In this tutorial, learn to manage the persistent network configuration of your Linux host. Learn to:
- Understand basic TCP/IP host configuration.
- Configure Ethernet and wifi networks using Network Manager.
- Understand systemd-networkd.
Networking in Linux
When you pull out your laptop or smart phone in an internet cafe, hotel, or friend’s home, you often expect the Internet to just work. Sometimes you will need to enter a password or perform some other connection operation task. Behind this almost magical ability to connect everywhere is a network of computers mostly with static configurations. In this tutorial, learn about the files and commands needed to make this happen.
This tutorial helps you prepare for Objective 109.2 in Topic 109 of the Linux® System Administrator (PIC-1) exam 102. The objective has a weight of 4. This tutorial reflects the Version 5.0 objectives as updated on October 29, 2018.
To get the most from the tutorials in this series, you need a basic knowledge of Linux and a working Linux system on which you can practice the commands that are covered in this tutorial. You will also need a thorough understanding of the material covered in Learn Linux, 101: Fundamentals of internet protocols. Sometimes, different versions of a program format output differently, so your results might not always look exactly like the listings and figures that are shown here. The examples in this tutorial come from Fedora 29 and 30, CentOS 7, and Ubuntu 18.04.2 LTS.
Static, dynamic, and wifi configuration
In the early days of computer networking, every device connected to a network was assigned an IP address and the device was then configured with the address and other information that, most importantly, allowed it to connect to the rest of the network through a gateway and discover other devices using a name server. Later on, special servers were able to automatically assign an address from an available pool. This is known as Dynamic Host Configuration and the protocol used for the exchange, is called Dynamic Host Configuration Protocol or DHCP. The IP address was usually reserved for a period of time, so that if the client system went to sleep or temporarily lost connection it would reconnect with the same address. Client systems can also request a particular address, such as the last one assigned, and the DHCP server can honor that request if the address is not being used for another device.
With the introduction of wifi networks, dynamic configuration became event more important. Instead of plugging an Ethernet cable into a wall socket and a port on your laptop, your laptop (or other device) can roam around a building or even a campus. Your system must be able to identify the wireless access points and connect to a suitable one to begin accessing a network. Frequently, you need to provide a password for the wifi network to begin. After connecting to wifi, the normal DHCP address assignment occurs and you can then connect to the Internet or your internal network. As you move around the area covered by the network and possibly move out of range of your initial access point, your system will usually connect automatically to another access point with a stronger signal. If you move out of range of the network altogether, you will go through discovery, authentication, and address assignment for a new network.
In this tutorial, I will introduce you to the basic files and commands that make all this happen in a modern Linux system. Most of the examples use IPv4. For more information on IPv6 and the differences between it and IPv6, see my companion tutorial, Learn Linux, 101: Fundamentals of internet protocols.
TCP/IP host configuration
A Linux system has a name which is called the host name and this name is used within the system (stand alone or connected to a network) to identify it. Usually, the same host name will be used to identify the system if it is part of a network. When the system is connected to a network or the Internet, has a more rigorous name as part of the Domain Name System (DNS). A DNS name has two parts, the host name and a domain name. The fully qualified domain name (FQDN) consists of the host name followed by a period and then the domain name (for example, myhost.mydomain). Domain names usually consist of multiple parts separated by periods (for example, ibm.com or lpi.org).
The kernel sets the host name value during boot, usually from configuration files.
What’s my host name?
Many Linux systems store the host name in file /etc/hostname. Most of the systems also have a
hostname command that can be used to display or set the host name.
Listing 1 shows how to display the host name on a Fedora 29 system and on a Slackware 14.2 system.
Listing 1. Displaying the host name
[ian@attic5-f29 ~]$ # Fedora 29 [ian@attic5-f29 ~]$ ls /etc/hostname /etc/hostname [ian@attic5-f29 ~]$ cat /etc/hostname attic5-f29 [ian@attic5-f29 ~]$ hostname attic5-f29 ian@attic4-sl42 ~]$ # Slackware 14.2 [ian@attic4-sl42 ~]$ ls /etc/hostname /bin/ls: cannot access '/etc/hostname': No such file or directory [ian@attic4-sl42 ~]$ hostname attic4-sl42
The kernel stores the currently active host name in the virtual /proc file system in the file, /proc/sys/kernel/hostname. The host name and FQDN may also be stored in /etc/hosts.
Changing your host name
You can use the
hostname command with root privilege to change your host name. This does not update the value in /etc/hostname. This is illustrated on my Fedora 29 system in Listing 2.
Listing 2. Changing host name with the hostname command
[ian@attic5-f29 ~]$ cat /etc/hostname attic5-f29 [ian@attic5-f29 ~]$ hostname attic5-f29 [ian@attic5-f29 ~]$ sudo hostname attic5-f29-a [ian@attic5-f29 ~]$ hostname attic5-f29-a [ian@attic5-f29 ~]$ cat /etc/hostname attic5-f29 [ian@attic5-f29 ~]$ cat /proc/sys/kernel/hostname attic5-f29-a
Note that /etc/hostname has not been updated while the virtual /proc/sys/kernel/hostname does show the updated value. If you want to make this change permanent, you need to update /etc/hostname yourself. You may also need to update /etc/hosts or other files.
If your system uses the systemd system and service manager, use the
hostnamectl command. The
hostnamectl command has several commands to show status, set host names, or set other values. If used with no commands, or with the
status command, it displays the current host name status as shown in Listing 3.
Listing 3. Displaying host name using the hostnamectl command
[ian@attic5-f29 ~]$ hostnamectl status Static hostname: attic5-f29 Transient hostname: attic5-f29-a Icon name: computer-desktop Chassis: desktop Machine ID: 434ef6f0139941b8bbdeb5b2950278d0 Boot ID: 3f2201af05364f819287617d8c215ec7 Operating System: Fedora 29 (Workstation Edition) CPE OS Name: cpe:/o:fedoraproject:fedora:29 Kernel: Linux 5.0.14-200.fc29.x86_64 Architecture: x86-64
You see that the old host name, attic5-f29, is shown as the static host name while the new name, attic5-f29-a, is shown as the transient host name. The
hostnamectl command distinguishes a third name called the pretty name which can be a descriptive name such as Ian’s UEFI computer. Use the
set-hostname command to set one or all of these names. If you do not specify a particular one, all three will be updated to the same new value. Listing 4 shows how to set the host name to attic5-f29-b and verify that the /etc/host6name file has been updated. I also show how to set a pretty host name. The status no longer shows a distinct transient name as it is now the same as the static host name.
Listing 4. Setting a host name using the hostnamectl command
[ian@attic5-f29 ~]$ cat /etc/hostname attic5-f29 [ian@attic5-f29 ~]$ sudo hostnamectl set-hostname attic5-f29-b [ian@attic5-f29 ~]$ sudo find /etc -type f -mmin -5 /etc/hostname [ian@attic5-f29 ~]$ cat /etc/hostname attic5-f29-b [ian@attic5-f29 ~]$ sudo hostnamectl --pretty set-hostname "Ian's UEFI desktop" [ian@attic5-f29 ~]$ hostnamectl Static hostname: attic5-f29-b Pretty hostname: Ian's UEFI desktop Icon name: computer-desktop Chassis: desktop Machine ID: 434ef6f0139941b8bbdeb5b2950278d0 Boot ID: 3f2201af05364f819287617d8c215ec7 Operating System: Fedora 29 (Workstation Edition) CPE OS Name: cpe:/o:fedoraproject:fedora:29 Kernel: Linux 5.0.14-200.fc29.x86_64 Architecture: x86-64
A third way to change the host name is to use the Network Manager command line interface (nmcli) to interact with the Network Manager daemon. As with
nmcli command has several commands within it. Use the
general command with the
hostname option to view or change the host name. As you might expect, you don’t need any authority to view the host name but you need root authority to change the host name. Listing 5 shows how to view and set the host name using the
nmcli general command.
Listing 5. Setting a host name using the nmcli command
ian@attic5-f29 ~]$ nmcli general hostname attic5-f29-b [ian@attic5-f29 ~]$ sudo nmcli general hostname attic5-f29 [ian@attic5-f29 ~]$ cat /etc/hostname [ian@attic5-f29 ~]$ hostname attic5-f29 attic5-f29 [ian@attic5-f29 ~]$ hostnamectl Static hostname: attic5-f29 Pretty hostname: Ian's UEFI desktop Transient hostname: attic5-f29-b Icon name: computer-desktop Chassis: desktop Machine ID: 434ef6f0139941b8bbdeb5b2950278d0 Boot ID: 3f2201af05364f819287617d8c215ec7 Operating System: Fedora 29 (Workstation Edition) CPE OS Name: cpe:/o:fedoraproject:fedora:29 Kernel: Linux 5.0.14-200.fc29.x86_64 Architecture: x86-64
Note that the
nmcli general command updates /etc/hostname and changes the host name as displayed by
hostname and the static host name as displayed by
hostnamectl. The transient host name as displayed by
hostnamectl is not affected immediately, but will shortly change to the same as the new static host name. The pretty name stored by
hostnamectl is not affected.
Finding other hosts
For a network to be useful you need to be able to find other computers and connect to them for services. During boot you don’t have any network connections, and you will typically have some minimal information on your computer so you can at least know where to start looking for connections. The /etc/hosts file serves as a minimal address book for host names and will always have an IP v4 entry for local host and often localhost.localdomain. If IPv6 is enabled, you will have additional entries for the IPv6 local host. Your host name and perhaps the domain name may also be stored in /etc/hosts. Listing 6 shows the /etc/hosts file from my Ubuntu 18.04 LTS system.
Listing 6. /etc/hosts on my Ubuntu 18.04 LTS system
127.0.0.1 localhost 127.0.1.1 attic5-u18 # The following lines are desirable for IPv6 capable hosts ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters 192.168.1.24 attic4 attic4-stw attic4-f28
Note that local host uses the usual loopback address of 127.0.0.1, while my host name of attic5-0u18 is shown with a different loopback address, 127.0.1.1. There are also several entries for IP v6 including ::1 for the default loopback address with names ip6-localhost and ip6-loopback. The final line contains several short aliases for IP address 192.168.1.24, another system on my network that boots into one of the several possible systems.
Listing 7 shows the result of using the
ping command to contact several of the local host names and also the network connected to host, attic4-f28.
Listing 7. Pinging local hosts
ian@attic5-u18:~$ ping -c 2 localhost PING localhost (127.0.0.1) 56(84) bytes of data. 64 bytes from localhost (127.0.0.1): icmp_seq=1 ttl=64 time=0.032 ms 64 bytes from localhost (127.0.0.1): icmp_seq=2 ttl=64 time=0.037 ms --- localhost ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1010ms rtt min/avg/max/mdev = 0.032/0.034/0.037/0.006 ms ian@attic5-u18:~$ ping -c2 ip6-loopback PING ip6-loopback(ip6-localhost (::1)) 56 data bytes 64 bytes from ip6-localhost (::1): icmp_seq=1 ttl=64 time=0.072 ms 64 bytes from ip6-localhost (::1): icmp_seq=2 ttl=64 time=0.065 ms --- ip6-loopback ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1012ms rtt min/avg/max/mdev = 0.065/0.068/0.072/0.009 ms ian@attic5-u18:~$ ping -c2 attic5-u18 PING attic5-u18 (127.0.1.1) 56(84) bytes of data. 64 bytes from attic5-u18 (127.0.1.1): icmp_seq=1 ttl=64 time=0.052 ms 64 bytes from attic5-u18 (127.0.1.1): icmp_seq=2 ttl=64 time=0.039 ms --- attic5-u18 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1029ms rtt min/avg/max/mdev = 0.039/0.045/0.052/0.009 ms ian@attic5-u18:~$ ping -c2 attic4-f28 PING attic4 (192.168.1.24) 56(84) bytes of data. 64 bytes from attic4 (192.168.1.24): icmp_seq=1 ttl=64 time=0.133 ms 64 bytes from attic4 (192.168.1.24): icmp_seq=2 ttl=64 time=0.088 ms --- attic4 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1014ms rtt min/avg/max/mdev = 0.088/0.110/0.133/0.024 ms
For comparison, Listing 8 shows /etc/hosts from my Fedora 29 system. Note that only the loopback addresses are included, although there are several aliases for each. The host name of attic5-f29 for this system is not added to /etc/hosts by Fedora.
Listing 8. /etc/hosts on my Fedora 29 system
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
When you want to connect to a system such as www.ibm.com or lpi.org, you need more information. The DNS is like a telephone book for domain names. A DNS resolver accepts requests and attempts to resolve names to IP addresses or IP addresses to names. The DNS consists of a number of hierarchically organized servers. Each server caches the results of searches so you can get names resolved as quickly as possible without searching the whole Internet.
The file /etc/resolv.conf tells your system where to start searching. This file is often automatically generated, particularly if the system is configured using DHCP or uses systemd. Listing 9 shows a minimal resolv.conf file from a CentOS 7 system. The nameserver option specifies the name server to contact. In this case it is 192.168.1.1, which is the name server in my router. In turn, a router often uses a name server provided by an Internet service provider (ISP) or a public name server such as the Google name servers 126.96.36.199 or 188.8.131.52.
Listing 9. Basic /etc/resolv.conf
# Generated by NetworkManager search lan nameserver 192.168.1.1
If your system uses systemd, the nameserver value in resolv.conf is likely to be 127.0.0.53 which is an internal DNS stub resolver that is part of systemd-resolved. If you run
systemd-resolved --status on a system similar to the above, you will see that the stub also connects to 192.168.1.1. The /etc/resolv.conf file is also likely to be a symbolic link to /run/systemd/resolve/stub-resolv.conf. If you want to create your own resolv.conf, you should first break this link.
There are other things you can specify in resolv.conf, including a list of domains to search for names that are not fully qualified. See the man page for resolv.conf for additional information.
The Name Service Switch file, /etc/nsswitch.conf, provides additional configuration, including the sources or so-called databases to use for name lookup. Listing 10 shows /etc/nsswitch.conf from my Ubuntu 18.04 LTS system. In this example, host names are resolved according to the specification in the hosts line. First, search for files (/etc/hosts), then use mdns4_minimal (multicast DNS used for searching small local networks using semantics of regular DNS searches), then use DNS, and finally see if the current host name matches the search. Now you see why Fedora might choose not to create an entry for the host name in /etc/hosts. Try
dig $(hostname) to look up your host name on such a system.
Listing 10. /etc/nsswitch.conf from Ubuntu 18.04 LTS
# /etc/nsswitch.conf # # Example configuration of GNU Name Service Switch functionality. # If you have the `glibc-doc-reference' and `info' packages installed, try: # `info libc "Name Service Switch"' for information about this file. passwd: compat systemd group: compat systemd shadow: compat gshadow: files hosts: files mdns4_minimal [NOTFOUND=return] dns myhostname networks: files protocols: db files services: db files ethers: db files rpc: db files netgroup: nis
You see several other lines in /etc/nsswitch.conf. These specify how other kinds of names should be found. For example, you might use a Lightweight Directory Access Protocol (LDAP) database to store login information for users in your company or school where available computers are shared among whoever can log in. These workstations might automatically reboot after a user logs out. When the next user successfully authenticates, the system might connect to his or her home directory on some kind of networked storage. See the man or information pages for nsswitch.conf for more information on other things that can be in the file.
Configuring Ethernet and wifi connections
The examples up to now have used mostly dynamic (DHCP) configuration. This usually works well for workstations, but is not suitable for servers that are usually configured statically.
Graphical systems usually have a setting or network configuration dialog box to interact with network configuration through Network Manager. I’ll show you how to use the settings dialog on my CentOS 7 system to reconfigure one of my two Ethernet interfaces to have a static configuration. Figure 1 shows the settings dialog box with both Ethernet interfaces connected. You can turn each interface on or off and you can click the gear icon to edit the settings.
Figure 1. Network settings dialog with two Ethernet connections
In Figure 2, I have clicked the gear icon for the enp4s0 (100 Mbps) connection and then selected the IPv4 tab. You can see that the IP configuration and also the DNS and route configuration are automatic.
Figure 2. IPv4 automatic settings
In Figure 3, I have switched to manual configuration, set the IP address to 192.168.1.66, the network mask to 255.255.255.0., and the gateway to 192.168.1.1 (which is the address of my router). I have also turned off automatic DNS resolution and set the DNS servers to the two public Google DNS servers – 184.108.40.206 and 220.127.116.11. In my case, all traffic will go through the 192.168.1.1 gateway, and so I do not need to configure any special routes.
Figure 3. IPv4 manual (static) settings
After you click Apply, your settings will be saved. The modified configuration from /etc/sysconfig/network-scripts/ifcfg-enp4s0 is shown in Listing 11.
Listing 11. Modified configuration for interface enp4s0
TYPE=Ethernet BOOTPROTO=none DEFROUTE=yes PEERDNS=no IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=enp4s0 UUID=132a0ea9-e934-4961-b278-0c70dbab84a2 DEVICE=enp4s0 ONBOOT=no PROXY_METHOD=none BROWSER_ONLY=no IPADDR=192.168.1.66 PREFIX=24 GATEWAY=192.168.1.1 DNS1=18.104.22.168 DNS2=22.214.171.124
After you stop and restart the interface, /etc/resolv.conf will be updated with the two new DNS servers as shown in Listing 12.
Listing 12. Updated /etc/resolv.conf
# Generated by NetworkManager search lan nameserver 192.168.1.1 nameserver 126.96.36.199 nameserver 188.8.131.52
Activating and deactivating interfaces
In addition to the graphical means of activating and deactivating interfaces as shown in Figure 1, there are also commands, such as the traditional
ifdown to activate and deactivate an interface. These are illustrated in Listing 13.
Listing 13. Using ifup and ifdown
[ian@attic4-ce7 ~]$ sudo ifdown enp4s0 Device 'enp4s0' successfully disconnected. [ian@attic4-ce7 ~]$ sudo ifup enp4s0 Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/9)
Earlier in this tutorial, I showed you how to use the
nmcli command to show or manipulate the host name. Use this command to display or manipulate your connections as shown in Listing 14.
Listing 14. Using nmcli to activate and deactivate connections
[ian@attic4-ce7 ~]$ sudo nmcli connection down enp4s0 Connection 'enp4s0' successfully deactivated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/11) [ian@attic4-ce7 ~]$ sudo nmcli connection up enp4s0 Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/12)
Newer systems may also have the
ip command to manipulate interfaces, routes, and other networking aspects. If your system does not have
ifdown, you can usually install them. Or you can use the
ip commands instead. See the man or information pages for more details.
Command line configuration using nmcli
nmcli command can also manipulate many other aspects of your network configuration. Listing 15 shows how to display the status of all devices and then how to show the details of the static link that I just configured.
Listing 15. Displaying device status with nmcli
[ian@attic4-ce7 ~]$ nmcli device status DEVICE TYPE STATE CONNECTION enp2s0 ethernet connected enp2s0 enp4s0 ethernet connected enp4s0 virbr0 bridge connected virbr0 lo loopback unmanaged -- virbr0-nic tun unmanaged -- [ian@attic4-ce7 ~]$ nmcli device show enp4s0 GENERAL.DEVICE: enp4s0 GENERAL.TYPE: ethernet GENERAL.HWADDR: 00:23:54:33:F3:EE GENERAL.MTU: 1500 GENERAL.STATE: 100 (connected) GENERAL.CONNECTION: enp4s0 GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveCo WIRED-PROPERTIES.CARRIER: on IP4.ADDRESS: 192.168.1.66/24 IP4.GATEWAY: 192.168.1.1 IP4.ROUTE: dst = 192.168.1.0/24, nh = 0.0.0.0, mt = IP4.ROUTE: dst = 0.0.0.0/0, nh = 192.168.1.1, mt = IP4.DNS: 184.108.40.206 IP4.DNS: 220.127.116.11 IP6.ADDRESS: fe80::6d6c:67f7:72a1:e950/64 IP6.GATEWAY: -- IP6.ROUTE: dst = fe80::/64, nh = ::, mt = 103 IP6.ROUTE: dst = ff00::/8, nh = ::, mt = 256, tabl
In this example, each line of the
nmcli device status output for devices in connected state has a device and a connection that each have the same name. This is not required as is illustrated in Listing 16 which is the output for the same command on my Ubuntu 18.04 LTS system.
Listing 16. Displaying device status with nmcli on Ubuntu 18.04 LTS
ian@attic5-u18:~$ nmcli device status DEVICE TYPE STATE CONNECTION . ethernet connected Wired connection 1 lo loopback unmanaged --
In this case the connection name is Wired connection 1 which is active on device enp9s0.
According to the information page for nmcli, Network Manager stores all network configuration as “connections”, which are collections of data (Layer2 details, IP addressing, etc.) that describe how to create or connect to a network. A connection is “active” when a device uses that connection’s configuration to create or connect to a network. There may be multiple connections that apply to a device, but only one of them can be active on that device at any given time. The additional connections can be used to allow quick switching between different networks and configurations.
You can show the connection status for a connection such as enp4s0 using the
nmcli connection show enp4s0 command. Indeed
nmcli can handle several different types of objects or commands as summarized in Table 1. These can be abbreviated to an unambiguous prefix, currently as short as the first letter.
Table 1. Commands to nmcli
|Command/Object||Meaning to nmcli|
|help||Get brief help from nmcli.|
|general||Show Network Manager status and permissions. Get and change system host name, or Network Manager logging level and domains.|
|networking||Query Network Manager networking status and enable and disable networking.|
|radio||Show status of various radio switches. Enable and disable radio switches.|
|connection||Show the collections of network data.|
|device||Show or manage network interfaces.|
|agent||Run nmcli as a Network Manager secret agent or polkit agent.|
|monitor||See Network Manager activity. Watch for changes in connectivity state, devices, or connection profiles. Note that you can also monitor connection or device objects. See the information pages fro more details.|
Now I will show you how to clone the static configuration and make some modifications using
nmcli. In Listing 17, I first clone enp4s0 as enp4s0new. Next, I ensure that the connection will not autoconnect and I change the IP address to 192.168.1.67/24. Finally, I use the – prefix on ipv4.dns to remove the second DNS address. Containers such as a list of DNS servers are numbered origin 0. So,
-ipv4.dns 1 deletes the second one (which I set to 18.104.22.168 earlier). Finally, I selectively show the values of the affected fields and confirm that I am still using interface enp4s0.
Listing 17. Cloning and modifying a connection using nmcli
[ian@attic4-ce7 ~]$ sudo nmcli connection clone enp4s0 enp4s0new enp4s0 (132a0ea9-e934-4961-b278-0c70dbab84a2) cloned as enp4s0new (ded070be-f416-4313-acfd-f09899c4b27a). [ian@attic4-ce7 ~]$ sudo nmcli connection modify enp4s0new connection.autoconnect no [ian@attic4-ce7 ~]$ sudo nmcli connection modify enp4s0new ipv4.addresses 192.168.1.67/24 [ian@attic4-ce7 ~]$ sudo nmcli connection modify enp4s0new -ipv4.dns 1 [ian@attic4-ce7 ~]$ nmcli -f \ipv4.addresses,ipv4.dns,connection.autoconnect,connection.interface-name conn show enp4s0new [ian@attic4-ce7 ~]$ nmcli -f \ > ipv4.addresses,ipv4.dns,connection.autoconnect,connection.interface-name \ > conn show enp4s0new ipv4.addresses: 192.168.1.67/24 ipv4.dns: 22.214.171.124 connection.autoconnect: no connection.interface-name: enp4s0
Listing 18 shows how to use
ifdown to deactivate the original static interface and activate the cloned one.
Listing 18. Activating the clone interface
[ian@attic4-ce7 ~]$ sudo ifdown enp4s0 Device 'enp4s0' successfully disconnected. [ian@attic4-ce7 ~]$ sudo ifup enp4s0new Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/15) [ian@attic4-ce7 ~]$ nmcli device status DEVICE TYPE STATE CONNECTION enp2s0 ethernet connected enp2s0 Hi enp4s0 ethernet connected enp4s0new virbr0 bridge connected virbr0 lo loopback unmanaged -- virbr0-nic tun unmanaged -- [ian@attic4-ce7 ~]$ ping -c 2 192.168.1.67 PING 192.168.1.67 (192.168.1.67) 56(84) bytes of data. 64 bytes from 192.168.1.67: icmp_seq=1 ttl=64 time=0.089 ms 64 bytes from 192.168.1.67: icmp_seq=2 ttl=64 time=0.055 ms --- 192.168.1.67 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 999ms rtt min/avg/max/mdev = 0.055/0.072/0.089/0.017 ms
Network Manager handles a wide variety of connections other than Ethernet. Listing 19 shows the 802-11-wireless fields on a newly configured Fedora 30 laptop.
Listing 19. Using nmcli for wireless connection settings
[ian@localhost ~]$ nmcli -f 802-11-wireless c show Ian-guest 802-11-wireless.ssid: Ian-guest 802-11-wireless.mode: infrastructure 802-11-wireless.band: -- 802-11-wireless.channel: 0 802-11-wireless.bssid: -- 802-11-wireless.rate: 0 802-11-wireless.tx-power: 0 802-11-wireless.mac-address: -- 802-11-wireless.cloned-mac-address: -- 802-11-wireless.generate-mac-address-mask:-- 802-11-wireless.mac-address-blacklist: -- 802-11-wireless.mac-address-randomization:default 802-11-wireless.mtu: auto 802-11-wireless.seen-bssids: 1E:F2:9A:C7:50:0C 802-11-wireless.hidden: no 802-11-wireless.powersave: 0 (default) 802-11-wireless.wake-on-wlan: 0x1 (default)
See the man or information pages for nmcli and also nmcli-examples for more information on nmcli, including its interactive editing capability.
The systemd-networkd daemon
Since systemd version 210, systemd has included networking capability in the form of the systemd-networkd and systemd-resolved daemons for network management and DNS resolution. The systemd-networkd daemon is in active development, so may be missing features that you expect from Network Manager. It has been available since Fedora 21, Ubuntu 15.04, and Debian 8 for example.
Check the version of systemd on your system using
systemctl --version. Listing 20 shows the result on my Fedora 29 system.
Listing 20. Checking systemd versions
[ian@attic5-f29 ~]$ systemctl --version systemd 239 +PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN2 -IDN +PCRE2 default-hierarchy=hybrid
Your system may have both Network Manager and systemd-networkd installed. Use the
systemctl status command to see which one you are running. Listing 21 shows that my Fedora 29 system is running Network Manager.
Listing 21. Checking Network Manager and systemd-networkd
[ian@attic5-f29 ~]$ systemctl status NetworkManager • NetworkManager.service - Network Manager Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; enabled; vendor preset: enabled) Active: active (running) since Tue 2019-06-18 23:09:06 EDT; 17h ago Docs: man:NetworkManager(8) Main PID: 973 (NetworkManager) Tasks: 4 (limit: 4915) Memory: 19.0M CGroup: /system.slice/NetworkManager.service ├─ 973 /usr/sbin/NetworkManager --no-daemon └─1531 /sbin/dhclient -d -q -sf /usr/libexec/nm-dhcp-helper -pf /var/run/dhclient-enp9s0.pid -lf /var/lib/NetworkManager/dhc> Jun 19 09:03:16 attic5-f29 dhclient: DHCPACK from 192.168.1.1 (xid=0xb4abcb6b) Jun 19 09:03:16 attic5-f29 NetworkManager: <info> [1560949396.1270] dhcp4 (enp9s0): address 192.168.1.25 Jun 19 09:03:16 attic5-f29 NetworkManager: <info> [1560949396.1275] dhcp4 (enp9s0): plen 24 (255.255.255.0) Jun 19 09:03:16 attic5-f29 NetworkManager: <info> [1560949396.1275] dhcp4 (enp9s0): gateway 192.168.1.1 Jun 19 09:03:16 attic5-f29 NetworkManager: <info> [1560949396.1275] dhcp4 (enp9s0): lease time 86400 Jun 19 09:03:16 attic5-f29 NetworkManager: <info> [1560949396.1276] dhcp4 (enp9s0): hostname 'attic5-f29' Jun 19 09:03:16 attic5-f29 NetworkManager: <info> [1560949396.1276] dhcp4 (enp9s0): nameserver '192.168.1.1' Jun 19 09:03:16 attic5-f29 NetworkManager: <info> [1560949396.1276] dhcp4 (enp9s0): domain name 'lan' Jun 19 09:03:16 attic5-f29 NetworkManager: <info> [1560949396.1276] dhcp4 (enp9s0): state changed bound -> bound Jun 19 09:03:16 attic5-f29 dhclient: bound to 192.168.1.25 -- renewal in 37454 seconds. [ian@attic5-f29 ~]$ systemctl status systemd-networkd • systemd-networkd.service - Network Service Loaded: loaded (/usr/lib/systemd/system/systemd-networkd.service; enabled; vendor preset: disabled) Active: inactive (dead) Docs: man:systemd-networkd.service(8)
You see that Network Manager is running and that systemd-networkd is installed and available.
The configuration files used by systemd-networkd have an extension of .network. They are stored in /usr/lib/systemd/network,/run/systemd/network and /etc/systemd/network. The files are sorted and processed in lexical order, so that when a device appears, the first match found is applied.
A minimal file to provide a static IPv4 address of 192.168.1.68 instead of the DHCP assigned (192.168.1.25 shown in Listing 21) might be stored in /etc/systemd/network/. A sample is shown in Listing 22.
Listing 22. Sample .network file for systemd-networkd
[ian@attic5-f29 ~]$ cat /etc/systemd/network/20-static-enp9s0.network [Match] Name=enp9s0 [Network] Address=192.168.1.68/24 Gateway=192.168.1.1 DNS=126.96.36.199
To switch from Network Manager to systemd-networkd, use the
systemctl command to first disable Network manager and then enable and start systemd-networkd and systemd-resolved. Note that systemd-resolved will create its own resolv.conf file under the /run/systemd directory. Since other system services may depend on the one in /etc, it is better to create a symbolic link to the new one.
See the man or information pages for systemd.network for more details.
This concludes your introduction to Topic 109.2 Persistent network configuration.