第15章:管理与设定网路介绍(二)

前言

本章节,是要讲述如何查看网路设定与设定在主机上的网路资讯。

识别与取得网路介面资讯

在一台主机上面,我们可以使用ip这个指令来查看网路卡,IP位址之设定等相关的资讯,相关指令执行如下:

[rockylinux@workstation ~]$ ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
    link/ether 08:00:27:ce:5e:d6 brd ff:ff:ff:ff:ff:ff
3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default qlen 1000
    link/ether 52:54:00:94:4c:d5 brd ff:ff:ff:ff:ff:ff
4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc fq_codel master virbr0 state DOWN mode DEFAULT group default qlen 1000
    link/ether 52:54:00:94:4c:d5 brd ff:ff:ff:ff:ff:ff
[rockylinux@workstation ~]$

从上从上述的指令执行後的输出结果可以知道,搭配link参数则是显示网路介面卡的名称与资讯,像是MAC位址等,show就是显示的意思,若要显示每一个网路介面卡资讯上面所设定的IP位址的话,则将link换成addr即可,若要指定网路介面,则是在show後面再加上网路介面卡的名称即可,相关执行指令的方式与输出的讯息如下:

[rockylinux@workstation ~]$ ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 08:00:27:ce:5e:d6 brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.21/24 brd 192.168.0.255 scope global dynamic noprefixroute enp0s3
       valid_lft 6293sec preferred_lft 6293sec
    inet6 fe80::a00:27ff:fece:5ed6/64 scope link noprefixroute
       valid_lft forever preferred_lft forever
3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 52:54:00:94:4c:d5 brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc fq_codel master virbr0 state DOWN group default qlen 1000
    link/ether 52:54:00:94:4c:d5 brd ff:ff:ff:ff:ff:ff
[rockylinux@workstation ~]$
[rockylinux@workstation ~]$ ip addr show enp0s3
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 08:00:27:ce:5e:d6 brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.21/24 brd 192.168.0.255 scope global dynamic noprefixroute enp0s3
       valid_lft 6273sec preferred_lft 6273sec
    inet6 fe80::a00:27ff:fece:5ed6/64 scope link noprefixroute
       valid_lft forever preferred_lft forever
[rockylinux@workstation ~]$

从上述的指令输出讯息可知道,首先先用ip addr show将所有在这台主机上所设定的网路介面卡之有关於IP位址资讯都列出,接着若要只单独印出enp0s3之网路界网路介面卡,则执行ip addr show enp0s3指令。

显示网路效能分析

若要显示某个网路介面卡之网路流量,则可以加上-s参数,则执行之後,会显示有多少bytes位元封包接收到,有多少bytes位元封包传送出去,以及封包错误以及封包有多少被丢弃。相关的执行指令输出的讯息如下:

[rockylinux@workstation ~]$ ip -s link show enp0s3
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
    link/ether 08:00:27:ce:5e:d6 brd ff:ff:ff:ff:ff:ff
    RX: bytes  packets  errors  dropped overrun mcast
    80167      822      0       0       0       136
    TX: bytes  packets  errors  dropped carrier collsns
    78114      506      0       0       0       0
[rockylinux@workstation ~]$

从上述的从上述的讯息来看,指的就是查看网路介面卡为enp0s3之名称的网路流量分析资讯。

检查主机之间的连线状态

我们可以使用ping这个指令来检查主机之间的连线状态,其原理为:使用ICMP并用於网际网路协定(IP)中传送控制讯息,提供可能发生在通讯环境中的各种问题回馈。并且透过这些资讯,让网路或是系统管理者可以对所发生的问题作出排错,接着采取适当的方式解决,相关的指令之执行方式如下:

[rockylinux@workstation ~]$
[rockylinux@workstation ~]$ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=58 time=5.18 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=58 time=5.90 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=58 time=8.63 ms
64 bytes from 8.8.8.8: icmp_seq=4 ttl=58 time=12.6 ms
64 bytes from 8.8.8.8: icmp_seq=5 ttl=58 time=5.20 ms
^C
--- 8.8.8.8 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4062ms
rtt min/avg/max/mdev = 5.176/7.504/12.619/2.855 ms
[rockylinux@workstation ~]$

从上述的指令执行输出的讯息来看,使用ping指令去与8.8.8.8之IP位址进行连线状态间的测试,代表此台主机与此IP位址主机可以连线,而8.8.8.8是Google之其中一个DNS服务,但是只用ping指令的话,整个测试是不回中断的,会一直无限循环的下去直到使用「ctrl」加上「c」进行讯号传递并让指令中断才有可能让此ping指令的动作停止,为了要限制使用ping指令给指定主机IP位址的次数,可以加上-c参数并加上要执行ping多少次,假设要执行三次,则上述的指令可以改成如下:

[rockylinux@workstation ~]$ ping -c3 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=58 time=11.1 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=58 time=6.14 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=58 time=7.12 ms

--- 8.8.8.8 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2024ms
rtt min/avg/max/mdev = 6.142/8.113/11.075/2.134 ms
[rockylinux@workstation ~]$

其中,-c与指定的次数之间可以没有空白没有关系,当然这两者之间有空白也是可以,相关执行指令的输出如下:

[rockylinux@workstation ~]$ ping -c 3 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=58 time=5.33 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=58 time=14.1 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=58 time=6.81 ms

--- 8.8.8.8 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 5.328/8.750/14.110/3.838 ms
[rockylinux@workstation ~]$

以上是进行IPv4位址的ping测试,若要进行IPv6测试的话,则可以使用ping6这个指令,相关的用法和ping相同,执行之命令与输出的讯息如下:

[rockylinux@workstation ~]$ ping6 -c 3 ::1
PING ::1(::1) 56 data bytes
64 bytes from ::1: icmp_seq=1 ttl=64 time=0.073 ms
64 bytes from ::1: icmp_seq=2 ttl=64 time=0.086 ms
64 bytes from ::1: icmp_seq=3 ttl=64 time=0.090 ms

--- ::1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2051ms
rtt min/avg/max/mdev = 0.073/0.083/0.090/0.007 ms
[rockylinux@workstation ~]$

从上述的执行指令,这指的是使用ping6指令去对本地端IPv6位址进行测试3次并输出分析的网路结果。

路由表故障排除

为了路由表故障排除,可以使用ip指令并搭配route参数进行使用,相关的执行指令所输出的讯息如下:

[rockylinux@workstation ~]$ ip route
default via 192.168.0.1 dev enp0s3 proto dhcp metric 100
192.168.0.0/24 dev enp0s3 proto kernel scope link src 192.168.0.21 metric 100
192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown
[rockylinux@workstation ~]$

从上述的指令可以得知,从此IP位址之路由资讯,因为笔者的虚拟机器是在一台网路路由器後面,因此在路由预设会到路由器的IP位址上,即gateway IP;并透过闸道器IP传送到广域网路并与外部网路进行连线的互动,以上检查路由的资讯,这时候只需要加上-6之参数在ip指令後面即可,相关的指令如下:

[rockylinux@workstation ~]$ ip -6 route
::1 dev lo proto kernel metric 256 pref medium
fe80::/64 dev enp0s3 proto kernel metric 100 pref medium
[rockylinux@workstation ~]$

透过网路流量与封包追踪路由

若要追踪请求网路流量,或是检查从本地端主机封包传送到外部要重设,这时後可以使用tracepath指令来做到,後面接着是网址,trace指令预设会先使用UDP指令进行封包传递,相关指令执行输出之讯息如下:

[rockylinux@workstation ~]$ tracepath 8.8.8.8
 1?: [LOCALHOST]                      pmtu 1500
 1:  _gateway                                              8.420ms asymm 35
 1:  _gateway                                              4.217ms asymm 35
 2:  _gateway                                              4.240ms pmtu 1492
 2:  no reply
 3:  tpe4-3301.hinet.net                                  19.111ms
 4:  no reply
 5:  pcpd-3211.hinet.net                                  28.178ms
 6:  no reply
 7:  no reply
 8:  no reply
 9:  no reply
10:  no reply
11:  no reply
12:  no reply
13:  no reply
14:  no reply
15:  no reply
16:  no reply
17:  no reply
18:  no reply
19:  no reply
20:  no reply
21:  no reply
22:  no reply
23:  no reply
24:  no reply
25:  no reply
26:  no reply
27:  no reply
28:  no reply
29:  no reply
30:  no reply
     Too many hops: pmtu 1492
     Resume: pmtu 1492

透过上述的tracepath指令可以知道,这个指令可以用来追踪从本地主机到8.8.8.8之过程,有no reply部分则是可能对方不支援回应或是被防火墙挡住了,但不影响连线测试的结果,我们也可以使用traceroute指令来追踪一个指定的IP位址或是网域的名称,在RockyLinux上若没有安装的话,则可以使用下列的指令进行安装:

[rockylinux@workstation ~]$ sudo yum install -y traceroute
Last metadata expiration check: 21:30:42 ago on Fri 08 Oct 2021 12:09:38 AM CST.
Dependencies resolved.
============================================================================================================
 Package                   Architecture          Version                        Repository             Size
============================================================================================================
Installing:
 traceroute                x86_64                3:2.1.0-6.el8                  baseos                 66 k

Transaction Summary
============================================================================================================
Install  1 Package

Total download size: 66 k
Installed size: 101 k
Downloading Packages:
traceroute-2.1.0-6.el8.x86_64.rpm                                           957 kB/s |  66 kB     00:00
------------------------------------------------------------------------------------------------------------
Total                                                                        83 kB/s |  66 kB     00:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                                    1/1
  Installing       : traceroute-3:2.1.0-6.el8.x86_64                                                    1/1
  Running scriptlet: traceroute-3:2.1.0-6.el8.x86_64                                                    1/1
  Verifying        : traceroute-3:2.1.0-6.el8.x86_64                                                    1/1
Installed products updated.

Installed:
  traceroute-3:2.1.0-6.el8.x86_64

Complete!
[rockylinux@workstation ~]$

安装完成之後,接着就可以使用下列的指令进行追踪指定的网域或是位址:

[rockylinux@workstation ~]$ traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
 1  _gateway (192.168.0.1)  11.917 ms  11.805 ms  11.766 ms
 2  * * *
 3  tpe4-3301.hinet.net (168.95.22.110)  13.358 ms  29.627 ms  32.212 ms
 4  * * *
 5  pcpd-3211.hinet.net (220.128.12.241)  34.033 ms pcpd-3211.hinet.net (220.128.12.189)  36.336 ms pcpd-3211.hinet.net (220.128.12.241)  39.666 ms
 6  * * *
 7  * * *
 8  dns.google (8.8.8.8)  17.705 ms  20.760 ms  25.441 ms
[rockylinux@workstation ~]$

从上述指令输出的讯息可以知道,此台虚拟主机到8.8.8.8之IP位址之间经过了多少的路由位址,若是遇到有路由显示:* * *,则表示这里的路由位址被挡住或是没有回应,但是不影响此台虚拟主机到8.8.8.8位址,下列是利用网域名称的方式进行连线间的追踪路由:

[rockylinux@workstation ~]$ traceroute ithome.com.tw
traceroute to ithome.com.tw (220.130.119.130), 30 hops max, 60 byte packets
 1  _gateway (192.168.0.1)  6.835 ms  8.883 ms  8.852 ms
 2  * * *
 3  tpe4-3301.hinet.net (168.95.84.6)  20.129 ms  23.730 ms  22.462 ms
 4  * * *
 5  tpdb-3315.hinet.net (220.128.1.5)  35.493 ms tpdb-3316.hinet.net (220.128.1.213)  32.540 ms tpdb-3316.hinet.net (220.128.1.117)  38.239 ms
 6  tpdt-3307 (168.95.210.57)  38.211 ms h13.s229.ts.hinet.net (168.95.229.13)  15.599 ms h13.s228.ts.hinet.net (168.95.228.13)  25.093 ms
 7  * * *
 8  203.69.80.89 (203.69.80.89)  24.895 ms  18.930 ms  16.051 ms
 9  211.72.249.229 (211.72.249.229)  16.394 ms 211.72.249.225 (211.72.249.225)  12.984 ms  14.729 ms
10  * * *
11  * * *
12  * * *
13  * * *
14  * * *
15  * * *
16  * * *
17  * * *
18  * * *
19  * * *
20  * * *
21  * * *
22  * * *
23  * * *
24  * * *
25  * * *
26  * * *
27  * * *
28  * * *
29  * * *
30  * * *
[rockylinux@workstation ~]$

课後练习

  • 请开启VirtualBox并启动「workstation」虚拟机,并使用rockylinux登入到桌面环境,并开启终端机。
  • 使用ip指令查看目前虚拟主机相关的网路介面卡与IP位址设定的资讯。
  • 使用指令来追踪从此台虚拟主机到8.8.4.4之IP位址之间所经过的路由位址,并一一的列出来。

<<:  JavaScript Day22 - setTimeout、setInterval

>>:  Day 22 - Formatter 与 Linter - 提升程序品质工具

30天打造品牌特色电商网站 Day.8 CSS基础

了解HTML以後,CSS也一定要熟悉一下! CSS用来定义文件的样式、布局,甚至可以做出简单的动画。...

检查资讯内容(我也不知道我在做啥,不要理我T^T)

我好像找到之前明明有连接到并且取得资料後,结果却为空值的因素了! 不过这只是我觉得而已,我也不是很确...

Dungeon Mizarka 027

持续调整UI。今天加了不少动态的呈现效果,利用Tween的方法将原先静态的UI调整後,看起来不像之前...

Day 27【Deploy NFT - Deploy on Testnet】Hey Listen, I QUIT!!

【前言】 在这之前我们已经在 Day 20 介绍过了 IPFS,今天我们要来介绍如何把我们的 NF...

[Day 11] -『 GO语言学习笔记』- switch 叙述

以下笔记摘录自『 The Go Workshop 』。 如果遇到需要一大堆if叙述才能处理的状况,就...