nslookup & dig
nslookup用于交互式域名解析(query Internet name servers interactively),当然也可以直接传入域名作为Ad-Hoc命令使用,比如查看google.com的ip地址:
fgp@controller:~$ nslookup google.com Server: 114.114.114.114 Address: 114.114.114.114#53 Non-authoritative answer: Name: google.com Address: 37.61.54.158
查看使用的DNS服务器地址:
fgp@controller:~$ nslookup > server Default server: 114.114.114.114 Address: 114.114.114.114#53 Default server: 8.8.8.8 Address: 8.8.8.8#53
dig命令也是域名解析工具(DNS lookup utility),不过提供的信息更全面:
fgp@controller:~$ dig google.com ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> google.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53828 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4 ;; QUESTION SECTION: ;google.com. IN A ;; ANSWER SECTION: google.com. 2730 IN A 37.61.54.158 ;; AUTHORITY SECTION: google.com. 10204 IN NS ns2.google.com. google.com. 10204 IN NS ns4.google.com. google.com. 10204 IN NS ns3.google.com. google.com. 10204 IN NS ns1.google.com. ;; ADDITIONAL SECTION: ns1.google.com. 86392 IN A 216.239.32.10 ns2.google.com. 80495 IN A 216.239.34.10 ns3.google.com. 85830 IN A 216.239.36.10 ns4.google.com. 13759 IN A 216.239.38.10 ;; Query time: 17 msec ;; SERVER: 114.114.114.114#53(114.114.114.114) ;; WHEN: Thu May 05 00:11:48 CST 2016 ;; MSG SIZE rcvd: 180
whois
whois用于查看域名所有者的信息(client for the whois directory service),比如注册邮箱、手机号码、域名服务商等:
fgp@controller:~$ whois coolshell.cn Domain Name: coolshell.cn ROID: 20090825s10001s91994755-cn Domain Status: ok Registrant ID: hc401628324-cn Registrant: 陈皓 Registrant Contact Email: haoel@hotmail.com Sponsoring Registrar: 阿里云计算有限公司(万网) Name Server: f1g1ns1.dnspod.net Name Server: f1g1ns2.dnspod.net Registration Time: 2009-08-25 00:40:26 Expiration Time: 2020-08-25 00:40:26 DNSSEC: unsigned
我们发现coolshell.cn这个域名是陈皓在万网购买注册的,注册时间是2009年,注册邮箱是haoel@hotmail.com。
route
route命令用于查看和修改路由表:
查看路由表:
fgp@controller:~$ sudo route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.1.1 0.0.0.0 UG 100 0 0 brqcb225471-1f
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 brqcb225471-1f
192.168.56.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1增加/删除路由分别为add/del子命令,比如删除默认路由:
sudo route del default增加默认路由,网关为192.168.1.1,网卡为brqcb225471-1f:
sudo route add default gw 192.168.1.1 dev brqcb225471-1fip
ip命令可以说是无比强大了,它完全可以替换ifconfig、netstat、route、arp等命令,比如查看网卡eth1 IP地址:
[] 内的内容意思是:可写可不写
如果是{},那就必须要在{}内给出的选择里选一个。
fgp@controller:~$ sudo ip addr ls dev eth1
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 08:00:27:9a:d5:d1 brd ff:ff:ff:ff:ff:ff
inet 192.168.56.2/24 brd 192.168.56.255 scope global eth1
valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:fe9a:d5d1/64 scope link
valid_lft forever preferred_lft forever查看网卡eth1配置:
fgp@controller:~$ sudo ip link ls eth1
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
link/ether 08:00:27:9a:d5:d1 brd ff:ff:ff:ff:ff:ff查看路由:
fgp@controller:~$ ip route
default via 192.168.1.1 dev brqcb225471-1f
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1
192.168.1.0/24 dev brqcb225471-1f proto kernel scope link src 192.168.1.105
192.168.56.0/24 dev eth1 proto kernel scope link src 192.168.56.2查看arp信息:
fgp@controller:~$ sudo ip neigh
192.168.56.1 dev eth1 lladdr 0a:00:27:00:00:00 REACHABLE
192.168.0.6 dev vxlan-80 lladdr fa:16:3e:e1:30:c8 PERMANENT
172.17.0.2 dev docker0 lladdr 02:42:ac:11:00:02 STALE
192.168.56.3 dev eth1 FAILED
192.168.1.1 dev brqcb225471-1f lladdr 30:fc:68:41:12:c6 STALE查看网络命名空间:
fgp@controller:~$ sudo ip netns ls
qrouter-24bf83c7-f61d-496b-8115-09f0f3d64d21
qdhcp-9284d7a8-711a-4927-8a10-605b34372768
qdhcp-cb225471-1f85-4771-b24b-a4a7108d93a4进入某个网络命名空间:
fgp@controller:~$ sudo ip netns exec qrouter-24bf83c7-f61d-496b-8115-09f0f3d64d21 bash
root@controller:~# ifconfig
qg-0d258e6d-83 Link encap:Ethernet HWaddr fa:16:3e:93:6f:a3
inet addr:172.16.1.101 Bcast:172.16.1.255 Mask:255.255.255.0
inet6 addr: fe80::f816:3eff:fe93:6fa3/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1035 errors:0 dropped:0 overruns:0 frame:0
TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:102505 (102.5 KB) TX bytes:1200 (1.2 KB)brctl
brctl是linux网桥管理工具,可用于查看网桥、创建网桥、把网卡加入网桥等。
查看网桥:
fgp@controller:~$ sudo brctl show
bridge name bridge id STP enabled interfaces
brq9284d7a8-71 8000.12841adee45f no tap36daf550-27
tape729e013-df
vxlan-80
brqcb225471-1f 8000.080027c9b4f2 no eth0
tap0d258e6d-83
tapb844e7a5-83
docker0 8000.0242e4580b61 no veth50ed8dd以上因为部署了openstack neutron以及docker,因此网桥比较复杂。 其他子命令如addbr用于创建网桥、delbr用户删除网桥(删除之前必须处于down状态,使用ip link set br_name down)、addif把网卡加到网桥等。
traceroute
ping命令用于探测两个主机间连通性以及响应速度,而traceroute会统计到目标主机的每一跳的网络状态(print the route packets trace to network host),这个命令常常用于判断网络故障,比如本地不通,可使用该命令探测出是哪个路由出问题了。如果网络很卡,该命令可判断哪里是瓶颈:
fgp@controller:~$ sudo traceroute -I -n int32bit.me
traceroute to int32bit.me (192.30.252.154), 30 hops max, 60 byte packets
1 192.168.1.1 4.610 ms 5.623 ms 5.515 ms
2 117.100.96.1 5.449 ms 5.395 ms 5.356 ms
3 124.205.97.48 5.362 ms 5.346 ms 5.331 ms
4 218.241.165.5 5.322 ms 5.310 ms 5.299 ms
5 218.241.165.9 5.187 ms 5.138 ms 7.386 ms
...可以看到,从主机到int32bit.me共经过30跳,并统计了每一跳间的响应时间。
另外可以参考tracepath。
mtr
mtr是常用的网络诊断工具(a network diagnostic tool),它把ping和traceroute并入一个程序的网络诊断工具中并实时刷新。
mtr -n int32bit.me输出如图:从图上可以看出从本地到
int32bit.me经过的所有路由,每一个路由间的丢包率、响应时间等。
浙公网安备 33010602011771号