Linux教程FG532-网络故障（断网/丢包）应急处理

内容简介：本文风哥教程参考Linux官方文档、Red Hat Enterprise Linux官方文档、Ansible Automation Platform官方文档、Docker官方文档、Kubernetes官方文档和Podman官方文档等内容，详细介绍了相关技术的配置和使用方法。

本文档介绍Linux系统网络故

风哥提示：

障（断网/丢包）的应急处理方法和排查步骤。

Part01-网络连接检查

1.1 基础网络检查

# 检查网络接口状态
[root@fgedu-server ~]# ip link show
1: lo: mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
link/ether 00:11:22:33:44:55 brd ff:ff:ff:ff:ff:ff

# 检查IP地址配置
[root@fgedu-server ~]# ip addr show eth0
2: eth0: mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
link/ether 00:11:22:33:44:55 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.100/24 brd 192.168.1.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet6 fe80::211:22ff:fe33:4455/64 scope link noprefixroute
valid_lft forever preferred_lft forever

# 检查路由表
[root@fgedu-server ~]# ip route show
default via 192.168.1.1 dev eth0 proto static metric 100
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.100 metric 100

# 检查DNS配置
[root@fgedu-server ~]# cat /etc/resolv.conf
nameserver 8.8.8.8
nameserver 114.114.114.114

# 检查网络连通性
[root@fgedu-server ~]# ping -c 3 127.0.0.1
PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.031 ms
64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.028 ms
64 bytes from 127.0.0.1: icmp_seq=3 ttl=64 time=0.027 ms

— 127.0.0.1 ping statistics —
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 0.027/0.028/0.031/0.002 ms

# 检查网关连通性
[root@fgedu-server ~]# ping -c 3 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=1.23 ms
64 bytes from 192.168.1.1: icmp_seq=2 ttl=64 time=1.12 ms
64 bytes from 192.168.1.1: icmp_seq=3 ttl=64 time=1.08 ms

— 192.168.1.1 ping statistics —
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 1.08/1.14/1.23/0.07 ms

# 检查外部网络连通性
[root@fgedu-server ~]# ping -c 3 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=56 time=15.3 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=56 time=14.8 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=56 time=15.1 ms

— 8.8.8.8 ping statistics —
3 packets transmitted, 3 received, 0% packet loss, time 2004ms
rtt min/avg/max/mdev = 14.8/15.0/15.3/0.24 ms

# 检查DNS解析
[root@fgedu-server ~]# nslookup www.baidu.com
Server: 8.8.8.8
Address: 8.8.8.8#53

Non-authoritative answer:
Name: www.baidu.com
Address: 180.101.49.11
Name: www.baidu.com
Address: 180.101.49.12

Part02-网络故障排查

2.1 断网故障排查

# 检查网络服务状态
[root@fgedu-server ~]# systemctl status NetworkManager
● NetworkManager.service – Network Manager
Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2026-01-15 09:00:00 CST; 1h ago
Docs: man:NetworkManager(8)
Main PID: 1234 (NetworkManager)
Status: “NetworkManager is online.”
Tasks: 3
Memory: 10.2M
CPU: 1.234s
CGroup: /system.slice/NetworkManager.service
└─1234 /usr/sbin/NetworkManager –no-daemon

# 检查网络接口配置
[root@fgedu-server ~]# nmcli connection show
NAME UUID TYPE DEVICE
eth0 12345678-1234-1234-1234-1234567890ab ethernet eth0

# 检查网络接口详细信息
[root@fgedu-server ~]# nmcli device show eth0
GENERAL.DEVICE: eth0
GENERAL.TYPE: ethernet
GENERAL.HWADDR: 00:11:22:33:44:55
GENERAL.MTU: 1500
GENERAL.STATE: 100 (connected)
GENERAL.CONNECTION: eth0
GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1
IP4.ADDRESS[1]: 192.168.1.100/24
IP4.GATEWAY: 192.168.1.1
IP4.ROUTE[1]: dst = 0.0.0.0/0, nh = 192.168.1.1, mt = 100
IP4.ROUTE[2]: dst = 192.168.1.0/24, nh = 0.0.0.0, mt = 100
IP4.DNS[1]: 8.8.8.8
IP4.DNS[2]: 114.114.更多学习教程公众号风哥教程itpux_com114.114
IP6.ADDRESS[1]: fe80::211:22ff:fe33:4455/64
IP6.GATEWAY: —

# 检查网络配置文件
[root@fgedu-server ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
NAME=eth0
UUID=12345678-1234-1234-1234-1234567890ab
DEVICE=eth0
ONBOOT=yes
IPADDR=192.168.1.100
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
DNS1=8.8.8.8
DNS2=114.114.114.114

# 重启网络服务
[root@fgedu-server ~]# systemctl restart NetworkManager

# 重启网络接口
[root@fgedu-server ~]# nmcli device down eth0
[root@fgedu-server ~]# nmcli device up eth0

2.2 丢包故障排查

# 测试网络丢包率
[root@fgedu-server ~]# ping -c 100 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.学习交流加群风哥QQ113257174
64 bytes from 8.8.8.8: icmp_seq=1 ttl=56 time=15.3 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=56 time=14.8 ms
…
64 bytes from 8.8.8.8: icmp_seq=100 ttl=56 time=15.1 ms

— 8.8.8.8 ping statistics —
100 packets transmitted, 95 received, 5% packet loss, time 9904ms
rtt min/avg/max/mdev = 14.8/15.0/15.3/0.24 ms

# 路由追踪
[root@fgedu-server ~]# traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
1 192.168.1.1 (192.168.1.1) 1.23 ms 1.12 ms 1.08 ms
2 10.0.0.1 (10.0.0.1) 5.67 ms 5.54 ms 5.43 ms
3 202.100.1.1 (202.100.1.1) 10.2 ms 10.1 ms 9.98 ms
4 202.100.2.1 (202.100.2.1) 15.3 ms 15.1 ms 14.9 ms
5 8.8.8.8 (8.8.8.8) 15.2 ms 15.1 ms 15.0 ms

# 网络质量测试
[root@fgedu-server ~]# mtr 8.8.8.8
My traceroute [v0.95]
fgedu-server (192.168.更多视频教程www.fgedu.net.cn1.100) -> 8.8.8.8 (8.8.8.8)
Keys: Help Display mode Restart statistics Order of fields quit
Packets Pings
Host Loss% Snt Last Avg Best Wrst StDev
1. 192.168.1.1 0.0% 10 1.2 1.1 1.0 1.3 0.1
2.from PG视频:www.itpux.com 10.0.0.1 0.0% 10 5.7 5.6 5.4 5.8 0.1
3. 202.100.1.1 0.0% 10 10.2 10.1 9.9 10.3 0.1
4. 202.100.2.1 5.0% 10 15.3 15.2 14.9 15.5 0.2
5. 8.8.8.8 0.0% 10 15.2 15.1 15.0 15.3 0.1

# 检查网络接口错误
[root@fgedu-server ~]# ethtool -S eth0 | grep error
rx_errors: 0
tx_errors: 0
rx_crc_errors: 0
rx_frame_errors: 0
rx_fifo_errors: 0
rx_missed_errors: 0
tx_aborted_errors: 0
tx_carrier_errors: 0
tx_fifo_errors: 0
tx_heartbeat_errors: 0
tx_window_errors: 0

# 检查网络接口速度和双工模式
[root@fgedu-server ~]# ethtool eth0
Settings for eth0:
Supported ports: [ TP ]
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Supported pause frame use: No
Supports auto-negotiation: Yes
Supported FEC modes: Not reported
Advertised link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Advertised pause frame use: No
Advertised auto-negotiation: Yes
Advertised FEC modes: Not reported
Speed: 1000Mb/s
Duplex: Full
Port: Twisted Pair
PHYAD: 0
Transceiver: internal
Auto-negotiation: on
MDI-X: off (auto)
Supports Wake-on: pumbg
Wake-on: g
Current message level: 0x00000007 (7)
drv probe link
Link detected: yes

Part03-网络服务恢复

3.1 网络服务重启

# 重启网络服务
[root@fgedu-server ~]# systemctl restart network

# 重启NetworkManager
[root@fgedu-server ~]# systemctl restart NetworkManager

# 重置网络接口
[root@fgedu-server ~]# ip link set eth0 down
[root@fgedu-server ~]# ip link set eth0 up

# 重新获取IP地址
[root@fgedu-server ~]# dhclient -r eth0
[root@fgedu-server ~]# dhclient eth0

# 手动配置网络
[root@fgedu-server ~]# ip addr add 192.168.1.100/24 dev eth0
[root@fgedu-server ~]# ip route add default via 192.168.1.1 dev eth0
[root@fgedu-server ~]# echo “nameserver 8.8.8.8” > /etc/resolv.conf

3.2 防火墙检查

# 检查防火墙状态
[root@fgedu-server ~]# systemctl status firewalld
● firewalld.service – firewalld – dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2026-01-15 09:00:00 CST; 1h ago
Docs: man:firewalld(1)
Main PID: 5678 (firewalld)
Status: “Ready.”
Tasks: 2
Memory: 12.3M
CPU: 2.345s
CGroup: /system.slice/firewalld.service
└─5678 /usr/bin/python3 -s /usr/sbin/firewalld –nofork –nopid

# 检查防火墙规则
[root@fgedu-server ~]# firewall-cmd –list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0
sources:
services: ssh dhcpv6-client
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:

# 临时关闭防火墙测试
[root@fgedu-server ~]# systemctl stop firewalld
[root@fgedu-server ~]# ping -c 3 8.8.8.8
[root@fgedu-server ~]# systemctl start firewalld

# 允许ping服务
[root@fgedu-server ~]# firewall-cmd –permanent –add-service=icmp
[root@fgedu-server ~]# firewall-cmd –reload

Part04-网络优化

4.1 网络参数优化

# 优化网络参数
[root@fgedu-server ~]# cat > /etc/sysctl.d/99-network.conf << 'EOF' # 网络优化参数 net.cor学习交流加群风哥微信: itpux-come.somaxconn=65535 net.core.netdev_max_backlog=65535 net.core.rmem_max=16777216 net.core.wmem_max=16777216 net.ipv4.tcp_max_syn_backlog=65535 net.ipv4.tcp_synack_retries=2 net.ipv4.tcp_syn_retries=2 net.ipv4.tcp_fin_timeout=30 net.ipv4.tcp_keepalive_time=1200 net.ipv4.tcp_keepalive_probes=3 net.ipv4.tcp_keepalive_intvl=30 net.ipv4.tcp_max_tw_buckets=5000 net.ipv4.tcp_fastopen=3 net.ipv4.tcp_mem=786432 1048576 1572864 net.ipv4.tcp_rmem=4096 87380 16777216 net.ipv4.tcp_wmem=4096 65536 16777216 net.ipv4.ip_local_port_range=1024 65535 EOF # 应用网络参数 [root@fgedu-server ~]# sysctl -p /etc/sysctl.d/99-network.conf # 优化TCP拥塞控制算法 [root@fgedu-server ~]# sysctl -w net.ipv4.tcp_congestion_control=cubic # 启用TCP时间戳 [root@fgedu-server ~]# sysctl -w net.ipv4.tcp_timestamps=1 # 启用TCP SACK [root@fgedu-server ~]# sysctl -w net.ipv4.tcp_sack=1

Part05-网络监控与预防

5.1 网络监控脚本

# 创建网络监控脚本
[root@fgedu-server ~]# cat > /usr/local/bin/network-monitor.sh << 'EOF' #!/bin/bash # network-monitor.sh # from:www.itpux.com.qq113257174.wx:itpux-com # web: http://www.fgedu.net.cn ALERT_EMAIL="admin@fgedu.net.cn" TEST_HOSTS=("192.168.1.1" "8.8.8.8" "www.baidu.com") PACKET_LOSS_THRESHOLD=5 for host in "${TEST_HOSTS[@]}"; do echo "检查 $host..." # 测试网络连通性 ping -c 10 $host > /dev/null 2>&1
if [ $? -ne 0 ]; then
echo “告警: $host 不可达”
echo “$host 网络不可达，请检查网络连接” | mail -s “告警: 网络连接故障” $ALERT_EMAIL
continue
fi

# 测试丢包率
packet_loss=$(ping -c 10 $host | grep -oP ‘\d+(?=% packet loss)’)
if [ ! -z “$packet_loss” ] && [ $packet_loss -gt $PACKET_LOSS_THRESHOLD ]; then
echo “告警: $host 丢包率过高 ($packet_loss%)”
echo “$host 网络丢包率达到 $packet_loss%，超过阈值 $PACKET_LOSS_THRESHOLD%” | mail -s “告警: 网络丢包严重” $ALERT_EMAIL
fi
done

# 检查网络接口状态
interfaces=$(ip link show | grep -E ‘^[0-9]+:’ | awk -F: ‘{print $2}’ | sed ‘s/ //’)
for iface in $interfaces; do
if [ “$iface” != “lo” ]; then
state=$(ip link show $iface | grep -E ‘state\s+([A-Z]+)’ | awk ‘{print $9}’)
if [ “$state” != “UP” ]; then
echo “告警: 网络接口 $iface 状态异常 ($state)”
echo “网络接口 $iface 状态为 $state，需要检查” | mail -s “告警: 网络接口状态异常” $ALERT_EMAIL
fi
fi
done

echo “网络监控完成: $(date)”
EOF

[root@fgedu-server ~]# chmod +x /usr/local/bin/network-monitor.sh

# 配置定时监控
[root@fgedu-server ~]# cat > /etc/cron.d/network-monitor << 'EOF' # 网络监控 * * * * * root /usr/local/bin/network-monitor.sh EOF # 创建网络恢复脚本 [root@fgedu-server ~]# cat > /usr/local/bin/network-recover.sh << 'EOF' #!/bin/bash # network-recover.sh # from:www.itpux.com.qq113257174.wx:itpux-com # web: http://www.fgedu.net.cn echo "开始网络恢复..." # 重启网络服务 systemctl restart NetworkManager # 重置网络接口 interfaces=$(ip link show | grep -E '^[0-9]+:' | awk -F: '{print $2}' | sed 's/ //') for iface in $interfaces; do if [ "$iface" != "lo" ]; then ip link set $iface down sleep 1 ip link set $iface up fi done # 重新获取IP地址 dhclient -r dhclient # 测试网络连通性 echo "测试网络连通性..." ping -c 3 8.8.8.8 if [ $? -eq 0 ]; then echo "网络恢复成功!" else echo "网络恢复失败，请手动检查" echo "网络恢复失败，请手动检查" | mail -s "告警: 网络恢复失败" admin@fgedu.net.cn fi echo "网络恢复完成: $(date)" EOF [root@fgedu-server ~]# chmod +x /usr/local/bin/network-recover.sh

风哥针对网络故障处理建议：

保持冷静，按照步骤逐步排查
从本地到外部，从物理到逻辑
检查网络硬件连接
验证网络配置正确性
监控网络性能和丢包情况
优化网络参数和配置
建立网络监控和告警机制
定期进行网络健康检查

本文由风哥教程整理发布,仅用于学习测试使用,转载注明出处:http://www.fgedu.net.cn/10327.html