乐闻世界logo
2月17日 23:35

What are the commonly used commands in Linux network configuration and management, and how to configure network interfaces, DNS, and firewalls?

Linux network configuration and management is one of the core skills of system administrators.

Network configuration files:

  • /etc/network/interfaces (Debian/Ubuntu): network interface configuration file
  • /etc/sysconfig/network-scripts/ifcfg-* (CentOS/RHEL): network interface configuration file
  • /etc/resolv.conf: DNS resolution configuration file
  • /etc/hosts: hostname to IP address mapping
  • /etc/hostname: hostname configuration

Network configuration commands:

  • ifconfig: configure and display network interfaces (deprecated, recommend using ip command)
  • ip: next-generation network configuration tool, e.g., ip addr show (display IP addresses), ip link show (display network interfaces), ip route show (display routing table)
  • route: display and manipulate IP routing table, e.g., route -n (display routing table), route add default gw 192.168.1.1 (add default gateway)
  • netstat: network statistics tool, e.g., netstat -tulnp (display TCP/UDP listening ports), netstat -an (display all connections)
  • ss: netstat replacement tool with better performance, e.g., ss -tulnp
  • ping: test network connectivity, e.g., ping -c 4 google.com
  • traceroute: trace packet routing, e.g., traceroute google.com
  • nslookup/dig: DNS query tools, e.g., dig google.com
  • curl/wget: download tools, curl -I http://example.com (view response headers)
  • telnet: test port connectivity, e.g., telnet host port
  • nc (netcat): network tool, e.g., nc -zv host port (test port)

Network service management:

  • systemctl: manage network services, e.g., systemctl restart network (restart network service)
  • service: traditional service management command, e.g., service network restart

Firewall configuration:

  • iptables: traditional firewall tool, e.g., iptables -L (list rules), iptables -A INPUT -p tcp --dport 80 -j ACCEPT (add rule)
  • firewalld: dynamic firewall management daemon, e.g., firewall-cmd --list-all (view rules), firewall-cmd --add-port=80/tcp (open port)
  • ufw: simplified firewall configuration tool (Ubuntu), e.g., ufw allow 80 (open port)

Network troubleshooting:

  • Check network interfaces: ip addr show or ifconfig
  • Check routing table: ip route show or route -n
  • Check DNS: cat /etc/resolv.conf, dig domain.com
  • Check port listening: ss -tulnp or netstat -tulnp
  • Check network connectivity: ping, traceroute
  • Packet capture analysis: tcpdump -i eth0 port 80
  • View network statistics: sar -n DEV 1

Network performance optimization:

  • Adjust TCP parameters: modify /etc/sysctl.conf, e.g., net.ipv4.tcp_tw_reuse=1
  • Increase connection count: net.core.somaxconn, net.ipv4.tcp_max_syn_backlog
  • Optimize network buffers: net.core.rmem_max, net.core.wmem_max
标签:Linux