在rhel7上,同时支持network.service和NetworkManager.service(简称NM)。默认情况下,这2个服务都有开启,但许多人都会将NM禁用掉。而在rhel8上,已废弃network.service,因此只能通过NM进行网络配置,包括动态ip和静态ip。换言之,在rhel8上,必须开启NM,否则无法使用网络。至于什么是NM?这里就不详述,对于NM的常用命令附如下:
# 查看ip(类似于ifconfig、ip addr)
nmcli
# 创建connection,配置静态ip(等同于配置ifcfg,其中BOOTPROTO=none,并ifup启动)
nmcli c add type ethernet con-name ethX ifname ethX ipv4.addr 192.168.1.100/24 ipv4.gateway 192.168.1.1 ipv4.method manual
# 创建connection,配置动态ip(等同于配置ifcfg,其中BOOTPROTO=dhcp,并ifup启动)
nmcli c add type ethernet con-name ethX ifname ethX ipv4.method auto
# 修改ip(非交互式)
nmcli c modify ethX ipv4.addr '192.168.1.200/24'
nmcli c up ethX
# 修改ip(交互式)
nmcli c edit ethX
nmcli> goto ipv4.addresses
nmcli ipv4.addresses> change
Edit 'addresses' value: 192.168.1.200/24
Do you also want to set 'ipv4.method' to 'manual'? [yes]: yes
nmcli ipv4> save
nmcli ipv4> activate
nmcli ipv4> quit
# 启用connection(相当于ifup)
nmcli c up ethX
# 停止connection(相当于ifdown)
nmcli c down
# 删除connection(类似于ifdown并删除ifcfg)
nmcli c delete ethX
# 查看connection列表
nmcli c show
# 查看connection详细信息
nmcli c show ethX
# 重载所有ifcfg或route到connection(不会立即生效)
nmcli c reload
# 重载指定ifcfg或route到connection(不会立即生效)
nmcli c load /etc/sysconfig/network-scripts/ifcfg-ethX
nmcli c load /etc/sysconfig/network-scripts/route-ethX
# 立即生效connection,有3种方法
nmcli c up ethX
nmcli d reapply ethX
nmcli d connect ethX
# 查看device列表
nmcli d
# 查看所有device详细信息
nmcli d show
# 查看指定device的详细信息
nmcli d show ethX
# 激活网卡
nmcli d connect ethX
# 关闭无线网络(NM默认启用无线网络)
nmcli r all off
# 查看NM纳管状态
nmcli n
# 开启NM纳管
nmcli n on
# 关闭NM纳管(谨慎执行)
nmcli n off
# 监听事件
nmcli m
# 查看NM本身状态
nmcli
# 检测NM是否在线可用
nm-online
一、固定IP的修改
1、由于这里硬件资源有限,仅以VM的方式进行演示。首先,你要拥有一台已经安装好的CentOS8虚拟机系统,同时,在安装的过程中设置了网络连接状态开启。登录系统后,切换root用户,因为普通用户在网络连接设置或者配置文件vi修改方面,权限存在弱容忍现象。这时候切换到“/etc/sysconfig/network-scripts”路径下:
cd /etc/sysconfig/network-scripts
2、我们先看一下,刚开始时候系统动态获取的IP地址:
[root@localhost network-scripts]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.1.201 netmask 255.255.255.0 broadcast 192.168.1.255 inet6 fe80::5f41:9d04:e548:874a prefixlen 64 scopeid 0x20<link> ether 00:0c:29:c4:36:8d txqueuelen 1000 (Ethernet) RX packets 30433 bytes 2139129 (2.0 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 41776 bytes 33082603 (31.5 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1000 (Local Loopback) RX packets 331 bytes 36750 (35.8 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 331 bytes 36750 (35.8 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 ether 52:54:00:a5:84:87 txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
** 3、这里还要进行多余的一步,就是进行ifcfg-ens33文件的备份,便于日后的恢复操作:
[root@localhost network-scripts]# cp ifcfg-ens33 ifcfg-ens33.bak
[root@localhost network-scripts]# ll
总用量 4
-rw-r--r--. 1 root root 280 9月 29 19:21 ifcfg-ens33
[root@localhost network-scripts]# cp ifcfg-ens33 ifcfg-ens33.bak
[root@localhost network-scripts]# ll
总用量 8
-rw-r--r--. 1 root root 280 9月 29 19:21 ifcfg-ens33
-rw-r--r--. 1 root root 280 9月 29 19:27 ifcfg-ens33.bak
4、使用vi编辑 ifcfg-ens33 文件,将 “ BOOTPROTO=dhcp ”修改为“ BOOTPROTO=static ” ,其它先不必修改,保存并退出。下面是我修改后的样子:
[root@localhost network-scripts]# more ifcfg-ens33
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=0b897d67-bab3-4354-99cb-0cb3678a7036
DEVICE=ens33
ONBOOT=yes
5、 利用附加输出重定向原理,对ifcfg-ens33文件追加如下内容:(也可以在上一步中,直接追加! 这里为了再练习一下今天学习的内容!)
输入命令:
[root@localhost network-scripts]# cat >>ifcfg-ens33
输入如下追加内容,并按“ Ctrl + D ”,结束并完成内容的输入:
IPADDR=192.168.1.100
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
DNS1=223.5.5.5
PREFIX=24
[root@localhost network-scripts]# cat >>ifcfg-ens33
IPADDR=192.168.1.100
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
DNS1=223.5.5.5
PREFIX=24
[root@localhost network-scripts]# cat ifcfg-ens33
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=0b897d67-bab3-4354-99cb-0cb3678a7036
DEVICE=ens33
ONBOOT=yes
IPADDR=192.168.1.100
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
DNS1=223.5.5.5
PREFIX=24
6、对修改的内容进行NM加载,如下:
[root@localhost network-scripts]# nmcli c reload [root@localhost network-scripts]# ifconfig ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.1.201 netmask 255.255.255.0 broadcast 192.168.1.255 inet6 fe80::5f41:9d04:e548:874a prefixlen 64 scopeid 0x20<link> ether 00:0c:29:c4:36:8d txqueuelen 1000 (Ethernet) RX packets 31416 bytes 2236251 (2.1 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 42243 bytes 33136317 (31.6 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1000 (Local Loopback) RX packets 331 bytes 36750 (35.8 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 331 bytes 36750 (35.8 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 ether 52:54:00:a5:84:87 txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [root@localhost network-scripts]# nmcli c down ens33 [root@localhost network-scripts]# nmcli c up ens33 [root@localhost network-scripts]# ifconfig ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.1.100 netmask 255.255.255.0 broadcast 192.168.1.255 inet6 fe80::5f41:9d04:e548:874a prefixlen 64 scopeid 0x20<link> ether 00:0c:29:c4:36:8d txqueuelen 1000 (Ethernet) RX packets 32245 bytes 2427805 (2.3 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 42474 bytes 33182687 (31.6 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1000 (Local Loopback) RX packets 359 bytes 39566 (38.6 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 359 bytes 39566 (38.6 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 ether 52:54:00:a5:84:87 txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
注意:在进行完nmcli c down ens33 和nmcli c up ens33 ,即网卡重启操作,需要等待两分钟,如果期间使用Windows的cmd进行登录会出现“Connection reset by 192.168.1.100 port 22”现象。出现这种现象不必慌张,继续等待一分钟即可。具体如下:
[root@localhost network-scripts]# nmcli c down ens33
Connection reset by 192.168.1.201 port 22
C:\Users\Raodi>ssh 192.168.1.100
Connection reset by 192.168.1.100 port 22
C:\Users\Raodi>ssh 192.168.1.100
ssh_exchange_identification: read: Connection reset
C:\Users\Raodi>ssh 192.168.1.100
The authenticity of host '192.168.1.100 (192.168.1.100)' can't be established.
ECDSA key fingerprint is SHA256:DW5Z0SLNckIiIIqJNorcH2mo8VrIFu1tCXbHrhTSMTk.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.100' (ECDSA) to the list of known hosts.
[email protected]'s password:
Activate the web console with: systemctl enable --now cockpit.socket
Last login: Sun Sep 29 18:59:20 2019 from 192.168.1.108
Activate the web console with: systemctl enable --now cockpit.socket
Last login: Sun Sep 29 18:59:20 2019 from 192.168.1.108
[raodi@localhost ~]$
糟糕:
我等了两分钟,刚开始还能ping通www.baidu.com ,可一瞬间之后,不管是系统内部终端还是Windows的cmd都报错了,如下:
[root@localhost network-scripts]# ping www.baidu.com
PING www.a.shifen.com (183.232.231.174) 56(84) bytes of data.
64 bytes from 183.232.231.174 (183.232.231.174): icmp_seq=1 ttl=55 time=25.8 ms
64 bytes from 183.232.231.174 (183.232.231.174): icmp_seq=2 ttl=55 time=15.3 ms
64 bytes from 183.232.231.174 (183.232.231.174): icmp_seq=3 ttl=55 time=16.3 ms
64 bytes from 183.232.231.174 (183.232.231.174): icmp_seq=4 ttl=55 time=15.6 ms
^C
--- www.a.shifen.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 7ms
rtt min/avg/max/mdev = 15.313/18.252/25.779/4.362 ms
[root@localhost network-scripts]# ping www.baidu.com
ping: www.baidu.com: 未知的名称或服务
[root@localhost network-scripts]# ping www.baidu.com
ping: www.baidu.com: 未知的名称或服务
[root@localhost network-scripts]# ping www.baidu.com
ping: www.baidu.com: 未知的名称或服务
C:\Users\Raodi>ssh 192.168.1.100
ssh_exchange_identification: read: Connection reset
C:\Users\Raodi>ssh 192.168.1.100
write: Connection reset
C:\Users\Raodi>ssh 192.168.1.100
ssh_exchange_identification: read: Connection reset
C:\Users\Raodi>ssh 192.168.1.100
write: Connection reset
C:\Users\Raodi>ssh 192.168.1.100
ssh_exchange_identification: read: Connection reset
C:\Users\Raodi>ssh 192.168.1.100
write: Connection reset
C:\Users\Raodi>ssh 192.168.1.100
ssh_exchange_identification: read: Connection reset
配置静态ip的要求:
- 在局域网或者片网区域内,存在已有IP终端的IP不能使用!
- 各自的DNS有所区别。看似DNS都可以使用,如“114.114.114.114”或者“223.5.5.5”。但是,这里不建议使用通配的方法,如果你的虚拟系统是直接桥接无线路由器的,DNS通常使用“192.168.1.1” ,不具实地的DNS配置,很可能会拖慢我们主机与外网的互相通讯能力!
(正因为,我上述的配置过程和配置内容,均违反了配置要求条件,所以出现这种现象也不足为怪了)