一,为什么建议使用ip命令代替ifconfig?
1,ifconfig所属的net-tools包已经不再被维护了
虽然可以用,但会发生看不到部分ip等情况,
[root@centos8 liuhongdi]# whereis ifconfig ifconfig: /usr/sbin/ifconfig /usr/share/man/man8/ifconfig.8.gz [root@centos8 liuhongdi]# rpm -qf /usr/sbin/ifconfig net-tools-2.0-0.51.20160912git.el8.x86_64
2,ip命令属于iproute这个包,是linux重点推荐的命令
大家过去用ifconfig成习惯的,还是要转到ip这个命令上来
[root@centos8 liuhongdi]# whereis ip ip: /usr/sbin/ip /usr/share/man/man7/ip.7.gz /usr/share/man/man8/ip.8.gz [root@centos8 liuhongdi]# rpm -qf /usr/sbin/ip iproute-4.18.0-15.el8.x86_64
如果找不到ip命令,可以用dnf安装
[root@centos8 liuhongdi]# dnf install iproute
3,ip命令的操作并未写入到磁盘中,当服务器重启时,这些配置会丢失,
所以大家如果是需要永久性保存的配置,建议使用nmcli做配置
请移动这一篇:
https://www.cnblogs.com/architectforest/p/12612562.html
说明:刘宏缔的架构森林是一个专注架构的博客,地址:https://www.cnblogs.com/architectforest
对应的源码可以访问这里获取: https://github.com/liuhongdi/
说明:作者:刘宏缔 邮箱: 371125307@qq.com
二,查看ip命令的版本和帮助:
1,查看版本
[root@centos8 liuhongdi]# ip -V
ip utility, iproute2-ss180813
2,查看帮助:
[root@centos8 liuhongdi]# ip -help
3,查看手册
[root@centos8 liuhongdi]# man ip
三,ip命令之link(网络设备)管理
link指network device,网络设备
1,列出所有的link
[root@centos8 liuhongdi]# ip link
2,只看指定的link设备
[root@centos8 liuhongdi]# ip link show ens33 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000 link/ether 00:0c:29:bb:c5:a6 brd ff:ff:ff:ff:ff:ff
3,查看指定link设备的收发包统计信息
# -s: 显示statistics
[root@centos8 liuhongdi]# ip -s link show ens33 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000 link/ether 00:0c:29:bb:c5:a6 brd ff:ff:ff:ff:ff:ff RX: bytes packets errors dropped overrun mcast 11593445 60054 0 0 0 0 TX: bytes packets errors dropped carrier collsns 164314 2331 0 0 0 0
4,只显示当前激活的网络设备
[root@centos8 liuhongdi]# ip link show up
5,停用一个网络设备
[root@centos8 liuhongdi]# ip link set ens33 down [root@centos8 liuhongdi]# ip link show ens33 2: ens33: <BROADCAST,MULTICAST> mtu 1500 qdisc fq_codel state DOWN mode DEFAULT group default qlen 1000 link/ether 00:0c:29:bb:c5:a6 brd ff:ff:ff:ff:ff:ff
注意 state是 DOWN
6,启用一个网络设备
[root@centos8 liuhongdi]# ip link set ens33 up [root@centos8 liuhongdi]# ip link show ens33 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000 link/ether 00:0c:29:bb:c5:a6 brd ff:ff:ff:ff:ff:ff
注意 state已恢复为UP
7,查看针对link可以做的操作:
[root@centos8 liuhongdi]# ip link set help
可以做的操作很多
比较常用的应该是修改mtu
8,关闭打开link的多播(multicast)功能:
[root@centos8 liuhongdi]# ip link set ens33 multicast off [root@centos8 liuhongdi]# ip link show ens33 2: ens33: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000 link/ether 00:0c:29:bb:c5:a6 brd ff:ff:ff:ff:ff:ff
可以看到MULTICAST已经被关闭了
[root@centos8 liuhongdi]# ip link set ens33 multicast on [root@centos8 liuhongdi]# ip link show ens33 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000 link/ether 00:0c:29:bb:c5:a6 brd ff:ff:ff:ff:ff:ff
可以看到MULTICAST已经被再次打开
9,配置link的mtu的大小
[root@centos8 liuhongdi]# ip link set ens33 mtu 1000 [root@centos8 liuhongdi]# ip link show ens33 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1000 qdisc fq_codel state UP mode DEFAULT group default qlen 1000 link/ether 00:0c:29:bb:c5:a6 brd ff:ff:ff:ff:ff:ff
可以看到mtu已经被改成了1000
[root@centos8 liuhongdi]# ip link set ens33 mtu 1500 [root@centos8 liuhongdi]# ip link show ens33 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000 link/ether 00:0c:29:bb:c5:a6 brd ff:ff:ff:ff:ff:ff
可以看到mtu已经被改回了1500
说明:什么是mtu?
Maximum Transmission Unit 最大传输单元,就是数据包封包的最大值,
超过这个值就需要拆分成多个包发送
mtu过大或过小有什么影响?
1、本地MTU值大于网络MTU值时,本地传输的数据包过大导致网络会拆包后传输,不但产生额外的数据包,而且消耗了“拆包、组包”的时间。
2、本地MTU值小于网络MTU值时,本地传输的数据包可以直接传输,但是未能完全利用网络给予的数据包传输尺寸的上限值,传输能力不能完全发挥
可见过大或过小会带来网络的不稳定(丢包)或网速过慢
建议:就使用默认值1500就很安全,当网络有不正常现象时,
我们可以查看mtu是否被人为修改过以致产生网络异常
10,修改link的名字
说明:网卡运行时不能改名:
[root@centos8 liuhongdi]# ip link set ens33 name ens33link
RTNETLINK answers: Device or resource busy
先停用
[root@centos8 liuhongdi]# ip link set ens33 down
[root@centos8 liuhongdi]# ip link set ens33 name ens33link
改名完成后再激活
[root@centos8 liuhongdi]# ip link set ens33link up [root@centos8 liuhongdi]# ip link show ens33link 2: ens33link: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000 link/ether 00:0c:29:bb:c5:a6 brd ff:ff:ff:ff:ff:ff
11,修改link的mac地址:
[root@centos8 liuhongdi]# ip link show ens33link 2: ens33link: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000 link/ether 00:0c:29:bb:c5:a6 brd ff:ff:ff:ff:ff:ff
可以看到 mac地址是:00:0c:29:bb:c5:a6
[root@centos8 liuhongdi]# ip link set ens33link down [root@centos8 liuhongdi]# ip link set ens33link address 00:0c:29:bb:c5:a7 [root@centos8 liuhongdi]# ip link set ens33link up [root@centos8 liuhongdi]# ip link show ens33link 2: ens33link: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000 link/ether 00:0c:29:bb:c5:a7 brd ff:ff:ff:ff:ff:ff
说明:可以看到网卡地址已被修改成了00:0c:29:bb:c5:a7
四,ip命令之address(ip地址)管理
1,查看所有的ip地址:
# a,address,addr: 都是ip地址
[liuhongdi@centos8 ~]$ ip a
2,查看指定设备的ip
[root@centos8 liuhongdi]# ip a show ens33 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:bb:c5:a6 brd ff:ff:ff:ff:ff:ff inet 192.168.3.14/24 brd 192.168.3.255 scope global dynamic noprefixroute ens33 valid_lft 83751sec preferred_lft 83751sec inet 192.168.3.13/24 brd 192.168.3.255 scope global secondary noprefixroute ens33 valid_lft forever preferred_lft forever inet6 fe80::2785:9624:cea4:c935/64 scope link noprefixroute valid_lft forever preferred_lft forever
3,分别查看设备的ipv4地址和ipv6地址
#-4 :显示ipv4地址
[root@centos8 liuhongdi]# ip -4 a show ens33 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 inet 192.168.3.35/24 brd 192.168.3.255 scope global dynamic noprefixroute ens33 valid_lft 85737sec preferred_lft 85737sec inet 192.168.3.13/24 brd 192.168.3.255 scope global secondary noprefixroute ens33 valid_lft forever preferred_lft forever
#-6 :显示ipv6地址
[root@centos8 liuhongdi]# ip -6 a show ens33 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000 inet6 fe80::2785:9624:cea4:c935/64 scope link noprefixroute valid_lft forever preferred_lft forever
4,添加ip
[root@centos8 liuhongdi]# ip a add 192.168.5.15/24 dev ens33link [root@centos8 liuhongdi]# ip a show ens33link 2: ens33link: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:bb:c5:a7 brd ff:ff:ff:ff:ff:ff inet 192.168.3.37/24 brd 192.168.3.255 scope global dynamic noprefixroute ens33link valid_lft 85844sec preferred_lft 85844sec inet 192.168.5.15/24 scope global ens33link valid_lft forever preferred_lft forever inet 192.168.3.13/24 brd 192.168.3.255 scope global secondary noprefixroute ens33link valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:febb:c5a7/64 scope link valid_lft forever preferred_lft forever
可以看到ip已添加成功
5,删除ip
[root@centos8 liuhongdi]# ip a show ens33 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:bb:c5:a6 brd ff:ff:ff:ff:ff:ff inet 192.168.5.8/24 brd 192.168.5.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet 192.168.3.35/24 brd 192.168.3.255 scope global dynamic noprefixroute ens33 valid_lft 86144sec preferred_lft 86144sec inet 192.168.3.13/24 brd 192.168.3.255 scope global secondary noprefixroute ens33 valid_lft forever preferred_lft forever inet6 fe80::2785:9624:cea4:c935/64 scope link noprefixroute valid_lft forever preferred_lft forever
192.168.5.8/24是我们要删除的ip
[root@centos8 liuhongdi]# ip a del 192.168.5.8/24 dev ens33 [root@centos8 liuhongdi]# ip a show ens33 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:bb:c5:a6 brd ff:ff:ff:ff:ff:ff inet 192.168.3.35/24 brd 192.168.3.255 scope global dynamic noprefixroute ens33 valid_lft 86019sec preferred_lft 86019sec inet 192.168.3.13/24 brd 192.168.3.255 scope global secondary noprefixroute ens33 valid_lft forever preferred_lft forever inet6 fe80::2785:9624:cea4:c935/64 scope link noprefixroute valid_lft forever preferred_lft forever
删除成功了
6,清除ip:指定ip
#flush: 清除ip
[root@centos8 liuhongdi]# ip a add 192.168.5.15/24 dev ens33 [root@centos8 liuhongdi]# ip a ls dev ens33 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:bb:c5:a6 brd ff:ff:ff:ff:ff:ff inet 192.168.3.35/24 brd 192.168.3.255 scope global dynamic noprefixroute ens33 valid_lft 80454sec preferred_lft 80454sec inet 192.168.5.15/24 scope global ens33 valid_lft forever preferred_lft forever inet 192.168.3.13/24 brd 192.168.3.255 scope global secondary noprefixroute ens33 valid_lft forever preferred_lft forever inet6 fe80::2785:9624:cea4:c935/64 scope link noprefixroute valid_lft forever preferred_lft forever [root@centos8 liuhongdi]# ip a flush to 192.168.5.15/24 [root@centos8 liuhongdi]# ip a ls dev ens33 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:bb:c5:a6 brd ff:ff:ff:ff:ff:ff inet 192.168.3.35/24 brd 192.168.3.255 scope global dynamic noprefixroute ens33 valid_lft 80398sec preferred_lft 80398sec inet 192.168.3.13/24 brd 192.168.3.255 scope global secondary noprefixroute ens33 valid_lft forever preferred_lft forever inet6 fe80::2785:9624:cea4:c935/64 scope link noprefixroute valid_lft forever preferred_lft forever
7,清除ip: 指定设备:
[root@centos8 liuhongdi]# ip a flush dev ens33 [root@centos8 liuhongdi]# ip a ls dev ens33 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:bb:c5:a6 brd ff:ff:ff:ff:ff:ff
可见ens33这个设备上已经没有ip了
五, ip命令使用例子之route管理
1,查看路由表
#ip r 等于 ip route,查看路由
[root@centos8 liuhongdi]# ip r default via 192.168.3.1 dev ens33 proto static metric 100 192.168.3.0/24 dev ens33 proto kernel scope link src 192.168.3.13 metric 100 192.168.3.0/24 dev ens33 proto kernel scope link src 192.168.3.14 metric 100 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown
2,添加默认路由
[root@centos8 liuhongdi]# ip route add default via 192.168.5.2 dev ens33 [root@centos8 liuhongdi]# ip r default via 192.168.5.2 dev ens33 default via 192.168.3.1 dev ens33 proto static metric 100 192.168.3.0/24 dev ens33 proto kernel scope link src 192.168.3.13 metric 100 192.168.3.0/24 dev ens33 proto kernel scope link src 192.168.3.35 metric 100 192.168.5.0/24 dev ens33 proto kernel scope link src 192.168.5.8 metric 100 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown
3,删除默认路由
[root@centos8 liuhongdi]# ip route del default via 192.168.5.2 dev ens33 [root@centos8 liuhongdi]# ip r default via 192.168.3.1 dev ens33 proto static metric 100 192.168.3.0/24 dev ens33 proto kernel scope link src 192.168.3.13 metric 100 192.168.3.0/24 dev ens33 proto kernel scope link src 192.168.3.35 metric 100 192.168.5.0/24 dev ens33 proto kernel scope link src 192.168.5.8 metric 100 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown
4,修改默认路由
[root@centos8 liuhongdi]# ip route add default via 192.168.5.2 dev ens33 [root@centos8 liuhongdi]# ip r default via 192.168.5.2 dev ens33 default via 192.168.3.1 dev ens33 proto static metric 100 192.168.3.0/24 dev ens33 proto kernel scope link src 192.168.3.13 metric 100 192.168.3.0/24 dev ens33 proto kernel scope link src 192.168.3.35 metric 100 192.168.5.0/24 dev ens33 proto kernel scope link src 192.168.5.8 metric 100 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown [root@centos8 liuhongdi]# ip route replace default via 192.168.5.4 dev ens33 [root@centos8 liuhongdi]# ip r default via 192.168.5.4 dev ens33 default via 192.168.3.1 dev ens33 proto static metric 100 192.168.3.0/24 dev ens33 proto kernel scope link src 192.168.3.13 metric 100 192.168.3.0/24 dev ens33 proto kernel scope link src 192.168.3.35 metric 100 192.168.5.0/24 dev ens33 proto kernel scope link src 192.168.5.8 metric 100 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown
5,设置到网络49.7.40/24的路由经过网关192.168.5.8
[root@centos8 liuhongdi]# ip route add 49.7.40/24 via 192.168.5.8 [root@centos8 liuhongdi]# ip r default via 192.168.3.1 dev ens33 proto static metric 100 49.7.40.0/24 via 192.168.5.8 dev ens33
6,从路由表中删除一条记录:
[root@centos8 liuhongdi]# ip route del 49.7.40.0/24 via 192.168.5.8 dev ens33
六,ip命令使用例子之统计信息
# -s :统计信息
[root@centos8 liuhongdi]# ip -s link ls ens33 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000 link/ether 00:0c:29:bb:c5:a6 brd ff:ff:ff:ff:ff:ff RX: bytes packets errors dropped overrun mcast 3635277 17405 0 0 0 0 TX: bytes packets errors dropped carrier collsns 24862 301 0 0 0 0
# -s -s :统计信息,增加了 tx rx的错误信息
[root@centos8 liuhongdi]# ip -s -s link ls ens33 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000 link/ether 00:0c:29:bb:c5:a6 brd ff:ff:ff:ff:ff:ff RX: bytes packets errors dropped overrun mcast 3638862 17421 0 0 0 0 RX errors: length crc frame fifo missed 0 0 0 0 0 TX: bytes packets errors dropped carrier collsns 24862 301 0 0 0 0 TX errors: aborted fifo window heartbeat transns 0 0 0 0 2
七, ip命令使用例子之arp
1,查看mac地址的arp表
[root@centos8 liuhongdi]# ip neigh 192.168.3.1 dev ens33 lladdr fc:94:35:07:73:77 STALE 192.168.5.4 dev ens33 FAILED
2,添加一个mac和ip的对应项
[root@centos8 liuhongdi]# ip neigh add 192.168.1.100 lladdr 00:0c:29:c0:5a:ef dev ens33 [root@centos8 liuhongdi]# ip neigh 192.168.3.1 dev ens33 lladdr fc:94:35:07:73:77 STALE 192.168.1.100 dev ens33 lladdr 00:0c:29:c0:5a:ef PERMANENT 192.168.5.4 dev ens33 FAILED
添加已成功
3,删除一个mac和ip的对应项
[root@centos8 liuhongdi]# ip neigh del 192.168.1.100 lladdr 00:0c:29:c0:5a:ef dev ens33 [root@centos8 liuhongdi]# ip neigh 192.168.3.1 dev ens33 lladdr fc:94:35:07:73:77 STALE 192.168.5.4 dev ens33 FAILED
删除成功
八,查看centos版本
[root@centos8 conf]# cat /etc/redhat-release CentOS Linux release 8.1.1911 (Core)