手册:MIPS/安装/配置网络

From Gentoo Wiki
Jump to:navigation Jump to:search
This page is a translated version of the page Handbook:MIPS/Installation/Networking and the translation is 100% complete.
MIPS 手册
安装
关于安装
选择安装媒介
配置网络
准备磁盘
安装 stage3
安装基础系统
配置内核
配置系统
安装系统工具
配置引导程序
安装收尾
使用 Gentoo
Portage 介绍
USE 标记
Portage 功能特性
Initscript 系统
环境变量
使用 Portage
文件和目录
变量
混合使用不同的软件分支
额外的工具
自定义软件包仓库
高级特性
配置网络
开始
高级配置
模块化网络
无线网络
添加功能
动态管理


自动网络检测配置

它能够自动检测到么?

如果系统接入到一个有 DHCP 服务器的以太网络,那么很可能会自动配置好网络。这样的话,安装媒介所包含的很多网络命令,比如sshscppingirssiwgetlinks,以及其他的一些命令, 都可以立即工作。

使用DHCP

DHCP(动态主机配置协议)使自动接受网络信息(IP地址、掩码、广播地址、网关、名称服务器等)变得容易。这只在网络中有DHCP服务器(或者如果ISP提供商提供一个DHCP服务)时有用。要使一个网络接口自动接受信息,使用dhcpcd

DHCP requires that a server be running on the same Layer 2 (Ethernet) segment as the client requesting a lease. DHCP is often used on RFC1918 (private) networks, but is also used to acquire public IP information from ISPs.

提示
Official Gentoo boot media runs dhcpcd automatically at startup. This behavior can be disabled by adding the nodhcp argument to the boot media kernel commandline.

If it is not already running, dhcpcd can be started on enp1s0 with:

root #dhcpcd enp1s0

一些网络管理员要求你使用DHCP服务器所提供的主机名和域名。 这种情况下请用:

root #dhcpcd -HD enp1s0

如果要停止 dhcpcd,可以使用 -x

root #dhcpcd -x
sending signal Term to pid 10831
waiting for pid 10831 to exit
另请参阅
使用 Dhcpcd

测试网络

A properly configured default route is a critical component of Internet connectivity, route configuration can be checked with:

root #ip route
default via 192.168.0.1 dev enp1s0

If no default route is defined, Internet connectivity is unavailable, and additional configuration is required.

Basic internet connectivity can be confirmed with a ping:

root #ping -c 3 1.1.1.1
提示
It's helpful to start by pinging a known IP address instead of a hostname. This can isolate DNS issues from basic Internet connectivity issues.

Outbound HTTPS access and DNS resolution can be confirmed with:

root #curl --location gentoo.org --output /dev/null

如果这些都工作,则本章节中其余的部分可跳过,直接跳到安装介绍的下一步骤(准备磁盘)。

If curl reports an error, but Internet-bound pings work, DNS may need configuration.

If Internet connectivity has not been established, first interface information should be verified, then:

获取接口信息

If networking doesn't work out of the box, additional steps must be taken to enable Internet connectivity. Generally, the first step is to enumerate host network interfaces.

ip 命令,属于 sys-apps/iproute2 软件包,他可以用来查询和配置系统网络。

link 参数可以用来显示网络接口的链接:

root #ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
4: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
    link/ether e8:40:f2:ac:25:7a brd ff:ff:ff:ff:ff:ff

address 参数可以查询设备地址信息:

root #ip address
2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether e8:40:f2:ac:25:7a brd ff:ff:ff:ff:ff:ff
    inet 10.0.20.77/22 brd 10.0.23.255 scope global enp1s0
       valid_lft forever preferred_lft forever
    inet6 fe80::ea40:f2ff:feac:257a/64 scope link 
       valid_lft forever preferred_lft forever

The output of this command contains information for each network interface on the system. Entries begin with the device index, followed by the device name: enp1s0.

提示
如果使用标准的ifconfig命令没有显示出接口,尝试使用带有-a选项的相同的命令。这个选项强制这个工具去显示系统检测到的所有的网络接口,不管他们是up或down状态。如果ifconfig -a没有提供结果,则硬件有错误或者接口驱动没有加载到内核中。这些情况都超过本手册的范围。联系#gentoo (webchat)需求支持。

为了保持一致性,本手册中假设主要的网络接口为 enp1s0

因为名称变成了预测的网络接口名称(Predictable Network Interface Names), 所以系统的接口名称可能和旧的 eth0 命名规则很不一样。近期的安装媒介上常规网络接口名字可能显示为 eno0ens1enp5s0。查看 ifconfig 输出中找到有你本地网络相关的IP地址的接口。

Optional: Application specific configuration

The following methods are not generally required, but may be helpful in situations where additional configuration is required for Internet connectivity.

可选:配置网络代理

如果需要通过代理来访问互联网。那么必须为 Portage 定义代理信息,这样才能正确访问每个支持协议的代理。 Portage 使用 http_proxyftp_proxyRSYNC_PROXY 环境变量,通过 wgetrsync 的检索机制来下载软件包。

Certain text-mode web browsers such as links can also make use of environment variables that define web proxy settings; in particular for the HTTPS access it also will require the https_proxy environment variable to be defined. While Portage will be influenced without passing extra run time parameters during invocation, links will require proxy settings to be set.

大多数情况下,只要将这个环境变量定义为代理服务器主机名。在下面的例子中,假定代理服务器的主机是 proxy.gentoo.org 并且端口为 8080。

附注
下列命令中的 # 符号是注释。添加 # 符号只是为了清楚起见,在输入命令时需要输入 # 符号。

定义一个 HTTP 代理(用于 HTTP 和 HTTPS 流量):

root #export http_proxy="http://proxy.gentoo.org:8080" # 同时应用到 Portage 和 Links
root #export https_proxy="http://proxy.gentoo.org:8080" # 只应用到 Links

如果代理需要验证,使用下面的语法来设置用户名和密码:

root #export http_proxy="http://username:password@proxy.gentoo.org:8080" # 同时应用到 Portage 和 Links
root #export https_proxy="http://username:password@proxy.gentoo.org:8080" # 只应用到 Links

使用下列参数启动可以为 links 使用代理:

user $links -http-proxy ${http_proxy} -https-proxy ${https_proxy}

为 Portage 和 links 定义 FTP 代理:

root #export ftp_proxy="ftp://proxy.gentoo.org:8080" # 同时应用到 Portage 和 Links

使用下列参数启动可以为 links 使用 FTP 代理:

user $links -ftp-proxy ${ftp_proxy}

为 Portage 定义 RSYNC 代理:

root #export RSYNC_PROXY="proxy.gentoo.org:8080" # 应用到 Portage:Links 不支持 rsync 代理

对 ADSL 使用 pppoe-setup

If PPPoE is required for Internet access, the Gentoo boot media includes the pppoe-setup script to simplify ppp configuration.

安装时,pppoe-setup 会询问:

  • 连接到 ADSL 调制解调器的以太网 接口 名称。
  • PPPoE 用户名和密码。
  • DNS 服务器 IP。
  • 是否需要防火墙。
root #pppoe-setup
root #pppoe-start

In the event of failure, credentials in /etc/ppp/pap-secrets or /etc/ppp/chap-secrets should be verified. If credentials are correct, PPPoE Ethernet interface selection should be checked.

使用 PPTP

如果需要 PPTP 支持,可以使用 pptpclient,但是需要在使用前提前配置。

编辑 /etc/ppp/pap-secrets 或者 /etc/ppp/chap-secrets,让他们包含正确的用户名和密码:

root #nano /etc/ppp/chap-secrets

如果需要,继续调整/etc/ppp/options.pptp

root #nano /etc/ppp/options.pptp

配置完成后,运行 pptp(带着一些options.pptp无法设定的选项)来连接到服务器:

root #pptp <server ipv4 address>

配置 WEP

警告
Do not use WEP unless it is the only option. WEP provides essentially no security over an open network.
附注
可能只有特定的架构支持iw命令。如果这个命令不可用,检查net-wireless/iw包是否可用于当前架构。除非安装net-wireless/iw包,否则iw命令将一直不可用。

当使用一块无线(802.11)网卡,在继续之前需要先配置无线设置。要查看当前无线网卡的设置,你可以使用iw。运行iw可能会显示如下:

root #iw dev wlp9s0 info
Interface wlp9s0
	ifindex 3
	wdev 0x1
	addr 00:00:00:00:00:00
	type managed
	wiphy 0
	channel 11 (2462 MHz), width: 20 MHz (no HT), center1: 2462 MHz
	txpower 30.00 dBm

检查当前连接:

root #iw dev wlp9s0 link
Not connected.

root #iw dev wlp9s0 link
Connected to 00:00:00:00:00:00 (on wlp9s0)
	SSID: GentooNode
	freq: 2462
	RX: 3279 bytes (25 packets)
	TX: 1049 bytes (7 packets)
	signal: -23 dBm
	tx bitrate: 1.0 MBit/s
附注
一些无线网卡的设备名可能是wlan0ra0而不是 wlp9s0。运行 ip link 可以识别正确的设备名称。

对于大多数用户,只需要两个设置来连接,即ESSID(也称无线网络名称)和可选的WEP密钥。

  • 首先,确保接口处于活动状态:
root #ip link set dev wlp9s0 up
  • 连接到名为“GentooNode”的开放网络:
root #iw dev wlp9s0 connect -w GentooNode
  • 设置一个WEP密钥:使用d:前缀:
root #iw dev wlp9s0 connect -w GentooNode key 0:d:1234123412341234abcd
  • 使用ASCII WEP密钥连接:
root #iw dev wlp9s0 connect -w GentooNode key 0:some-password
附注
如果无线网络配置为WPA或WPA2,则需要使用wpa_supplicant。关于为Gentoo Linux配置无线网络的更多信息,请阅读Gentoo手册中的无线网络章节

使用iw dev wlp9s0 link确认无线设置。如果无线已经工作,继续按下一章节(了解网络属于)配置IP级别的网络选项或者使用前面描述的net-setup工具。

使用 net-setup

In cases where automatic network configuration is unsuccessful, the Gentoo boot media provides scripts to aid in network configuration. net-setup can be used to configure wireless network information and static IPs.

root #net-setup enp1s0

net-setup将会询问关于网络环境的一些问题。当所有这些完成后,网络连接就应该工作。以前面的方式测试网络连接。如果测试通过,恭喜!跳过本章节剩余部分并继续准备磁盘

重要
Network status should be tested after any configuration steps are taken. In the event that configuration scripts do not work, manual network configuration is required.

互联网和 IP 基础

If all of the above fails, the network must be configured manually. This is not particularly difficult, but should be done with consideration. This section serves to clarify terminology and introduce users to basic networking concepts pertaining to manually configuring an Internet connection.

提示
Some CPE (Carrier Provided Equipment) combines the functions of a router, access point, modem, DHCP server, and DNS server into one unit. It's important to differentiate the functions of a device from the physical appliance.

接口和地址

Network interfaces are logical representations of network devices. An interface needs an address to communicate with other devices on the network. While only a single address is required, multiple addresses can be assigned to a single interface. This is especially useful for dual stack (IPv4 + IPv6) configurations.

For consistency, this primer will assume the interface enp1s0 will be using the address 192.168.0.2.

重要
IP addresses can be set arbitrarily. As a result, it's possible for multiple devices to use the same IP address, resulting in an address conflict. Address conflicts should be avoided by using DHCP or SLAAC.
提示
IPv6 typically uses StateLess Address AutoConfiguration (SLAAC) for address configuration. In most cases, manually setting IPv6 addresses is a bad practice. If a specific address suffix is preferred, interface identification tokens can be used.

网络和 CIDR

Once an address is chosen, how does a device know how to talk to other devices?

IP addresses are associated with networks. IP networks are contiguous logical ranges of addresses.

Classless Inter-Domain Routing or CIDR notation is used to distinguish network sizes.

  • The CIDR value, often notated starting with a /, represents the size of the network.
    • The formula 2 ^ (32 - CIDR) can be used to calculate network size.
    • Once network size is calculated, usable node count must be reduced by 2.
      • The first IP in a network is the Network address, and the last is typically the Broadcast address. These addresses are special and cannot be used by normal hosts.
提示
The most common CIDR values are /24, and /32, representing 254 nodes and a single node respectively.

A CIDR of /24 is the de-facto default network size. This corresponds to a subnet mask of 255.255.255.0, where the last 8 bits are reserved for IP addresses for nodes on a network.

The notation: 192.168.0.2/24 can be interpreted as:

  • The address 192.168.0.2
  • On the network 192.168.0.0
  • With a size of 254 (2 ^ (32 - 24) - 2)
    • Usable IPs are in the range 192.168.0.1 - 192.168.0.254
  • With a broadcast address of 192.168.0.255
    • In most cases, the last address on a network is used as the broadcast address, but this can be changed.

Using this configuration, a device should be able to communicate with any host on the same network (192.168.0.0).

The Internet

Once a device is on a network, how does it know how to talk to devices on the Internet?

To communicate with devices outside of local networks, routing must be used. A router is simply a network device that forwards traffic for other devices. The term default route or gateway typically refers to whatever device on the current network is used for external network access.

提示
It's a standard practice to make the gateway the first or last IP on a network.

If an Internet-connected router is available at 192.168.0.1, it can be used as the default route, granting Internet access.

To summarize:

  • Interfaces must be configured with an address and network information, such as the CIDR value.
  • Local network access is used to access a router on the same network.
  • The default route is configured, so traffic destined for external networks is forwarded to the gateway, providing Internet access.

域名系统

Remembering IPs is hard. The Domain Name System was created to allow mapping between Domain Names and IP addresses.

Linux systems use /etc/resolv.conf to define nameservers to be used for DNS resolution.

提示
Many routers can also function as a DNS server, and using a local DNS server can augment privacy and speed up queries through caching.

Many ISPs run a DNS server that is generally advertised to the gateway over DHCP. Using a local DNS server tends to improve query latency, but most public DNS servers will return the same results, so server usage is largely based on preference.

手动配置网络

配置接口地址

重要
When manually configuring IP addresses, the local network topology must be considered. IP addresses can be set arbitrarily; conflicts may cause network disruption.

To configure enp1s0 with the address 192.168.0.2 and CIDR /24:

root #ip address add 192.168.0.2/24 dev enp1s0
提示
The start of this command can be shortened to ip a.

配置默认路由

Configuring address and network information for an interface will configure link routes, allowing communication with that network segment:

root #ip route
192.168.0.0/24 dev enp1s0 proto kernel scope link src 192.168.0.2
提示
This command can be shortened to ip r.

The default route can be set to 192.168.0.1 with:

root #ip route add default via 192.168.0.1

配置 DNS

Nameserver info is typically acquired using DHCP, but can be set manually by adding nameserver entries to /etc/resolv.conf.

警告
If dhcpcd is running, changes to /etc/resolv.conf will not persist. Status can be checked with ps x | grep dhcpcd.

nano is included in Gentoo boot media and can be used to edit /etc/resolv.conf with:

root #nano /etc/resolv.conf

Lines containing the keyword nameserver followed by a DNS server IP address are queried in order of definition:

文件 /etc/resolv.confUse Quad9 DNS.
nameserver 9.9.9.9
nameserver 149.112.112.112
文件 /etc/resolv.confUse Cloudflare DNS.
nameserver 1.1.1.1
nameserver 1.0.0.1

DNS status can be checked by pinging a domain name:

root #ping -c 3 gentoo.org

Once connectivity has been verified, continue with Preparing the disks.