How to Configure Networking Using nmcli and configuration files in CentOS/RHEL 7

In this post we will explore the IPv4 networking using nmcli and configuration files in the /etc/sysconfig/network-scripts/ directory for CentOS/RHEL 7 systems.

NetworkManager Overview

In CentOS/RHEL 7, the configuration of network interfaces is managed by a system daemon called NetworkManager. For NetworkManager:

  • A device is a network interface.
  • A connection is a collection of settings that can be configured for a device.
  • Only one connection is active for any one device at a time. Multiple connections may exist, for use by different devices or to allow a configuration to be altered for the same device
  • Each connection has a name or ID that identifies it.
  • The persistent configuration for a connection is stored in /etc/sysconfig/networkscripts/ifcfg-name, where name is the name of the connection (although spaces are normally replaced with underscores in the file name). This file can be edited by hand if desired.
  • The nmcli utility can be used to create and edit connection files from the shell prompt.

Viewing Networking Information

The command nmcli dev status will show the status of all network devices:

$ nmcli dev status
DEVICE  TYPE      STATE         CONNECTION
eno1    ethernet  connected     eno1
eth0    ethernet  connected     static-eth0
eno2    ethernet  disconnected  --
lo      loopback  unmanaged     --

The command nmcli con show will show a list of all connections. To list only the active connections, add the –active option.

$ nmcli con show
NAME         UUID                                  TYPE            DEVICE
eno2         ff9f7d69-db83-4fed-9f32-939f8b5f81cd  802-3-ethernet  --
static-eth0  72ca57a2-f780-40da-b146-99f71c431e2b  802-3-ethernet  eth0
eno1         87b53c56-1f5d-4a29-a869-8a7bdaf56dfa  802-3-ethernet  eno1
# nmcli con show --active
static-eth0  72ca57a2-f780-40da-b146-99f71c431e2b  802-3-ethernet  eth0
eno1         87b53c56-1f5d-4a29-a869-8a7bdaf56dfa  802-3-ethernet  eno1

The ip addr showcommand displays the current configuration of network interfaces on the system. To list only a single interface, add the interface name as the last argument:

$ ip addr show eth0
2: eth0: [BROADCAST,MULTICAST, UP,LOWER_UP] mtu 1500 qdisc pfifo_fast state UP qlen 1000
      link/ether 52:54:00:00:00:0b brd ff:ff:ff:ff:ff:ff
inet 172.25.0.11/16 brd 172.25.255.255 scope global eth0 valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:fe00:b/64 scope link valid_lft forever preferred_lft forever
  1. An active interface is UP.
  2. The link/ether line specifies the hardware (MAC) address of the device.
  3. The inet line shows an IPv4 address, its network prefix length, and scope.
  4. The inet6 line shows an IPv6 address, its network prefix length, and scope.

Adding a Network Connection

The nmcli con add command is used to add new network connections. The example nmcli con add commands that follow assume that the name of the network connection being added is not already in use.

The following command will add a new connection for the interface** eno2**, which will get IPv4 networking information using DHCP and will autoconnect on startup. The configuration will be saved in /etc/sysconfig/network-scripts/ifcfg-eno2 because the con-name is eno2.

# nmcli con add con-name eno2 type ethernet ifname eno2

The next example configures the **eno2 **interface statically instead, using the IPv4 address and network prefix 192.168.0.5/24 and default gateway 192.168.0.254, but still autoconnects at startup and saves its configuration into the same file. The example is line-wrapped with a shell \ escape.

# nmcli con add con-name eno2 type ethernet ifname eno2 \ > ip4 192.168.0.5/24 gw4 192.168.0.254

Controlling Network Connections

The nmcli con up name command will activate the connection name on the network interface it is bound to. Note that the command takes the name of a connection, not the name of the network interface. Remember that nmcli con show can be used to list the names of all available connections.

# nmcli con up static-eth0

The** nmcli dev disconnect device** command will disconnect the network interface device and bring it down. This command can be abbreviated** nmcli dev dis device:**

# nmcli dev dis eth0

Modifying Network Connection Settings

NetworkManager connections have two kinds of settings. There are static connection properties, which are configured by the administrator and stored in the configuration files in /etc/ sysconfig/network-scripts/ifcfg-*.. There may also be active connection data, which the connection gets from a DHCP server and which are not stored persistently.

To list the current settings for a connection, run the nmcli con show name command, where name is the name of the connection. Settings in lowercase are static properties the administrator can change; settings in all caps are active settings in temporary use for this instance of the connection.

# nmcli con show static-eth0
connection.id:                          static-eth0
connection.uuid:                        87b53c56-1f5d-4a29-a869-8a7bdaf56dfa
connection.interface-name:              -
connection.type:                        802-3-ethernet
connection.autoconnect:                 yes
connection.timestamp:                   1401803453
connection.read-only:                   no
connection.permissions:
connection.zone:                        -
connection.master:                      -
connection.slave-type:                  -
connection.secondaries:
connection.gateway-ping-timeout:        0
802-3-ethernet.port:                    -
802-3-ethernet.speed:                   0
802-3-ethernet.duplex:                  -
802-3-ethernet.auto-negotiate:          yes
802-3-ethernet.mac-address:             CA:9D:E9:2A:CE:F0
802-3-ethernet.cloned-mac-address:      -
802-3-ethernet.mac-address-blacklist:
802-3-ethernet.mtu:                     auto
802-3-ethernet.s390-subchannels:
802-3-ethernet.s390-nettype:            -
802-3-ethernet.s390-options:
ipv4.method:                            manual
ipv4.dns:                               192.168.0.254
ipv4.dns-search:                        example.com
ipv4.addresses:                         { ip = 192.168.0.2/24, gw = 192.168.0.254 }
ipv4.routes:
ipv4.ignore-auto-routes:                no
ipv4.ignore-auto-dns:                   no
ipv4.dhcp-client-id:                    -
ipv4.dhcp-send-hostname:                yes
ipv4.dhcp-hostname:                     -
ipv4.never-default:                     no
ipv4.may-fail:                          yes ...

The nmcli con mod name command can be used to change the settings for a connection. These changes will also be saved in the /etc/sysconfig/network-scripts/ifcfg-name file for the connection. The different settings that are available are documented in the nm-settings man page.

To set the IPv4 address to 192.0.2.2/24 and default gateway to 192.0.2.254 for the connection static-eth0:

# nmcli con mod static-eth0 ipv4.addresses "192.0.2.2/24 192.0.2.254"

A number of settings may have multiple values. A specific value can be added to the list or deleted from the list for a setting by adding a + or - symbol to the start of the setting name.

To add the DNS server 192.0.2.1 to the list of nameservers to use with the connection staticeth0:

# nmcli con mod static-eth0 +ipv4.dns 192.0.2.1

By default, changes made with nmcli con mod name are automatically saved to /etc/ sysconfig/network-scripts/ifcfg-name. That file can also be manually edited with a text editor. After doing so, run nmcli con reload so that NetworkManager reads the configuration changes.

For backward-compatibility reasons, the directives saved in that file have different names and syntax than the nm-settings(5) names. The following table maps some of the key setting names to ifcfg-* directives.

Comparison of nm-settings and ifcfg-* Directives

NMCLI CON MOD IFCFG-* FILE EFFECT
ipv4.method manual BOOTPROTO=none IPv4 addresses configured statically
ipv4.method auto BOOTPROTO=dhcp Will look for configuration settings from a DHCPv4 server. If static addresses are also set, will not bring those up until we have information from DHCPv4.
ipv4.addresses “192.0.2.1/24 192.0.2.254” IPADDR0=192.0.2.1 PREFIX0=24 GATEWAY0=192.0.2.254 Sets static IPv4 address, network prefix, and default gateway. If more than one is set for the connection, then instead of 0, the ifcfg-* directives end with 1, 2, 3 and so on.
ipv4.dns 8.8.8.8 DNS0=8.8.8.8 Modify /etc/resolv.conf to use this nameserver
ipv4.dns-search example.com DOMAIN=example.com Modify /etc/resolv.conf to use this domain in the search directive
ipv4.ignore-auto-dns true PEERDNS=no Ignore DNS server information from the DHCP server.
connection.autoconnect yes ONBOOT=yes Automatically activate this connection at boot
connection.id eth0 NAME=eth0 The name of this connection
connection.interfacename eth0 DEVICE=eth0 The connection is bound to the network interface with this name
802-3-ethernet.macaddress . . . HWADDR= . . . The connection is bound to the network interface with this MAC address.

Deleting a Network Connection

The nmcli con del name command will delete the connection named name from the system, disconnecting it from the device and removing the file /etc/sysconfig/network-scripts/ ifcfg-name

Modifying The System Host Name

The hostname command displays or temporarily modifies the system’s fully qualified host name.

# hostname demo.example.com

A static host name may be specified in the /etc/hostname file. The hostnamectl command is used to modify this file and may be used to view the status of the system’s fully qualified host name. If this file does not exist, the host name is set by a reverse DNS query once the interface has an IP address assigned

# hostnamectl set-hostname demo.example.com
# hostnamectl status
 Static hostname:  demo.example.com
       Icon name: computer
         Chassis: n/a
      Machine ID: 9f6fb63045a845d79e5e870b914c61c9
         Boot ID:  aa6c3259825e4b8c92bd0f601089ddf7
  Virtualization: kvm
Operating System: Red Hat Enterprise Linux Server 7.0 (Maipo)
     CPE OS Name: cpe:/o:redhat:enterprise_linux:7.0:GA:server
          Kernel: Linux 3.10.0-121.el7.x86_64
    Architecture: x86_64
# cat /etc/hostname
demo.example.com

List of nmcli Commands

The following table is a list of key commands discussed in this section.

COMMAND PURPOSE
nmcli dev status Show the NetworkManager status of all network interfaces
nmcli con show List all connections
nmcli con show name List the current settings for the connection name.
nmcli con add con-name name … Add a new connection named name.
nmcli con mod name … Modify the connection name.
nmcli con reload Tell NetworkManager to reread the configuration files (useful after they have been edited by hand).
nmcli con up name Activate the connection name.
nmcli dev dis dev Deactivate and disconnect the current connection on the network interface dev.
nmcli con del name Delete the connection name and its configuration file.
ip addr show Show the current network interface address configuration
hostnamectl sethostname … Persistently set the host name on this system.