Это старая версия документа.
Сетевые настройки
Ubuntu поставляется с набором графических утилит для настройки ваших сетевых устройств. Этот документ предназначен для серверных администраторов и сфокусирован на управлении вашей сетью через командную строку.
Интерфейсы Ethernet
Интерфейсы Ethernet идентифицируются системой с использованием имен ethX, где X является числовым значением. Первый интерфейс обычно обозначается как eth0, второй как eth1, и все последующие с увеличивающимися номерами по порядку.
Определение Ethernet интерфейсов
Для быстрого определения всех доступных сетевых интерфейсов вы можете использовать команду ifconfig как показано ниже.
ifconfig -a | grep eth eth0 Link encap:Ethernet HWaddr 00:15:c5:4a:16:5a
Другое приложение, которое может помочь идентифицировать все доступные вашей системе сетевые интерфейсы, это команда lshw. В примере ниже lshw показывает один Ethernet интерфейс с логическим именем eth0 вместе с информацией по шине, деталями драйвера и всеми поддерживаемыми возможностями.
sudo lshw -class network
*-network
description: Ethernet interface
product: BCM4401-B0 100Base-TX
vendor: Broadcom Corporation
physical id: 0
bus info: pci@0000:03:00.0
logical name: eth0
version: 02
serial: 00:15:c5:4a:16:5a
size: 10MB/s
capacity: 100MB/s
width: 32 bits
clock: 33MHz
capabilities: (snipped for brevity)
configuration: (snipped for brevity)
resources: irq:17 memory:ef9fe000-ef9fffff
Логические имена интерфейсов Ethernet
Логические имена интерфейсов настраиваются в файле /etc/udev/rules.d/70-persistent-net.rules. Если вы захотите определить какой интерфейс получит определенное логическое имя, найдите строку по совпадению физического MAC адреса интерфейса и измените значение NAME=ethX на желаемое логическое имя. Перегрузите систему для применения изменений.
Настройки интерфейса Ethernet
ethtool - это программа, которая показывает и изменяет настройки сетевых карт, такие как автоопределение, скорость порта, режим дуплекса и функция Wake-on-LAN (пробуждение системы через сеть). Эта программа не устанавливается по умолчанию, но доступна к установке из репозиториев.
sudo apt-get install ethtool
Ниже приведен пример как посмотреть возможности карты и настроить параметры интерфейса Ethernet.
sudo ethtool eth0
Settings for eth0:
Supported ports: [ TP ]
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Half 1000baseT/Full
Supports auto-negotiation: Yes
Advertised link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Half 1000baseT/Full
Advertised auto-negotiation: Yes
Speed: 1000Mb/s
Duplex: Full
Port: Twisted Pair
PHYAD: 1
Transceiver: internal
Auto-negotiation: on
Supports Wake-on: g
Wake-on: d
Current message level: 0x000000ff (255)
Link detected: yes
Изменения, сделанные с использованием команды ethtool, временные и будут утеряны после перезагрузки. Если вы хотите сохранить настройки, просто добавьте требуемую команду ethtool в строку pre-up в файле /etc/network/interfaces.
Ниже приведен пример как интерфейс, определенный как eth0, может быть постоянно настроен на скорость порта 1000Мб/с в режиме полного дуплекса.
auto eth0 iface eth0 inet static pre-up /sbin/ethtool -s eth0 speed 1000 duplex full
Адресация IP
The following section describes the process of configuring your systems IP address and default gateway needed for communicating on a local area network and the Internet. Temporary IP Address Assignment
For temporary network configurations, you can use standard commands such as ip, ifconfig and route, which are also found on most other GNU/Linux operating systems. These commands allow you to configure settings which take effect immediately, however they are not persistent and will be lost after a reboot.
To temporarily configure an IP address, you can use the ifconfig command in the following manner. Just modify the IP address and subnet mask to match your network requirements.
sudo ifconfig eth0 10.0.0.100 netmask 255.255.255.0
To verify the IP address configuration of eth0, you can use the ifconfig command in the following manner.
ifconfig eth0 eth0 Link encap:Ethernet HWaddr 00:15:c5:4a:16:5a
inet addr:10.0.0.100 Bcast:10.0.0.255 Mask:255.255.255.0
inet6 addr: fe80::215:c5ff:fe4a:165a/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:466475604 errors:0 dropped:0 overruns:0 frame:0
TX packets:403172654 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2574778386 (2.5 GB) TX bytes:1618367329 (1.6 GB)
Interrupt:16
To configure a default gateway, you can use the route command in the following manner. Modify the default gateway address to match your network requirements.
sudo route add default gw 10.0.0.1 eth0
To verify your default gateway configuration, you can use the route command in the following manner.
route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.0.0.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0 0.0.0.0 10.0.0.1 0.0.0.0 UG 0 0 0 eth0
If you require DNS for your temporary network configuration, you can add DNS server IP addresses in the file /etc/resolv.conf. The example below shows how to enter two DNS servers to /etc/resolv.conf, which should be changed to servers appropriate for your network. A more lengthy description of DNS client configuration is in a following section.
nameserver 8.8.8.8 nameserver 8.8.4.4
If you no longer need this configuration and wish to purge all IP configuration from an interface, you can use the ip command with the flush option as shown below.
ip addr flush eth0
Flushing the IP configuration using the ip command does not clear the contents of /etc/resolv.conf. You must remove or modify those entries manually. Dynamic IP Address Assignment (DHCP Client)
To configure your server to use DHCP for dynamic address assignment, add the dhcp method to the inet address family statement for the appropriate interface in the file /etc/network/interfaces. The example below assumes you are configuring your first Ethernet interface identified as eth0.
auto eth0 iface eth0 inet dhcp
By adding an interface configuration as shown above, you can manually enable the interface through the ifup command which initiates the DHCP process via dhclient.
sudo ifup eth0
To manually disable the interface, you can use the ifdown command, which in turn will initiate the DHCP release process and shut down the interface.
sudo ifdown eth0
Static IP Address Assignment
To configure your system to use a static IP address assignment, add the static method to the inet address family statement for the appropriate interface in the file /etc/network/interfaces. The example below assumes you are configuring your first Ethernet interface identified as eth0. Change the address, netmask, and gateway values to meet the requirements of your network.
auto eth0 iface eth0 inet static address 10.0.0.100 netmask 255.255.255.0 gateway 10.0.0.1
By adding an interface configuration as shown above, you can manually enable the interface through the ifup command.
sudo ifup eth0
To manually disable the interface, you can use the ifdown command.
sudo ifdown eth0
Loopback Interface
The loopback interface is identified by the system as lo and has a default IP address of 127.0.0.1. It can be viewed using the ifconfig command.
ifconfig lo lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:2718 errors:0 dropped:0 overruns:0 frame:0
TX packets:2718 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:183308 (183.3 KB) TX bytes:183308 (183.3 KB)
By default, there should be two lines in /etc/network/interfaces responsible for automatically configuring your loopback interface. It is recommended that you keep the default settings unless you have a specific purpose for changing them. An example of the two default lines are shown below.
auto lo iface lo inet loopback
Name Resolution
Name resolution as it relates to IP networking is the process of mapping IP addresses to hostnames, making it easier to identify resources on a network. The following section will explain how to properly configure your system for name resolution using DNS and static hostname records. DNS Client Configuration
Traditionally, the file /etc/resolv.conf was a static configuration file that rarely needed to be changed or automatically changed via DCHP client hooks. Nowadays, a computer can switch from one network to another quite often and the resolvconf framework is now being used to track these changes and update the resolver's configuration automatically. It acts as an intermediary between programs that supply nameserver information and applications that need nameserver information. Resolvconf gets populated with information by a set of hook scripts related to network interface configuration. The most notable difference for the user is that any change manually done to /etc/resolv.conf will be lost as it gets overwritten each time something triggers resolvconf. Instead, resolvconf uses DHCP client hooks, and /etc/network/interfaces to generate a list of nameservers and domains to put in /etc/resolv.conf, which is now a symlink:
/etc/resolv.conf → ../run/resolvconf/resolv.conf
To configure the resolver, add the IP addresses of the nameservers that are appropriate for your network in the file /etc/network/interfaces. You can also add an optional DNS suffix search-lists to match your network domain names. For each other valid resolv.conf configuration option, you can include, in the stanza, one line beginning with that option name with a dns- prefix. The resulting file might look like the following:
iface eth0 inet static
address 192.168.3.3 netmask 255.255.255.0 gateway 192.168.3.1 dns-search example.com dns-nameservers 192.168.3.45 192.168.8.10
The search option can also be used with multiple domain names so that DNS queries will be appended in the order in which they are entered. For example, your network may have multiple sub-domains to search; a parent domain of example.com, and two sub-domains, sales.example.com and dev.example.com.
If you have multiple domains you wish to search, your configuration might look like the following:
iface eth0 inet static
address 192.168.3.3 netmask 255.255.255.0 gateway 192.168.3.1 dns-search example.com sales.example.com dev.example.com dns-nameservers 192.168.3.45 192.168.8.10
If you try to ping a host with the name of server1, your system will automatically query DNS for its Fully Qualified Domain Name (FQDN) in the following order:
server1.example.com
server1.sales.example.com
server1.dev.example.com
If no matches are found, the DNS server will provide a result of notfound and the DNS query will fail. Static Hostnames
Static hostnames are locally defined hostname-to-IP mappings located in the file /etc/hosts. Entries in the hosts file will have precedence over DNS by default. This means that if your system tries to resolve a hostname and it matches an entry in /etc/hosts, it will not attempt to look up the record in DNS. In some configurations, especially when Internet access is not required, servers that communicate with a limited number of resources can be conveniently set to use static hostnames instead of DNS.
The following is an example of a hosts file where a number of local servers have been identified by simple hostnames, aliases and their equivalent Fully Qualified Domain Names (FQDN's).
127.0.0.1 localhost 127.0.1.1 ubuntu-server 10.0.0.11 server1 vpn server1.example.com 10.0.0.12 server2 mail server2.example.com 10.0.0.13 server3 www server3.example.com 10.0.0.14 server4 file server4.example.com
In the above example, notice that each of the servers have been given aliases in addition to their proper names and FQDN's. Server1 has been mapped to the name vpn, server2 is referred to as mail, server3 as www, and server4 as file. Name Service Switch Configuration
The order in which your system selects a method of resolving hostnames to IP addresses is controlled by the Name Service Switch (NSS) configuration file /etc/nsswitch.conf. As mentioned in the previous section, typically static hostnames defined in the systems /etc/hosts file have precedence over names resolved from DNS. The following is an example of the line responsible for this order of hostname lookups in the file /etc/nsswitch.conf.
hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4
files first tries to resolve static hostnames located in /etc/hosts.
mdns4_minimal attempts to resolve the name using Multicast DNS.
[NOTFOUND=return] means that any response of notfound by the preceding mdns4_minimal process should be treated as authoritative and that the system should not try to continue hunting for an answer.
dns represents a legacy unicast DNS query.
mdns4 represents a Multicast DNS query.
To modify the order of the above mentioned name resolution methods, you can simply change the hosts: string to the value of your choosing. For example, if you prefer to use legacy Unicast DNS versus Multicast DNS, you can change the string in /etc/nsswitch.conf as shown below.
hosts: files dns [NOTFOUND=return] mdns4_minimal mdns4
Bridging
Bridging multiple interfaces is a more advanced configuration, but is very useful in multiple scenarios. One scenario is setting up a bridge with multiple network interfaces, then using a firewall to filter traffic between two network segments. Another scenario is using bridge on a system with one interface to allow virtual machines direct access to the outside network. The following example covers the latter scenario.
Before configuring a bridge you will need to install the bridge-utils package. To install the package, in a terminal enter:
sudo apt-get install bridge-utils
Next, configure the bridge by editing /etc/network/interfaces:
auto lo iface lo inet loopback
auto br0 iface br0 inet static
address 192.168.0.10
network 192.168.0.0
netmask 255.255.255.0
broadcast 192.168.0.255
gateway 192.168.0.1
bridge_ports eth0
bridge_fd 9
bridge_hello 2
bridge_maxage 12
bridge_stp off
Enter the appropriate values for your physical interface and network.
Now restart networking to enable the bridge interface:
sudo /etc/init.d/networking restart
The new bridge interface should now be up and running. The brctl provides useful information about the state of the bridge, controls which interfaces are part of the bridge, etc. See man brctl for more information.
Resources
The Ubuntu Wiki Network page has links to articles covering more advanced network configuration.
The resolvconf man page has more information on resolvconf.
The interfaces man page has details on more options for /etc/network/interfaces.
The dhclient man page has details on more options for configuring DHCP client settings.
For more information on DNS client configuration see the resolver man page. Also, Chapter 6 of O'Reilly's Linux Network Administrator's Guide is a good source of resolver and name service configuration information.
For more information on bridging see the brctl man page and the Linux Foundation's Net:Bridge page.
