标题:[实践OK]Alpine Linux 网络连接工具 - iproute2 / ip ss,安装ss命令: apk add iprout2 出处:向东博客 专注WEB应用 构架之美 --- 构架之美,在于尽态极妍 | 应用之美,在于药到病除 时间:Tue, 31 Jan 2023 10:39:47 +0000 作者:jackxiang 地址:https://jackxiang.com/post/11687/ 内容: 修改源: sed -i 's/dl-cdn.alpinelinux.org/mirrors.tuna.tsinghua.edu.cn/g' /etc/apk/repositories apk update 解决找不到iprout2的步骤: apk add iprout2 ERROR: unable to select packages: iprout2 (no such package): required by: world[iprout2] 分两部分了,和之前链接说明的不一样,成功实践成功如下: apk add iproute2-ss (1/1) Installing iproute2-ss (5.12.0-r0) Executing busybox-1.33.1-r3.trigger OK: 60 MiB in 102 packages /data/www # ss -s Total: 527 TCP: 199 (estab 140, closed 42, orphaned 0, timewait 28) Transport Total IP IPv6 RAW 0 0 0 UDP 6 4 2 TCP 157 139 18 INET 163 143 20 FRAG 0 0 0 apk list|less iproute2-minimal-5.12.0-r0 于是得运行: /data/www # apk add iproute2-minimal (1/3) Installing fts (1.2.7-r1) (2/3) Installing libelf (0.182-r1) (3/3) Installing iproute2-minimal (5.12.0-r0) Executing busybox-1.33.1-r3.trigger OK: 60 MiB in 101 packages ip link list 1: lo: mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 02:50:00:00:00:01 brd ff:ff:ff:ff:ff:ff 3: tunl0@NONE: mtu 1480 qdisc noop state DOWN mode DEFAULT group default qlen 1000 link/ipip 0.0.0.0 brd 0.0.0.0 4: ip6tnl0@NONE: mtu 1452 qdisc noop state DOWN mode DEFAULT group default qlen 1000 link/tunnel6 :: brd :: permaddr 76d0:a339:d4d8:: 5: services1@if6: mtu 1500 qdisc noqueue state UP mode DEFAULT group default link/ether 4e:cc:8c:b9:b1:3d brd ff:ff:ff:ff:ff:ff link-netnsid 0 7: docker0: mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default link/ether 02:42:78:54:32:ae brd ff:ff:ff:ff:ff:ff ip route show default via 192.168.65.1 dev eth0 proto dhcp src 192.168.65.3 metric 202 10.1.0.0/16 dev cni0 proto kernel scope link src 10.1.0.1 127.0.0.0/8 dev lo scope host 172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown 192.168.65.0/24 dev eth0 proto dhcp scope link src 192.168.65.3 metric 202 192.168.65.5 dev services1 proto kernel scope link src 192.168.65.4 查看网络链接统计 命令:ss -s # ss -s Total: 8551 TCP: 5458 (estab 30, closed 5417, orphaned 5, timewait 1883) Transport Total IP IPv6 RAW 0 0 0 UDP 1 1 0 TCP 41 41 0 INET 42 42 0 FRAG 0 0 0 在服务器产生大量链接的时候,可以通过这个命令宏观的查看链接状态。 查看打开的端口 命令:ss -l # ss -l Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port nl UNCONN 0 0 rtnl:9501 * nl UNCONN 0 0 rtnl:kernel * nl UNCONN 768 0 tcpdiag:kernel * nl UNCONN 4352 0 tcpdiag:ss/1301 * nl UNCONN 0 0 xfrm:kernel * nl UNCONN 0 0 fiblookup:kernel * nl UNCONN 0 0 nft:kernel * nl UNCONN 0 0 uevent:kernel * nl UNCONN 0 0 genl:kernel * udp UNCONN 0 0 127.0.0.11:40876 0.0.0.0:* tcp LISTEN 0 1 0.0.0.0:30002 0.0.0.0:* tcp LISTEN 0 100 0.0.0.0:9080 0.0.0.0:* tcp LISTEN 0 50 0.0.0.0:5989 0.0.0.0:* tcp LISTEN 0 128 127.0.0.11:33670 0.0.0.0:* 还可以使用 -pl参数,会列出每个端口使用的进程名、pid: users:(("java",pid=1,fd=4)) 1 iproute2 命令 ip Usage: ip [ OPTIONS ] OBJECT { COMMAND | help } ip [ -force ] -batch filename where OBJECT := { link | address | addrlabel | route | rule | neigh | ntable | tunnel | tuntap | maddress | mroute | mrule | monitor | xfrm | netns | l2tp | fou | macsec | tcp_metrics | token | netconf | ila | vrf | sr } OPTIONS := { -V[ersion] | -s[tatistics] | -d[etails] | -r[esolve] | -h[uman-readable] | -iec | -j[son] | -p[retty] | -f[amily] { inet | inet6 | ipx | dnet | mpls | bridge | link } | -4 | -6 | -I | -D | -M | -B | -0 | -l[oops] { maximum-addr-flush-attempts } | -br[ief] | -o[neline] | -t[imestamp] | -ts[hort] | -b[atch] [filename] | -rc[vbuf] [size] | -n[etns] name | -a[ll] | -c[olor]} 显示网卡和IP地址 命令:ip link list # ip link lis 1: lo: mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 7058: eth0@if7059: mtu 1500 qdisc noqueue state UP mode DEFAULT group default link/ether 02:42:ac:14:00:06 brd ff:ff:ff:ff:ff:ff link-netnsid 0 显示路由 命令:ip route show # ip route show default via 172.20.0.1 dev eth0 172.20.0.0/16 dev eth0 proto kernel scope link src 172.20.0.6 显示ARP 命令:ip neigh shwo # ip neigh show 172.20.0.8 dev eth0 lladdr 02:42:ac:14:00:08 REACHABLE 172.20.0.30 dev eth0 lladdr 02:42:ac:14:00:1e REACHABLE 172.20.0.5 dev eth0 lladdr 02:42:ac:14:00:05 REACHABLE 172.20.0.27 dev eth0 lladdr 02:42:ac:14:00:1b REACHABLE 172.20.0.2 dev eth0 lladdr 02:42:ac:14:00:02 REACHABLE 172.20.0.16 dev eth0 lladdr 02:42:ac:14:00:10 REACHABLE 172.20.0.9 dev eth0 lladdr 02:42:ac:14:00:09 REACHABLE 172.20.0.31 dev eth0 lladdr 02:42:ac:14:00:1f REACHABLE 172.20.0.20 dev eth0 lladdr 02:42:ac:14:00:14 REACHABLE 172.20.0.13 dev eth0 lladdr 02:42:ac:14:00:0d REACHABLE 172.20.0.3 dev eth0 lladdr 02:42:ac:14:00:03 REACHABLE 172.20.0.17 dev eth0 lladdr 02:42:ac:14:00:11 REACHABLE 172.20.0.7 dev eth0 lladdr 02:42:ac:14:00:07 REACHABLE 172.20.0.21 dev eth0 lladdr 02:42:ac:14:00:15 REACHABLE 172.20.0.14 dev eth0 lladdr 02:42:ac:14:00:0e REACHABLE 172.20.0.28 dev eth0 lladdr 02:42:ac:14:00:1c REACHABLE 172.20.0.18 dev eth0 lladdr 02:42:ac:14:00:12 REACHABLE 172.20.0.11 dev eth0 lladdr 02:42:ac:14:00:0b REACHABLE 172.20.0.25 dev eth0 lladdr 02:42:ac:14:00:19 REACHABLE 172.20.0.22 dev eth0 lladdr 02:42:ac:14:00:16 REACHABLE 172.20.0.15 dev eth0 lladdr 02:42:ac:14:00:0f REACHABLE 172.20.0.29 dev eth0 lladdr 02:42:ac:14:00:1d REACHABLE 172.20.0.32 dev eth0 lladdr 02:42:ac:14:00:20 REACHABLE 172.20.0.4 dev eth0 lladdr 02:42:ac:14:00:04 REACHABLE 172.20.0.1 dev eth0 lladdr 02:42:a3:cf:8b:1f REACHABLE 172.20.0.23 dev eth0 lladdr 02:42:ac:14:00:17 REACHABLE Rules 命令:ip rule list 来自:https://blog.csdn.net/qq_23146469/article/details/89963264 Generated by Jackxiang's Bo-blog 2.1.1 Release