【linux】CentOS启动后网络自动配置过程

1、启动后如何调用的网络配置脚本

网络配置脚本路径：/etc/init.d/network
根据不同启动级别对network脚本的调用情况：
进入/etc目录后，执行 $ find -name “*network”，结果如下：

$ find -name "*network"
./rc.d/init.d/network
./rc.d/rc0.d/K90network
./rc.d/rc1.d/K90network
./rc.d/rc2.d/S10network
./rc.d/rc3.d/S10network
./rc.d/rc4.d/S10network
./rc.d/rc5.d/S10network
./rc.d/rc6.d/K90network

可以看出开机时，调用network start，关机时调用network stop

2、/etc/init.d/network脚本分析

#/etc/init.d/functions中是/etc/init.d下脚本的常用函数
. /etc/init.d/functions#如果/etc/sysconfig/network文件不是常规文件，则退出
if [ ! -f /etc/sysconfig/network ]; thenexit 6
fi#我的环境中/etc/sysconfig/network为空，可以忽略
. /etc/sysconfig/network#pcmcia常用在笔记本的网卡中
if [ -f /etc/sysconfig/pcmcia ]; then. /etc/sysconfig/pcmcia
fi# Check that networking is up.
#未找到NETWORKING设置的地方
[ "${NETWORKING}" = "no" ] && exit 6# 如果没有/sbin/ip工具，直接退出
[ -x /sbin/ip ] || exit 1CWD=$(pwd)
cd /etc/sysconfig/network-scripts. ./network-functions# 查找环回之外的所有接口。
# 忽略别名、替代配置和编辑器备份文件
#查找/etc/sysconfig/network-scripts目录下的ifcfg-*文件
interfaces=$(ls ifcfg-* | \LC_ALL=C sed -e "$__sed_discard_ignored_files" \-e '/\(ifcfg-lo$\|:\|ifcfg-.*-range\)/d' \-e '{ s/^ifcfg-//g;s/[0-9]/ &/}' | \LC_ALL=C sort -k 1,1 -k 2n | \LC_ALL=C sed 's/ //')
rc=0# 下面根据不同的参数执行不用分支
# start|stop|status|restart|reload|force-reload
case "$1" in
start)#EUID有效用户ID，root权限的EUID==0，如果不是root权限则退出[ "$EUID" != "0" ] && exit 4rc=0# IPv6 hook (pre IPv4 start)if [ -x /etc/sysconfig/network-scripts/init.ipv6-global ]; then/etc/sysconfig/network-scripts/init.ipv6-global start prefiapply_sysctl#tell NM to reload its configurationif [ "$(LANG=C nmcli -t --fields running general status 2>/dev/null)" = "running" ]; thennmcli connection reloadfi#启动回环action $"Bringing up loopback interface: " ./ifup ifcfg-locase "$VLAN" inyes)if [ ! -d /proc/net/vlan ] && ! modprobe 8021q >/dev/null 2>&1 ; thennet_log $"No 802.1Q VLAN support available in kernel."fi;;esacvlaninterfaces=""vpninterfaces=""xdslinterfaces=""bridgeinterfaces=""# bring up all other interfaces configured to come up at boot timefor i in $interfaces; dounset DEVICE TYPE SLAVE NM_CONTROLLEDeval $(LANG=C grep -F "DEVICE=" ifcfg-$i)eval $(LANG=C grep -F "TYPE=" ifcfg-$i)eval $(LANG=C grep -F "SLAVE=" ifcfg-$i)eval $(LANG=C grep -F "NM_CONTROLLED=" ifcfg-$i)if [ -z "$DEVICE" ] ; then DEVICE="$i"; fiif [ "$SLAVE" = "yes" ] && ( ! is_nm_running || is_false $NM_CONTROLLED ) ; thencontinuefiif [ "${DEVICE##cipcb}" != "$DEVICE" ] ; thenvpninterfaces="$vpninterfaces $i"continuefiif [ "$TYPE" = "xDSL"  -o  "$TYPE" = "Modem" ]; thenxdslinterfaces="$xdslinterfaces $i"continuefiif [ "$TYPE" = "Bridge" ]; thenbridgeinterfaces="$bridgeinterfaces $i"continuefiif [ "$TYPE" = "IPSEC" ] || [ "$TYPE" = "IPIP" ] || [ "$TYPE" = "GRE" ]; thenvpninterfaces="$vpninterfaces $i"continuefiif [ "${DEVICE%%.*}" != "$DEVICE"  -o  "${DEVICE##vlan}" != "$DEVICE" ] ; thenvlaninterfaces="$vlaninterfaces $i"continuefiif LANG=C grep -EL "^ONBOOT=['\"]?[Nn][Oo]['\"]?" ifcfg-$i > /dev/null ; then# this loads the module, to preserve orderingis_available $icontinuefiaction $"Bringing up interface $i: " ./ifup $i boot[ $? -ne 0 ] && rc=1done# Bring up xDSL and VPN interfacesfor i in $vlaninterfaces $bridgeinterfaces $xdslinterfaces $vpninterfaces ; doif ! LANG=C grep -EL "^ONBOOT=['\"]?[Nn][Oo]['\"]?" ifcfg-$i >/dev/null 2>&1 ; thenaction $"Bringing up interface $i: " ./ifup $i boot[ $? -ne 0 ] && rc=1fidone# Add non interface-specific static-routes.if [ -f /etc/sysconfig/static-routes ]; thenif [ -x /sbin/route ]; thengrep "^any" /etc/sysconfig/static-routes | while read ignore args ; do/sbin/route add -$argsdoneelsenet_log $"Legacy static-route support not available: /sbin/route not found"fifi# IPv6 hook (post IPv4 start)if [ -x /etc/sysconfig/network-scripts/init.ipv6-global ]; then/etc/sysconfig/network-scripts/init.ipv6-global start postfi# Run this again to catch any interface-specific actionsapply_sysctltouch /var/lock/subsys/network[ -n "${NETWORKDELAY}" ] && /bin/sleep ${NETWORKDELAY};;
stop)[ "$EUID" != "0" ] && exit 4# Don't shut the network down if root or /usr is on NFS or a network# block device.if systemctl show --property=RequiredBy -- -.mount usr.mount | grep -q 'remote-fs.target' ; thennet_log $"rootfs or /usr is on network filesystem, leaving network up"exit 1fivlaninterfaces=""vpninterfaces=""xdslinterfaces=""bridgeinterfaces=""remaining=""rc=0# get list of bonding, vpn, and xdsl interfacesfor i in $interfaces; dounset DEVICE TYPEeval $(LANG=C grep -F "DEVICE=" ifcfg-$i)eval $(LANG=C grep -F "TYPE=" ifcfg-$i)if [ -z "$DEVICE" ] ; then DEVICE="$i"; fiif [ "${DEVICE##cipcb}" != "$DEVICE" ] ; thenvpninterfaces="$vpninterfaces $i"continuefiif [ "$TYPE" = "IPSEC" ] || [ "$TYPE" = "IPIP" ] || [ "$TYPE" = "GRE" ]; thenvpninterfaces="$vpninterfaces $i"continuefiif [ "$TYPE" = "Bridge" ]; thenbridgeinterfaces="$bridgeinterfaces $i"continuefiif [ "$TYPE" = "xDSL"  -o  "$TYPE" = "Modem" ]; thenxdslinterfaces="$xdslinterfaces $i"continuefiif [ "${DEVICE%%.*}" != "$DEVICE"  -o  "${DEVICE##vlan}" != "$DEVICE" ] ; thenvlaninterfaces="$vlaninterfaces $i"continuefiremaining="$remaining $i"donefor i in $vpninterfaces $xdslinterfaces $bridgeinterfaces $vlaninterfaces $remaining; dounset DEVICE TYPE(. ./ifcfg-$iif [ -z "$DEVICE" ] ; then DEVICE="$i"; fiif ! check_device_down $DEVICE; thenaction $"Shutting down interface $i: " ./ifdown $i boot[ $? -ne 0 ] && rc=1fi)doneaction $"Shutting down loopback interface: " ./ifdown ifcfg-losysctl -w net.ipv4.ip_forward=0 > /dev/null 2>&1# IPv6 hook (post IPv4 stop)if [ -x /etc/sysconfig/network-scripts/init.ipv6-global ]; then/etc/sysconfig/network-scripts/init.ipv6-global stop postfirm -f /var/lock/subsys/network;;
status)echo $"Configured devices:"echo lo $interfacesecho $"Currently active devices:"echo $(/sbin/ip -o link show up | awk -F ": " '{ print $2 }');;
restart|reload|force-reload)cd "$CWD"$0 stop$0 startrc=$?;;
*)echo $"Usage: $0 {start|stop|status|restart|reload|force-reload}"exit 2
esacexit $rc

总结/etc/init.d/network主要功能：
查找网卡配置文件/etc/sysconfig/network-scripts/ifcfg-*，然后循环调用/etc/sysconfig/network-scripts/ifup或ifdown来处理这些配置文件

3、/etc/sysconfig/network-scripts/ifup

ifup主要功能：根据设备类型调用不同的ifup-*来处理对应的ifcfg-*

脚本待分析？

4、/etc/sysconfig/network-scripts/ifup-eth

ifup-eth中调用/sbin/ip来完成网络设置

脚本待分析？

5、/etc/sysconfig/network-scripts/ifcfg-*详解

Linux网卡配置文件详解：

DEVICE=eth0 #指出设备名称
NM_CONTROLLED=yes #network mamager的参数，实时生效，不需要重启
ONBOOT=yes #设置为yes，开机自动启用网络连接
IPADDR=192.168.21.129 #IP地址
BOOTPROTO=none #设置为none禁止DHCP，设置为static启用静态IP地址，设置为dhcp开启DHCP服务
NETMASK=255.255.255.0 #子网掩码
DNS1=8.8.8.8 #第一个dns服务器
TYPE=Ethernet #网络类型为：Ethernet
GATEWAY=192.168.21.2 #设置网关
DNS2=8.8.4.4 #第二个dns服务器
IPV6INIT=no #禁止IPV6
USERCTL=no #是否允许非root用户控制该设备，设置为no，只能用root用户更改
HWADDR=00:0C:29:2C:E1:0F #网卡的Mac地址
PREFIX=24
DEFROUTE=yes
IPV4_FAILURE_FATAL=yes
NAME=“System eth0” #定义设备名称

以下解释参考博客：https://blog.csdn.net/jmyue/article/details/17288467

配置参数说明
注：这些参数值不区分大小写，不区分单引号和双引号，甚至可以不用引号。
TYPE：配置文件接口类型。在/etc/sysconfig/network-scripts/目录有多种网络配置文件，有Ethernet 、IPsec等类型，网络接口类型为Ethernet。
DEVICE：网络接口名称
BOOTPROTO：系统启动地址协议

none：不使用启动地址协议
bootp：BOOTP协议
dhcp：DHCP动态地址协议
static：静态地址协议

ONBOOT：系统启动时是否激活

yes：系统启动时激活该网络接口
no：系统启动时不激活该网络接口

IPADDR：IP地址
NETMASK：子网掩码
GATEWAY：网关地址
BROADCAST：广播地址
HWADDR/MACADDR：MAC地址。只需设置其中一个，同时设置时不能相互冲突。
PEERDNS：是否指定DNS。如果使用DHCP协议，默认为yes。

yes：如果DNS设置，修改/etc/resolv.conf中的DNS
no：不修改/etc/resolv.conf中的DNS

DNS{1, 2}：DNS地址。当PEERDNS为yes时会被写入/etc/resolv.conf中。
NM_CONTROLLED：是否由Network Manager控制该网络接口。修改保存后立即生效，无需重启。被其坑过几次，建议一般设为no。

yes：由Network Manager控制
no：不由Network Manager控制

USERCTL：用户权限控制

yes：非root用户允许控制该网络接口
no：非root用户不运行控制该网络接口

IPV6INIT：是否执行IPv6

yes：支持IPv6
no：不支持IPv6

IPV6ADDR：IPv6地址/前缀长度

6、NM_CONTROLLED和Network manger

参考博客：https://blog.csdn.net/petrosofts/article/details/80346348

安装操作系统时，自动生成的网卡配置文件，
/etc/sysconfig/network-scripts/ifcfg-eth0
里面有如下的参数：
NM_CONTROLLED=yes
说明 Network manger服务缺省情况下是启动的,

#chkconfig --list | grep NetworkManager
NetworkManager 0:off 1:off 2:on 3:on 4:on 5:on 6:off
#service NetworkManager status
NetworkManager (pid 1634) is running…

当系统管理员按以前的习惯，在远程连接的终端上，修改 ifcfg-eth0文件时，网络可能立即中断，导致远程连接死机，无法进行任何操作。
管理员只能到机房去（如果幸运，离机房比较近的话），到服务器的Console终端进行修改。

这是因为NM_CONTROLLED是network manger的参数，它是实时生效的，修改后无需要重启网络服务（或网卡），
如果NM_CONTROLLED=yes，当你修改ifcfg-ethx的文件内容时，如果内容不完全正确，有很大概率导致网络中断。

对于服务器、工作站、集群、虚拟机来说，一般都要把 NetworkManager 服务关掉：

#service NetworkManager status
NetworkManager (pid  1634) is running...
#service NetworkManager stop
Stopping NetworkManager daemon:                            [  OK  ]
#chkconfig NetworkManager off
#chkconfig --list | grep NetworkManager
NetworkManager 	0:off	1:off	2:off	3:off	4:off	5:off	6:off

同时，修改 /etc/sysconfig/network-scripts/ifcfg-eth0 等文件：

NM_CONTROLLED=no