CentOS 7 下网络管理之命令行工具nmcli
来源:互联网 发布:天津市教育信息化软件 编辑:程序博客网 时间:2024/06/05 20:28
在CentOS7中默认使用NetworkManager守护进程来监控和管理网络设置。nmcli是命令行的NetworkManager工具,会自动把配置写到/etc/sysconfig/network-scripts/目录下面。
NetworkManager最初由 Redhat 公司开发,现在由 GNOME 管理。
CentOS7之前的网络管理是通过ifcfg文件配置管理接口(device),而现在是通过NetworkManager服务管理连接(connection)。一个接口(device)可以有多个连接(connection),但是同时只允许一个连接(connection)处于激活(active)状态。
简单理解就是,一个连接就是(connection)就是/etc/sysconfig/network-scripts/目录下的一个配置文件,接口(device)是物理设备,一个物理设置可以拥有多个配置文件,但只能有一个配置文件属于使用(active)状态;配置文件的生成与使用状态均由NetworkManager控制。
当然,依旧支持ifcfg文件配置管理网络,但不推荐。
命令学习
查看帮助
[root@karate ~]# nmcli -hUsage: nmcli [OPTIONS] OBJECT { COMMAND | help }OPTIONS -t[erse] terse output -p[retty] pretty output -m[ode] tabular|multiline output mode -f[ields] <field1,field2,...>|all|common specify fields to output -e[scape] yes|no escape columns separators in values -n[ocheck] don't check nmcli and NetworkManager versions -a[sk] ask for missing parameters -w[ait] <seconds> set timeout waiting for finishing operations -v[ersion] show program version -h[elp] print this helpOBJECT g[eneral] NetworkManager's general status and operations n[etworking] overall networking control r[adio] NetworkManager radio switches c[onnection] NetworkManager's connections d[evice] devices managed by NetworkManager a[gent] NetworkManager secret agent or polkit agent
有六个OBJECT,常用的有connection,device,general查看它们的帮助
[root@karate ~]# nmcli c -hUsage: nmcli connection { COMMAND | help }COMMAND := { show | up | down | add | modify | edit | delete | reload | load } show [--active] [[--show-secrets] [id | uuid | path | apath] <ID>] ... up [[id | uuid | path] <ID>] [ifname <ifname>] [ap <BSSID>] [passwd-file <file with passwords>] down [id | uuid | path | apath] <ID> ... add COMMON_OPTIONS TYPE_SPECIFIC_OPTIONS IP_OPTIONS modify [--temporary] [id | uuid | path] <ID> ([+|-]<setting>.<property> <value>)+ edit [id | uuid | path] <ID> edit [type <new_con_type>] [con-name <new_con_name>] delete [id | uuid | path] <ID> reload load <filename> [ <filename>... ]
常用命令
查看接口设备信息
# 简单信息nmcli device status# 详细的接口信息nmcli device show# 接口的详细信息nmcli device show interface-name
查看连接(connection)的信息
# 简单信息nmcli connection show# 详细的连接信息nmcli connection show# 某个连接的详细信息nmcli connection show connection-name
启动和停止接口
nmcli connection down connection-namenmcli connection up connection-namenmcli device disconnect interface-namenmcli device connect interface-name
建议使用 nmcli dev disconnect interface-name 命令,而不是 nmcli con down connection-name 命令,因为连接断开可将该接口放到“手动”模式,这样做用户让 NetworkManager 启动某个连接前,或发生外部事件(比如载波变化、休眠或睡眠)前,不会启动任何自动连接。
创建连接
nmcli connection add type ethernet con-name connection-name ifname interface-namenmcli connection add type ethernet con-name connection-name ifname interface-name ip4 address gw4 address## e.g. 创建一个基于eth1接口的连接# 创建动态连接,即BOOTPROTO默认为DHCP[root@localhost ~]# nmcli c add type eth con-name dynamic-eth1 ifname eth1Connection 'dynamic-eth1' (9c0ad8a9-21f6-40b5-9313-e5c7e4b356f1) successfully added.# 创建静态连接[root@localhost ~]# nmcli connection add type eth con-name static-eth1 ifname eth1 ip4 172.16.60.10/24# nmcli connection add type eth con-name static-eth1 ifname eth1 ip4 172.16.60.10/24 gw4 192.168.60.1Connection 'static-eth1' (0640bf7f-9490-44a8-be96-2e710fb650e6) successfully added.
创建连接后,NetworkManager 自动将 connection.autoconnect 设定为 yes。还会将设置保存到 /etc/sysconfig/network-scripts/ connection-name 文件中,且自动将 ONBOOT 参数设定为 yes。
激活连接
nmcli connection up connection-name## e.g. 激活eth1接口的static-eth1连接[root@localhost ~]# nmcli c up static-eth1Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/2)
修改连接的IP地址
# 可修改的属性可通过以下命令查看nmcli c show static-eth1# 修改命令nmcli connection modify [--temporary] [id | uuid | path] <ID> ([+|-]<setting>.<property> <value>)+## e.g. 修改连接static-eth1的ip地址[root@localhost ~]# ip addr | grep eth14: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 inet 172.16.60.10/24 brd 172.16.60.255 scope global eth1[root@localhost ~]# nmcli c mod static-eth1 ipv4.addr 172.16.60.20/24[root@localhost ~]# nmcli c up static-eth1Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/3)[root@localhost ~]# ip a | grep eth14: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 inet 172.16.60.20/24 brd 172.16.60.255 scope global eth1
配置连接的DNS
# 设定单个DNSnmcli connection modify static-eth1 ipv4.dns DNS1# 设定多个DNSnmcli connection modify static-eth1 ipv4.dns "DNS1 DNS2"# 以上命令会替换之前的DNS设置# 添加某个连接的DNS,需要使用前缀“+”nmcli connection modify static-eth1 +ipv4.dns DNS3## e.g. 配置static-eth1连接的DNS[root@localhost ~]# grep DNS /etc/sysconfig/network-scripts/ifcfg-static-eth1IPV6_PEERDNS=yes[root@localhost ~]# nmcli c mod static-eth1 ipv4.dns "114.114.114.114 223.5.5.5"# 修改连接后,需要重新激活[root@localhost ~]# nmcli c up static-eth1Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/4)[root@localhost ~]# grep DNS /etc/sysconfig/network-scripts/ifcfg-static-eth1DNS1=114.114.114.114DNS2=223.5.5.5IPV6_PEERDNS=yes# 新增DNS[root@localhost ~]# nmcli c mod static-eth1 +ipv4.dns 223.5.5.6[root@localhost ~]# nmcli c up static-eth1Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/5)[root@localhost ~]# grep DNS /etc/sysconfig/network-scripts/ifcfg-static-eth1DNS1=114.114.114.114DNS2=223.5.5.5DNS3=223.5.5.6IPV6_PEERDNS=yes
设置主机名
# 查询当前主机名nmcli general hostname# 更改主机名nmcli general hostname my-hostname# 重启hostnamed服务systemctl restart systemd-hostnamed
CentOS7下的主机名管理是基于系统服务systemd-hostnamed,服务自身提供了hostnamectl命令用于修改主机名,推荐这种方式进行修改;
使用nmcli命令更改主机名时,systemd-hostnamed服务并不知晓 /etc/hostname 文件被修改,因此需要重启服务去读取配置;
命令交互模式
nmcli con edit# Valid connection types: generic, 802-3-ethernet (ethernet), pppoe, 802-11-wireless (wifi), wimax, gsm, cdma, infiniband, adsl, bluetooth, vpn, 802-11-olpc-mesh (olpc-mesh), vlan, bond, team, bridge, bond-slave, team-slave, bridge-slave# 也可以直接指定connection-name进行交互修改# 还是非交互配置方便
接口绑定(interface bonding)
CentOS7下新增了一种特性team,用于取代bond。
接口绑定步骤是:创建一个组接口(Team interface), 创建一个接口连接,指定网卡接口(device)到组接口里
nmcli connection add type team con-name connection-name ifname interface-name [config JSON]# JSON 指定所使用的处理器(runner)。JSON语法 '{"runner":{"name":"METHOD"}}' # METHOD可以是:broadcast、activebackup、roundrobin、loadbalance 或者 lacpnmcli connection add type team-slave con-name connection-name ifname interface-name master team-name## e.g. 创建组接口team0,并把eth1和eth2加入其中,网段为192.168.233.0/24[root@localhost ~]# nmcli d statusDEVICE TYPE STATE CONNECTIONeth0 ethernet connected eth0eth1 ethernet connected Wired connection 1eth2 ethernet connected Wired connection 2lo loopback unmanaged --[root@localhost ~]# nmcli c showNAME UUID TYPE DEVICEWired connection 2 34494b9d-f056-4f30-841c-7e6fad3b73d0 802-3-ethernet eth2Wired connection 1 b7ca472c-67f7-4885-ba3b-1b572d3e0d40 802-3-ethernet eth1eth0 54bd03bd-1300-409b-974f-d98ed3bb8891 802-3-ethernet eth0[root@localhost ~]# nmcli c del "Wired connection 2"[root@localhost ~]# nmcli c del "Wired connection 1"[root@localhost ~]# nmcli c showNAME UUID TYPE DEVICEeth0 54bd03bd-1300-409b-974f-d98ed3bb8891 802-3-ethernet eth0[root@localhost ~]# nmcli d statusDEVICE TYPE STATE CONNECTIONeth0 ethernet connected eth0eth1 ethernet disconnected --eth2 ethernet disconnected --lo loopback unmanaged --# 创建组接口,并分配ip地址[root@localhost ~]# nmcli c add type team con-name team0 ifname team0 config '{"runner":{"name":"activebackup"}}' ip4 192.168.233.10/24 gw4 192.168.233.2Connection 'team0' (4e75c1da-6ce5-4cbc-85fe-da5aa289b7d8) successfully added.[root@localhost ~]# nmcli c mod team0 ipv4.dns "114.114.114.114 223.5.5.5"[root@localhost ~]# nmcli c showNAME UUID TYPE DEVICEeth0 54bd03bd-1300-409b-974f-d98ed3bb8891 802-3-ethernet eth0team0 4e75c1da-6ce5-4cbc-85fe-da5aa289b7d8 team team0# 将网卡接口加入到组接口中[root@localhost ~]# nmcli c add type team-slave ifname eth1 master team0Connection 'team-slave-eth1' (3ef0011b-6b69-4dfb-998b-13bf3d729c9c) successfully added.[root@localhost ~]# nmcli c add type team-slave ifname eth2 master team0Connection 'team-slave-eth2' (fe3fc939-dbff-485e-aef6-9fbf9f807926) successfully added.# 启动组接口[root@localhost ~]# nmcli c up team0Connection successfully activated (master waiting for slaves) (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/6)# 查看 team0 当前活动的端口,活动端口基于接口的连接[root@localhost ~]# teamnl team0 ports 4: eth2: up 1000Mbit FD 3: eth1: up 1000Mbit FD[root@localhost ~]# nmcli d statusDEVICE TYPE STATE CONNECTIONeth0 ethernet connected eth0eth1 ethernet connected team-slave-eth1eth2 ethernet connected team-slave-eth2team0 team connected team0lo loopback unmanaged --[root@localhost ~]# nmcli c showNAME UUID TYPE DEVICEeth0 54bd03bd-1300-409b-974f-d98ed3bb8891 802-3-ethernet eth0team-slave-eth2 fe3fc939-dbff-485e-aef6-9fbf9f807926 802-3-ethernet eth2team-slave-eth1 3ef0011b-6b69-4dfb-998b-13bf3d729c9c 802-3-ethernet eth1team0 4e75c1da-6ce5-4cbc-85fe-da5aa289b7d8 team team0[root@localhost ~]# ip a s team05: team0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP link/ether 00:0c:29:d0:a2:77 brd ff:ff:ff:ff:ff:ff inet 192.168.233.10/24 brd 192.168.233.255 scope global team0 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fed0:a277/64 scope link valid_lft forever preferred_lft forever[root@localhost ~]# teamdctl team0 statesetup: runner: activebackupports: eth2 link watches: link summary: up instance[link_watch_0]: name: ethtool link: up eth1 link watches: link summary: up instance[link_watch_0]: name: ethtool link: uprunner: active port: eth1[root@localhost ~]# nmcli c show team0connection.id: team0connection.uuid: 4e75c1da-6ce5-4cbc-85fe-da5aa289b7d8connection.interface-name: team0connection.type: teamconnection.autoconnect: yesconnection.autoconnect-priority: 0connection.timestamp: 1464621245connection.read-only: noconnection.permissions:connection.zone: --connection.master: --connection.slave-type: --connection.secondaries:connection.gateway-ping-timeout: 0ipv4.method: manualipv4.dns: 114.114.114.114,223.5.5.5ipv4.dns-search:ipv4.addresses: 192.168.233.10/24ipv4.gateway: 192.168.233.2ipv4.routes:ipv4.route-metric: -1ipv4.ignore-auto-routes: noipv4.ignore-auto-dns: noipv4.dhcp-client-id: --ipv4.dhcp-send-hostname: yesipv4.dhcp-hostname: --ipv4.never-default: noipv4.may-fail: yesipv6.method: autoipv6.dns:ipv6.dns-search:ipv6.addresses:ipv6.gateway: --ipv6.routes:ipv6.route-metric: -1ipv6.ignore-auto-routes: noipv6.ignore-auto-dns: noipv6.never-default: noipv6.may-fail: yesipv6.ip6-privacy: -1 (unknown)ipv6.dhcp-send-hostname: yesipv6.dhcp-hostname: --team.config: {"runner":{"name":"activebackup"}}GENERAL.NAME: team0GENERAL.UUID: 4e75c1da-6ce5-4cbc-85fe-da5aa289b7d8GENERAL.DEVICES: team0GENERAL.STATE: activatedGENERAL.DEFAULT: noGENERAL.DEFAULT6: noGENERAL.VPN: noGENERAL.ZONE: --GENERAL.DBUS-PATH: /org/freedesktop/NetworkManager/ActiveConnection/6GENERAL.CON-PATH: /org/freedesktop/NetworkManager/Settings/3GENERAL.SPEC-OBJECT: /GENERAL.MASTER-PATH: --IP4.ADDRESS[1]: 192.168.233.10/24IP4.GATEWAY: 192.168.233.2IP4.DNS[1]: 114.114.114.114IP4.DNS[2]: 223.5.5.5IP6.ADDRESS[1]: fe80::20c:29ff:fed0:a277/64
测试的话,可以开个ping窗口持续ping,然后禁用team0组中的eth2;理论上ping包是不会丢失的。
# 关闭eth2网卡,看ping状态[root@localhost ~]# nmcli d dis eth2Device 'eth2' successfully disconnected.[root@localhost ~]# teamdctl team0 statesetup: runner: activebackupports: eth1 link watches: link summary: up instance[link_watch_0]: name: ethtool link: uprunner: active port: eth1[root@localhost ~]# nmcli d con eth2Device 'eth2' successfully activated with 'fe3fc939-dbff-485e-aef6-9fbf9f807926'.[root@localhost ~]# teamdctl team0 statesetup: runner: activebackupports: eth1 link watches: link summary: up instance[link_watch_0]: name: ethtool link: up eth2 link watches: link summary: up instance[link_watch_0]: name: ethtool link: uprunner: active port: eth1[root@localhost ~]# teamnl team0 options queue_id (port:eth2) 0 priority (port:eth2) 0 user_linkup_enabled (port:eth2) false user_linkup (port:eth2) true enabled (port:eth2) false queue_id (port:eth1) 0 priority (port:eth1) 0 user_linkup_enabled (port:eth1) false user_linkup (port:eth1) true enabled (port:eth1) true activeport 3 mcast_rejoin_interval 0 mcast_rejoin_count 1 notify_peers_interval 0 notify_peers_count 1 mode activebackup
作者:无限小BUG
链接:http://www.jianshu.com/p/5d5560e9e26a
來源:简书
著作权归作者所有。商业转载请联系作者获得授权,非商业转载请注明出处。
- CentOS 7 下网络管理之命令行工具nmcli
- Nmcli 网络管理命令行工具
- Nmcli 网络管理命令行工具基础
- Nmcli 网络管理命令行工具基础
- centos 7 nmcli 常用命令
- CentOS使用nmcli配置网络
- CentOS 命令行下网络配置
- CentOS 7 下的网络配置工具
- nmcli 工具---待整理
- 使用nmcli配置网络
- 模拟浏览器自动化测试工具Selenium之五Centos系统命令行下部署selenium环境试验
- CentOS7 网络设置-nmcli/nmtui
- nmcli
- windows网络管理 命令行
- Linux下mysql数据库服务管理与命令行工具
- 命令行下强大的虚拟网络配置工具—vnetlib
- 网络管理之IP计算工具
- CentOS命令行修改网络配置
- mysql的锁
- python统计序列中元素出现的频率
- n2n将P2P从应用搬到网络
- 二分查找算法及python实现
- 微擎多个平台、域名共用一个公众号Oauth回调域名终极解决方案
- CentOS 7 下网络管理之命令行工具nmcli
- iOS 集合的深复制与浅复制
- 接口自动化测试环境搭建(unittest+requests+HTMLTestRunner)
- Tarjan
- bzoj1692 后缀数组模板
- Logback使用
- 006 函数极限性质之保号性及局部有界性
- 大数据(二十)Hive【Hive安装配置(远端数据库模式)】
- 关于修改java代码后得重启Tomcat等服务器的问题