作为 Linux 管理员,或者即使您是刚开始使用 Linux 的新手,在解决网络问题时充分了解有用的命令也至关重要。

前 10 个基本 Linux 命令_运维

我们将探讨用于诊断和解决常见网络问题的 10 大基本 Linux 命令。每个命令都将附有真实世界的示例,以说明其用法和有效性。

1.ping

例:ping google.com

test@ubuntu-server ~ % ping google.com -c 5

PING google.com (142.250.189.206): 56 data bytes

64 bytes from 142.250.189.206: icmp_seq=0 ttl=58 time=14.610 ms

64 bytes from 142.250.189.206: icmp_seq=1 ttl=58 time=18.005 ms

64 bytes from 142.250.189.206: icmp_seq=2 ttl=58 time=19.402 ms

64 bytes from 142.250.189.206: icmp_seq=3 ttl=58 time=22.450 ms

64 bytes from 142.250.189.206: icmp_seq=4 ttl=58 time=15.870 ms

--- google.com ping statistics ---

5 packets transmitted, 5 packets received, 0.0% packet loss

round-trip min/avg/max/stddev = 14.610/18.067/22.450/2.749 ms

test@ubuntu-server ~ %

解释

ping使用ICMP协议,其中ICMP代表互联网控制消息协议,ICMP是网络设备用于通信的网络层协议。有助于测试主机的可访问性,还有助于查找源和目标之间的延迟。ping

2.traceroute

例:traceroute google.com

test@ubuntu-server ~ % traceroute google.com
traceroute to google.com (142.250.189.238), 64 hops max, 52 byte packets
 1  10.0.0.1 (10.0.0.1)  6.482 ms  3.309 ms  3.685 ms
 2  96.120.90.197 (96.120.90.197)  13.094 ms  10.617 ms  11.351 ms
 3  po-301-1221-rur01.fremont.ca.sfba.comcast.net (68.86.248.153)  12.627 ms  11.240 ms  12.020 ms
 4  ae-236-rar01.santaclara.ca.sfba.comcast.net (162.151.87.245)  18.902 ms  44.432 ms  18.269 ms
 5  be-299-ar01.santaclara.ca.sfba.comcast.net (68.86.143.93)  14.826 ms  13.161 ms  12.814 ms
 6  69.241.75.42 (69.241.75.42)  12.236 ms  12.302 ms
    69.241.75.46 (69.241.75.46)  15.215 ms
 7  * * *
 8  142.251.65.166 (142.251.65.166)  21.878 ms  14.087 ms
    209.85.243.112 (209.85.243.112)  14.252 ms
 9  nuq04s39-in-f14.1e100.net (142.250.189.238)  13.666 ms
    192.178.87.152 (192.178.87.152)  12.657 ms  13.170 ms
test@ubuntu-server ~ %

解释

Traceroute显示数据包到达目标主机所采用的路由。它显示沿路径的路由器的 IP 地址,并计算每个跃点的往返时间 (RTT)。帮助识别网络拥塞或路由问题。Traceroute

3. 网络统计

例:netstat -tulpn

test@ubuntu-server ~ % netstat -tuln 
Active LOCAL (UNIX) domain sockets
Address          Type   Recv-Q Send-Q            Inode             Conn             Refs          Nextref Addr
aaf06ba76e4d0469 stream      0      0                0 aaf06ba76e4d03a1                0                0 /var/run/mDNSResponder
aaf06ba76e4d03a1 stream      0      0                0 aaf06ba76e4d0469                0                0
aaf06ba76e4cd4c1 stream      0      0                0 aaf06ba76e4ccdb9                0                0 /var/run/mDNSResponder
aaf06ba76e4cace9 stream      0      0                0 aaf06ba76e4c9e11                0                0 /var/run/mDNSResponder
aaf06ba76e4d0b71 stream      0      0                0 aaf06ba76e4d0aa9                0                0 /var/run/mDNSResponder
test@ubuntu-server ~ %

解释

Netstat 显示网络连接、路由表、接口统计信息、伪装连接和组播成员资格。它可用于排除网络连接故障、识别开放端口和监视网络性能。

4.ifconfig/ip

例:ifconfig or ifconfig <interface name>

test@ubuntu-server ~ % ifconfig en0 
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	options=6460<TSO4,TSO6,CHANNEL_IO,PARTIAL_CSUM,ZEROINVERT_CSUM>
	ether 10:9f:41:ad:91:60
	inet 10.0.0.24 netmask 0xffffff00 broadcast 10.0.0.255
	inet6 fe80::870:c909:df17:7ed1%en0 prefixlen 64 secured scopeid 0xc 
	inet6 2601:641:300:e710:14ef:e605:4c8d:7e09 prefixlen 64 autoconf secured 
	inet6 2601:641:300:e710:d5ec:a0a0:cdbb:79a7 prefixlen 64 autoconf temporary 
	inet6 2601:641:300:e710::6cfc prefixlen 64 dynamic 
	nd6 options=201<PERFORMNUD,DAD>
	media: autoselect
	status: active
test@ubuntu-server ~ %

解释

ifconfig和命令用于查看和配置网络参数。它们提供有关每个接口的 IP 地址、子网掩码、MAC 地址和网络状态的信息。ip

5.tcpdump

例:tcpdump -i en0 tcp port 80

test@ubuntu-server ~ % tcpdump -i en0 tcp port 80
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on en0, link-type EN10MB (Ethernet), snapshot length 524288 bytes

0 packets captured
55 packets received by filter
0 packets dropped by kernel
test@ubuntu-server ~ %

解释

Tcpdump是一种数据包分析器,可实时捕获和显示网络流量。它对于解决网络问题、分析数据包内容和识别异常网络行为非常宝贵。用于检查特定接口或端口上的数据包。tcpdump

6. nslookup/dig

示例:或nslookup google.comdig 

test@ubuntu-server ~ % nslookup google.com
Server:		2001:558:feed::1
Address:	2001:558:feed::1#53

Non-authoritative answer:
Name:	google.com
Address: 172.217.12.110

test@ubuntu-server ~ % 

test@ubuntu-server ~ % dig google.com

; <<>> DiG 9.10.6 <<>> google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46600
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;google.com.			IN	A

;; ANSWER SECTION:
google.com.		164	IN	A	142.250.189.206

;; Query time: 20 msec
;; SERVER: 2001:558:feed::1#53(2001:558:feed::1)
;; WHEN: Mon Apr 15 22:55:35 PDT 2024
;; MSG SIZE  rcvd: 55

test@ubuntu-server ~ %

解释

nslookup并且是用于查询 DNS 服务器以进行域名解析的 DNS 查找工具。它们提供有关与域名关联的 IP 地址的信息,并帮助诊断与 DNS 相关的问题,例如不正确的 DNS 配置或服务器不可用。dig

7. iptables/防火墙

示例:或iptables -Lfirewall-cmd --list-all

test@ubuntu-server ~# iptables -L
Chain INPUT (policy ACCEPT)
target   prot opt source  destination

Chain FORWARD (policy DROP)
target   prot opt source  destination

Chain OUTPUT (policy ACCEPT)
target   prot opt source  destination
test@ubuntu-server ~#

解释

iptables并且是用于配置数据包过滤和网络地址转换 (NAT) 规则的防火墙管理工具。它们控制传入和传出流量,并保护系统免受未经授权的访问。使用它们来诊断与防火墙相关的问题并确保适当的流量。firewalld

8.ss

例:ss -tulpn

test@ubuntu-server ~#
Netid  State Recv-Q  Send-Q        Local Address:Port     Peer Address:Port
udp	   UNCONN 0        0                *:161                   *:*	
udp	   UNCONN 0        0                *:161                   *:*	
test@ubuntu-server ~#

解释

ss是用于调查套接字的实用程序。它显示有关 TCP、UDP 和 UNIX 域套接字的信息,包括侦听和已建立的连接、连接状态和进程 ID。可用于解决与套接字相关的问题和监视网络活动。ss

9.arp

例:arp -a

test@ubuntu-server ~ % arp -a
? (10.0.0.1) at 80:da:c2:95:aa:f7 on en0 ifscope [ethernet]
? (10.0.0.57) at 1c:4d:66:bb:49:a on en0 ifscope [ethernet]
? (10.0.0.83) at 3a:4a:df:fe:66:58 on en0 ifscope [ethernet]
? (10.0.0.117) at 70:2a:d5:5a:cc:14 on en0 ifscope [ethernet]
? (10.0.0.127) at fe:e2:1c:4d:b3:f7 on en0 ifscope [ethernet]
? (10.0.0.132) at bc:d0:74:9a:51:85 on en0 ifscope [ethernet]
? (10.0.0.255) at ff:ff:ff:ff:ff:ff on en0 ifscope [ethernet]
mdns.mcast.net (224.0.0.251) at 1:0:5e:0:0:fb on en0 ifscope permanent [ethernet]
? (239.255.255.250) at 1:0:5e:7f:ff:fa on en0 ifscope permanent [ethernet]
test@ubuntu-server ~ %

解释

arp(地址解析协议)显示并修改内核使用的 IP 到 MAC 地址转换表。它将 IP 地址解析为 MAC 地址,反之亦然。有助于解决与网络设备发现和地址解析相关的问题。arp

10. 港铁

例:mtr 

test.ubuntu.com (0.0.0.0)                       Tue Apr 16 14:46:40 2024
Keys: Help Display mode Restart statistics    Order of fields  quit Packets  Ping

Host                                               Loss% Snt Last Avg Best Wrst StDev
1. 10.0.0.10 								       0.0% 143  0.8 9.4  0.7  58.6 15.2
2. 10.0.2.10									   0.0% 143  0.8 9.4  0.7  58.6 15.2
3. 192.168.0.233 								   0.0% 143  0.8 9.4  0.7  58.6 15.2
4. 142.251.225.178								   0.0% 143  0.8 9.4  0.7  58.6 15.2
5. 142.251.225.177								   0.0% 143  0.8 9.4  0.7  58.6 15.2

解释

mtr(我的 traceroute)将 和 的功能组合到一个诊断工具中。它持续探测主机和目标之间的网络路径,显示有关数据包丢失、延迟和路由更改的详细统计信息。是诊断间歇性网络问题和监控网络性能随时间变化的理想选择。pingtracerouteMtr

掌握这些命令对于解决 Linux 主机上的网络问题非常有用。