid_lft forever preferred_lft forever
inet6 fe80::755b:7a00:438b:425/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@localhost ~]# nmcli connection modify westos ipv4.addresses 172.25.254.200/24 change ip, the change will not take effect
[root@localhost ~]# After nmcli connection down westos is changed, restart the service
[root@localhost ~]# nmcli connection up westos
9. Device management command
| command | function |
|---|---|
| nmcli device connect ens160 | Enable ens160 network card |
| nmcli device disconnect ens160 | Turn off the network card |
| nmcli device show ens160 | View network card information |
| nmcli device status ens160 | View network card service interface information |
[root@localhost ~]# nmcli device show ens3 view device information GENERAL.DEVICE: ens3 GENERAL.TYPE: ethernet GENERAL.HWADDR: 52:54:00:A3:E9:91 GENERAL.MTU: 1500 GENERAL.STATE: 100 (connected) GENERAL.CONNECTION: westos GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveC> WIRED-PROPERTIES.CARRIER: on IP4.ADDRESS[1]: 172.25.254.200/24 IP4.GATEWAY: -- IP4.ROUTE[1]: dst = 172.25.254.0/24, nh = 0.0.0.0, mt> IP6.ADDRESS[1]: fe80::755b:7a00:438b:425/64 [root@localhost ~]# nmcli device status view network card service interface information DEVICE TYPE STATE CONNECTION ens3 ethernet connected westos virbr0 bridge connected virbr0 lo loopback unmanaged -- virbr0-nic tun unmanaged -- [root@localhost ~]# nmcli device disconnect ens3 disconnects the operation of the device [root@localhost ~]# nmcli device connect ens3 work of connecting devices
10. Manage network profiles (manage networks with files)
1. Network configuration directory
/etc/sysconfig/network-scripts/
2. Naming rules for network profiles
ifcfg-xxxx
3. Writing method of network configuration file
DEVICE=xxx ##Equipment name BOOTPROTO=dhcp|static|none ##Device working mode (none, and static are the settings manually specified when setting the network card, and dhcp is automatic) ONBOOT=yes ##Automatically activate the network card when the network service is turned on IPADDR= ##ip address (0 is optional. If there are multiple IPS, they should be distinguished by numbers) PREFIX=24 ##Subnet mask * * two subnet masks have the same meaning. Just write one. NETMASK=255.255.255.0 ##Subnet mask NAME= ##Interface name
[root@localhost ~]# CD / etc / sysconfig / network scripts / enter the network card configuration directory
[root@localhost network-scripts]# ls
ifcfg-westos To create a file, you must ifcfg Take the lead
[root@localhost network-scripts]# cat ifcfg-westos
DEVICE=ens3 Device name
BOOTPROTO=none
ONBOOT=yes When the network service is turned on, the network card is automatically activated
IPADDR0=172.25.254.150 ip address
NETMASK0=255.255.255.0 Subnet mask
IPADDR1=1.1.1.100 ip address
PREFIX1=24 Subnet mask
NAME=westos Connection name
[root@localhost network-scripts]# nmcli connection reload
[root@localhost network-scripts]# ip addr show ens3 view
2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 52:54:00:a3:e9:91 brd ff:ff:ff:ff:ff:ff
inet 172.25.254.150/24 brd 172.25.254.255 scope global noprefixroute ens3
valid_lft forever preferred_lft forever
inet 1.1.1.100/24 brd 1.1.1.255 scope global noprefixroute ens3
valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:fea3:e991/64 scope link
valid_lft forever preferred_lft forever
11. dhcp service configuration
Build a dhcp server on a virtual machine
[root@localhost ~]# Find dhcp packages using yum search dhcp
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
Last metadata expiration check: 0:00:45 ago on Thu 02 Sep 2021 11:44:06 AM CST.
========================= Name & Summary Matched: dhcp =========================
dhcp-server.x86_64 : Provides the ISC DHCP server
[root@localhost ~]# yum install dhcp-server.x86_64 -y install DHCP service
[root@localhost ~]# RPM - QC DHCP server view configuration file
/etc/dhcp/dhcpd.conf
/etc/dhcp/dhcpd6.conf
/etc/openldap/schema/dhcp.schema
/etc/sysconfig/dhcpd
/var/lib/dhcpd/dhcpd.leases
/var/lib/dhcpd/dhcpd6.leases
[root@localhost ~]# cat /etc/dhcp/dhcpd.conf view the contents in the DHCP configuration file
DHCP Server Configuration file.
see /usr/share/doc/dhcp-server/dhcpd.conf.example Template
see dhcpd.conf(5) man page
[root@localhost ~]# cp /usr/share/doc/dhcp-server/dhcpd.conf.example /etc/dhcp/dhcpd.conf copies the template into a configuration file and generates the contents of the configuration file
[root@localhost ~]# vim /etc/dhcp/dhcpd.conf write configuration file
option domain-name "westos.org"; Represents the domain name
option domain-name-servers 114.114.114.114 dns Address (DNS server address);
default-lease-time 600; Default lease term, distributed to clients ip Duration used
max-lease-time 7200; Maximum lease term
Delete lines 27 and 28
27 subnet 10.152.187.0 netmask 255.255.255.0 {
28 }
Delete after line 34
Change 30-32 that 's ok
30 subnet 172.25.254.0 netmask 255.255.255.0 { Segment and subnet mask
31 range 172.25.254.210 172.25.254.240; ip Range
32 option routers 172.25.254.100; gateway
33 }
[root@localhost ~]# Systemctl start dhcp PD starts the dhcp service
Configure dhcp network on another virtual machine
vim /etc/sysconfig/network-scripts/ifcfg-ens3 DEVICE=ens3 ONBOOT=yes BOOTPROTO=dhcp [root@localhost ~]# nmcli connection reload [root@localhost ~]# nmcli connection down westos [root@localhost ~]# nmcli connection up westos on
12. Gateway
The interface on the router that receives customer data is called the customer's gateway
Experimental environment
The IP address of a virtual machine node1 is 1.1 one point two zero zero
The other is a dual network card virtual machine node2 with an IP address of 1.1 1.100 and 172.25 two hundred and fifty-four point one zero zero
The third ip address is 172.25 two hundred and fifty-four point five zero
Steps:
1. Turn node2 into a router
Enable kernel routing
[root@localhost network-scripts]# sysctl -a | grep ip_forward net.ipv4.ip_forward = 1 net.ipv4.ip_forward_update_priority = 1 net.ipv4.ip_forward_use_pmtu = 0 if net.ipv4.ip_forward = 0 [root@localhost network-scripts]# vim /etc/sysctl.conf edit the configuration file and set net ipv4. ip_ Forward = 1 is added to it net.ipv4.ip_forward=1 [root@localhost network-scripts]# sysctl -p effective immediately net.ipv4.ip_forward = 1
Enable the fire wall address camouflage function
[root@localhost network-scripts]# systemctl enable --now firewalld open the fire wall [root@localhost network-scripts]# Firewall CMD -- permanent -- add masquerade enable address camouflage success [root@localhost network-scripts]# Firewall CMD -- reload refresh fire wall success [root@localhost network-scripts]# Firewall CMD -- list all view firewall information public (active) target: default icmp-block-inversion: no interfaces: enp1s0 enp7s0 sources: services: cockpit dhcpv6-client ssh ports: protocols: masquerade: yes Camouflage has been turned on forward-ports: source-ports: icmp-blocks: rich rules:
2. Add a gateway on node1 and connect the router
[root@anonymous network-scripts]# route -n view gateway Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 1.1.1.0 0.0.0.0 255.255.255.0 U 100 0 0 ens3 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0 [root@anonymous network-scripts]# ip route add default via 1.1.1.100 add a gateway. This is a temporary gateway. It will disappear after restart [root@anonymous network-scripts]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 1.1.1.100 0.0.0.0 UG 0 0 0 ens3 1.1.1.0 0.0.0.0 255.255.255.0 U 100 0 0 ens3 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0 [root@anonymous network-scripts]# ping 172.25. 254.50 1 network segment can ping 254 network segments PING 172.25.254.50 (172.25.254.50) 56(84) bytes of data. 64 bytes from 172.25.254.50: icmp_seq=1 ttl=63 time=0.843 ms 64 bytes from 172.25.254.50: icmp_seq=2 ttl=63 time=0.434 ms
Global gateway setting method (permanent)
[root@anonymous network-scripts]# vim /etc/sysconfig/network edit the gateway configuration file of the whole play GATEWAY=1.1.1.100 Add gateway [root@anonymous network-scripts]# nmcli connection down ens3 shutdown Connection 'ens3' successfully deactivated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/4) [root@anonymous network-scripts]# Nmcli connection up ens3 on Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/5) [root@anonymous network-scripts]# route -n gateway effective Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 1.1.1.100 0.0.0.0 UG 100 0 0 ens3 1.1.1.0 0.0.0.0 255.255.255.0 U 100 0 0 ens3 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
Network card gateway setting mode
[root@localhost Desktop]# cd /etc/sysconfig/network-scripts/ [root@localhost network-scripts]# cat ifcfg-westos DEVICE=ens3 BOOTPROTO=none ONBOOT=yes NAME=ens3 IPADDR=1.1.1.200 PREFIX=24 GATEWAY=1.1.1.100 gateway [root@localhost network-scripts]# nmcli connection reload [root@localhost network-scripts]# nmcli connection down ens3 Connection 'ens3' successfully deactivated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/1) [root@localhost network-scripts]# nmcli connection up ens3 Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/4) [root@localhost network-scripts]# route -n view gateway effectiveness Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 1.1.1.100 0.0.0.0 UG 100 0 0 ens3 1.1.1.0 0.0.0.0 255.255.255.0 U 100 0 0 ens3 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
13. Address resolution
Question: after the gateway is set, it is not convenient to use. Only ip can be used. How to convert between ip and domain name, then we need address resolution.
Method 1: vim /etc/hosts parses the file locally
ip domain name
[root@localhost Desktop]# ping www.baidu.com doesn't work ping: www.baidu.com: Name or service not known [root@localhost Desktop]# vim /etc/host parses the file 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 14.215.177.38 www.baidu.com Add resolution
Method 2: dns parsing
14.215.17.39 <----------------- dns <---------ping www.baidu.com
dns tells www.baidu that the address is 14.215 17.39. This process is called address resolution. Whoever tells you is dns
[root@localhost Desktop]# vim /etc/resolv.conf edit dns pointing file nameserver 114.114.114.114 Add 114
14. Set resolution priority
By default, the local priority is high. Etc / hosts > / etc / resolv Conf, but it can be adjusted in / etc / nsswitch Adjustment in conf
vim /etc/nsswitch.conf hosts: files dns myhostname files and dns Who is the first and who has the highest priority
Note: when the network dhcp is, the network card configuration file will automatically change / etc / resolve In order not to change / etc / resolve For the contents in COF, PEERDNS=no is added to the / etc / sysconfig / network scripts / ifcfg-enp1s0 network configuration file
BOOTPROTO=dhcp
NAME=enp1s0
DEVICE=enp1s0
ONBOOT=yes
IPADDR=172.25.254.100
PREFIX=24
PEERDNS=no
[ root@localhost Network scripts]# nmcli connection reload overload
[ root@localhost Network scripts]# nmcli connection down enp1s0 shutdown
[ root@localhost Network scripts]# nmcli connection up enp1s0 on
[root@localhost network-scripts]# cat /etc/resolv.conf
nameserver 218.30.19.50 dns will not change at this time
/usr/share/doc/initscripts/sysconfig.txt network card configuration file description