查看网卡所在区域:
firewall-cmd --get-zone-of-interface=eno16777736

查看服务是否被允许:
firewall-cmd --zone=public --query-service=http

防火墙添加端口:

firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --permanent --zone=public --add-port=9090/tcp
firewall-cmd --reload
 firewall-cmd --permanent --zone=public --add-port=8080-8081/tcp
irewall-cmd --reload

nmcli con show [active]
nmcli con show "static-eth0"
nmcli dev status
nmcle dev show eth0
apply modification
   systemctl restart network.service
   nmcli con reload

nmcli connection show   查看链接信息
nmcli device show   查看设备信息
nmcli device status  查看设备状态

hostnamectl set-hostname desktop.group8.example.com
nmcli connection show
nmcli con modify eno16777736 ipv4.addresses "172.24.8.10/24 172.24.8.254" ipv4.dns "172.24.8.254"
nmcli con modify eno16777736 connection.autoconnect yes ipv4.method manual
nmcli con up eno16777736
systemctl restart network .service

add additional network ipv4 address
nmcli con add con-name ''yeslab" ifname eth0 type ethernet ip4 172.25.1.11/24 gw4 172.25.1.254   新建连接yeslab 并配置IP地址
nmcli con modify "yeslab" ipv4.dns 172.25.254.254                    配置yeslab连接dns
nmcli con modify "yeslab" ipv4.addresses 172.25.1.18/24        修改yeslab的IP地址
nmcli con modify "yeslab" connection.autoconnect yes            启用 yeslab的配置
nmcli con modify "system eth0" connection.autoconnect no    关闭system eth0 d的配置
systemctl restart network .service     重启网络服务
nmcli con modify "system eth0" +ipv4.addresses 10.1.1.1/24   为system eth0添加 地址 ,可以同时拥有多个地址
hostnamectl set-hostname serverX.example.com  配置系统名称

网络绑定
建立team 端口
nmcel con add type team con-name y-team ifname team1 config '{"runner":{"name":"loadbalance"}}'

nmcle con mod y-team ipv4.addresses '192.168.1.100/24' 为team口配置IP地址
nmcli con mod y-team ipv4.method manual 配置地址为固定

绑定从物理端口

nmcli con add type team-slave con-name team1-port1 ifname eth1 master team1
nmcli con add type team-slave con-name team1-port2 ifname eth2 master team1
Systemctl restart network

nmcli con up team1
teamdctl team1 state

nmcli device disconnect eth1 关闭端口

Configuring software bridge

建立一个桥接

Nmcli con add type bridge con-name br1 ifname br1
Nmcli con mod br1 ipv4.addresses '192.168.1.100/24
Nmcli con mod br1 ipv4.method manual

Nmcli con add type bridge-slave con-name br1-port1 ifname eth1 master br1
Nmcli con add type bridge-slave con-name br1-port2 ifname eth2 master br1

Ip link
Brctl show 
Ping -1 bri 192.168.1.254  使用桥接端口PING测试
Ping -c 10 -I br1 192.168.1.254

Ipv6配置


nmcli connection add con-name y-6 ifname eth0 type ethernet ip6 2016:abcd::2/64
Nmcli connettionh modify y-6 ipv6.mdthod manual
Nmcli connection mokify y-6connection.autoconnect yes
nmcli con modify "system eth0" connection.autoconnect no
Systemctl restart network
Nmcli device show
```![](https://s1.51cto.com/images/blog/201911/21/441abc6b4009e12164a93821c016cd00.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)