(Linux系统的网卡路由配置)
一、查看系统路由
[root@control ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.3.254 0.0.0.0 UG 103 0 0 ens161
10.88.0.0 0.0.0.0 255.255.0.0 U 0 0 0 cni0
192.168.3.0 0.0.0.0 255.255.255.0 U 103 0 0 ens161
192.168.3.254 0.0.0.0 255.255.255.255 UH 0 0 0 ens161
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
二、激活网卡
1.查看所有物理网卡
在这里插入代码片
[root@control ~]# nmcli device
DEVICE TYPE STATE CONNECTION
ens161 ethernet connected ens161
cni0 bridge connected cni0
virbr0 bridge connected virbr0
ens160 ethernet disconnected --
vethbf044fd9 ethernet unmanaged --
lo loopback unmanaged --
virbr0-nic tun unmanaged --
2.连接新增网卡
[root@control ~]# nmcli connection up ens160
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/10)
3.查看IP
ifconfig ens160
三、系统的路由管理
1.添加一条网关路由
route add -net 0.0.0.0 netmask 255.255.255.255 dev ens37
2.设置默认网关
route add default gw 192.168.243.2
[root@192 user]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 0.0.0.0 255.255.255.255 UH 0 0 0 ens37
0.0.0.0 192.168.243.2 0.0.0.0 UG 0 0 0 ens37
0.0.0.0 192.168.3.254 0.0.0.0 UG 100 0 0 ens33
10.88.0.0 0.0.0.0 255.255.0.0 U 0 0 0 cni-podman0
192.168.3.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
192.168.243.0 0.0.0.0 255.255.255.0 U 101 0 0 ens37
3.删除默认网关
route del default gw 192.168.243.2
4.使用route命令删除静态路由
route del -net 192.168.1.0 netmask 255.255.255.0 dev ens37
四、配置路由优先级
1.多个网关存在时,无法上网
[root@192 user]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 0.0.0.0 255.255.255.255 UH 0 0 0 ens37
0.0.0.0 192.168.243.2 0.0.0.0 UG 0 0 0 ens37
0.0.0.0 192.168.3.254 0.0.0.0 UG 100 0 0 ens33
10.88.0.0 0.0.0.0 255.255.0.0 U 0 0 0 cni-podman0
192.168.3.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
192.168.243.0 0.0.0.0 255.255.255.0 U 101 0 0 ens37
[root@192 user]# ping www.baidu.com
^C
[root@192 user]# ping www.baidu.com -c4
PING www.a.shifen.com (112.80.248.76) 56(84) bytes of data.
From 192.168.243.140 (192.168.243.140) icmp_seq=1 Destination Host Unreachable
From 192.168.243.140 (192.168.243.140) icmp_seq=2 Destination Host Unreachable
From 192.168.243.140 (192.168.243.140) icmp_seq=3 Destination Host Unreachable
From 192.168.243.140 (192.168.243.140) icmp_seq=4 Destination Host Unreachable
--- www.a.shifen.com ping statistics ---
4 packets transmitted, 0 received, +4 errors, 100% packet loss, time 2999ms
pipe 4
[root@192 user]#
2.添加路由时指定优先级
[root@192 user]# ip route add default via 192.168.243.2 metric 99
[root@192 user]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 0.0.0.0 255.255.255.255 UH 0 0 0 ens37
0.0.0.0 192.168.243.2 0.0.0.0 UG 0 0 0 ens37
0.0.0.0 192.168.243.2 0.0.0.0 UG 99 0 0 ens37
0.0.0.0 192.168.3.254 0.0.0.0 UG 100 0 0 ens33
10.88.0.0 0.0.0.0 255.255.0.0 U 0 0 0 cni-podman0
192.168.3.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
192.168.243.0 0.0.0.0 255.255.255.0 U 101 0 0 ens37
3.添加某条静态路由
[root@192 user]# ip route add 192.168.120.0/24 via 192.168.243.2
[root@192 user]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.243.2 0.0.0.0 UG 0 0 0 ens37
0.0.0.0 192.168.243.2 0.0.0.0 UG 99 0 0 ens37
0.0.0.0 192.168.3.254 0.0.0.0 UG 100 0 0 ens33
10.88.0.0 0.0.0.0 255.255.0.0 U 0 0 0 cni-podman0
192.168.3.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
192.168.120.0 192.168.243.2 255.255.255.0 UG 0 0 0 ens37
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
192.168.243.0 0.0.0.0 255.255.255.0 U 101 0 0 ens37
4.删除静态路由
ip route del default via 192.168.243.2
5.指定上网出口网关优先级
[root@192 user]# ip route add default via 192.168.3.254 metric 98
[root@192 user]# ping www.baidu.com
PING www.a.shifen.com (112.80.248.76) 56(84) bytes of data.
64 bytes from 112.80.248.76 (112.80.248.76): icmp_seq=1 ttl=55 time=32.3 ms
64 bytes from 112.80.248.76 (112.80.248.76): icmp_seq=2 ttl=55 time=33.0 ms
64 bytes from 112.80.248.76 (112.80.248.76): icmp_seq=3 ttl=55 time=34.0 ms
64 bytes from 112.80.248.76 (112.80.248.76): icmp_seq=4 ttl=55 time=34.2 ms
^C
--- www.a.shifen.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 32.395/33.442/34.268/0.782 ms
[root@192 user]#
五、网卡的配置
1.修改IP
[root@node1 ~]# nmcli connection modify ens224-con224 ipv4.addresses 192.168.8.11/24 ipv4.gateway 192.168.8.1 ipv4.dns 192.168.8.1 ipv4.method manual
[root@node1 ~]# nmcli connection reload
[root@node1 ~]# nmcli connection up ens224-con224
2.添加网卡IP
[root@node1 ~]# nmcli connection add ifname ens224 type ethernet con-name ens224-con224 ipv4.addresses 192.168.8.11/24 ipv4.gateway 192.168.8.1 ipv4.dns 192.168.8.1 ipv4.method manual
[root@node1 ~]# nmcli connection reload
[root@node1 ~]# nmcli connection up ens224-con224
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/7)
[root@node1 ~]#
3.给网卡配置多个IP
nmcli connection modify ens224-con224 +ipv4.addresses 192.168.8.111/24
[root@node1 ~]# nmcli con up ens224-con224
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/10)
[root@node1 network-scripts]# ip addr show ens224
3: ens224: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:4e:fd:bc brd ff:ff:ff:ff:ff:ff
inet 192.168.8.11/24 brd 192.168.8.255 scope global noprefixroute ens224
valid_lft forever preferred_lft forever
inet 192.168.8.111/24 brd 192.168.8.255 scope global secondary noprefixroute ens224
valid_lft forever preferred_lft forever
inet6 fe80::1344:2c57:66a9:99a6/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@node1 network-scripts]#
六、ss命令
[root@192 user]# ss -tunlp |grep 80
udp UNCONN 0 0 *:807 *:* users:(("rpcbind",pid=8696,fd=10))
udp UNCONN 0 0 :::807 :::* users:(("rpcbind",pid=8696,fd=11))
[root@192 user]# netstat -tunlp |grep 80
udp 0 0 0.0.0.0:807 0.0.0.0:* 8696/rpcbind
udp6 0 0 :::807 :::* 8696/rpcbind