编译自官方文档
环境:Ubuntu 16.04 TLS
先说测试的结果,从配置文件修改IP地址,重启网络服务,新配置的IP地址从 ifconfig 命令的输出看不到,看到IP地址没有变化,还是老的IP地址。那配置为什么没有生效呢,别急,使用 ip addr 可以看到新配置的IP,而且新的IP地址和老的IP地址都在,不过reboot后,老的IP地址就没有了。这个跟 CentOS 是不一样的,可能是 Ubuntu 的一个机制吧。
1.网卡配置
1.1, 以太网接口命名:enp0s3,..
lshw 查看网卡信息:
guli@guli-Ubuntu1:~$ lshw -c network
WARNING: you should run this program as super-user.
*-network
description: Ethernet interface
product: 82540EM Gigabit Ethernet Controller
vendor: Intel Corporation
physical id: 3
bus info: pci@0000:00:03.0
logical name: enp0s3
version: 02
serial: 08:00:27:5b:d8:f0
size: 1Gbit/s
capacity: 1Gbit/s
width: 32 bits
clock: 66MHz
capabilities: bus_master cap_list ethernet physical tp 10bt 10bt-fd 100bt 100bt-fd 1000bt-fd autonegotiation
configuration: autonegotiation=on broadcast=yes driver=e1000 driverversion=7.3.21-k8-NAPI duplex=full ip=192.168.5.132 latency=64 link=yes mingnt=255 multicast=yes port=twisted pair speed=1Gbit/s
resources: irq:10 memory:f0000000-f001ffff ioport:d010(size=8)
WARNING: output may be incomplete or inaccurate, you should run this program as super-user.
1.2,网卡逻辑名 enp0s3
在 /etc/udev/rules.d/70-persistent-net.rules 中进行配置。
1.3,配置网卡的工具 ethtool
sudo apt-get install ethtool
查看 enp0s3 信息:
$ ethtool enp0s3
Settings for enp0s3:
Supported ports: [ TP ]
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Supported pause frame use: No
Supports auto-negotiation: Yes
Advertised link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Advertised pause frame use: No
Advertised auto-negotiation: Yes
Speed: 1000Mb/s
Duplex: Full
Port: Twisted Pair
PHYAD: 0
Transceiver: internal
Auto-negotiation: on
MDI-X: off (auto)
Cannot get wake-on-lan settings: Operation not permitted
Current message level: 0x00000007 (7)
drv probe link
Link detected: yes
ethtool 的修改临时生效,重启后丢失,持久生效的配置,在 /etc/network/interfaces 中配置,
如:pre-up ethtool ...
auto eth0
iface eth0 inet static
pre-up /sbin/ethtool -s eth0 speed 1000 duplex full
注,以上虽然配置为 static 模式,但其实不是决定性的,如果有 DHCP 开启,也会收到影响。
2,IP地址设置
本节讲述IP地址和默认网关的配置
2.1 临时IP地址分配
ip, ifconfig, route 等命令的配置临时生效,重启后丢失。
sudo ifconfig eth0 10.0.0.100 netmask 255.255.255.0
查看网络配置:ifconfig eth0
配置默认网关:
sudo route add default gw 10.0.0.1 eth0
验证:
route -n
临时配置 DNS: 可在 /etc/resolv.conf 中临时添加 DNS 解析地址,
nameserver 8.8.8.8
清除网卡的 IP 地址配置:
ip addr flush eth0
注,这个操作不影响 /etc/resolv.conf 的内容。
手动清除,或者 reboot。reboot 可以重写 /etc/resolv.conf(符号链接)
ll /etc/resolv.conf
lrwxrwxrwx 1 root root 29 3月 2 11:45 /etc/resolv.conf -> ../run/resolvconf/resolv.conf
2.2 DHCP client
使用 dhcp 方式获取 IP地址
编辑 /etc/network/interfaces:
auto eth0
iface eth0 inet dhcp
然后执行如下命令启动 eth0:
sudo ifup eth0
要关闭 eth0,使用如下命令:
sudo ifdown eth0
2.3 静态IP地址配置
配置示例:
auto eth0
iface eth0 inet static
address 10.0.0.100
netmask 255.255.255.0
gateway 10.0.0.1
然后执行:
sudo ifup eth0
要关闭 eth0,使用如下命令:
sudo ifdown eth0
2.4 loopback
ifconfig lo
cat /etc/network/interface
auto lo
iface lo inet loopback
3. 域名解析
3.1 DNS client 配置
配置文件:/etc/resolv.conf
resolvconf 会自动根据所在的网络环境,更新 /etc/resolv.conf,手动的修改更改会被覆盖。
一套钩子脚本会触发 resolvconf 更新 /etc/resolv.conf。(比如 dhcp client hooks)。
/etc/network/interfaces 生成的名称解析配置也会写入 /etc/resolv.conf。
如果要手动配置 dns 服务器IP,编辑 /etc/network/interfaces,示例如下:
iface eth0 inet static
address 192.168.3.3
netmask 255.255.255.0
gateway 192.168.3.1
dns-search example.com
dns-nameservers 192.168.3.45 192.168.8.10
dns-search example.com 是一种简化的配置,例如:
ping server1
系统会自动将 server1 替换成 FQDN(Fully Qualified Domain Name):
ping server1.example.com
向 DNS 服务器请求 server1.example.com 的域名解析。
dns-search 可以配置多个:
iface eth0 inet static
address 192.168.3.3
netmask 255.255.255.0
gateway 192.168.3.1
dns-search example.com sales.example.com dev.example.com
dns-nameservers 192.168.3.45 192.168.8.10
服务器依次向 DNS 服务器请求如下的域名解析。
1. server1.example.com
2. server1.sales.example.com
3. server1.dev.example.com
3.2 静态域名解析
这是在 /etc/hosts 手动配置域名解析。其优先级高于 DNS 查询。
示例:
IP, hostnames, aliases and Fully Qualified Domain Names (FQDN's).
127.0.0.1 localhost
127.0.1.1 ubuntu-server
10.0.0.11 server1 server1.example.com vpn
10.0.0.12 server2 server2.example.com mail
10.0.0.13 server3 server3.example.com www
10.0.0.14 server4 server4.example.com file
3.3 Name Service Switch Configuration
这是用来选择使用哪一种域名解析的方法,这里配置了 /etc/hosts 的高优先级。
配置文件:/etc/nsswitch.conf
hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4
解释:
• files first tries to resolve static hostnames located in /etc/hosts.(首先尝试静态文件解析)
• mdns4_minimal attempts to resolve the name using Multicast DNS. (尝试多播DNS解析域名)
• [NOTFOUND=return] means that any response of notfound by the preceding (如果前一步失败,不再进行解析尝试)
mdns4_minimal process should be treated as authoritative and that the system
should not try to continue hunting for an answer.
• dns represents a legacy unicast DNS query. (单播 DNS 查询)
• mdns4 represents a Multicast DNS query. (多播 DNS 查询)
可以修改其中的顺序:
hosts: files dns [NOTFOUND=return] mdns4_minimal mdns4
4.Bridging 桥接
桥接多个网卡。
一个场景:在多个网卡之间建立网桥,然后使用防火墙过滤网络之间的流量。
另一个场景:在一个网卡上建立网桥,使得虚拟机可以直接访问外网。
安装网桥:
sudo apt install bridge-utils
这里演示后一种场景的配置:
编辑 /etc/network/interfaces:
auto lo
iface lo inet loopback
auto br0
iface br0 inet static
address 192.168.0.10
network 192.168.0.0
netmask 255.255.255.0
broadcast 192.168.0.255
gateway 192.168.0.1
bridge_ports eth0
bridge_fd 9
bridge_hello 2
bridge_maxage 12
bridge_stp off
启动 bridge:
sudo ifup br0
brctl 查看桥接的信息,配置桥接包含的网卡。man brctl 可查看更多。
参考:
https://help.ubuntu.com/community/Network http://manpages.ubuntu.com/manpages/man8/resolvconf.8.html http://manpages.ubuntu.com/manpages/man5/interfaces.5.html http://manpages.ubuntu.com/manpages/man8/dhclient.8.html http://manpages.ubuntu.com/manpages/man5/resolver.5.html http://oreilly.com/catalog/linag2/book/ch06.html
配置实例
环境:Ubuntu 16.04 TLS
ifconfig 显示 IP 为 192.168.5.143
$ ifconfig
enp0s3 Link encap:Ethernet HWaddr 08:00:27:5b:d8:f0
inet addr:192.168.5.143 Bcast:192.168.5.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe5b:d8f0/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:401 errors:0 dropped:0 overruns:0 frame:0
TX packets:245 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:37017 (37.0 KB) TX bytes:30774 (30.7 KB)
域名解析配置为:192.168.5.1
$ cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 192.168.1.1
修改配置:
$ cat interfaces
# interfaces(5) file used by ifup(8) and ifdown(8)
auto lo
iface lo inet loopback
auto enp0s3
iface enp0s3 inet static
address 192.168.5.132
netmask 255.255.255.0
gateway 192.168.5.1
dns-nameserver 192.168.5.1
应用配置:
sudo ifdown enp0s3; sudo ifup enp0s3
注,一次性执行两条命令,可连续执行。特别注意远程服务器不可以单步执行,不然网卡关掉,ssh 就断了。
ifconfig 看不出变化:
$ ifconfig
enp0s3 Link encap:Ethernet HWaddr 08:00:27:5b:d8:f0
inet addr:192.168.5.143 Bcast:192.168.5.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe5b:d8f0/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:900 errors:0 dropped:0 overruns:0 frame:0
TX packets:544 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:79552 (79.5 KB) TX bytes:67798 (67.7 KB)
ip addr 可以看到新配置的IP:
$ ip addr
...
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 08:00:27:5b:d8:f0 brd ff:ff:ff:ff:ff:ff
inet 192.168.5.143/24 brd 192.168.5.255 scope global enp0s3
valid_lft forever preferred_lft forever
inet 192.168.5.132/24 brd 192.168.5.255 scope global secondary enp0s3
valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:fe5b:d8f0/64 scope link
valid_lft forever preferred_lft forever
旧的IP也保留着。
DNS 服务地址被更新了:
$ cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 192.168.5.1
保留旧的IP地址这点跟 CentOS 不太一样。
就这些了哈。
