过时的命令
过时的命令:arp ;ifconfig; route;netstat;mii-tool; nameif;iptunnel; ipmaddr
替代过时命令的新式命令:ip; ss;ethtool ;ifrename
1. ip
ip是iproute2工具包里面的一个命令行工具,用于配置网络接口以及路由表。
iproute2 正在逐步取代旧的 net-tools(ifconfig)。
关于新命令ip的常见用法,看下面这张图就够了。
IP.png
ip常用参数选项
-V:显示指令版本信息;
-s:输出更详细的信息;
-f:强制使用指定的协议族;
-4:指定使用的网络层协议是IPv4协议;
-6:指定使用的网络层协议是IPv6协议;
-0:输出信息每条记录输出一行,即使内容较多也不换行显示;
-r:显示主机时,不使用IP地址,而使用主机的域名。
2. ss
ss命令用来显示处于活动状态的套接字信息。ss命令可以用来获取socket统计信息,它可以显示和netstat类似的内容。但ss的优势在于它能够显示更多更详细的有关TCP和连接状态的信息,而且比netstat更快速更高效。
当服务器的socket连接数量变得非常大时,无论是使用netstat命令还是直接cat /proc/net/tcp,执行速度都会很慢。可能你不会有切身的感受,但请相信我,当服务器维持的连接达到上万个的时候,使用netstat等于浪费 生命,而用ss才是节省时间。
天下武功唯快不破。ss快的秘诀在于,它利用到了TCP协议栈中tcp_diag。tcp_diag是一个用于分析统计的模块,可以获得Linux 内核中第一手的信息,这就确保了ss的快捷高效。当然,如果你的系统中没有tcp_diag,ss也可以正常运行,只是效率会变得稍慢。
语法
ss (选项)
选项
-h:显示帮助信息;
-V:显示指令版本信息;
-n:不解析服务名称,以数字方式显示;
-a:显示所有的套接字;
-l:显示处于监听状态的套接字;
-o:显示计时器信息;
-m:显示套接字的内存使用情况;
-p:显示使用套接字的进程信息;
-i:显示内部的TCP信息;
-4:只显示ipv4的套接字;
-6:只显示ipv6的套接字;
-t:只显示tcp套接字;
-u:只显示udp套接字;
-d:只显示DCCP套接字;
-w:仅显示RAW套接字;
-x:仅显示UNIX域套接字。
显示ICP连接
root@newbie-unknown85882:~# ss -t -a
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 511 *:8888 *:*
LISTEN 0 100 *:6082 *:*
LISTEN 0 5 127.0.0.1:4 *:*
LISTEN 0 128 127.0.0.1:8 *:*
LISTEN 0 128 *:32200 *:*
LISTEN 0 5 127.0.0.1:5901 *:*
ESTAB 0 52 10.83.3.102:32200 10.83.3.11:58406
ESTAB 0 0 10.83.3.102:51386 106.2.67.75:19920
显示 Sockets 摘要
root@newbie-unknown85882:~# ss -s
Total: 115 (kernel 118)
TCP: 8 (estab 2, closed 0, orphaned 0, synrecv 0, timewait 0/0), ports 0
Transport Total IP IPv6
* 118 - -
RAW 1 1 0
UDP 4 4 0
TCP 8 8 0
INET 13 13 0
FRAG 0 0 0
root@newbie-unknown85882:~#
列出所有打开的网络连接端口
root@newbie-unknown85882:~# ss -l
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
nl UNCONN 0 0 rtnl:ntpd/623 *
nl UNCONN 0 0 rtnl:kernel *
nl UNCONN 0 0 rtnl:ntpd/623 *
nl UNCONN 4352 0 tcpdiag:ss/22134 *
nl UNCONN 768 0
...
...
tcp LISTEN 0 128 *:32200 *:*
tcp LISTEN 0 5 127.0.0.1:5901 *:*
root@newbie-unknown85882:~#
查看进程使用的socket
root@newbie-unknown85882:~# ss -pl
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
nl UNCONN 0 0 rtnl:ntpd/623 *
nl UNCONN 0 0 rtnl:kernel *
nl UNCONN 0 0 rtnl:ntpd/623 *
nl UNCONN 4352 0 tcpdiag:ss/22157 *
nl UNCONN 768 0 tcpdiag:kernel *
nl UNCONN 0 0
...
...
tcp LISTEN 0 128 *:32200 *:* users:(("sshd",pid=539,fd=3))
tcp LISTEN 0 5 127.0.0.1:5901 *:* users:(("Xtigervnc",pid=3985,fd=7))
找出打开套接字/端口应用程序
root@newbie-unknown85882:~# ss -pl | grep 32200
tcp LISTEN 0 128 *:32200 *:* users:(("sshd",pid=539,fd=3))
root@newbie-unknown85882:~#
显示所有UDP Sockets
root@newbie-unknown85882:~# ss -u -a
State Recv-Q Send-Q Local Address:Port Peer Address:Port
UNCONN 0 0 *:bootpc *:*
UNCONN 0 0 10.83.3.102:ntp *:*
UNCONN 0 0 127.0.0.1:ntp *:*
UNCONN 0 0 *:ntp *:*
root@newbie-unknown85882:~#
3. ethtool
语法
ethtool (选项)
选项
-a 查看网卡中 接收模块RX、发送模块TX和Autonegotiate模块的状态:启动on 或 停用off。
-A 修改网卡中 接收模块RX、发送模块TX和Autonegotiate模块的状态:启动on 或 停用off。
-c display the Coalesce information of the specified ethernet card。
-C Change the Coalesce setting of the specified ethernet card。
-g Display the rx/tx ring parameter information of the specified ethernet card。
-G change the rx/tx ring setting of the specified ethernet card。
-i 显示网卡驱动的信息,如驱动的名称、版本等。
-d 显示register dump信息, 部分网卡驱动不支持该选项。
-e 显示EEPROM dump信息,部分网卡驱动不支持该选项。
-E 修改网卡EEPROM byte。
-k 显示网卡Offload参数的状态:on 或 off,包括rx-checksumming、tx-checksumming等。
-K 修改网卡Offload参数的状态。
-p 用于区别不同ethX对应网卡的物理位置,常用的方法是使网卡port上的led不断的闪;N指示了网卡闪的持续时间,以秒为单位。
-r 如果auto-negotiation模块的状态为on,则restarts auto-negotiation。
-S 显示NIC- and driver-specific 的统计参数,如网卡接收/发送的字节数、接收/发送的广播包个数等。
-t 让网卡执行自我检测,有两种模式:offline or online。
-s 修改网卡的部分配置,包括网卡速度、单工/全双工模式、mac地址等。
查看网卡速度
[root@localhost~]#ethtool eth0
Settings for eth0:
Supported ports: [ TP ]
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Supported pause frame use: No
Supports auto-negotiation: Yes
Advertised link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Advertised pause frame use: No
Advertised auto-negotiation: Yes
Speed: 1000Mb/s
Duplex: Full
Port: Twisted Pair
PHYAD: 0
Transceiver: internal
Auto-negotiation: on
MDI-X: Unknown
Supports Wake-on: d
Wake-on: d
Current message level: 0x00000007 (7)
drv probe link
Link detected: yes
查看网卡eth0采用了何种驱动
[root@localhost~]#ethtool -i eth0
driver: e1000
version: 7.3.21-k8-NAPI
firmware-version:
bus-info: 0000:02:01.0
supports-statistics: yes
supports-test: yes
supports-eeprom-access: yes
supports-register-dump: yes
supports-priv-flags: no
查看网卡接收/发送数据的情况
[root@localhost~]#ethtool -S eth0
NIC statistics:
rx_packets: 2098498
tx_packets: 512
rx_bytes: 339979810
tx_bytes: 28161
rx_broadcast: 0
tx_broadcast: 0
rx_multicast: 0
tx_multicast: 0
rx_errors: 0
tx_errors: 0
tx_dropped: 0
multicast: 0
collisions: 0
rx_length_errors: 0
rx_over_errors: 0
rx_crc_errors: 0
rx_frame_errors: 0
rx_no_buffer_count: 0
rx_missed_errors: 0
tx_aborted_errors: 0
tx_carrier_errors: 0
tx_fifo_errors: 0
tx_heartbeat_errors: 0
tx_window_errors: 0
tx_abort_late_coll: 0
tx_deferred_ok: 0
tx_single_coll_ok: 0
tx_multi_coll_ok: 0
tx_timeout_count: 0
tx_restart_queue: 0
rx_long_length_errors: 0
rx_short_length_errors: 0
rx_align_errors: 0
tx_tcp_seg_good: 0
tx_tcp_seg_failed: 0
rx_flow_control_xon: 0
rx_flow_control_xoff: 0
tx_flow_control_xon: 0
tx_flow_control_xoff: 0
rx_long_byte_count: 339979810
rx_csum_offload_good: 1720975
rx_csum_offload_errors: 0
alloc_rx_buff_failed: 0
tx_smbus: 0
rx_smbus: 0
dropped_smbus: 0
4. ifrename
Name
ifrename - rename network interfaces based on various static criteria
Synopsis
ifrename [-c configfile] [-p] [-d] [-u] [-v] [-V] [-D]
ifrename [-c configfile] [-i interface] [-n newname]
Description
Ifrename is a tool allowing you to assign a consistent name to each of your network interface.
By default, interface names are dynamic, and each network interface is assigned the first available name (eth0, eth1...). The order network interfaces are created may vary. For built-in interfaces, the kernel boot time enumeration may vary. For removable interface, the user may plug them in any order.
Ifrename allow the user to decide what name a network interface will have. Ifrename can use a variety of selectors to specify how interface names match the network interfaces on the system, the most common selector is the interface MAC address.
Ifrename must be run before interfaces are brought up, which is why it's mostly useful in various scripts (init, hotplug) but is seldom used directly by the user. By default, ifrename renames all present system interfaces using mappings defined in /etc/iftab.
Parameters
-c configfile
Set the configuration file to be used (by default /etc/iftab). The configuration file define the mapping between selectors and interface names, and is described in iftab(5).
If configfile is "-", the configuration is read from stdin.
-p
Probe (load) kernel modules before renaming interfaces. By default ifrename only check interfaces already loaded, and doesn't auto-load the required kernel modules. This option enables smooth integration with system not loading modules before calling ifrename.
-d
Enable various Debian specific hacks. Combined with -p, only modules for interfaces specified in /etc/network/interface are loaded.
-i interface
Only rename the specified interface as opposed to all interfaces on the system. The new interface name is printed.
-n newname
When used with -i, specify the new name of the interface. The list of mappings from the configuration file is bypassed, the interface specified with -i is renamed directly to newname. The new name may be a wildcard containing a single '*'.
When used without -i, rename interfaces by using only mappings that would rename them to newname. The new name may not be a wildcard. This use of ifrename is discouraged, because inefficient (-n without -i). All the interfaces of the system need to be processed at each invocation, therefore in most case it is not faster than just letting ifrename renaming all of them (without both -n and -i).
-t
Enable name takeover support. This allow interface name swapping between two or more interfaces.
Takeover enable an interface to 'steal' the name of another interface. This works only with kernel 2.6.X and if the other interface is down. Consequently, this is not compatible with Hotplug. The other interface is assigned a random name, but may be renamed later with 'ifrename'.
The number of takeovers is limited to avoid circular loops, and therefore some complex multi-way name swapping situations may not be fully processed.
In any case, name swapping and the use of this feature is discouraged, and you are invited to choose unique and unambiguous names for your interfaces...
-u
Enable udev output mode. This enables proper integration of ifrename in the udev framework, udevd(8) will use ifrename to assign interface names present in /etc/iftab. In this mode the output of ifrename can be parsed directly by udevd(8) as an IMPORT action. This requires udev version 107 or later.
-D
Dry-run mode. Ifrename won't change any interface, it will only print new interface name, if applicable, and return.
In dry-run mode, interface name wildcards are not resolved. New interface name is printed, even if it is the same as the old name.
Be also aware that some selectors can only be read by root, for example those based on ethtool), and will fail silently if run by a normal user. In other words, dry-run mode under a standard user may not give the expected result.
-V
Verbose mode. Ifrename will display internal results of parsing its configuration file and querying the interfaces selectors. Combined with the dry-run option, this is a good way to debug complex configurations or trivial problems.
Files
/etc/iftab
