21CTO 导读:
作为一名Linux管理员,或者即使是刚刚开始使用 Linux 的新手,充分了解解决网络问题时有用的命令也是至关重要的。
我们将探讨用于诊断和解决常见网络问题的 10 个基本 Linux 命令。每个命令都将附有实际示例,以说明其用法与有效性。
1. ping
例如:ping www.21cto.com
[root@VM-0-5-centos ~]# ping www.21cto.com
PING www.21cto.com (81.70.105.8) 56(84) bytes of data.
64 bytes from 81.70.105.8 (81.70.105.8): icmp_seq=1 ttl=63 time=0.228 ms
64 bytes from 81.70.105.8 (81.70.105.8): icmp_seq=2 ttl=63 time=0.285 ms
64 bytes from 81.70.105.8 (81.70.105.8): icmp_seq=3 ttl=63 time=0.282 ms
64 bytes from 81.70.105.8 (81.70.105.8): icmp_seq=4 ttl=63 time=0.268 ms
64 bytes from 81.70.105.8 (81.70.105.8): icmp_seq=5 ttl=63 time=0.211 ms
--- www.21cto.com ping statistics ---
13 packets transmitted, 13 received, 0% packet loss, time 12018ms
rtt min/avg/max/mdev = 0.200/0.233/0.285/0.027 ms
ping 命令使用ICMP协议。
ICMP代表互网际网络控制消息协议(Internet Control Message Protocol),ICMP是网络设备用来通信的网络层协议。
ping有助于测试主机的可达性,帮助我们查找源和目标之间的延迟情况。
2.traceroute
例子:traceroute baidu.com
如果显示:
-bash: traceroute: command not found
表示没有安装此工具,可以使用根据自己当前操作系统环境安装。
Ubuntu类:
# For Debian based distributions like Ubuntu
sudo apt-get install traceroute
CentOS:
# For RPM based distributions like CentOS
sudo yum install traceroute
接下来,我们再来尝试:
[root@VM-0-5-centos ~]# traceroute baidu.com
traceroute to baidu.com (39.156.66.10), 30 hops max, 60 byte packets
1 * * *
2 11.66.248.84 (11.66.248.84) 0.293 ms * *
3 * * *
4 10.200.46.253 (10.200.46.253) 0.631 ms 10.200.46.93 (10.200.46.93) 1.152 ms 10.196.89.113 (10.196.89.113) 0.628 ms
5 * * *
6 39.156.0.81 (39.156.0.81) 2.165 ms 2.649 ms 2.702 ms
7 111.13.188.38 (111.13.188.38) 4.329 ms 111.13.0.174 (111.13.0.174) 4.259 ms 111.13.188.38 (111.13.188.38) 4.488 ms
8 39.156.27.5 (39.156.27.5) 4.441 ms 4.458 ms 3.997 ms
9 39.156.67.17 (39.156.67.17) 3.914 ms 39.156.67.1 (39.156.67.1) 14.343 ms 13.673 ms
Traceroute显示数据包到达目标主机所经过的路由。它显示路径上路由器的 IP 地址,并计算每一跳的往返时间 (RTT)。
Traceroute可以帮助我们识别网络拥塞或者路由问题。
3. netstat
例子:netstat -tulpn
[root@VM-0-5-centos ~]# netstat -tulpn
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:6379 0.0.0.0:* LISTEN 870/redis-server 12
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 1188/nginx: master
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/systemd
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1188/nginx: master
tcp 0 0 0.0.0.0:7001 0.0.0.0:* LISTEN 2059145/sshd: /usr/
tcp6 0 0 :::3306 :::* LISTEN 819/mysqld
tcp6 0 0 ::1:6379 :::* LISTEN 870/redis-server 12
tcp6 0 0 :::33060 :::* LISTEN 819/mysqld
tcp6 0 0 :::443 :::* LISTEN 1188/nginx: master
tcp6 0 0 :::111 :::* LISTEN 1/systemd
tcp6 0 0 :::80 :::* LISTEN 1188/nginx: master
tcp6 0 0 :::7001 :::* LISTEN 2059145/sshd: /usr/
udp 0 0 0.0.0.0:111 0.0.0.0:* 1/systemd
udp 0 0 127.0.0.1:323 0.0.0.0:* 666/chronyd
udp6 0 0 :::111 :::* 1/systemd
udp6 0 0 ::1:323 :::* 666/chronyd
Netstat 显示网络连接、路由表、接口统计信息、伪装连接和多重广播成员资格。它对于排除网络连接故障、识别开放端口和监控网络性能非常有用。
4.ifconfig/ip
例子:ifconfig 或 ifconfig
[root@VM-0-5-centos ~]# ifconfig eth0
eth0: flags=4163 mtu 1500,broadcast,running,multicast>
inet 172.21.0.5 netmask 255.255.240.0 broadcast 172.21.15.255
inet6 fe80::5054:ff:feca:cdf8 prefixlen 64 scopeid 0x20
ether 52:54:00:ca:cd:f8 txqueuelen 1000 (Ethernet)
RX packets 80835008 bytes 32467819740 (30.2 GiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 96298531 bytes 91472563700 (85.1 GiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ifconfig命令ip用于查看和配置网络参数。它们提供有关每个接口的 IP 地址、子网掩码、MAC 地址和网络状态的信息。
5.tcpdump
tcpdump也是一个外部工具,如果显示没有此命令,请使用如下方式安装:
yum install tcpdump
例子:tcpdump -i eth0 tcp port 80
[root@VM-0-5-centos ~]# tcpdump -i eth0 tcp port 80
dropped privs to tcpdump
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
12:03:17.585041 IP VM-0-5-centos.39012 > 169.254.0.4.http: Flags [S], seq 1262259857, win 32120, options [mss 1460,sackOK,TS val 2931024914 ecr 0,nop,wscale 7], length 0
12:03:17.594474 IP 169.254.0.4.http > VM-0-5-centos.39012: Flags [S.], seq 3139790384, ack 1262259858, win 65535, options [mss 1424,nop,nop,sackOK,nop,wscale 9], length 0
12:03:17.594522 IP VM-0-5-centos.39012 > 169.254.0.4.http: Flags [.], ack 1, win 251, length 0
12:03:17.594599 IP VM-0-5-centos.39012 > 169.254.0.4.http: Flags [P.], seq 1:182, ack 1, win 251, length 181: HTTP: POST /ca_report.cgi HTTP/1.1
12:03:17.604056 IP 169.254.0.4.http > VM-0-5-centos.39012: Flags [.], ack 182, win 131, length 0
12:03:17.604092 IP VM-0-5-centos.39012 > 169.254.0.4.http: Flags [P.], seq 182:558, ack 1, win 251, length 376: HTTP
12:03:17.613436 IP 169.254.0.4.http > VM-0-5-centos.39012: Flags [.], ack 558, win 133, length 0
12:03:17.620508 IP 169.254.0.4.http > VM-0-5-centos.39012: Flags [P.], seq 1:217, ack 558, win 133, length 216: HTTP: HTTP/1.1 200 OK
12:03:17.620508 IP 169.254.0.4.http > VM-0-5-centos.39012: Flags [F.], seq 217, ack 558, win 133, length 0
12:03:17.620539 IP VM-0-5-centos.39012 > 169.254.0.4.http: Flags [.], ack 217, win 250, length 0
12:03:17.621059 IP VM-0-5-centos.39012 > 169.254.0.4.http: Flags [F.], seq 558, ack 218, win 250, length 0
12:03:17.630405 IP 169.254.0.4.http > VM-0-5-centos.39012: Flags [.], ack 559, win 133, length 0
12:03:18.291765 IP VM-0-5-centos.39028 > 169.254.0.4.http: Flags [S], seq 2462459289, win 32120, options [mss 1460,sackOK,TS val 2931025621 ecr 0,nop,wscale 7], length 0
12:03:18.301176 IP 169.254.0.4.http > VM-0-5-centos.39028: Flags [S.], seq 333977930, ack 2462459290, win 65535, options [mss 1424,nop,nop,sackOK,nop,wscale 9], length 0
^C
108 packets captured
108 packets received by filter
0 packets dropped by kernel
tcpdump是一个实时捕获和显示网络流量的数据包分析器。
tcpdump对于排除网络问题、分析数据包内容和识别异常网络行为非常有价值。用于tcpdump检查特定接口或端口上的数据包。
6. nslookup/dig
示例:nslookup google.com
如果你的系统显示没有找到该命令,请使用如下命令安装:
yum install bind-utils
接下来我们来运行:
[root@VM-0-5-centos ~]# nslookup google.com
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
Name: google.com
Address: 142.251.43.14
下一步,我们使用dig:
[root@VM-0-5-centos ~]# dig google.com
; <<>> DiG 9.16.23-RH <<>> google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49289
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 7 IN A 93.46.8.90
;; Query time: 5 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 04 12:10:21 CST 2024
;; MSG SIZE rcvd: 44
nslookup和dig都是 DNS 查找工具,用于查询 DNS 服务器进行域名解析。它们提供有关与域名关联的 IP 地址的信息,并帮助诊断与 DNS 相关的问题,例如 DNS 配置不正确或服务器不可用时。
7. iptables/firewalld
示例:iptables -L或firewall-cmd --list-all
[root@VM-0-5-centos ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
iptables和firewalld是用于配置数据包过滤和网络地址转换 ( NAT ) 规则的防火墙管理工具。它们控制传入和传出流量并保护系统免受未经授权的访问。使用它们来诊断与防火墙相关的问题并确保正常的流量。
8.ss
例子:ss -tulpn
[root@VM-0-5-centos ~]# ss -tuplpn
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
udp UNCONN 0 0 0.0.0.0:111 0.0.0.0:* users:(("rpcbind",pid=653,fd=5),("systemd",pid=1,fd=118))
udp UNCONN 0 0 127.0.0.1:323 0.0.0.0:* users:(("chronyd",pid=666,fd=5))
udp UNCONN 0 0 [::]:111 [::]:* users:(("rpcbind",pid=653,fd=7),("systemd",pid=1,fd=120))
udp UNCONN 0 0 [::1]:323 [::]:* users:(("chronyd",pid=666,fd=6))
tcp LISTEN 0 511 127.0.0.1:6379 0.0.0.0:* users:(("redis-server",pid=870,fd=6))
tcp LISTEN 0 511 0.0.0.0:443 0.0.0.0:* users:(("nginx",pid=1192,fd=9),("nginx",pid=1190,fd=9),("nginx",pid=1188,fd=9))
tcp LISTEN 0 4096 0.0.0.0:111 0.0.0.0:* users:(("rpcbind",pid=653,fd=4),("systemd",pid=1,fd=117))
tcp LISTEN 0 511 0.0.0.0:80 0.0.0.0:* users:(("nginx",pid=1192,fd=7),("nginx",pid=1190,fd=7),("nginx",pid=1188,fd=7))
tcp LISTEN 0 128 0.0.0.0:7001 0.0.0.0:* users:(("sshd",pid=2059145,fd=3))
tcp LISTEN 0 151 *:3306 *:* users:(("mysqld",pid=819,fd=24))
tcp LISTEN 0 511 [::1]:6379 [::]:* users:(("redis-server",pid=870,fd=7))
tcp LISTEN 0 70 *:33060 *:* users:(("mysqld",pid=819,fd=21))
tcp LISTEN 0 511 [::]:443 [::]:* users:(("nginx",pid=1192,fd=8),("nginx",pid=1190,fd=8),("nginx",pid=1188,fd=8))
tcp LISTEN 0 4096 [::]:111 [::]:* users:(("rpcbind",pid=653,fd=6),("systemd",pid=1,fd=119))
tcp LISTEN 0 511 [::]:80 [::]:* users:(("nginx",pid=1192,fd=10),("nginx",pid=1190,fd=10),("nginx",pid=1188,fd=10))
tcp LISTEN 0 128 [::]:7001 [::]:* users:(("sshd",pid=2059145,fd=4))
ss是一个调查Socket的实用程序。它显示有关 TCP、UDP 和 UNIX 域Socket的信息,包括侦听和已建立的连接、连接状态和进程 ID。ss对于解决与套接字相关的问题和监视网络活动非常有用。
9.arp
例子:arp -a
[root@VM-0-5-centos ~]# arp -a
_gateway (172.21.0.1) at fe:ee:0b:ca:e5:69 [ether] on eth0
arp(地址解析协议)显示和修改内核使用的 IP 到 MAC 地址转换表。它将 IP 地址解析为 MAC 地址,反之亦然。arp有助于解决与网络设备发现和地址解析相关的问题。
10. mtr
例子:mtr
如果没有安装此外部命令,请先安装。如CentOS:
yum install mtr
接下来运行:
My traceroute [v0.94]
VM-0-5-centos (::1) -> localhost 2024-05-04T12:20:37+0800
Keys: Help Display mode Restart statistics Order of fields quit
Packets Pings
Host Loss% Snt Last Avg Best Wrst StDev
1. VM-0-5-centos 0.0% 14 0.1 0.1 0.1 0.1 0.0
mtrping(我的跟踪路由)是将ping和traceroute结合到一个诊断工具中。它持续探测主机和目的地之间的网络路径,显示有关数据包丢失、延迟和路由更改的详细统计信息。Mtr非常适合诊断间歇性网络问题和监控一段时间内的网络性能。
掌握这些命令对于解决 Linux 主机上的网络问题非常有用。