document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2025-02-25 00:50:15 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #21844 from ddl-hust/master

Browse Source 
提交译文
This commit is contained in:
Xingyu.Wang 2021-05-07 16:53:58 +08:00 committed by GitHub
commit 549995ea55
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 211 additions and 218 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

218
sources/tech/20210420 A beginner-s guide to network management.md
View File

@ -1,218 +0,0 @@
[#]: subject: "A beginner's guide to network management"
[#]: via: "https://opensource.com/article/21/4/network-management"
[#]: author: "Seth Kenlon https://opensource.com/users/seth"
[#]: collector: "lujun9972"
[#]: translator: "ddl-hust"
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
A beginner's guide to network management
======
Learn how networks work and some tricks to optimize network performance
with open source.
![Tips and gears turning][1]
Most people connect to at least two networks every day. After you turn on a computer or mobile device, it connects to a local WiFi network, which in turn provides access to the interconnected network of networks that is "the internet" (a combination of the words _inter_connected _net_works).
But how do networks actually work? How does your device know how to find the internet, a shared printer, or a file share? How do these things know how to respond to your device? What tricks do system administrators use to optimize the performance of a network?
Open source is firmly embedded into networking technology, so resources on networking are freely available to anyone who wants to learn more. This article covers the basics of network management using open source.
### What is a network?
A network of computers is a collection of two or more computers that can communicate with one another. For networking to work, one machine on a network must be able to find another, and communication must be able to get from one machine to another. To resolve this requirement, two different systems were developed and defined: TCP and IP.
#### TCP for transport
For computers to communicate, there must be a means of transport for messages between them. When humans talk, the sounds of our voices are made possible by sound waves moving through air. Computers communicate with digital signals carried over Ethernet cables, radio waves, or microwaves. The specifications for this are formally defined as the [TCP protocol][2].
#### IP for addressing
For computers to address one another, they must have some means for identification. When humans address one another, we use names and pronouns. When computers address each other, they use IP addresses, such as `192.168.0.1`, which can be mapped to names, such as Laptop and Desktop or Tux or Penguin. The specifications for this are formally defined as the [IP protocol][3].
### Set up a minimal configuration
The simplest network is a two-computer network using a specially wired Ethernet cable called a **crossover cable**. A crossover cable connects and transmits signals coming from one computer to the appropriate receptors on another computer. There are also crossover adapters that convert a standard Ethernet into a crossover cable.
![Crossover cable][4]
(Seth Kenlon, [CC BY-SA 4.0][5])
With no router between the computers, all network management must be done manually on each machine, making this a good introductory exercise for networking basics.
With a crossover cable, you can connect two computers together. Because the two computers are connected directly with no network controller to offer guidance, neither computer does anything to create or join a network. Normally, this task would be prompted by a switch and a DHCP server or a router, but in this simple network setup, you are the ultimate authority.
To create a network, you first must assign an IP address to each computer. The block reserved for self-assigned IP addresses starts with `169.254`, and it's a useful convention for reminding yourself that this is a closed-loop system.
#### Find a network interface
First, you must know what network interfaces you're working with. The Ethernet port is usually designated with the term `eth` plus a number starting with `0`, but some devices are reported with different terms. You can discover the interfaces on a computer with the `ip` command:
```
$ ip address show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 ...
    link/loopback 00:00:00:00:00:00 brd ...
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> ...
    link/ether dc:a6:32:be:a3:e1 brd ...
3: wlan0: <BROADCAST,MULTICAST> ...
    link/ether dc:a6:32:be:a3:e2 brd ...
```
In this case, `eth0` turns out to be the correct interface name. However, in some cases, you'll see `en0` or `enp0s1` or something similar, so it's important to always verify a device name before using it.
#### Assign an IP address
Normally, an IP address is obtained from a router, which broadcasts offers for addresses over the network. When a computer gets connected to a network, it requests an address. The router registers which device on the network, identified by its Media Access Control (MAC) address (this has nothing to do with Apple Mac computers) has been assigned which address. That's how computers know how to find one another across a network.
In this simple network, however, there is no router handing out IP addresses or registering devices, so you must create an IP address. To assign an IP address to a computer, use the `ip` command:
```
`$ sudo ip address add 169.254.0.1 dev eth0`
```
And again on the other computer, this time incrementing the IP address by 1:
```
`$ sudo ip address add 169.254.0.2 dev eth0`
```
Now each computer has a means of transport (the crossover cable) and a way to be found on the network (a unique IP address). But this network still lacks one important element: The computers still don't know they're a member of a network.
#### Set up a route
Another task that's usually managed by a router is setting up the paths network traffic must take to get from one place to another. This is called a _routing table_, and you can think of it as a very basic city map for your network.
Currently, no routing table exists on your network. You can view your non-existent routing table with the `route` command:
```
$ route
Kernel IP routing table
Destination | Gateway | Genmask | Flags|Metric|Ref | Use | Iface
$
```
Alternatively, you can view it with the `ip` command:
```
$ ip route
$
```
You can add a route with the `ip` command:
```
$ sudo ip route \
add 169.254.0.0/24 \
dev eth0 \
proto static
```
This command adds a route to the address range (starting from `169.254.0.0` and ending at `169.254.0.255`) to the `eth0` interface. It sets the routing protocol to `static` to indicate that you, the administrator, created the route as an intentional override for any dynamic routing.
Verify your routing table with the `route` command:
```
$ route
Kernel IP routing table
Destination | Gateway | Genmask       | ... | Iface
link-local  | 0.0.0.0 | 255.255.255.0 | ... | eth0
```
Or use the `ip` command for a different view:
```
$ ip route
169.254.0.0/24 dev eth0 proto static scope link
```
#### Ping your neighbor
Now that your network has established a method of transport, a means of addressing, and a network route, you can reach hosts outside your computer. The simplest message to send another computer is a `ping`, which is conveniently also the name of the command that generates the message:
```
$ ping -c1 169.254.0.2
64 bytes from 169.254.0.2: icmp_seq=1 ttl=64 time=0.233 ms
\--- 169.254.0.2 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.244/0.244/0.244/0.000 ms
```
You can also view the neighbors you've interacted with:
```
$ ip neighbour
169.254.0.2 dev eth0 lladdr e8:6a:64:ac:ef:7c STALE
```
### Grow your network with a switch
There aren't many needs for two-node networks. Special hardware, called a network **switch**, was developed to solve this problem. A network switch allows you to attach several Ethernet cables to it, and it distributes messages indiscriminately from the computer sending it to all computers listening on the switch. All computers ignore the message except for the one with an IP address that matches the intended recipient. This makes for a relatively noisy network, but it's an easy way to physically connect a group of computers.
A physical switch for physical cables isn't practical or desired on most modern home networks, so a WiFi access point is used instead. A WiFi access point serves the same function as a switch: it allows many computers to connect to it and pass messages between them.
Access to the Internet is not just an expectation; it's usually the reason home networks exist at all. A switch or WiFi access point without access to the Internet isn't very useful, but to connect your network to another network, you need a router.
### Add a router
In practice, local networks connect many devices, and the number is growing as more devices become network-aware. Connect a network to the Internet (a network itself), and that number goes up by orders of magnitude.
It's impractical to manually configure a network, so common tasks are assigned to specific nodes on the network, and each computer runs a **daemon** (a job that runs silently in the background) to populate network settings received from authoritative servers on the network. On a home network, these jobs are often consolidated into one small embedded device, often provided by your Internet service provider (ISP), called a **router** (people sometimes incorrectly call it a modem). In a large network, each task is usually assigned to a separate dedicated server to ensure focus and resiliency. These include:
* DHCP server to assign and track IP addresses to devices joining the network
* [DNS server][6] to convert registered domain names like [redhat.com][7] to IP addresses like `209.132.183.105`)
* [Firewall][8] to protect your network from unwanted incoming traffic or forbidden outgoing traffic
* Router to efficiently direct traffic on the network, serve as a gateway to other networks (such as the Internet), and perform network address translation (NAT)
You probably have a router on your network now, and it probably manages all these tasks and possibly more. You can run[ your own open source router][9], thanks to projects like VyOS. For such a project, you should use a dedicated computer with at least two network interface controllers (NICs): one to connect to your ISP and another to connect to a switch or, more likely, a WiFi access point.
### Scale your knowledge
Regardless of how many devices are on your network or how many other networks your network connects to, the principles remain the same as with your two-node network. You need a mode of transport, a scheme for addressing, and knowledge of how to reach the network.
### Networking cheat sheet
Understanding how a network operates is vital for managing a network. You can't troubleshoot issues unless you understand the results of your tests, and you can't run tests unless you know what commands interact with your network infrastructure. For an overview of important networking commands and what kind of information you can extract with them, [download our updated networking cheat sheet][10].
Learn more about software defined networking, network functions virtualization, OpenDaylight,...
--------------------------------------------------------------------------------
via: https://opensource.com/article/21/4/network-management
作者:[Seth Kenlon][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/seth
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/gears_devops_learn_troubleshooting_lightbulb_tips_520.png?itok=HcN38NOk "Tips and gears turning"
[2]: https://tools.ietf.org/html/rfc793
[3]: https://tools.ietf.org/html/rfc791
[4]: https://opensource.com/sites/default/files/uploads/crossover.jpg "Crossover cable"
[5]: https://creativecommons.org/licenses/by-sa/4.0/
[6]: https://opensource.com/article/17/4/build-your-own-name-server
[7]: http://redhat.com
[8]: https://www.redhat.com/sysadmin/secure-linux-network-firewall-cmd
[9]: https://opensource.com/article/20/1/open-source-networking
[10]: https://opensource.com/downloads/cheat-sheet-networking

211
translated/tech/20210420 A beginner-s guide to network management.md Normal file
View File

@ -0,0 +1,211 @@
[#]: subject: "A beginner's guide to network management"
[#]: via: "https://opensource.com/article/21/4/network-management"
[#]: author: "Seth Kenlon https://opensource.com/users/seth"
[#]: collector: "lujun9972"
[#]: translator: "ddl-hust"
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
面向初学者的网络管理
======
学习网络如何工作以及使用开源工具进行网络性能调优。
![Tips and gears turning][1]
大多数人每一天至少会接触到两种类型的网络。当你打开计算机或者移动设备设备连接到本地WIFI本地WIFI然后连接到互联网"the internet"。
但是网络实际上是如何工作的?你的设备如何能够找到网络、共享打印机或文件共享?这些东西如何知道响应你的设备?系统管理员用什么措施来优化网络的性能?
开源思想在网络技术领域根深蒂固,因此任何想更多了解网络的人,可以免费获得网络相关的资源。本文使用开源技术介绍了网络管理相关的基础技术。
### 网络是什么?
网络指的是两台或者多台电脑互相通信为了使得网络能够工作一台电脑必须能够找到其他电脑为了解决这个问题两种不同的通信协议被定义TCP和IP。
### TCP传输协议
为了使得计算机之间能够通信,必须要有一种传输介质来帮助通信。人说话产生的声音通过声波来传递,计算机通过以太网电缆、无线电波或微波传输的数字信号进行通信。这方面的规范被正式定义为[TCP协议][2]。
### IP寻址
计算机必须有一些识别手段才能相互寻址。当人类相互称呼时,我们使用名字和代名词。 当计算机相互寻址时它们使用IP地址如`192.168.0.1`IP地址可以被映射到名称上如笔记本电脑、桌面、Tux或者企鹅。这种规范定义为[IP协议][3]。
### 最小配置设置
最简单的网络是两台计算机的网络,使用特殊布线方式的以太网电缆——`交叉电缆`。一条交叉电缆将来自一台计算机的信号连接并传输到另一台计算机上的相应受体。还有一些交叉适配器可以将标准的以太网转换为交叉电缆。
![Crossover cable][4]
(Seth Kenlon, [CC BY-SA 4.0][5])
由于计算机之间没有路由器,所有的网络管理都必须在每台机器上手动完成,因此这是一个很好的网络基础知识的入门练习。
用一根交叉电缆你可以把两台计算机连接在一起。因为这两台计算机是直接连接的没有网络控制器提供指导所以这两台计算机现在什么事情也没有做即没有创建一个网络也没有加入任何网络。通常情况下这项任务会由交换机和DHCP服务器或路由器来提示但在这个简单的网络设置中这一切都由你负责。
创建一个网络你必须先为每台计算机分配一个IP地址自分配的保留地址从169.254开始这是一个约定俗成的方式提醒你本IP段是一个闭环系统。
### 找寻网络接口
首先,你必须知道你正在使用什么网络接口。以太网端口通常用 "eth"加上一个从 0 开始的数字来指定,但有些设备用不同的术语来表示接口。你可以用`ip`命令来查询计算机上的接口。
```
$ ip address show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 ...
    link/loopback 00:00:00:00:00:00 brd ...
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> ...
    link/ether dc:a6:32:be:a3:e1 brd ...
3: wlan0: <BROADCAST,MULTICAST> ...
    link/ether dc:a6:32:be:a3:e2 brd ...
```
在这个例子中,`eth0`是正确的接口名称。然而,在某些情况下,你会看到`en0`或`enp0s1`或类似的东西,所以在使用设备名称之前,一定要先检查它。
### 分配IP地址
通常情况下IP地址从路由器获得的路由器在网络上广播提供地址。当一台计算机连接到一个网络时它请求一个地址。路由器通过媒体访问控制(MAC)地址识别设备注意这个Mac与苹果Mac电脑无关并被分配IP地址。这就是计算机在网络上找到彼此的方式。
在本文的简单网络中没有路由器来分配IP地址以及登记设备因此我们需要手动分配IP地址使用 `ip` 命令来给计算机分配IP地址
```
`$ sudo ip address add 169.254.0.1 dev eth0`
```
给另外一台计算机分配IP地址将IP地址号增1
```
`$ sudo ip address add 169.254.0.2 dev eth0`
```
现在计算机有了交叉电缆作为通信介质有了独一无二的IP地址用来识别身份。但是这个网络还缺少一个重要成分计算机不知道自己是网络的一部分。
### 设置路由
路由器另外的一个功能是设置从一个地方到另一个地方的网络路径,称作路由表,路由表可以简单的看作网络的城市地图。
虽然现在我们还没有设置路由表,但是我们可以通过`route`命令来查看路由表:
```
$ route
Kernel IP routing table
Destination | Gateway | Genmask | Flags|Metric|Ref | Use | Iface
$
```
同样,你可以通过`ip`命令来查看路由表:
```
$ ip route
$
```
通过`ip`命令添加一条路由信息:
```
$ sudo ip route \
add 169.254.0.0/24 \
dev eth0 \
proto static
```
这条命令为`eth0`接口添加一个地址范围(从`169.254.0.0`开始到`169.254.0.255`结束)的路由。它将路由协议设置为 `静态`,表示作为管理员的你创建了这个路由,作为对该范围内的任何动态路由进行覆盖。
通过`route`命令来查询路由表:
```
$ route
Kernel IP routing table
Destination | Gateway | Genmask       | ... | Iface
link-local  | 0.0.0.0 | 255.255.255.0 | ... | eth0
```
或者使用`ip`命令从不同角度来查询路由表:
```
$ ip route
169.254.0.0/24 dev eth0 proto static scope link
```
### 探测相邻网络
通过之前的介绍,我们的网路有了传输介质,寻址方法以及网络路由。你可以联系到你的计算机以外的主机。向另一台计算机发送的最简单的信息是 `ping`,这也是产生该信息的命令的名称。
```
$ ping -c1 169.254.0.264 bytes from 169.254.0.2: icmp_seq=1 ttl=64 time=0.233 ms\--- 169.254.0.2 ping statistics ---1 packets transmitted, 1 received, 0% packet loss, time 0msrtt min/avg/max/mdev = 0.244/0.244/0.244/0.000 ms
```
你可以通过下面的命令查询与你交互的邻居:
```
$ ip neighbour169.254.0.2 dev eth0 lladdr e8:6a:64:ac:ef:7c STALE
```
### 通过交换机扩展你的网络
只有双节点的网络的需求并不多。 为了解决这个问题,人们开发了特殊的硬件,称为网络`交换机`。网络交换机允许你将几条以太网电缆连接到它上面它将消息不加区分地从发送消息的计算机分发到交换机上所有监听的计算机。除了拥有与预期接收者相匹配的IP地址的计算机外其他所有计算机都会忽略该信息。这使得网络变得相对嘈杂但这是物理上将一组计算机连接在一起的简单方法。
在大多数现代家庭网络中用于物理电缆的物理交换机并不实用。所以WiFi接入点代替代替了物理交换机。WiFi接入点的功能与交换机相同它允许许多计算机连接到它并在它们之间传递信息。
接入互联网不仅仅是一种期望它通常是家庭网络存在的原因。没有接入互联网的交换机或WiFi接入点不是很有用但要将你的网络连接到另一个网络你需要一个路由器。
### 添加路由器
实际上,局部网络连接了许多设备,并且越来越多的设备具备联网能力,使得网络的规模呈数量级级别增长。
手动配置网络是不切实际的因此这些任务分配给网络中特定的节点来处理网络中每台计算机运行一个后台守护进程填充从网络上的权威服务器收到的网络设置。家庭网络中这些工作通常被整合到一个小型嵌入式设备中通常由你的互联网服务提供商ISP提供称为**路由器**(人们有时错误地将其称为调制解调器)。在一个大型网络中,每项工作通常被分配到一个单独的专用服务器上,以确保专用服务器能够专注于自己的工作以及保证工作弹性。这些任务包括:
- DHCP服务器为加入网络的设备分配和跟踪IP地址
- DNS服务器将诸如域名 [红帽][7]转换成IP地址`209.132.183.105`
- [防火墙][8]保护网络不受未知流量涌入攻击,或者禁止本地网络流量流出
- 路由器有效传输网络流量作为其他网络如互联网的网关并进行网络地址转换NAT
你现在的网络上可能有一个路由器它可能管理着所有这些任务甚至可能更多。感谢像VyOS这样的项目现在你可以运行[自己的开源路由器][9]。对于这样一个项目你应该使用一台专门的计算机至少有两个网络接口控制器NIC一个连接到你的ISP另一个连接到交换机或者更有可能是一个WiFi接入点。
### 扩大知识规模
无论你的网络上有多少设备,或你的网络连接到多少其他网络,其原则仍然与你的双节点网络相同。你需要一种传输方式,一种寻址方案,以及如何路由到网络。
### 网络知识小抄
了解网络是如何运作的,对管理网络至关重要。除非你了解你的测试结果,否则你无法排除问题,除非你知道哪些命令能够与你的网络设备交互,否则你无法运行测试。对于重要的网络命令的基本用法以及你可以用它们提取什么样的信息,[下载我们最新的网络小抄][10]。
--------------------------------------------------------------------------------
via: https://opensource.com/article/21/4/network-management
作者:[Seth Kenlon][a]
选题:[lujun9972][b]
译者:[ddl-hust](https://github.com/ddl-hust)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/seth
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/gears_devops_learn_troubleshooting_lightbulb_tips_520.png?itok=HcN38NOk "Tips and gears turning"
[2]: https://tools.ietf.org/html/rfc793
[3]: https://tools.ietf.org/html/rfc791
[4]: https://opensource.com/sites/default/files/uploads/crossover.jpg "Crossover cable"
[5]: https://creativecommons.org/licenses/by-sa/4.0/
[6]: https://opensource.com/article/17/4/build-your-own-name-server
[7]: http://redhat.com
[8]: https://www.redhat.com/sysadmin/secure-linux-network-firewall-cmd
[9]: https://opensource.com/article/20/1/open-source-networking
[10]: https://opensource.com/downloads/cheat-sheet-networking