1、IP分类以及每个分类可以分配的IP数量

1.1 IP地址组成

唯一标识 IP 网络中的每台设备，每台主机（计算机、网络设备、外围设备）必须具有唯一的地址

IP地址由两部分组成

网络ID：标识网络，每个网段分配一个网络ID，处于高位
主机 ID：标识单个主机，由组织分配给各设备，处于低位

IPv4地址格式：点分十进制记法

IP地址是一个32位二进制数，如：10101100 00010000 10000000 00010001

可将此32位二进制数划分为四组8位二进制数	10101100	00010000	10000000	00010001
每组二进制八位数（或字节）均可转换成十进制数	172	16	128	17
地址可使用点分十进制记法记录	172.	16.	128.	17

1.2 IP地址分类

	A类	B类	C类	D类	E类
二进制表示	0 0000000 - 0 1111111.X.Y.Z	10 000000 - 10 111111.X.Y.Z	110 00000 - 110 1 1111.X.Y.Z	1110 0000 - 1110 1111.X.Y.Z	保留未使用
十进制表示法	0-127.X.Y.Z	128-191.X.Y.Z	192-223.X.Y.Z	224-239.X.Y.Z	240-255
网络ID	网络ID位是最高8位	网络ID位是最高16位	网络ID位是最高24位	组（多）播
主机ID	主机ID是24位低位	主机ID是16位低位	主机ID是8位低位
网络数	126=2^7(可变是的网络ID位数)-2	2^14=16384	2^21=2097152
每个网络中的主机数	2^24-2=16777214	2^16-2=65534	2^8-2=254
默认子网掩码	255.0.0.0	255.255.0.0	255.255.255.0
私网地址	10.0.0.0	172.16.0.0-172.31.0.0	192.168.0.0-192.168.255.0
范例	114.114.114.114,1.1.1.1，58.87.87.99119.29.29.29	180.76.76.76，172.16.0.1	223.6.6.6

1.3 公共和私有IP地址

私有IP地址：不直接用于互联网，通常在局域网中使用

A类：10.0.0.0到10.255.255.255 （一个网段）
B类：172.16.0.0到172.31.255.255 （16个网段）
C类：192.168.0.0到192.168.255.255 （256个网段）

公共IP地址：互联网上设备拥有的唯一地址

A类：1.0.0.0到9.255.255.255 11.0.0.0到126.255.255.255

B类：128.0.0.0到172.15.255.255 172.32.0.0到191.255.255.255

C类：192.0.0.0到192.167.255.255 192.169.0.0到223.255.255.255

1.4 特殊地址

0.0.0.0：
不是一个真正意义上的IP地址。它表示所有不清楚的主机和目的网络。
255.255.255.255：
限制广播地址。对本机来说，这个地址指本网段内(同一广播域)的所有主机。
127.0.0.1～127.255.255.254：
本机回环地址，主要用于测试。在传输介质上永远不应该出现目的地址为“127.0.0.1”的数据包。
224.0.0.0到239.255.255.255：
组播地址，224.0.0.1特指所有主机，224.0.0.2特指所有路由器。224.0.0.5指OSPF 路由器，地址多用于一些特定的程序以及多媒体程序。
169.254.x.x：
如果Windows主机使用了DHCP自动分配IP地址，而又无法从DHCP服务器获取地址，系统会为主机分配这样地址。

1.5 保留地址

主机位是全0或全1

范例:

172.16.0.0 网络中的两个地址：172.16.0.0和172.16.255.255

1.6 子网掩码

CIDR：无类域间路由，目前的网络已不再按A，B，C类划分网段，可以任意指定网段的范围。

CIDR 无类域间路由表示法：IP/网络ID位数，如：172.16.0.100/16

netmask子网掩码：32位或128位（IPv6）的数字，和IP成对使用，用来确认IP地址中的网络ID和主机ID，对应网络ID的位为1，对应主机ID的位为0。

范例:255.255.255.0 ，表现为连续的高位为1，连续的低位为0

子网掩码的八位

相关公式：

一个网络的最多的主机数＝2^主机ID位数-2
网络（段）数=2^网络ID中可变的位数
网络ID=IP与netmask

范例:

netmask: 255.255.224.0，即网络ID位是19，那么主机ID位是13，主机数=2^13-2=8190

判断对方主机是否在同一个网段

用自已的子网掩码分别和自已的IP及对方的IP相与，比较结果，相同则同一网络，不同则不同网段。

范例：判断A和B是否在网一个网段

A: 192.168.1.100 netmask:255.255.255.0B: 192.168.2.100 netmask:255.255.0.01）用A主机子网掩码分别与A及B的IP与A主机网络地址11000000.10101000.00000001.01100100与A主机子网掩码11111111.11111111.11111111.00000000得           11000000.10101000.00000001.00000000即192.168.1.0B主机网络地址11000000.10101000.00000010.01100100与A主机子网掩码11111111.11111111.11111111.00000000得           11000000.10101000.00000010.00000000即192.168.2.0192.168.1.0<>192.168.2.0，所以A和B不在同一网段2）用B主机子网掩码分别与A及B的IP与A主机网络地址11000000.10101000.00000001.01100100与B主机子网掩码11111111.11111111.00000000.00000000得           11000000.10101000.00000000.00000000即192.168.0.0B主机网络地址11000000.10101000.00000010.01100100与B主机子网掩码11111111.11111111.00000000.00000000得           11000000.10101000.00000000.00000000即192.168.0.0192.168.0.0<>192.168.0.0，所以A和B在同一网段通过以上比较判断，两次的结果不一致，A和B是无法通讯的。

范例：计算网络ID、主机数

1）主机IP：172.16.1.100/28#此主机所在的网段最多有多少主机?    #主机数=2^主机ID位数-2，即2^(32-28)-2=14#网络ID? IP和子网掩码相与，172.16.1.96    #即IP地址和子网掩码都转换成二进制后相与的结果    172.16.1.100转换成二进制是：10101100.00010000.00000001.01100100     28位子网掩码转换成二进制是: 11111111.11111111.11111111.11110000     相与的结果是：             10101100.00010000.00000001.01100000     即：                      172.16.1.96#此网段的主机中最小的IP：主机位是0001，即172.16.1.0110 0001，转换成十进制是：172.16.1.97#此网段的主机中最大的IP：主机位是1110，即172.16.1.0110 1110，转换成十进制是：172.16.1.1102）主机IP：203.110.228.200/26#主机数：2^(32-26)-2=62#网络ID：因26=24+2，所以前3位不变203.110.228，最后一位11001000和掩码11000000相与，即11000000=192，所以网络ID就是203.110.228.192#此网段的主机中最小的IP：主机位是00 0001，即203.110.228.1100 0001，转换成十进制是：203.110.228.193#此网段的主机中最大的IP：主机位是00 1110，即203.110.228.1111 1110，转换成十进制是：203.110.228.254

1.7 划分子网

划分子网：将一个大的网络（主机数多）划分成多个小的网络（主机数少），主机ID位数变少，网络ID位数变多，网络ID位向主机ID位借位。

范例：

1、把10.0.0.0/8网段划分为2个子网#首先需要向主机ID借位，因为是2个子网，所以借1位就可以了10.0    0000000.0.0/8   10.0.0.1~10.255.255.254#网络ID向主机ID借1位，划分了2^1=2个子网10.0    0000000.0.010.1    0000000.0.0第一个子网：10.0.0.0/9    主机数：2^23-2第二个子网：10.128.0.0/9  主机数：2^23-22、把10.0.0.0/8网段划分为4个子网#网络ID需向主机ID借2位，划分2^2=4个子网10.00   000000.0.010.01   000000.0.010.10   000000.0.010.11   000000.0.0第一个子网：10.0.0.0/10     主机数：2^22-2第二个子网：10.64.0.0/10    主机数：都同上第三个子网：10.128.0.0/10第四个子网：10.192.0.0/10

范例：

中国移动10.0.0.0/8 给32个各省公司划分对应的子网1）每个省公司的子网的netmask？32个分公司，需要至少32个子网，因为2^5=32，所以需要借5位主机的ID。即网络位就是8+5=13子网掩码就是：11111111.11111000.0.0即255.248.0.02）每个省公司的子网的主机数有多少？2^(32-13)-2=5242863）河南省得到第10个子网，网络ID是多少？因为10.00000 000.0.0/13是第1个子网，所以第10个子网就是10.01001 000.0.0/13，转换成二进制就是10.72.0.0/134）河南省得到第10个子网的最小IP和最大的IP？最小IP地址：10.01001 000.0.1，即10.72.0.1最大IP地址：10.01001 111.11111111.11111110，即10.79.255.2545）所有子网中最小和最大的子网的netid？最小的网络ID：10.00000 000.0.0/13，即10.0.0.0/13最大的网络ID：10.11111 000.0.0/13，即10.248.0.0/13

范例：

中国移动10.0.0.0/8 给32个各省公司划分对应的子网，河南省得到第10个子网，再给省内的16个地市划分子网。#由上例得知，河南省得到的第10个子网的网络ID是10.01001 000.0.0/13，即10.72.0.0/13#省内需再划分16个子网，即再从主机ID借4位，那网络ID就是171）每个市公司的子网的netmask？#网络ID是17，所以子网掩码是255.255.128.02）每个市公司的子网的主机数有多少？2^(32-17)-2=327663）各地市的最小netid和最大的netid？最小的网络ID：10.01001 000.0 0000000.0，即10.72.0.0/17最大的网络ID：10.01001 111.1 0000000.0，即10.79.128.0/174）洛阳市第2个子网，最小IP和最大IP？第一个子网是10.01001 000.0 0000000.0，即10.72.0.0/17第二个子网是10.01001 000.1 0000000.0，即10.72.128.0/17第3~16个子网是：10.73.0.0/1710.73.128.010.74.0.010.74.128.010.75.0.010.75.128.010.76.0.010.76.128.010.77.0.010.77.128.010.78.0.010.78.128.010.79.0.010.79.128.0洛阳第二个子网，最小IP和最大IP最小IP：10.01001 000.1 0000000.00000001，即10.72.128.1/17最大IP：10.01001 000.1 1111111.11111110，即10.72.255.254/17

1.8 优化IP地址分配

合并超网：将多个小网络合并成一个大网，主机ID位向网络ID位借位，实现路由表的优化，可以一条命令覆盖几个小网段。

范例：

有8条路由记录，分别是220.78.168.0/24220.78.169.0/24220.78.170.0/24220.78.171.0/24220.78.172.0/24220.78.173.0/24220.78.174.0/24220.78.175.0/24合并成一个大网，主机ID向网络ID借位，需要转换成二进制220.78.10101 000.0220.78.10101 001.0220.78.10101 010.0220.78.10101 011.0202.78.10101 100.0202.78.10101 101.0202.78.10101 110.0202.78.10101 111.0可以看到168~175的前5位二进制相同，所以需要借5位给网络ID网络ID：202.78.10101 000.0/21，即202.78.168.0/21

2、IP配置方法

2.1 网络配置方式

静态IP地址配置方法:

ifconfig命令
ip命令
system-config-network-tui，setup
添加配置文件
动态分配：DHCP: Dynamic Host Configuration Protocol

2.2 ifconfig命令

来自于net-tools包，建议使用 ip 代替

[root@repo-client ~]# rpm -qi net-toolsName        : net-toolsVersion     : 2.0Release     : 0.25.20131004git.el7Architecture: x86_64Install Date: Sat 19 Dec 2020 08:05:53 PM CSTGroup       : System Environment/BaseSize        : 938978License     : GPLv2+Signature   : RSA/SHA256, Fri 23 Aug 2019 05:36:04 AM CST, Key ID 24c6a8a7f4a80eb5Source RPM  : net-tools-2.0-0.25.20131004git.el7.src.rpmBuild Date  : Fri 09 Aug 2019 09:10:26 AM CSTBuild Host  : x86-02.bsys.centos.orgRelocations : (not relocatable)Packager    : CentOS BuildSystem <http://bugs.centos.org>Vendor      : CentOSURL         : http://sourceforge.net/projects/net-tools/Summary     : Basic networking toolsDescription :The net-tools package contains basic networking tools,including ifconfig, netstat, route, and others.Most of them are obsolete. For replacement check iproute package.

常用选项：

ifconfig [interface]ifconfig -aifconfig IFACE [up|down]ifconfig interface [aftype] options | address ...ifconfig IFACE IP/netmask [up]ifconfig IFACE IP netmask NETMASK

范例：

[root@repo-client ~]# ifconfig eth0eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500        inet 192.168.100.11  netmask 255.255.255.0  broadcast 192.168.100.255        inet6 fe80::20c:29ff:feca:8ca2  prefixlen 64  scopeid 0x20<link>        ether 00:0c:29:ca:8c:a2  txqueuelen 1000  (Ethernet)        RX packets 207  bytes 20062 (19.5 KiB)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 165  bytes 24380 (23.8 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0[root@repo-client ~]# ifconfig -aeth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500        inet 192.168.100.11  netmask 255.255.255.0  broadcast 192.168.100.255        inet6 fe80::20c:29ff:feca:8ca2  prefixlen 64  scopeid 0x20<link>        ether 00:0c:29:ca:8c:a2  txqueuelen 1000  (Ethernet)        RX packets 257  bytes 24070 (23.5 KiB)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 192  bytes 27358 (26.7 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500        ether 00:50:56:22:6f:2a  txqueuelen 1000  (Ethernet)        RX packets 0  bytes 0 (0.0 B)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 59  bytes 9494 (9.2 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536        inet 127.0.0.1  netmask 255.0.0.0        inet6 ::1  prefixlen 128  scopeid 0x10<host>        loop  txqueuelen 1000  (Local Loopback)        RX packets 0  bytes 0 (0.0 B)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 0  bytes 0 (0.0 B)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0#添加ip地址[root@repo-client ~]# ifconfig eth1 172.16.0.11 netmask 255.255.0.0[root@repo-client ~]# ifconfig eth1eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500        inet 172.16.0.11  netmask 255.255.0.0  broadcast 172.16.255.255        ether 00:50:56:22:6f:2a  txqueuelen 1000  (Ethernet)        RX packets 0  bytes 0 (0.0 B)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 59  bytes 9494 (9.2 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0#清除eth1上的ip地址[root@repo-client ~]# ifconfig eth1 0.0.0.0[root@repo-client ~]# ifconfig eth1eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500        ether 00:50:56:22:6f:2a  txqueuelen 1000  (Ethernet)        RX packets 0  bytes 0 (0.0 B)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 59  bytes 9494 (9.2 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0#禁用eth1[root@repo-client ~]# ifconfig eth1 172.16.0.11/16[root@repo-client ~]# ifconfig eth1eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500      ##UP状态        inet 172.16.0.11  netmask 255.255.0.0  broadcast 172.16.255.255        ether 00:50:56:22:6f:2a  txqueuelen 1000  (Ethernet)        RX packets 0  bytes 0 (0.0 B)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 59  bytes 9494 (9.2 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0[root@repo-client ~]# ifconfig eth1 down[root@repo-client ~]# ifconfig eth1             eth1: flags=4098<BROADCAST,MULTICAST>  mtu 1500         #禁用，无UP        inet 172.16.0.11  netmask 255.255.0.0  broadcast 172.16.255.255        ether 00:50:56:22:6f:2a  txqueuelen 1000  (Ethernet)        RX packets 0  bytes 0 (0.0 B)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 59  bytes 9494 (9.2 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0#启用[root@repo-client ~]# ifconfig eth1 up[root@repo-client ~]# ifconfig eth1eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500        inet 172.16.0.11  netmask 255.255.0.0  broadcast 172.16.255.255        ether 00:50:56:22:6f:2a  txqueuelen 1000  (Ethernet)        RX packets 0  bytes 0 (0.0 B)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 59  bytes 9494 (9.2 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0#对一个网卡设置多个IP地址[root@repo-client ~]# ifconfig eth1:1 192.168.0.11/24[root@repo-client ~]# ifconfig eth1:1eth1:1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500        inet 192.168.0.11  netmask 255.255.255.0  broadcast 192.168.0.255        ether 00:50:56:22:6f:2a  txqueuelen 1000  (Ethernet)[root@repo-client ~]# ifconfig eth1:aaa 192.168.0.111/24    #可以用字符，一般用数字表示[root@repo-client ~]# ifconfigeth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500        inet 192.168.100.11  netmask 255.255.255.0  broadcast 192.168.100.255        inet6 fe80::20c:29ff:feca:8ca2  prefixlen 64  scopeid 0x20<link>        ether 00:0c:29:ca:8c:a2  txqueuelen 1000  (Ethernet)        RX packets 1054  bytes 90065 (87.9 KiB)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 649  bytes 73792 (72.0 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500        inet 172.16.0.11  netmask 255.255.0.0  broadcast 172.16.255.255        ether 00:50:56:22:6f:2a  txqueuelen 1000  (Ethernet)        RX packets 0  bytes 0 (0.0 B)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 59  bytes 9494 (9.2 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0eth1:1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500        inet 192.168.0.11  netmask 255.255.255.0  broadcast 192.168.0.255        ether 00:50:56:22:6f:2a  txqueuelen 1000  (Ethernet)eth1:aaa: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500        inet 192.168.0.111  netmask 255.255.255.0  broadcast 192.168.0.255        ether 00:50:56:22:6f:2a  txqueuelen 1000  (Ethernet)[root@repo-client ~]# ifconfig eth1:aaa down[root@repo-client ~]# ifconfig eth1:1 down

范例：

#统计当前网卡的流量[root@repo-client ~]# ifconfig -sIface      MTU    RX-OK RX-ERR RX-DRP RX-OVR    TX-OK TX-ERR TX-DRP TX-OVR Flgeth0             1500     1255      0      0 0           766      0      0      0 BMRUeth1             1500        0      0      0 0            59      0      0      0 BMRUlo              65536        0      0      0 0             0      0      0      0 LRU#监控当前网卡流量的变化（每秒）[root@repo-client ~]# watch -n1 ifconfig -s     Iface      MTU    RX-OK RX-ERR RX-DRP RX-OVR    TX-OK TX-ERR TX-DRP TX-OVR Flgeth0             1500     1331      0      0 0           818      0      0      0 BMRUeth1             1500        0      0      0 0            59      0      0      0 BMRUlo              65536        0      0      0 0             0      0      0      0 LRU

2.3 ip命令

来自于iproute包，可用于代替ifconfig

2.3.1 配置Linux网络属性

ip命令格式：

ip [ OPTIONS ] OBJECT { COMMAND | help }

ip 命令说明：

OBJECT := { link | addr | route }ip link - network device configurationip link set [dev IFACE] [up|down]   #可设置属性，激活或禁用指定接口，相当于 ifup/ifdownip link show [dev IFACE] [up]       #指定接口，up仅显示处于激活状态的接口

ip 地址管理：

ip addr { add | del } IFADDR dev STRING [label LABEL] [scope {global|link|host}][broadcast ADDRESS][label LABEL]               #添加地址时指明网卡别名[scope {global|link|host}]  #指明作用域，global全局可用；link仅链接可用；host本机可用[broadcast ADDRESS]         #指明广播地址ip address show             #同 ip aip addr flush               #清除网络地址

范例：

#禁用网卡[root@repo-client ~]# ip link set eth1 down[root@repo-client ~]# ip a |grep eth13: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000    inet 172.16.0.11/16 brd 172.16.255.255 scope global eth1#网卡改名并启用[root@repo-client ~]# ip link set eth1 up[root@repo-client ~]# ip link set eth1 name wangnet     #网卡使用时不能改名RTNETLINK answers: Device or resource busy[root@repo-client ~]# ip link set eth1 down[root@repo-client ~]# ip link set eth1 name wangnet     #eth1 down后，就能修改名字了[root@repo-client ~]# ip link set eth1 upCannot find device "eth1"[root@repo-client ~]# ip link set wangnet up            #使用修改后的名字[root@repo-client ~]# ip a |grep wangnet3: wangnet: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000    inet 172.16.0.11/16 brd 172.16.255.255 scope global wangnet#网卡别名#添加网卡别名[root@repo-client ~]# ip addr add 172.16.100.100/16 dev eth0 label eth0:0[root@repo-client ~]# ip a |grep eth02: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000    inet 192.168.100.11/24 brd 192.168.100.255 scope global noprefixroute eth0    inet 172.16.100.100/16 scope global eth0:0#删除网卡别名[root@repo-client ~]# ip addr del 172.16.100.100/16Not enough information: "dev" argument is required.[root@repo-client ~]# ip addr del 172.16.100.100/16 dev eth0[root@repo-client ~]# ip a |grep eth02: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000    inet 192.168.100.11/24 brd 192.168.100.255 scope global noprefixroute eth0[root@repo-client ~]##清除网络地址[root@repo-client ~]# ip a|grep wangnet3: wangnet: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000    inet 172.16.0.11/16 brd 172.16.255.255 scope global wangnet[root@repo-client ~]# ip a flush dev wangnet[root@repo-client ~]# ip a|grep wangnet3: wangnet: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000[root@repo-client ~]#

ip route：

常用选项：

ip route { list | flush } SELECTORip route { add | del | change | append | replace } ROUTEip route add TARGET via GW dev IFACE src SOURCE_IPTARGET:主机路由：IP网络路由：NETWORK/MASK

范例：

#添加ip地址[root@repo-client ~]# ip a a 172.16.0.11/16 dev wangnet[root@repo-client ~]# ip a1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00    inet 127.0.0.1/8 scope host lo       valid_lft forever preferred_lft forever    inet6 ::1/128 scope host       valid_lft forever preferred_lft forever2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000    link/ether 00:0c:29:ca:8c:a2 brd ff:ff:ff:ff:ff:ff    inet 192.168.100.11/24 brd 192.168.100.255 scope global noprefixroute eth0       valid_lft forever preferred_lft forever3: wangnet: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000    link/ether 00:50:56:22:6f:2a brd ff:ff:ff:ff:ff:ff    inet 172.16.0.11/16 scope global wangnet       valid_lft forever preferred_lft forever#查看路由[root@repo-client ~]# ip routedefault via 192.168.100.2 dev eth0 proto static metric 100172.16.0.0/16 dev wangnet proto kernel scope link src 172.16.0.11192.168.100.0/24 dev eth0 proto kernel scope link src 192.168.100.11 metric 100#增加一条路由[root@repo-client ~]# ip route add default via 172.16.0.1 dev wangnet[root@repo-client ~]# ip routedefault via 172.16.0.1 dev wangnetdefault via 192.168.100.2 dev eth0 proto static metric 100172.16.0.0/16 dev wangnet proto kernel scope link src 172.16.0.11192.168.100.0/24 dev eth0 proto kernel scope link src 192.168.100.11 metric 100[root@repo-client ~]# route -nKernel IP routing tableDestination     Gateway         Genmask         Flags Metric Ref    Use Iface0.0.0.0         172.16.0.1      0.0.0.0         UG    0      0        0 wangnet0.0.0.0         192.168.100.2   0.0.0.0         UG    100    0        0 eth0172.16.0.0      0.0.0.0         255.255.0.0     U     0      0        0 wangnet192.168.100.0   0.0.0.0         255.255.255.0   U     100    0        0 eth0#删除路由[root@repo-client ~]# ip route del default via 172.16.0.1[root@repo-client ~]# route -nKernel IP routing tableDestination     Gateway         Genmask         Flags Metric Ref    Use Iface0.0.0.0         192.168.100.2   0.0.0.0         UG    100    0        0 eth0172.16.0.0      0.0.0.0         255.255.0.0     U     0      0        0 wangnet192.168.100.0   0.0.0.0         255.255.255.0   U     100    0        0 eth0[root@repo-client ~]# ip route showdefault via 192.168.100.2 dev eth0 proto static metric 100172.16.0.0/16 dev wangnet proto kernel scope link src 172.16.0.11192.168.100.0/24 dev eth0 proto kernel scope link src 192.168.100.11 metric 100#清空wangnet的路由表[root@repo-client ~]# ip route flush dev wangnet[root@repo-client ~]# ip route showdefault via 192.168.100.2 dev eth0 proto static metric 100192.168.100.0/24 dev eth0 proto kernel scope link src 192.168.100.11 metric 100[root@repo-client ~]##添加路由[root@repo-client ~]# ip route add 1.1.1.0/24 via 172.16.0.11 dev wangnet proto static metric 100[root@repo-client ~]# ip route showdefault via 192.168.100.2 dev eth0 proto static metric 1001.1.1.0/24 via 172.16.0.11 dev wangnet proto static metric 100192.168.100.0/24 dev eth0 proto kernel scope link src 192.168.100.11 metric 100[root@repo-client ~]# route -nKernel IP routing tableDestination     Gateway         Genmask         Flags Metric Ref    Use Iface0.0.0.0         192.168.100.2   0.0.0.0         UG    100    0        0 eth01.1.1.0         172.16.0.11     255.255.255.0   UG    100    0        0 wangnet192.168.100.0   0.0.0.0         255.255.255.0   U     100    0        0 eth0[root@repo-client ~]# ip route del 1.1.1.0/24[root@repo-client ~]# route -nKernel IP routing tableDestination     Gateway         Genmask         Flags Metric Ref    Use Iface0.0.0.0         192.168.100.2   0.0.0.0         UG    100    0        0 eth0192.168.100.0   0.0.0.0         255.255.255.0   U     100    0        0 eth0[root@repo-client ~]# ip route showdefault via 192.168.100.2 dev eth0 proto static metric 100192.168.100.0/24 dev eth0 proto kernel scope link src 192.168.100.11 metric 100[root@repo-client ~]#

2.4 网络配置文件

2.4.1 网络基本配置文件

IP、MASK、GW、DNS相关的配置文件路径：

/etc/sysconfig/network-scripts/ifcfg-IFACE

说明参考：

/usr/share/doc/initcripts-*/sysconfig.txt

常用配置：

设置	说明
***TYPE	接口类型常见有的Ethernet, Bridge
***NAME	此配置文件应用到的设备，nmcli c中显示的name名称
***DEVICE	设备名
HWADDR	对应的设备的MAC地址
UUID	设备的惟一标识
***BOOTPROTO	激活此设备时使用的地址配置协议，常用的dhcp, static, none, bootp
***IPADDR	指明IP地址
***NETMASK	子网掩码,如:255.255.255.0
***PREFIX	网络ID的位数, 如:24
***GATEWAY	默认网关
***DNS1	第一个DNS服务器地址
DNS2	第二个DNS服务器地址
DOMAIN	主机不完整时，自动搜索的域名后缀
***ONBOOT	在系统引导时是否激活此设备
USERCTL	普通用户是否可控制此设备
PEERDNS	如果BOOTPROTO的值为“dhcp”，YES将允许dhcp server分配的<br>dns服务器信息直接覆盖至/etc/resolv.conf文件，NO不允许修改resolv.conf
NM_CONTROLLED	NM是NetworkManager的简写，此网卡是否接受NM控制

2.4.2 配置当前主机的主机名

#centos6系统之前版本/etc/sysconfig/networkHOSTNAME=#centos7系统以后版本/etc/hostnameHOSTNAMEhostnamectl set-hostname centos7.magedu.com     #直接修改主机名并生效

2.4.3 本地主机名数据库和IP地址的映射

优先于使用DNS前检查

getent hosts        #查看/etc/hosts 内容[root@repo-client ~]# getent hosts127.0.0.1       localhost localhost.localdomain localhost4 localhost4.localdomain4127.0.0.1       localhost localhost.localdomain localhost6 localhost6.localdomain6192.168.100.12  repo-server172.16.100.11   moban172.16.100.21   lb01172.16.100.22   lb02172.16.100.31   web01172.16.100.32   web02172.16.100.33   web03172.16.100.41   db01 db01.etiantian.org172.16.100.51   backup172.16.100.61   nfs01172.16.100.10   m01

2.4.4 DNS域名解析

/etc/resolv.confnameserver DNS_SERVER_IP1nameserver DNS_SERVER_IP2nameserver DNS_SERVER_IP3search DOMAIN[root@repo-client ~]# cat /etc/resolv.conf# Generated by NetworkManagernameserver 192.168.100.2

2.4.5 修改 /etc/hosts和DNS的优先级

[root@repo-client ~]# cat /etc/nsswitch.conf |grep host#hosts:     db files nisplus nis dnshosts:      files dns myhostname

2.4.6 路由相关的配置文件

/etc/sysconfig/network-scripts/route-IFACE  #需手动创建这个文件，配置好后，重启能保存#两种风格：1) TARGET via GW    10.0.0.0/8 via 172.16.0.12) 每三行定义一条路由，比较繁琐，建议使用第一种ADDRESS#=TARGETNETMASK#=maskGATEWAY#=GW

2.5 网卡别名

将多个IP地址绑定到一个NIC上

每个IP绑定到独立逻辑网卡，即网络别名，命名格式： ethX:Y，如：eth0:1 、eth0:2、eth0:3

范例：ifconfig命令

ifconfig eth0:0 192.168.1.100/24 upifconfig eth0:0 down[root@repo-client ~]# ifconfig|grep eth0eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500[root@repo-client ~]# ifconfig eth0:0 176.16.100.11/16[root@repo-client ~]# ifconfig|grep eth0eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500eth0:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500[root@repo-client ~]# ifconfig eth0:0 down[root@repo-client ~]# ifconfig|grep eth0eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500

范例：ip 命令

ip addr add 172.16.1.1/16 dev eth0ip addr add 172.16.1.2/16 dev eth0 label eth0:0ip addr del 172.16.1.2/16 dev eth0 label eth0:0ip addr flush dev eth0 label eth0:0[root@repo-client ~]# ip addr add 172.16.1.100/16 dev eth0 label eth0:0[root@repo-client ~]# ifconfig|grep eth0eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500eth0:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500[root@repo-client ~]# ip a|grep eth02: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000    inet 192.168.100.11/24 brd 192.168.100.255 scope global noprefixroute eth0    inet 172.16.1.100/16 scope global eth0:0[root@repo-client ~]# ip addr del 172.16.1.100/16Not enough information: "dev" argument is required.[root@repo-client ~]# ip addr del 172.16.1.100/16 dev eth0[root@repo-client ~]# ip a|grep eth02: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000    inet 192.168.100.11/24 brd 192.168.100.255 scope global noprefixroute eth0[root@repo-client ~]# ip addr flush dev eth0    #清除eth0的ip地址

注：ip和ifconfig都是临时生效，重启后无法保存配置。

为每个设备别名生成独立的接口配置文件，格式为：ifcfg-ethX:xxx，保存后，重启也不丢失。

范例：配置eth0:1网卡别名的格式文件，别名中的IP地址只能是静态IP地址，不能使用DHCP服务器分配。

#配置文件[root@repo-client ~]# cd /etc/sysconfig/network-scripts/[root@repo-client network-scripts]# cat ifcfg-eth0:1DEVICE=eth0:1IPADDR=172.16.100.11PREFIX=16[root@repo-client network-scripts]# lsifcfg-eth0   ifcfg-eth0:1#配置后不会立即生效[root@repo-client network-scripts]# ip a|grep eth02: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000    inet 192.168.100.11/24 brd 192.168.100.255 scope global noprefixroute eth0#需要重新挂载eth0，才能生效[root@repo-client network-scripts]# nmcli c reload[root@repo-client network-scripts]# nmcli c up eth0Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/6)[root@repo-client network-scripts]# ip a|grep eth02: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000    inet 192.168.100.11/24 brd 192.168.100.255 scope global noprefixroute eth0    inet 172.16.100.11/16 brd 172.16.255.255 scope global noprefixroute eth0:1

注意：

建议 CentOS 6 关闭 NetworkManager 服务
网卡别名必须使用静态地址

3、使用配置文件实现bonding

3.1 多网卡 bonding

将多块网卡绑定同一IP地址对外提供服务，可以实现高可用或者负载均衡。直接给两块网卡设置同一IP地址是不可以的。通过 bonding，虚拟一块网卡对外提供连接，物理网卡的被修改为相同的MAC地址。

3.1.1 Bonding 工作模式

==Bonding共7种模式：0-6 Mode==

Mode 0 (balance-rr)：轮询（Round-robin）策略，从头到尾顺序的在每一个slave接口上面发送数据包。本模式提供负载均衡和容错的能力
Mode 1 (active-backup)：活动-备份（主备）策略，只有一个slave被激活，当且仅当活动的slave接口失败时才会激活其他slave.为了避免交换机发生混乱此时绑定的MAC地址只有一个外部端口上可见。
Mode 3 (broadcast)：广播策略，在所有的slave接口上传送所有的报文,提供容错能力。

说明：

active-backup、balance-tlb 和 balance-alb 模式不需要交换机的任何特殊配置。

其他绑定模式需要配置交换机以便整合链接。如：Cisco 交换机需要在模式 0、2 和 3 中使用 EtherChannel，但在模式4中需要 LACP和 EtherChannel。

3.1.2 创建bonding设备的配置文件

/etc/sysconfig/network-scripts/ifcfg-bond0TYPE=bondDEVICE=bond0BOOTPROTO=noneIPADDR=10.0.0.100PREFIX=8#miimon指定链路监测时间间隔。如果miimon=100，那么系统每100ms 监测一次链路连接状态，如果有一条线路不通就转入另一条线路BONDING_OPTS="mode=1 miimon=100"

查看bond0状态：

/proc/net/bonding/bond0

3.2 实例：bond mode=1模式

1、配置bond和其他两块网卡[root@centos8 network-scripts]# cat ifcfg-bond0 ifcfg-ens33 ifcfg-ens37TYPE=bondDEVICE=bond0BOOTPROTO=noneIPADDR=192.168.100.222PREFIX=24BONDING_OPTS="mode=1 miimon=100"DEVICE=ens33BOOTPROTO=noneMASTER=bond0SLAVE=yesONBOOT=yesDEVICE=ens37BOOTPROTO=noneMASTER=bond0SLAVE=yesONBOOT=yes[root@centos8 network-scripts]# reboot2、重启后，重新连接[root@centos8 ~]# ip a1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00    inet 127.0.0.1/8 scope host lo       valid_lft forever preferred_lft forever    inet6 ::1/128 scope host       valid_lft forever preferred_lft forever2: ens33: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc fq_codel master bond0 state UP group default qlen 1000    link/ether 00:0c:29:f9:bb:44 brd ff:ff:ff:ff:ff:ff3: ens37: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc fq_codel master bond0 state UP group default qlen 1000    link/ether 00:0c:29:f9:bb:44 brd ff:ff:ff:ff:ff:ff4: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000    link/ether 00:0c:29:f9:bb:44 brd ff:ff:ff:ff:ff:ff    inet 192.168.100.222/24 brd 192.168.100.255 scope global noprefixroute bond0       valid_lft forever preferred_lft forever    inet6 fe80::20c:29ff:fef9:bb44/64 scope link       valid_lft forever preferred_lft forever[root@centos8 ~]# nmcli cNAME          UUID                                  TYPE      DEVICEBond bond0    ad33d8b0-1f7b-cab9-9447-ba07f855b143  bond      bond0System ens33  c96bc909-188e-ec64-3a96-6a90982b08ad  ethernet  ens33System ens37  4a5516a4-dfa4-24af-b1c4-e843e312e2fd  ethernet  ens373、查看bond0状态[root@centos8 ~]# cat /proc/net/bonding/bond0Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)Bonding Mode: fault-tolerance (active-backup)Primary Slave: NoneCurrently Active Slave: ens33       #当前使用ens33MII Status: upMII Polling Interval (ms): 100Up Delay (ms): 0Down Delay (ms): 0Peer Notification Delay (ms): 0Slave Interface: ens33MII Status: upSpeed: 1000 MbpsDuplex: fullLink Failure Count: 0Permanent HW addr: 00:0c:29:f9:bb:44Slave queue ID: 0Slave Interface: ens37MII Status: upSpeed: 1000 MbpsDuplex: fullLink Failure Count: 0Permanent HW addr: 00:0c:29:f9:bb:4eSlave queue ID: 0#查看使用的mac地址[root@centos7 ~]# ping 192.168.100.222PING 192.168.100.222 (192.168.100.222) 56(84) bytes of data.64 bytes from 192.168.100.222: icmp_seq=1 ttl=64 time=0.321 ms64 bytes from 192.168.100.222: icmp_seq=2 ttl=64 time=0.610 ms64 bytes from 192.168.100.222: icmp_seq=3 ttl=64 time=0.371 ms64 bytes from 192.168.100.222: icmp_seq=4 ttl=64 time=0.454 ms64 bytes from 192.168.100.222: icmp_seq=5 ttl=64 time=1.29 ms[root@centos7 ~]# arp -nAddress                  HWtype  HWaddress           Flags Mask            Iface192.168.100.222          ether   00:0c:29:f9:bb:44   C                     eth04、拔掉ens33网线[root@centos8 ~]# cat /proc/net/bonding/bond0Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)Bonding Mode: fault-tolerance (active-backup)Primary Slave: NoneCurrently Active Slave: ens37       #使用第二块网卡MII Status: upMII Polling Interval (ms): 100Up Delay (ms): 0Down Delay (ms): 0Peer Notification Delay (ms): 0Slave Interface: ens33          #ens33网卡downMII Status: downSpeed: UnknownDuplex: UnknownLink Failure Count: 1Permanent HW addr: 00:0c:29:f9:bb:44Slave queue ID: 0Slave Interface: ens37MII Status: upSpeed: 1000 MbpsDuplex: fullLink Failure Count: 0Permanent HW addr: 00:0c:29:f9:bb:4eSlave queue ID: 0#查看网卡的状态，ethtool命令或mii-tool命令[root@centos8 ~]# ethtool ens33Settings for ens33:        Link detected: no[root@centos8 ~]# ethtool ens37Settings for ens37:        Link detected: yes

实例：mode=3模式

1、修改mode=3，即broadcast广播模式[root@centos8 network-scripts]# cat ifcfg-bond0TYPE=bondDEVICE=bond0BOOTPROTO=noneIPADDR=192.168.100.222PREFIX=24BONDING_OPTS="mode=3 miimon=100"#查看bond[root@centos8 ~]# cat /proc/net/bonding/bond0Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)Bonding Mode: fault-tolerance (broadcast)MII Status: upMII Polling Interval (ms): 100Up Delay (ms): 0Down Delay (ms): 0Peer Notification Delay (ms): 0Slave Interface: ens33MII Status: upSpeed: 1000 MbpsDuplex: fullLink Failure Count: 0Permanent HW addr: 00:0c:29:f9:bb:44Slave queue ID: 0Slave Interface: ens37MII Status: upSpeed: 1000 MbpsDuplex: fullLink Failure Count: 0Permanent HW addr: 00:0c:29:f9:bb:4eSlave queue ID: 0[root@centos8 ~]#2、测试，DUP，会收到2个一样的答复。好处是容错能力强。这两块网卡同时工作，提供一模一样的数据[root@repo-client ~]# ping 192.168.100.222PING 192.168.100.222 (192.168.100.222) 56(84) bytes of data.64 bytes from 192.168.100.222: icmp_seq=1 ttl=64 time=0.524 ms64 bytes from 192.168.100.222: icmp_seq=1 ttl=64 time=0.637 ms (DUP!)64 bytes from 192.168.100.222: icmp_seq=2 ttl=64 time=0.431 ms64 bytes from 192.168.100.222: icmp_seq=2 ttl=64 time=0.447 ms (DUP!)64 bytes from 192.168.100.222: icmp_seq=3 ttl=64 time=0.307 ms64 bytes from 192.168.100.222: icmp_seq=3 ttl=64 time=0.324 ms (DUP!)

实例：删除bond0

1）卸载bond0ifconfig bond0 downrmmod bonding   #同modprobe -r bonding2）删除ifcfg-bond0配置文件3）恢复eth0和eth1等的配置文件4）重启网络服务centos6：service network restartcentos7以上：nmcli c reload            nmcli c up eth0 eth1

4、使用nmcli实现bonding

4.1 nmcli命令

nmcli命令相关术语

设备即网络接口
连接是对网络接口的配置，一个网络接口可有多个连接配置，但同时只有一个连接配置生效

格式：

nmcli [ OPTIONS ] OBJECT { COMMAND | help }    device - show and manage network interfaces    nmcli device help    connection - start, stop, and manage network connections    nmcli connection help

修改IP地址等属性

nmcli connection modify IFACE [+|-]setting.property value    setting.property: ipv4.addresses ipv4.gateway ipv4.dns1 ipv4.method manual |auto

修改配置文件执行生效

nmcli con reloadnmcli con up con-name

nmcli命令对应ifcfg-*文件

nmcli con mod	ifcfg-* 文件
ipv4.method manual	BOOTPROTO=none
ipv4.method auto	BOOTPROTO=dhcp
ipv4.addresses 192.168.2.1/24	IPADDR=192.168.2.1 PREFIX=24
ipv4.gateway 172.16.0.200	GATEWAY=172.16.0.200
ipv4.dns 8.8.8.8	DNS0=8.8.8.8
ipv4.dns-search example.com	DOMAIN=example.com
ipv4.ignore-auto-dns true	PEERDNS=no
connection.autoconnect yes	ONBOOT=yes
connection.id eth0	NAME=eth0
connection.interface-name eth0	DEVICE=eth0
802-3-ethernet.mac-address . . .	HWADDR= . . .

范例：

#查看帮助nmcli con add help#使用nmcli配置网络nmcli con show#显示所有活动连接nmcli con show --active[root@centos7 ~]# nmcli c showNAME   UUID                                  TYPE      DEVICEens33  a91ee66a-f9e5-49f3-9be2-ec3d509b0e69  ethernet  ens33ens37  4a5516a4-dfa4-24af-b1c4-e843e312e2fd  ethernet  ens37[root@centos7 ~]# nmcli c down ens37    #down掉ens37Connection 'ens37' successfully deactivated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/2)[root@centos7 ~]# nmcli cNAME   UUID                                  TYPE      DEVICEens33  a91ee66a-f9e5-49f3-9be2-ec3d509b0e69  ethernet  ens33ens37  4a5516a4-dfa4-24af-b1c4-e843e312e2fd  ethernet  --[root@centos7 ~]# nmcli c show --active     #只显示活动的网卡NAME   UUID                                  TYPE      DEVICEens33  a91ee66a-f9e5-49f3-9be2-ec3d509b0e69  ethernet  ens33#显示网络连接配置的详细信息nmcli con show eth0#显示设备状态nmcli dev status[root@centos7 ~]# nmcli devDEVICE  TYPE      STATE         CONNECTIONens33   ethernet  connected     ens33ens37   ethernet  disconnected  --lo      loopback  unmanaged     --[root@centos7 ~]# nmcli dev statusDEVICE  TYPE      STATE         CONNECTIONens33   ethernet  connected     ens33ens37   ethernet  disconnected  --lo      loopback  unmanaged     --#显示网络接口属性nmcli dev show eth0[root@centos7 ~]# nmcli dev show ens33GENERAL.DEVICE:                         ens33GENERAL.TYPE:                           ethernetGENERAL.HWADDR:                         00:0C:29:21:F8:76GENERAL.MTU:                            1500GENERAL.STATE:                          100 (connected)GENERAL.CONNECTION:                     ens33GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveConnection/1WIRED-PROPERTIES.CARRIER:               onIP4.ADDRESS[1]:                         192.168.209.11/24IP4.GATEWAY:                            192.168.209.2IP4.ROUTE[1]:                           dst = 192.168.209.0/24, nh = 0.0.0.0, mt = 100IP4.ROUTE[2]:                           dst = 0.0.0.0/0, nh = 192.168.209.2, mt = 100IP4.DNS[1]:                             192.168.209.2IP6.ADDRESS[1]:                         fe80::9ed9:d4db:e410:64dd/64IP6.GATEWAY:                            --IP6.ROUTE[1]:                           dst = fe80::/64, nh = ::, mt = 100IP6.ROUTE[2]:                           dst = ff00::/8, nh = ::, mt = 256, table=255[root@centos7 ~]##创建新连接default，IP自动通过dhcp获取nmcli con add con-name default type Ethernet ifname eth0#删除指定的连接nmcli con del default[root@centos7 ~]# nmcli c del ens37Connection 'ens37' (4a5516a4-dfa4-24af-b1c4-e843e312e2fd) successfully deleted.[root@centos7 ~]# nmcli cNAME   UUID                                  TYPE      DEVICEens33  a91ee66a-f9e5-49f3-9be2-ec3d509b0e69  ethernet  ens33[root@centos7 ~]# ll /etc/sysconfig/network-scripts/ifcfg-  ifcfg-ens33  ifcfg-lo       ##ens37的配置文件也没有了#创建新连接static ，指定静态IP，不自动连接nmcti con add con-name static ifname eth0 autoconnect no type Ethernetipv4.addresses 172.25.X.10/24 ipv4.gateway 172.25.X.254#启用static连接配置nmcli con up static#启用default连接配置nmcli con up default#修改连接设置nmcli con mod “static” connection.autoconnect nonmcli con mod “static” ipv4.dns 172.25.X.254nmcli con mod “static” +ipv4.dns 8.8.8.8nmcli con mod “static” -ipv4.dns 8.8.8.8nmcli con mod “static” ipv4.addresses “172.16.X.10/24 172.16.X.254”nmcli con mod “static” +ipv4.addresses 10.10.10.10/16#DNS设置存放在/etc/resolv.conf，PEERDNS=no 表示当IP通过dhcp自动获取时，dns仍是手动设置，不自动获取等价于下面命令nmcli con mod “system eth0” ipv4.ignore-auto-dns yes

4.2 nmcli实现bonding

常用命令：

#添加bonding接口nmcli con add type bond con-name mybond0 ifname bond0 mode active-backup#添加从属接口nmcli con add type bond-slave ifname ens7 master bond0nmcli con add type bond-slave ifname ens3 master bond0#注：如无为从属接口提供连接名，则该名称是接口名称加类型构成#要启动绑定，则必须首先启动从属接口nmcli con up bond-slave-eth0nmcli con up bond-slave-eth1#启动绑定nmcli con up mybond0

实例：使用nmcli实现bonding

#1）初始化两块网卡及原ip地址信息[root@centos7 network-scripts]# ip a1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00    inet 127.0.0.1/8 scope host lo       valid_lft forever preferred_lft forever    inet6 ::1/128 scope host       valid_lft forever preferred_lft forever2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000    link/ether 00:0c:29:21:f8:76 brd ff:ff:ff:ff:ff:ff    inet 192.168.209.11/24 brd 192.168.209.255 scope global noprefixroute ens33       valid_lft forever preferred_lft forever    inet6 fe80::9ed9:d4db:e410:64dd/64 scope link noprefixroute       valid_lft forever preferred_lft forever3: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000    link/ether 00:0c:29:21:f8:80 brd ff:ff:ff:ff:ff:ff[root@centos7 network-scripts]# nmcli cNAME   UUID                                  TYPE      DEVICEens33  a91ee66a-f9e5-49f3-9be2-ec3d509b0e69  ethernet  ens33#2）添加bond0接口，bond模式为mode1（active-backup）[root@centos7 network-scripts]# nmcli con add type bond con-name mybond0 ifname bond0 mode active-backupConnection 'mybond0' (0240cad5-db79-4832-96f1-398cf3a9633c) successfully added.[root@centos7 network-scripts]# ls ifcfg*ifcfg-ens33  ifcfg-lo  ifcfg-mybond0#3）添加ens33和ens37为bond0的从属接口[root@centos7 network-scripts]# nmcli con add type bond-slave ifname ens37 master bond0Connection 'bond-slave-ens37' (60e13f31-5f0d-45b5-93ac-18a1e24ec175) successfully added.[root@centos7 network-scripts]# nmcli con add type bond-slave ifname ens33 master bond0Connection 'bond-slave-ens33' (069c01fc-d7cb-44a9-8ea7-5ae3a5e14d69) successfully added.[root@centos7 network-scripts]# nmcli cNAME              UUID                                  TYPE      DEVICEmybond0           0240cad5-db79-4832-96f1-398cf3a9633c  bond      bond0ens33             a91ee66a-f9e5-49f3-9be2-ec3d509b0e69  ethernet  ens33bond-slave-ens37  60e13f31-5f0d-45b5-93ac-18a1e24ec175  ethernet  ens37bond-slave-ens33  069c01fc-d7cb-44a9-8ea7-5ae3a5e14d69  ethernet  --#4）启用从属接口[root@centos7 network-scripts]# nmcli con up bond-slave-ens33Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/11)[root@centos7 network-scripts]# nmcli con up bond-slave-ens37Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/15)[root@centos7 network-scripts]# ip a6: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000    link/ether 00:0c:29:21:f8:80 brd ff:ff:ff:ff:ff:ff    inet6 fe80::6147:711:da31:1859/64 scope link noprefixroute       valid_lft forever preferred_lft forever#5）bond0设置ip地址等信息[root@centos7 network-scripts]# nmcli con mod mybond0 ipv4.addresses 192.168.209.12/24 ipv4.gateway 192.168.209.2 ipv4.dns 223.6.6.6 ipv4.method manual[root@centos7 network-scripts]# cat ifcfg-mybond0BONDING_OPTS=mode=active-backupTYPE=BondBONDING_MASTER=yesPROXY_METHOD=noneBROWSER_ONLY=noBOOTPROTO=noneDEFROUTE=yesIPV4_FAILURE_FATAL=noIPV6INIT=yesIPV6_AUTOCONF=yesIPV6_DEFROUTE=yesIPV6_FAILURE_FATAL=noIPV6_ADDR_GEN_MODE=stable-privacyNAME=mybond0UUID=0240cad5-db79-4832-96f1-398cf3a9633cDEVICE=bond0ONBOOT=yesIPADDR=192.168.209.12PREFIX=24GATEWAY=192.168.209.2DNS1=223.6.6.6[root@centos7 network-scripts]# nmcli cNAME              UUID                                  TYPE      DEVICEens33             a91ee66a-f9e5-49f3-9be2-ec3d509b0e69  ethernet  ens33mybond0           0240cad5-db79-4832-96f1-398cf3a9633c  bond      bond0bond-slave-ens37  60e13f31-5f0d-45b5-93ac-18a1e24ec175  ethernet  ens37bond-slave-ens33  069c01fc-d7cb-44a9-8ea7-5ae3a5e14d69  ethernet  --#6）启用bond-slave-ens33，并删除ens33接口[root@centos7 network-scripts]# nmcli c up bond-slave-ens33[root@centos7 ~]# nmcli c del ens33[root@centos7 ~]# nmcli cNAME              UUID                                  TYPE      DEVICEmybond0           0240cad5-db79-4832-96f1-398cf3a9633c  bond      bond0bond-slave-ens33  069c01fc-d7cb-44a9-8ea7-5ae3a5e14d69  ethernet  ens33bond-slave-ens37  60e13f31-5f0d-45b5-93ac-18a1e24ec175  ethernet  ens37[root@centos7 ~]# reboot[root@centos7 ~]# ip a1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00    inet 127.0.0.1/8 scope host lo       valid_lft forever preferred_lft forever    inet6 ::1/128 scope host       valid_lft forever preferred_lft forever2: ens33: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master bond0 state UP group default qlen 1000    link/ether 00:0c:29:21:f8:76 brd ff:ff:ff:ff:ff:ff3: ens37: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master bond0 state UP group default qlen 1000    link/ether 00:0c:29:21:f8:76 brd ff:ff:ff:ff:ff:ff4: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000    link/ether 00:0c:29:21:f8:76 brd ff:ff:ff:ff:ff:ff    inet 192.168.209.12/24 brd 192.168.209.255 scope global noprefixroute bond0       valid_lft forever preferred_lft forever    inet6 fe80::6147:711:da31:1859/64 scope link noprefixroute       valid_lft forever preferred_lft forever#7）查看bond0状态，首选是ens33网卡，ens37备用[root@centos7 ~]# cat /proc/net/bonding/bond0Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)Bonding Mode: fault-tolerance (active-backup)Primary Slave: NoneCurrently Active Slave: ens33MII Status: upMII Polling Interval (ms): 100Up Delay (ms): 0Down Delay (ms): 0Slave Interface: ens33MII Status: upSpeed: 1000 MbpsDuplex: fullLink Failure Count: 0Permanent HW addr: 00:0c:29:21:f8:76Slave queue ID: 0Slave Interface: ens37MII Status: upSpeed: 1000 MbpsDuplex: fullLink Failure Count: 0Permanent HW addr: 00:0c:29:21:f8:80Slave queue ID: 0#8）测试，断掉ens33网卡，就使用第二块网卡Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)Bonding Mode: fault-tolerance (active-backup)Primary Slave: NoneCurrently Active Slave: ens37       #使用第二块网卡MII Status: upMII Polling Interval (ms): 100Up Delay (ms): 0Down Delay (ms): 0Peer Notification Delay (ms): 0Slave Interface: ens33          #ens33网卡downMII Status: downSpeed: UnknownDuplex: UnknownLink Failure Count: 1Permanent HW addr: 00:0c:29:f9:bb:44Slave queue ID: 0Slave Interface: ens37MII Status: upSpeed: 1000 MbpsDuplex: fullLink Failure Count: 0Permanent HW addr: 00:0c:29:f9:bb:4eSlave queue ID: 0

IP地址分类及网络配置方法和多网卡绑定技术应用