网络基本命令

ARP相关命令

ip n显示ARP表

全部清除linux arp表项

1	arp -n\|awk '/^[1-9]/{system("arp -d "$1)}'

清除接口eth0所有的mac

1	ip neigh flush dev eth0

arp -v 额外显示接口类型和arp表项统计信息

root@controller-VirtualBox:/home/controller# arp -v
Address                  HWtype  HWaddress           Flags Mask            Iface
10.0.1.2                 ether   22:dc:c1:9c:8c:b4   C                     eth0
Entries: 1	Skipped: 0	Found: 1

arp -a 显示全部ARP缓存

1 2	root@controller-VirtualBox:/home/controller# arp -a ? (10.0.1.2) at 22:dc:c1:9c:8c:b4 [ether] on eth0

arp -n 可快速查询ARP缓存

root@controller-VirtualBox:/home/controller# arp -n
Address                  HWtype  HWaddress           Flags Mask            Iface
10.0.1.2                 ether   22:dc:c1:9c:8c:b4   C                     eth0
root@controller-VirtualBox:/home/controller#

arptables

增加一条规则，限制10.0.10.220 ARP packet进入到环境中

1	arptables -A INPUT -s 10.0.10.220 -j DROP

删除arotables规则

1	arptables -D INPUT -s 10.0.10.220 -j DROP

查看arptables 规则

1	arptables -L

arpwatch

arpwatch命令用来监听网络上arp的记录。
-d：启动排错模式；
-f<记录文件>：设置存储ARP记录的文件，预设为/var/lib／arpwatch/arp.dat；
-i<接口>：指定监听ARP的接口，预设的接口为eth0；
-r<记录文件>：从指定的文件中读取ARP记录，而不是从网络上监听。

读出监听的ARP地址对应表

必须要杀死arpwatch进程后才才能读出下面数据

root@controller-VirtualBox:/home/controller# cat /var/lib/arpwatch/arp.dat
3c:97:0e:3c:8c:53	192.168.55.155	1499942089		br0
e0:69:95:4c:d4:ac	192.168.55.169	1499942233		br0
28:d2:44:86:46:be	192.168.55.193	1499942137		br0
68:f7:28:89:49:bd	192.168.55.199	1499942147		br0
3c:97:0e:3d:22:0c	192.168.55.137	1499942189		br0
68:f7:28:63:19:4f	192.168.55.192	1499942097		br0
10:c3:7b:6e:e6:95	192.168.55.174	1499942112		br0
20:dc:e6:fe:d7:fe	192.168.55.253	1499942035		br0
b0:83:fe:6c:ec:a9	192.168.55.135	1499942042		br0
08:00:27:5f:1b:a9	192.168.55.244	1499942227		br0
00:15:c6:26:4d:48	192.168.55.254	1499942227		br0
90:e6:ba:ea:81:93	192.168.55.98	1499942212		br0
8c:a6:df:98:94:50	192.168.55.197	1499942083		br0
74:27:ea:54:8b:61	192.168.55.198	1499942096		br0
3c:97:0e:a7:a8:4f	192.168.55.116	1499942182		br0
50:7b:9d:f1:6e:47	192.168.55.158	1499942145		br0
3c:97:0e:3c:8d:fd	192.168.55.143	1499942234		br0
28:d2:44:bd:02:89	192.168.55.113	1499942210		br0
d4:61:fe:2b:73:13	192.168.55.220	1499942214		br0
68:f7:28:06:1a:02	192.168.55.132	1499942226		br0

路由相关命令

route -n

root@controller-VirtualBox:/home/controller# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.0.1.2        0.0.0.0         UG    0      0        0 eth0
10.0.1.0        0.0.0.0         255.255.255.0   U     0      0        0 eth0

ip r 查看路由

root@controller-VirtualBox:/home/controller# ip r
default via 192.168.55.254 dev br0
169.254.0.0/16 dev br0  scope link  metric 1000
192.168.55.0/24 dev br0  proto kernel  scope link  src 192.168.55.244

ip r get xx.xx.xx.xx

1
2
3

root@controller-VirtualBox:/home/controller# ip r get 8.8.8.8
8.8.8.8 via 10.0.1.2 dev eth0  src 10.0.1.1
    cache

增加默认路由

route add default gw 10.0.1.2
ip route add default via 10.0.1.2

ip -s link 查看网络统计数据

root@controller-VirtualBox:/home/controller# ip -s link
1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN mode DEFAULT group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    RX: bytes  packets  errors  dropped overrun mcast
    0          0        0       0       0       0
    TX: bytes  packets  errors  dropped carrier collsns
    0          0        0       0       0       0
5: eth0@if4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
    link/ether 8e:90:7e:35:80:8e brd ff:ff:ff:ff:ff:ff link-netnsid 0
    RX: bytes  packets  errors  dropped overrun mcast
    4621478    12933    0       17      0       0
    TX: bytes  packets  errors  dropped carrier collsns
    2720       32       0       0       0       0

ip -s -s link ls eth0 显示具体接口的详细信息

5: eth0@if4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
    link/ether 8e:90:7e:35:80:8e brd ff:ff:ff:ff:ff:ff link-netnsid 0
    RX: bytes  packets  errors  dropped overrun mcast
    5197968    14512    0       20      0       0
    RX errors: length   crc     frame   fifo    missed
               0        0       0       0       0
    TX: bytes  packets  errors  dropped carrier collsns
    9034       97       0       0       0       0
    TX errors: aborted  fifo   window heartbeat transns
               0        0       0       0       2
root@controller-VirtualBox:/home/controller#

地址配置相关命令

配置地址

ip addr add 10.0.1.1/24 dev eth0

ip addr 显示所有接口信息

ip addr show eth0 显示eth0接口信息

root@controller-VirtualBox:/home/controller# ip addr show eth0
5: eth0@if4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 8e:90:7e:35:80:8e brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 10.0.1.1/24 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::8c90:7eff:fe35:808e/64 scope link
       valid_lft forever preferred_lft forever

ip addr del x.x.x.x/mask dev eth0 删除接口eth0地址

root@controller-VirtualBox:/home/controller# ip addr del 10.0.1.1/24 dev eth0
root@controller-VirtualBox:/home/controller# ip addr
1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
5: eth0@if4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 8e:90:7e:35:80:8e brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet6 fe80::8c90:7eff:fe35:808e/64 scope link
       valid_lft forever preferred_lft forever

关闭和开启接口

ip link set eth0 up/down

linux网桥相关

brctl show 查看网桥配置

root@controller-VirtualBox:/home/controller# brctl show
bridge name	bridge id		STP enabled	interfaces
br0		8000.0800275f1ba9	no		enp0s8
							tap0
							tap1
							tap2
							tap3
							tap4

### brctl showmacs br0 查看网桥学习的mac表项

brctl showmacs br0查看br0的mac表项

root@controller-VirtualBox:/home/controller# brctl showmacs br0
port no	mac addr		is local?	ageing timer
  1	00:0c:29:1f:73:38	no		 202.66
  1	00:0c:29:f1:60:5d	no		 248.12
  1	00:0e:c6:cf:da:c7	no		   0.00
  1	00:15:c6:26:4d:22	no		   1.22
  1	00:15:c6:26:4d:48	no		   0.73
  1	00:50:56:9f:cc:e2	no		 161.74

brctl showstp bbr0查看接口信息

root@controller-VirtualBox:/home/controller# brctl showstp br0
br0
 bridge id		8000.0800275f1ba9
 designated root	8000.0800275f1ba9
 root port		   0			path cost		   0
 max age		  20.00			bridge max age		  20.00
 hello time		   2.00			bridge hello time	   2.00
 forward delay		  15.00			bridge forward delay	  15.00
 ageing time		 300.00
 hello timer		   0.00			tcn timer		   0.00
 topology change timer	   0.00			gc timer		  14.22
 flags

虚拟命名空间相关命令

增加虚拟网络命名空间

ip netns add net0

显示所有的虚拟网络命名空间

EULER:~ # ip netns list
net0
也可通过查看/var/run/netns目录下的文件来list
EULER:~ # ls /var/run/netns/
net0

进入虚拟机网络环境

ip netns exec net0 command

如
EULER:~ # ip netns exec net0 bash #打开虚拟网络环境net0的bash窗口
EULER:~ # ip addr #显示所有虚拟网络环境的设备
EULER:~ # exit #退出该网络虚拟环境
exit

增加一对veth虚拟网卡

EULER:~ # ip link add type veth

将veth0添加到net0虚拟网络环境

ip link set veth0 netns net0

将虚拟网卡veth1改名并添加到net1虚拟网络环境中

ip link set dev veth1 name net1-bridge netns net1

设置虚拟网络环境net0的veth0设备处于激活状态

ip netns exec net0 ip link set veth0 up

为虚拟网络环境net0的veth0设备增加IP地址

ip netns exec net0 ip address add 10.0.1.1/24 dev veth0

ip netns 列出当前网络虚拟的namespace

root@controller-VirtualBox:/home/controller# ip netns
net2 (id: 2)
net1 (id: 1)
net0 (id: 0)

ls /var/run/netns/ 列出当前网络虚拟的namespace

root@controller-VirtualBox:/home/controller# ls /var/run/netns/
net0 net1 net2

ip netns monitor

监控虚拟网络namespace行为
root@controller-VirtualBox:/home/controller# ip netns monitor
delete ddd