首页 > 代码库 > linux网络配置、管理

linux网络配置、管理

配置IP地址:

       通过命令行( ifconfig , ip ):即时生效,重启失效

       通过配置文件:重启生效,或者通过/etc/init.d/network restart重读配置文件

ifconfig:配置网络接口

ifconfig 显示当前激活的所有网卡信息

[root@unp ~]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:50:56:9F:22:36 
          inet addr:192.168.57.23  Bcast:192.168.57.255  Mask:255.255.255.0
          inet6 addr: fe80::250:56ff:fe9f:2236/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:436523 errors:2 dropped:2 overruns:0 frame:0
          TX packets:152251 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:91512106 (87.2 MiB)  TX bytes:37550531 (35.8 MiB)
          Interrupt:18 Base address:0x2000

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:365848 errors:0 dropped:0 overruns:0 frame:0
          TX packets:365848 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:21950880 (20.9 MiB)  TX bytes:21950880 (20.9 MiB)

ifconfig eth0 仅显示指定网卡的信息

[root@unp ~]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:50:56:9F:22:36 
          inet addr:192.168.57.23  Bcast:192.168.57.255  Mask:255.255.255.0
          inet6 addr: fe80::250:56ff:fe9f:2236/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:436523 errors:2 dropped:2 overruns:0 frame:0
          TX packets:152251 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:91512106 (87.2 MiB)  TX bytes:37550531 (35.8 MiB)
          Interrupt:18 Base address:0x2000

ifconfig eth0 192.168.57.23/24 配置IP地址

ifconfig eth0:0 192.168.57.238/24  配置第二个IP地址

ifconfig eth0:1 192.168.57.239/24  配置第三个IP地址

……………………………………………………………….

ifconfig eth0 up 启用网卡

ifconfig eth0 down 禁用网卡

ip : 查看,操纵路由、网卡、策略路由、隧道

ip addr show   显示所有激活网卡的信息

[root@unp ~]# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
    link/ether 00:50:56:9f:22:36 brd ff:ff:ff:ff:ff:ff
    inet 192.168.57.23/24 brd 192.168.57.255 scope global eth0
    inet6 fe80::250:56ff:fe9f:2236/64 scope link
       valid_lft forever preferred_lft forever

ip addr show eth0   显示指定网卡的信息

[root@unp ~]# ip addr show  eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
    link/ether 00:50:56:9f:22:36 brd ff:ff:ff:ff:ff:ff
    inet 192.168.57.23/24 brd 192.168.57.255 scope global eth0
    inet6 fe80::250:56ff:fe9f:2236/64 scope link
       valid_lft forever preferred_lft forever

ip link show eth0   显示指定网卡的链路状态信息

[root@unp ~]# ip link show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
    link/ether 00:50:56:9f:22:36 brd ff:ff:ff:ff:ff:ff

 

ip addr add dev eth0 192.168.57.238/24  为网卡增加一个IP

ip addr del dev eth0 192.168.57.238/24  删除一个IP

ip addr flush eth0 to 192.168.57.0/24  删除所有57.0网段的IP

ip link set eth0 [ up | down ]  启用或关闭网卡

ip link set eth0 arp [ on | off ]  启用或关闭网卡arp功能

ip link set eth0 promisc [ on | off ]  启用或关闭网卡混杂模式

ip link set eth0 multicast [ on | off ]  启用或关闭网卡多播功能

ip link eth0 mtu 1500  设置网卡mtu

网卡配置文件:

[root@unp ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0    #网卡名称

HWADDR=00:50:56:9F:22:36 #网卡MAC地址

TYPE=Ethernet   #以太网

UUID=29346e58-7ccc-4489-aeff-6749f34617c0

ONBOOT=yes   #开机后启动网卡

NM_CONTROLLED=yes   #是否接受NetworkManager脚本控制

BOOTPROTO=static   #静态IP

IPADDR=192.168.57.23    #IP地址

NETMASK=255.255.255.0    #子网掩码

GATEWAY=192.168.57.1     #网关

DNS1=8.8.8.8      #DNS

修改完之后,service network restart重新读取配置文件

配置路由:

route:

route –n

[root@unp ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.57.0    0.0.0.0         255.255.255.0   U     1      0        0 eth0
0.0.0.0         192.168.57.1    0.0.0.0         UG    0      0        0 eth0

route add –net 10.0.0.0 netmask 255.255.0 gw 192.168.57.2   增加网络路由

[root@unp ~]# route add -net 10.0.0.0 netmask 255.255.255.0 gw 192.168.57.2
[root@unp ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.0.0.0        192.168.57.2    255.255.255.0   UG    0      0        0 eth0
192.168.57.0    0.0.0.0         255.255.255.0   U     1      0        0 eth0
0.0.0.0         192.168.57.1    0.0.0.0         UG    0      0        0 eth0

route add –host 10.1.1.1 gw 192.168.57.3     增加主机路由

[root@unp ~]# route add -host 10.1.1.1 gw 192.168.57.3
[root@unp ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.1.1.1        192.168.57.3    255.255.255.255 UGH   0      0        0 eth0
10.0.0.0        192.168.57.2    255.255.255.0   UG    0      0        0 eth0
192.168.57.0    0.0.0.0         255.255.255.0   U     1      0        0 eth0
0.0.0.0         192.168.57.1    0.0.0.0         UG    0      0        0 eth0

route del –net 10.0.0.0 netmask 255.255.255.0  删除网络路由

[root@unp ~]# route del -net 10.0.0.0 netmask 255.255.255.0
[root@unp ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.1.1.1        192.168.57.3    255.255.255.255 UGH   0      0        0 eth0
192.168.57.0    0.0.0.0         255.255.255.0   U     1      0        0 eth0
0.0.0.0         192.168.57.1    0.0.0.0         UG    0      0        0 eth0

route del –host 10.1.1.1 删除主机路由

[root@unp ~]# route del -host 10.1.1.1
[root@unp ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.57.0    0.0.0.0         255.255.255.0   U     1      0        0 eth0
0.0.0.0         192.168.57.1    0.0.0.0         UG    0      0        0 eth0

route add default gw 192.168.57.3   增加默认路由

[root@unp ~]# route add default gw 192.168.57.3
[root@unp ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.57.0    0.0.0.0         255.255.255.0   U     1      0        0 eth0
0.0.0.0         192.168.57.3    0.0.0.0         UG    0      0        0 eth0
0.0.0.0         192.168.57.1    0.0.0.0         UG    0      0        0 eth0

route del default gw 192.168.57.3    删除默认路由

0.0.0.0         192.168.57.1    0.0.0.0         UG    0      0        0 eth0
[root@unp ~]# route del default gw 192.168.57.3  
[root@unp ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.57.0    0.0.0.0         255.255.255.0   U     1      0        0 eth0
0.0.0.0         192.168.57.1    0.0.0.0         UG    0      0        0 eth0

route –n 显示路由表

[root@unp ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.57.0    0.0.0.0         255.255.255.0   U     1      0        0 eth0
0.0.0.0         192.168.57.1    0.0.0.0         UG    0      0        0 eth0

Destination:  目标网络或目标主机

Gateway:  网关(下一跳路由地址)

Genmask:  目标网络的的子网掩码

Flags:

       U: 路由是up的

       H: 目标是一个主机

       G: 使用网关

       R: 动态路由

       D: 被进程动态安装的或重定向的

       M: 被路由进程修改的或重定向的

       A: 被addrconf安装的

       C: 缓存条目

       !: 被拒绝的路由

Metric: 到目标网络的距离(多少跳)

Ref: 在Linux内核中不使用

Use: 路由被查询的次数

Iface: 路由出接口

ip route:  查看路由

ip route list   查看路由

[root@unp ~]# ip route list
192.168.57.0/24 dev eth0  proto kernel  scope link  src 192.168.57.23  metric 1
default via 192.168.57.1 dev eth0  proto static

ip route add 10.0.0.0/24 via 192.168.57.2  增加网络路由

[root@unp ~]# ip route add 10.0.0.0/24 via 192.168.57.2
[root@unp ~]# ip route list
10.0.0.0/24 via 192.168.57.2 dev eth0
192.168.57.0/24 dev eth0  proto kernel  scope link  src 192.168.57.23  metric 1
default via 192.168.57.1 dev eth0  proto static

ip route add 10.1.1.1 via 192.168.57.3  增加主机路由

[root@unp ~]# ip route add 10.1.1.1 via 192.168.57.3
[root@unp ~]# ip route list
10.1.1.1 via 192.168.57.3 dev eth0
10.0.0.0/24 via 192.168.57.2 dev eth0
192.168.57.0/24 dev eth0  proto kernel  scope link  src 192.168.57.23  metric 1
default via 192.168.57.1 dev eth0  proto static

ip route del 10.0.0.0/24      删除网络路由

[root@unp ~]# ip route del 10.0.0.0/24[root@unp ~]# ip route show
10.1.1.1 via 192.168.57.3 dev eth0
192.168.57.0/24 dev eth0  proto kernel  scope link  src 192.168.57.23  metric 1
default via 192.168.57.1 dev eth0  proto static

ip route del 10.1.1.1    删除主机路由

[root@unp ~]# ip route del 10.1.1.1
[root@unp ~]# ip route show
192.168.57.0/24 dev eth0  proto kernel  scope link  src 192.168.57.23  metric 1
default via 192.168.57.1 dev eth0  proto static

 

通过配置文件配置路由:

vim /etc/sysconfig/network-script/route-eth0

方法一:

10.0.0.0/24 via 192.168.57.2

保存,退出。service network restart

[root@unp network-scripts]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.0.0.0        192.168.57.2    255.255.255.0   UG    0      0        0 eth0
192.168.57.0    0.0.0.0         255.255.255.0   U     1      0        0 eth0
0.0.0.0         192.168.57.1    0.0.0.0         UG    0      0        0 eth0

方法二:

ADDRESS0=10.0.0.0
NETMASK0=255.255.255.0
GATEWAY0=192.168.57.2

ADDRESS1=10.1.1.1
NETMASK1=255.255.255.255
GATEWAY1=192.168.57.3

保存,退出。service network restart

[root@unp ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.1.1.1        192.168.57.3    255.255.255.255 UGH   0      0        0 eth0
10.0.0.0        192.168.57.2    255.255.255.0   UG    0      0        0 eth0
192.168.57.0    0.0.0.0         255.255.255.0   U     1      0        0 eth0
0.0.0.0         192.168.57.1    0.0.0.0         UG    0      0        0 eth0

配置dns:

vim /etc/resolv.conf

[root@unp ~]# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 8.8.8.8

arp:查询arp表:

arp -n

[root@unp ~]# arp -n
Address                  HWtype  HWaddress           Flags Mask            Iface
192.168.57.1             ether   00:00:0c:07:ac:00   C                     eth0
192.168.57.230           ether   00:0c:29:4e:00:f7   C                     eth0
192.168.57.63            ether   1c:6f:65:0a:20:a1   C                     eth0

arp –s 192.168.57.5 00:00:22:00:44:55   静态绑定mac地址

[root@unp ~]# arp -s 192.168.57.5 00:00:22:00:44:55
[root@unp ~]# arp -n
Address                  HWtype  HWaddress           Flags Mask            Iface
192.168.57.5             ether   00:00:22:00:44:55   CM                    eth0
192.168.57.1             ether   00:00:0c:07:ac:00   C                     eth0
192.168.57.230           ether   00:0c:29:4e:00:f7   C                     eth0
192.168.57.63            ether   1c:6f:65:0a:20:a1   C                     eth0

arp –d 192.168.57.5

[root@unp ~]# arp -d 192.168.57.5
[root@unp ~]# arp -n
Address                  HWtype  HWaddress           Flags Mask            Iface
192.168.57.5                     (incomplete)                              eth0
192.168.57.1             ether   00:00:0c:07:ac:00   C                     eth0
192.168.57.230           ether   00:0c:29:4e:00:f7   C                     eth0
192.168.57.63            ether   1c:6f:65:0a:20:a1   C                     eth0

ip neigh: 替代arp的工具

[root@unp ~]# ip neigh show
192.168.57.1 dev eth0 lladdr 00:00:0c:07:ac:00 DELAY
192.168.57.63 dev eth0 lladdr 1c:6f:65:0a:20:a1 STALE

ip neigh add 192.168.57.6 lladdr 11:22:33:44:55:66 nud permanent dev eth0 绑定MAC地址

[root@unp ~]# ip neigh add 192.168.57.6 lladdr 11:22:33:44:55:66 nud permanent dev eth0
[root@unp ~]# ip neigh show
192.168.57.6 dev eth0 lladdr 11:22:33:44:55:66 PERMANENT
192.168.57.1 dev eth0 lladdr 00:00:0c:07:ac:00 REACHABLE
192.168.57.39 dev eth0 lladdr 00:50:56:9f:6e:b6 STALE
192.168.57.63 dev eth0 lladdr 1c:6f:65:0a:20:a1 STALE

ip neigh del 192.168.57.6 lladdr 11:22:33:44:55:66 nud permanent dev eth0  删除绑定的MAC地址

root@unp ~]# ip neigh del 192.168.57.6 lladdr 11:22:33:44:55:66 nud permanent dev eth0  
[root@unp ~]# ip neigh show
192.168.57.1 dev eth0 lladdr 00:00:0c:07:ac:00 REACHABLE
192.168.57.39 dev eth0 lladdr 00:50:56:9f:6e:b6 STALE
192.168.57.63 dev eth0 lladdr 1c:6f:65:0a:20:a1 STALE

netstat: 打印网络连接、路由表、接口状态

-t :  tcp连接

-u:  udp连接

-l :  仅显示侦听的sockets(缺省有些选项)

-n:  数字格式显示

-p:  显示每个socket的PID

-a:  显示所有侦听和不侦听的socket

netstat –r == ip route list

netstat –i == ip –s link

[root@unp ~]# netstat -i    
Kernel Interface table
Iface       MTU Met    RX-OK RX-ERR RX-DRP RX-OVR    TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0       1400   0   451374      2      0      0   159066      0      0      0 BMRU
lo        16436   0   374392      0      0      0   374392      0      0      0 LRU
[root@unp ~]# ip -s link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    RX: bytes  packets  errors  dropped overrun mcast  
    22463520   374392   0       0       0       0     
    TX: bytes  packets  errors  dropped carrier collsns
    22463520   374392   0       0       0       0     
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1400 qdisc pfifo_fast state UNKNOWN qlen 1000
    link/ether 00:50:56:9f:22:36 brd ff:ff:ff:ff:ff:ff
    alias mynet
    RX: bytes  packets  errors  dropped overrun mcast  
    92986751   451401   2       0       0       0     
    TX: bytes  packets  errors  dropped carrier collsns
    38805032   159084   0       0       0       0  

netstat –tulnap  

[root@unp ~]# netstat -tulnap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name  
tcp        0      0 0.0.0.0:46283               0.0.0.0:*                   LISTEN      1464/rpc.statd     
tcp        0      0 0.0.0.0:8140                0.0.0.0:*                   LISTEN      1766/ruby          
tcp        0      0 0.0.0.0:3790                0.0.0.0:*                   LISTEN      2189/nginx         
tcp        0      0 0.0.0.0:111                 0.0.0.0:*                   LISTEN      1420/rpcbind       
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      1711/sshd          
tcp        0      0 127.0.0.1:631               0.0.0.0:*                   LISTEN      1569/cupsd         
tcp        0      0 0.0.0.0:3306                0.0.0.0:*                   LISTEN      15781/mysqld       
tcp        0      0 192.168.57.23:22            192.168.57.63:23845         ESTABLISHED 2058/sshd          
tcp        0      0 192.168.57.23:22            10.241.19.12:60567          ESTABLISHED 23130/sshd         
tcp        0      0 192.168.57.23:22            10.241.19.12:60514          ESTABLISHED 21897/sshd         
tcp        0      0 192.168.57.23:22            10.241.19.12:60568          ESTABLISHED 23151/sshd         
tcp        0     52 192.168.57.23:22            10.241.19.12:60848          ESTABLISHED 25393/sshd         
tcp        0      0 192.168.57.23:22            10.241.19.12:60512          ESTABLISHED 21876/sshd         
tcp        0      0 192.168.57.23:22            10.241.19.12:60849          ESTABLISHED 25414/sshd         
tcp        0      0 :::111                      :::*                        LISTEN      1420/rpcbind       
tcp        0      0 :::38449                    :::*                        LISTEN      1464/rpc.statd     
tcp        0      0 :::22                       :::*                        LISTEN      1711/sshd          
tcp        0      0 :::23                       :::*                        LISTEN      1719/xinetd        
tcp        0      0 ::1:631                     :::*                        LISTEN      1569/cupsd         
udp        0      0 0.0.0.0:747                 0.0.0.0:*                               1420/rpcbind       
udp        0      0 0.0.0.0:111                 0.0.0.0:*                               1420/rpcbind       
udp        0      0 0.0.0.0:631                 0.0.0.0:*                               1569/cupsd         
udp        0      0 192.168.57.23:123           0.0.0.0:*                               1727/ntpd          
udp        0      0 127.0.0.1:123               0.0.0.0:*                               1727/ntpd          
udp        0      0 0.0.0.0:123                 0.0.0.0:*                               1727/ntpd          
udp        0      0 0.0.0.0:514                 0.0.0.0:*                               1377/rsyslogd      
udp        0      0 0.0.0.0:792                 0.0.0.0:*                               1464/rpc.statd     
udp        0      0 0.0.0.0:47770               0.0.0.0:*                               1464/rpc.statd     
udp        0      0 :::747                      :::*                                    1420/rpcbind       
udp        0      0 :::111                      :::*                                    1420/rpcbind       
udp        0      0 fe80::250:56ff:fe9f:2236:123 :::*                                    1727/ntpd          
udp        0      0 ::1:123                     :::*                                    1727/ntpd          
udp        0      0 :::123                      :::*                                    1727/ntpd          
udp        0      0 :::514                      :::*                                    1377/rsyslogd      
udp        0      0 :::35147                    :::*                                    1464/rpc.statd   

Proto: socket使用的协议,可以是tcp,udp,raw

Recv-Q: The count of bytes not copied by the user program connected to this socket.

Send-Q:

The count of bytes not acknowledged by the remote host.

Local Address: 本机地址:端口号

Foreign Address:  远程地址:端口号

State: Socket状态

    ESTABLISHED: 连接已建立

    SYN_SENT: 尝试建立连接,发送syn

    SYN_RECV: 接收到syn请求

    FIN_WAIT1: socket关闭,连接被关闭

    FIN_WAIT2: 连接关闭,socket等待关闭

    TIME_WAIT: 连接关闭之后,socket处于等待状态

    CLOSED: socket不被使用

    CLOSED_WAIT: 远端已经关闭,等待socket关闭

    LAST_ACK: 远端已经关闭,sock也已关闭

    LISTEN: 侦听状态

    CLOSING: Both sockets都已关闭

    UNKNOWN:  未知的socket状态

PID/Program: socket所使用的进程ID和进程名称

ss: 替代netstat的工具

-n: 以数字形式显示,不解析服务名

-r:  解析成服务名

-a:  显示所有socket

-l:   显示侦听的socket

-o:  显示timer 信息

-e:  显示详细的socket信息

-m: 显示socket内存使用率

-p:  显示使用socket的进程

-i:   显示内部TCP信息

-s:  显示汇总状态信息

-4 : 仅显示IPv4 socket

-6: 仅显示IPv6 socket

-0: 显示packet socket

-t: 仅显示tcp socket

-u: 仅显示udp socket

-d: 仅显示DCCP socket

-w: 仅显示raw socket

-x: 仅显示 unix domain socket

ss –ta : 显示所有tcp连接

[root@unp ~]# ss -ta
State      Recv-Q Send-Q                                Local Address:Port                                    Peer Address:Port  
LISTEN     0      128                                               *:46283                                              *:*      
LISTEN     0      5                                                 *:8140                                               *:*      
LISTEN     0      128                                               *:quickbooksrds                                            *:*      
LISTEN     0      128                                              :::sunrpc                                            :::*      
LISTEN     0      128                                               *:sunrpc                                             *:*      
LISTEN     0      128                                              :::38449                                             :::*      
LISTEN     0      128                                              :::ssh                                               :::*      
LISTEN     0      128                                               *:ssh                                                *:*      
LISTEN     0      64                                               :::telnet                                            :::*      
LISTEN     0      128                                       127.0.0.1:ipp                                                *:*      
LISTEN     0      128                                             ::1:ipp                                               :::*      
LISTEN     0      50                                                *:mysql                                              *:*      
ESTAB      0      0                                     192.168.57.23:ssh                                    192.168.57.63:23845  
ESTAB      0      0                                     192.168.57.23:ssh                                     10.241.19.12:60567  
ESTAB      0      0                                     192.168.57.23:ssh                                     10.241.19.12:60568  
ESTAB      0      0                                     192.168.57.23:ssh                                     10.241.19.12:60848  
ESTAB      0      52                                    192.168.57.23:ssh                                     10.241.19.12:60849  

ss –ua   显示所有udp连接

[root@unp ~]# ss -ua
State      Recv-Q Send-Q                                Local Address:Port                                    Peer Address:Port  
UNCONN     0      0                                                 *:fujitsu-dev                                            *:*      
UNCONN     0      0                                                 *:sunrpc                                             *:*      
UNCONN     0      0                                                 *:ipp                                                *:*      
UNCONN     0      0                                     192.168.57.23:ntp                                                *:*      
UNCONN     0      0                                         127.0.0.1:ntp                                                *:*      
UNCONN     0      0                                                 *:ntp                                                *:*      
UNCONN     0      0                                                 *:syslog                                             *:*      
UNCONN     0      0                                                 *:792                                                *:*      
UNCONN     0      0                                                 *:47770                                              *:*      
UNCONN     0      0                                                :::fujitsu-dev                                           :::*      
UNCONN     0      0                                                :::sunrpc                                            :::*      
UNCONN     0      0                          fe80::250:56ff:fe9f:2236:ntp                                               :::*      
UNCONN     0      0                                               ::1:ntp                                               :::*      
UNCONN     0      0                                                :::ntp                                               :::*      
UNCONN     0      0                                                :::syslog                                            :::*      
UNCONN     0      0                                                :::35147                                             :::*      
ss –o state established ‘( sport = :ssh )’   显示所有已建立的ssh连接

[root@unp ~]# ss -o state established ‘( sport = :ssh )‘
Recv-Q Send-Q                                     Local Address:Port                                         Peer Address:Port  
0      0                                          192.168.57.23:ssh                                         192.168.57.63:23845    timer:(keepalive,70min,0)
0      0                                          192.168.57.23:ssh                                          10.241.19.12:60567    timer:(keepalive,33min,0)
0      0                                          192.168.57.23:ssh                                          10.241.19.12:60568    timer:(keepalive,31min,0)
0      0                                          192.168.57.23:ssh                                          10.241.19.12:60848    timer:(keepalive,35min,0)
0      52                                         192.168.57.23:ssh                                          10.241.19.12:60849    timer:(on,365ms,0)

ping: 通过发送ICMP测试网络连接

-c: 定义发送多少次ICMP包

-i: 设置发送每个ICMP包之间的间隔时间(s),默认是1s

-I: 设置ping的源接口

-q: 静默模式,常用于脚本

-s: 定义包大小,缺省是56byte,最大65535byte

 

traceroute 网络诊断

-g: 指定必须经过的网关地址

-i:  指定通过哪个网卡发送数据包

traceroute 192.168.100.10

[root@unp ~]# traceroute 192.168.100.10
traceroute to 192.168.100.10 (192.168.100.10), 30 hops max, 60 byte packets
1  192.168.57.2 (192.168.57.2)  1.185 ms  1.202 ms  1.286 ms
2  10.255.34.1 (10.255.34.1)  0.367 ms  1.144 ms  1.096 ms
3  10.255.32.2 (10.255.32.2)  0.472 ms  0.306 ms  0.277 ms
4  192.168.100.10 (192.168.100.10)  0.578 ms  0.708 ms  0.676 ms

linux网络配置、管理