Redhat7/CentOS7 network configuration and management (nmtui, nmcli, GNOME GUI, ifcfg file, IP command)

Background: As a system administrator, you often need to deal with host network problems, and there are several methods and tools for configuring and managing the network. Here are a few ways to organize and share the network configuration and management.

1. Overview of NetworkManager

In Red Hat Enterprise Linux 7, default networking services are provided by NetworkManager, a dynamic network control and configuration daemon that keeps up and active as network devices and connections are available. Legacy ifcfg type configuration files are still supported.

1.1 Advantages of Network Manager

Network configuration made easier: NetworkManager ensures that network connections are working properly. NetworkManager creates temporary connections to provide connectivity when it discovers that there is no network configuration in the system but there are network devices.

Provides easy connection setup with users: NetworkManager provides management through different tools (GUI, nmtui, nmcli – ).

Supports configuration flexibility. For example: configure a WiFi interface, NetworkManager will scan and display available wifi networks. Select an interface and NetworkManager will display the credentials needed to provide an automatic connection after the restart process.

NetworkManager can configure network aliases, IP addresses, static routes, DNS information, and VPN connections, as well as many connection-specific parameters. You can modify the configuration options to reflect your needs.

Persist the device state after the restart process and take over the interface that was set to managed mode during the restart process.

Handles devices that are not explicitly set but are manually controlled by a user or other network device.

1.2. Overview of NetworkManager tools and applications

application or tool description

nmcli Command-line tools allow users and scripts to interact with NetworkManager. Note that nmcli can be used on systems without a GUI, such as servers, to control all aspects of NetworkManager. It functions the same as the GUI tool.

nmtui A simple curses-based text user interface (TUI) for NetworkManager

nm- connection-editor
Graphical user interface tools for specific tasks not already handled by the Control Center utilities, such as configuring bonds and teaming connections. You can add, delete, and modify network connections stored by NetworkManager. To start it, type nm-connection-editor in a terminal:

~]$ nm-connection-editor

control-center GNOME Shell provides graphical user interface tools for use by desktop users. It integrates network setting tools. To start it, press the Super key to enter the Activities Overview, type Network, and press the Enter key. The Network Setup Tool appears.

Network Connection Icon GNOME Shell provides graphical user interface tools to represent network connection status, such as NetworkManager reports. The icon has various states and serves as a visual indication of the type of connection you are currently using.

1.3. Installation and use of NetworkManager

(1) Install NetworkManager
yum install NetworkManager
(2) Start NetworkManager
systemctl start NetworkManager
(3) Close Network Manager
systemctl stop NetworkManager
(4) Restart Network Manager
systemctl restart NetworkManager
(5) Check whether NetworkManager starts up
systemctl is-enabled NetworkManager
(6) Boot up NetworkManager
systemctl enable NetworkManager
(7) Prohibit booting NetworkManager
systemctl disable NetworkManager
(8) Check the status of NetworkManager
systemctl status NetworkManager
Notice:
When NetworkManager is running, the systemctl status command displays Active: active (running)
When NetworkManager is not running, the systemctl status command displays Active: inactive (dead)
2. Configure IP network

2.1, use nmtui to configure IP network

This procedure describes how to configure the network using the text user interface tool nmtui.

2.1.1. Start the nmtui tool
nmtui
NetworkManager text user interface home menu (Left English, right middle), use the arrow keys to go forward, then press Esc to go back through the options. Press Enter to select an option. Space The space bar toggles the state of the checkbox.

Select “Edit a connection”

Select the network card, press Enter to edit

2.1.2. Configure and save ipv4 information (configure static ip and select Manual mode)

2.1.3. To apply changes after modifying an already activated connection, you need to reactivate the connection.

a. Select the Activate a connection menu item to activate the connection.

b. Select the modified connection. On the right, click the Deactivate button to deactivate the modified connection. (Note: The network will be disconnected at this time, and the ssh connection will also be disconnected)

c. Select the connection again and click the Activate button to reactivate the modified connection

2.1.4, command mode operation
nmtui edit connection-name #connection-name is the name of the network card, such as ens33 above
Note: If no connection name is provided, a selection menu will be displayed. If a connection name is provided and correctly identified, the associated Edit connection screen will appear.
nmtui connect connection-name
Note: If no connection name is provided, a selection menu will be displayed. If a connection name is provided and correctly identified, the associated connection will be activated.

2.2, use nmcli to configure IP network

The nmcli (NetworkManager Command Line Interface) command-line tool is used to control NetworkManager and report network status, nmcli is used to create, display, edit, delete, activate and deactivate network connections, and control and display network device status.

The basic format of the nmcli command is as follows:
nmcli [OPTIONS] OBJECT { COMMAND | help }

Connection file: Put a collection of configurations of a network device in a file, which is called a connection file, such as the configuration file of a network card.

2.2.1 nmcli networking

Shows whether NetworkManager is taking over network settings:
nmcli networking
networking can be abbreviated as n, ne, net, netw… So the above command can be abbreviated as:
nmcli n
Check network connection status:
nmcli n connectivity
There are five network connection states: full, limited (connected to the Internet, but unable to access the Internet), portal (connected to the Internet, but requires authentication to log in to the Internet), none (not connected to the Internet) and unknown.

connectivity can be abbreviated as c, so the above command can be abbreviated as:
nmcli n c
Open network connection:
nmcli on
Close network connection:
nmcli n off
2.2.2 nmcli general

Display system network status:
nmcli general status
general can be abbreviated as g, ge, gen, gene…

status is the default item of general and can be omitted. Therefore, the above command can be abbreviated as:
nmcli g
The command returns the following results:

in:

STATE shows whether the network is connected;

CONNECTIVITY is the same as the nmcli networking connectivity introduced earlier;

WIFI-HW means WIFI hardware switch, WIFI means WIFI software switch;

WWAN-HW means WWAN hardware switch, WWAN means WWAN software switch.

HW stands for HardWare and WWAN stands for Wireless Wide Area Network.

Display hostname:
nmcli g hostname
nmcli g h
Change hostname:
nmcli g hostname newHostName
nmcli g h newHostName
newHostName is the new host name you set.

The hostname is stored in the /etc/hostname file. After modifying the hostname, NetworkManager needs to be restarted.

2.2.3 nmcli connection

Display information for all network connections:
nmcli connection show
connection can be abbreviated as c, co, con, conn…

show is the default item of connection and can be omitted. Therefore, the above command can be abbreviated as:
nmcli c
nmcli connection show has an -active parameter to show only currently active connections:
nmcli c s --active # or
nmcli c s -a #Because there are parameter items after show, the show at this time cannot be saved
Display the details of a specific connection (using ens33 as an example):
nmcli c s ens33
Start specified connection:
nmcli c up ens33
If ens33 is already connected, this command will restart ens33.

Close specified connection:
nmcli c down ens33
After closing the connection, execute the nmcli c command, and the DEVICE item will be displayed as — .

Modify connection file:
nmcli c modify ens33 [ + | - ] option option value # or
nmcli c m ens33 [ + | - ] option option value
Examples of common modifications are given below:
nmcli c m ens33 ipv4.address 192.168.80.10/24 # modify IP address and subnet mask
nmcli c m ens33 ipv4.method manual # Modify to static configuration, the default is auto
nmcli c m ens33 ipv4.gateway 192.168.80.2 # Modify the default gateway
nmcli c m ens33 ipv4.dns 192.168.80.2 # Modify DNS
nmcli c m ens33 + ipv4.dns 114.114.114.114 # Add a DNS
nmcli c m ens33 ipv6.method ignore # Disable IPv6, for CentOS 8, three options: disabled, auto, manual
nmcli c m ens33 connection.autoconnect yes # boot up
Note that ipv4.address must be modified before ipv4.method can be modified!

Use empty quotes "" to replace the value of the option to set the option back to the default value (take ipv4.method as an example):
nmcli c m ens33 ipv4.method ""
There are many options, detailed information can be viewed through the following command:
man 5 nm-settings-nmcli
You can mainly see the connection setting and ipv4 setting sections inside.

Add link:
nmcli c add type connection type option option value # or
nmcli c a type connection type option option value
type is mandatory, we usually use 802-3-ethernet (alias ethernet).

The options are the same as those in “Modify Connection” introduced earlier, among which several important options:

connection.id (alias con-name): connection name;

connection.interface-name (alias ifname): device name;

connection.autoconnect (alias autoconnect): Whether to start automatically at boot, its value can only be yes or no, the default is yes.

An example is given below:
nmcli c a type ethernet ifname ens37 con-name ens37
Delete specified connection:
nmcli c delete ens33 # or
nmcli c de ens33 # delete cannot be abbreviated as d, otherwise it will conflict with down, but can be abbreviated as de
Reload configuration files for all connections:
nmcli c reload # or
nmcli c r
Overload the configuration file for a specified connection:
nmcli c load ifcfg-ens33 # or
nmcli c l ifcfg-ens33 
The network configuration file is saved in the /etc/sysconfig/network-scripts/ path by default. If the configuration file is in another location, you need to fill in the full path.

The naming method of the network configuration file is ifcfg-connection name, for example, the configuration file name of ens33 is ifcfg-ens33.

Network configuration file description:
TYPE=Ethernet # Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=none # Static configuration, equivalent to ipv4.method manual
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=no
NAME=ens33 # connection name
UUID=16862343-b55e-4248-b05d-a3ea662a84a4
DEVICE=ens33 # device name
ONBOOT=yes # boot automatically
IPADDR=192.168.80.10 # IP address
PREFIX=24 # subnet mask
GATEWAY=192.168.80.2 # gateway
DNS1=192.168.80.2 # DNS1
DNS2=114.114.114.114 # DNS2
2.2.4 nmcli device

Display the status of all network interface devices:
nmcli device status
device can be abbreviated as d, de, dev…

status is the default item of device and can be omitted. Therefore, the above command can be abbreviated as:
nmcli d
Show details for all devices:
nmcli d show # or
nmcli d sh # show cannot be abbreviated as s, otherwise it will conflict with status, but can be abbreviated as sh
Display details for a specific device:
nmcli d sh ens33
Connect device:
nmcli d connect ens33 # or
nmcli d c ens33 
If ens33 is already connected, this command will restart ens33.

Disconnect device:
nmcli d disconnect ens33 # or
nmcli d d ens33 
Update device information:
nmcli d reapply ens33 # or
nmcli d r ens33 
The device can be updated only when the device is in the connected state. Updating the device is equivalent to restarting the connection.

This part is quoted: https://zhuanlan.zhihu.com/p/395236748

2.2.5 Configuration and use of the new network card in the server

Use ip addr show to view the network card information (ens37 is the network card I just added), but it is not connected.

nmcli device status View the status of all network interface devices, you can see that ens37 is disconnected

There are two ways to modify the connection of the new network card

Method 1:
nmcli device connect ensXXX:
disconnected→connected Automatically create a connection file (prerequisite: DHCP is enabled)

Method 2:

Manually add a connection to associate the device (this method can be used when DHCP is not enabled)
nmcli connection add type ethernet ifname ens37 con-name ens37 #or
nmcli c a type ethernet ifname ens37 con-name ens37
After manually adding a connection to associate the device, the connection file ifcfg-ens37 will be generated under /etc/sysconfig/network-scripts, but the connection file is still unavailable at this time.

Modify the connection file ifcfg-ens37

nmcli device status Check again that the network card device is in the connected state.

2.3, use GNOME GUI to configure IP network

In Red Hat Enterprise Linux 7, NetworkManager itself has no graphical user interface (GUI). The network connection icon in the upper right corner of the desktop is available as part of GNOME Shell, and the network settings configuration tool is available as part of the new GNOME Control Center GUI that supports wired, wireless and vpn connections. nm-connection-editor is the main tool for GUI configuration. In addition to the functionality of control-center, it also applies functionality not provided by GNOME Control Center, such as configuration bindings, teams, bridge connections.

2.3.1. Use the control-center GUI to connect to the network

Click the GNOME Shell Network Connections icon in the upper right corner of the screen to open its menu.

When you click on the GNOME Shell Network Connections icon, you see:

A list of currently connected categorized networks (such as Wired and Wi-Fi)

List of all available networks detected by NetworkManager

Option to connect to any configured virtual private network (VPN)

Select the option for the Network Settings menu entry

2. As shown in the figure below, open the Network Settings window

Click the plus button to add a new connection.

Wired connection, click the plus button next to the Wired entry

VPN connection, click the plus button next to the VPN entry

For a Wi-Fi connection, tap the Wi-fi entry in the Settings menu

3. Use the control-center to edit an existing connection

Clicking the gear wheel icon for an existing connection profile in the Network settings window will open the Details window from which you can perform most network configuration tasks such as IPv4, DNS, and routing configuration.

To apply the changes after the connection has been modified, you can click the Apply button in the upper right corner of the connection window.

2.3.2. Use nm-connection-editor to configure new and edit existing connections

Using the nm-connection-editor GUI application, you can use the additional functionality provided by the control-center to configure any connection you want. Also, the nm-connection-editor app does not provide functionality provided by the GNOME Control Center, such as configuring bindings, bridges, VLANs, and group connections.

1. Use nm-connection-editor to add or configure a new connection

Enter nm-connection-editor in the terminal

Added, you can choose from multiple connection types (Ethernet, wifi, Bluetooth, bond, etc.)

Delete, optionally delete unneeded connected devices

The configuration is similar to the control-center GUI configuration, with more functions.

2.4. Use IFCFG file to configure IP network

We can also manually configure the network interface by editing the ifcfg file.

The interface configuration (ifcfg) file can control the software interface of different network devices. When the system boots, it uses these files to decide which interfaces to start and how to configure them. These files are usually named ifcfg-name , with the name suffix referring to the name of the device controlled by the configuration file. By convention, the ifcfg file has the same suffix as the string provided by the DEVICE directive in the configuration file.

1. Use the ifcfg file to configure an interface with static network settings
For example, to use an ifcfg file to configure an interface with static network settings, for an interface named ens37, create a file named ifcfg-ens37 in the /etc/sysconfig/network-scripts/ directory containing:
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=no
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens37
UUID=0b7dff57-945d-4b63-bf53-69dd2e0f2e99
DEVICE=ens37
ONBOOT=yes
IPADDR=192.168.8.26
PREFIX=24
GATEWAY=192.168.8.2
DNS1=114.114.114.114
2. Application Configuration

a. Reload the updated connection file:
nmcli connection reload
b. Reactivate the connection:
nmcli connection up connection_name
2.5, use IP command to configure IP network

We can also temporarily configure network interfaces using the ip command, but the changes are not persisted across reboots; any changes will be lost after a reboot.

The ip tool can be used to assign an IP address to an interface in the following format:
ip addr [ add | del ] address dev ifname

Assign a static address using the ip command
To assign an IP address to an interface:
~]# ip address add 10.0.0.3/24 dev ens37
You can view the address assignment of a specific device:
~]# ip addr show dev ens37
2: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP
qlen 1000
link/ether f0:de:f1:7b:6e:5f brd ff:ff:ff:ff:ff:ff
inet 10.0.0.3/24 brd 10.0.0.255 scope global global enp1s
valid_lft 58682sec preferred_lft 58682sec
inet6 fe80::f2de:f1ff:fe7b:6e5f/64 scope link
valid_lft forever preferred_lft forever
Configure multiple addresses using the ip command

Since the ip utility supports assigning multiple addresses to the same interface, it is no longer necessary to use the alias interface method to bind multiple addresses to
the same interface. The ip command that assigns addresses can be repeated multiple times to allow multiple addresses to be assigned. For example:
~]# ip address add 192.168.2.223/24 dev ens37
~]# ip address add 192.168.4.223/24 dev ens37
~]# ip addr
3: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP
qlen 1000
link/ether 52:54:00:fb:77:9e brd ff:ff:ff:ff:ff:ff
inet 192.168.2.223/24 scope global enp1s0
inet 192.168.4.223/24 scope global enp1s0
NOTE: IP commands given on the command line are not preserved across system reboots.