Linux networking Using NMCLI

Linux networking and bonding using nmcli

There are multiple articles in this site related to Linux networking, based on ifcfg configurations and ifconfig commands. This article is focused on Network Manager CLI, called as “nmcli”.  nmcli is a command‐line tool to create, display, edit, delete, activate, and deactivate network connections, as well as control and display network device status.

Here is the usage instructions of “nmcli”. The ojbects that can be controlled by this utility is – general, networking, radio, connection, device and agent.

[[email protected] ~]# nmcli -v nmcli tool, version 1.0.0-16.git20150121.b4ea599c.el7_1 [[email protected] ~]# nmcli Usage: nmcli [OPTIONS] OBJECT { COMMAND | help } OPTIONS   -t[erse]                                   terse output   -p[retty]                                  pretty output   -m[ode] tabular|multiline                  output mode   -f[ields] <field1,field2,…>|all|common   specify fields to output   -e[scape] yes|no                           escape columns separators in values   -n[ocheck]                                 don’t check nmcli and NetworkManager versions   -a[sk]                                     ask for missing parameters   -w[ait] <seconds>                          set timeout waiting for finishing operations   -v[ersion]                                 show program version   -h[elp]                                    print this help OBJECT   g[eneral]       NetworkManager’s general status and operations   n[etworking]    overall networking control   r[adio]         NetworkManager radio switches   c[onnection]    NetworkManager’s connections   d[evice]        devices managed by NetworkManager   a[gent]         NetworkManager secret agent or polkit agent [[email protected] ~]#

1234567891011121314151617181920212223[[email protected] ~]# nmcli -vnmcli tool, version 1.0.0-16.git20150121.b4ea599c.el7_1[[email protected] ~]# nmcliUsage: nmcli [OPTIONS] OBJECT { COMMAND | help }OPTIONS  -t[erse]                                   terse output  -p[retty]                                  pretty output  -m[ode] tabular|multiline                  output mode  -f[ields] <field1,field2,…>|all|common   specify fields to output  -e[scape] yes|no                           escape columns separators in values  -n[ocheck]                                 don’t check nmcli and NetworkManager versions  -a[sk]                                     ask for missing parameters  -w[ait] <seconds>                          set timeout waiting for finishing operations  -v[ersion]                                 show program version  -h[elp]                                    print this helpOBJECT  g[eneral]       NetworkManager’s general status and operations  n[etworking]    overall networking control  r[adio]         NetworkManager radio switches  c[onnection]    NetworkManager’s connections  d[evice]        devices managed by NetworkManager  a[gent]         NetworkManager secret agent or polkit agent[[email protected] ~]#

This article will primarily focus on device and connection objects. To list all network interfaces in the system, use the “nmcli device” command.

[[email protected] ~]# nmcli device DEVICE  TYPE      STATE      CONNECTION enp0s3  ethernet  connected  enp0s3 enp0s8  ethernet  connected  Wired connection 1 lo      loopback  unmanaged  — [[email protected] ~]#

123456[[email protected] ~]# nmcli deviceDEVICE  TYPE      STATE      CONNECTIONenp0s3  ethernet  connected  enp0s3enp0s8  ethernet  connected  Wired connection 1lo      loopback  unmanaged  –[[email protected] ~]#

To know the details of an interface, like mac, mtu, ipaddress, state, dns resolvers, domainname and gateway, use the “nmcli device show” command.

[[email protected] ~]# nmcli device show enp0s8 GENERAL.DEVICE:                         enp0s8 GENERAL.TYPE:                           ethernet GENERAL.HWADDR:                         08:00:37:C3:BD:9D GENERAL.MTU:                            1500 GENERAL.STATE:                          100 (connected) GENERAL.CONNECTION:                     Wired connection 1 GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveConnection/1 WIRED-PROPERTIES.CARRIER:               on IP4.ADDRESS[1]:                         10.0.3.15/24 IP4.GATEWAY:                            10.0.3.2 IP4.DNS[1]:                             192.168.0.10 IP4.DNS[2]:                             192.192.0.10 IP4.DOMAIN[1]:                          lab.cloudibee.com IP6.ADDRESS[1]:                         fd80::a00:27ff:fd80:fd80/64 IP6.GATEWAY: [[email protected] ~]#

1234567891011121314151617[[email protected] ~]# nmcli device show enp0s8GENERAL.DEVICE:                         enp0s8GENERAL.TYPE:                           ethernetGENERAL.HWADDR:                         08:00:37:C3:BD:9DGENERAL.MTU:                            1500GENERAL.STATE:                          100 (connected)GENERAL.CONNECTION:                     Wired connection 1GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveConnection/1WIRED-PROPERTIES.CARRIER:               onIP4.ADDRESS[1]:                         10.0.3.15/24IP4.GATEWAY:                            10.0.3.2IP4.DNS[1]:                             192.168.0.10IP4.DNS[2]:                             192.192.0.10IP4.DOMAIN[1]:                          lab.cloudibee.comIP6.ADDRESS[1]:                         fd80::a00:27ff:fd80:fd80/64IP6.GATEWAY:[[email protected] ~]#

To disconnect an interface and make it unpingable, use the “device disconnect” command. This command will disconnect a device and prevent the device from automatically activating further connections without user/manual intervention. It should be noted that changes made with nmcli are persistent – NetworkManager will write them to the files on disk.

[[email protected] ~]# nmcli device disconnect enp0s8 Device ‘enp0s8’ successfully disconnected. [[email protected] ~]# nmcli device DEVICE  TYPE      STATE         CONNECTION enp0s3  ethernet  connected     enp0s3 enp0s8  ethernet  disconnected  — lo      loopback  unmanaged     — [[email protected] ~]#

12345678[[email protected] ~]# nmcli device disconnect enp0s8Device ‘enp0s8’ successfully disconnected.[[email protected] ~]# nmcli deviceDEVICE  TYPE      STATE         CONNECTIONenp0s3  ethernet  connected     enp0s3enp0s8  ethernet  disconnected  –lo      loopback  unmanaged     –[[email protected] ~]#

To Enabling the interface, use the “device connect” command. NetworkManager will try to find a suitable connection that will be activated. It will also consider connections that are not set to auto connect.

[[email protected] ~]# nmcli device connect enp0s8 Device ‘enp0s8’ successfully activated with ‘55233f6e-a015-4a51-afd5-d56d0eb9ddd2’. [[email protected] ~]#

123[[email protected] ~]# nmcli device connect enp0s8 Device ‘enp0s8’ successfully activated with ‘55233f6e-a015-4a51-afd5-d56d0eb9ddd2’. [[email protected] ~]#

NetworkManager stores all network configuration as connections, which are collections of data (Layer2 details, IP addressing, etc.) that describe how to create or connect to a network.  A connection is active when a device uses that connection’s configuration to create or connect to a network.  There may be multiple connections that apply to a device, but only one of them can be active on that device at any given time. The additional connections can be used to allow quick switching between different networks and configurations.

To see a list of connections available and the detail of a specific connection, use the below commands.

[[email protected] ~]# nmcli connection show NAME                UUID                                  TYPE            DEVICE mybond0             4de6866f-d793-4a25-a197-c301ab7b55ec  bond            — Wired connection 1  55233f6e-a015-4a51-afd5-d56d0eb9ddd2  802-3-ethernet  enp0s8 enp0s3              b9babcc0-79bf-41a6-9d2b-34728a2dcb01  802-3-ethernet  enp0s3 [[email protected] ~]# nmcli connection show 55233f6e-a015-4a51-afd5-d56d0eb9ddd2 connection.id:                          Wired connection 1 connection.uuid:                        55233f6e-a015-4a51-afd5-d56d0eb9ddd2 connection.interface-name:              — connection.type:                        802-3-ethernet connection.autoconnect:                 yes … 802-3-ethernet.auto-negotiate:          yes 802-3-ethernet.mac-address:             08:00:DD:C3:FF:9D 802-3-ethernet.cloned-mac-address:      — … GENERAL.UUID:                           55233f6e-a015-4a51-afd5-d56d0eb9ddd2 GENERAL.DEVICES:                        enp0s8 GENERAL.STATE:                          activated … IP4.ADDRESS[1]:                         10.0.3.15/24 IP4.GATEWAY:                            10.0.3.2 IP4.DNS[1]:                             172.18.20.13 IP4.DNS[2]:                             172.20.100.29 IP4.DOMAIN[1]:                          lab.cloudibee.com DHCP4.OPTION[1]:                        requested_ms_classless_static_routes = 1 DHCP4.OPTION[2]:                        requested_domain_search = 1 … [[email protected] ~]#

1234567891011121314151617181920212223242526272829[[email protected] ~]# nmcli connection showNAME                UUID                                  TYPE            DEVICEmybond0             4de6866f-d793-4a25-a197-c301ab7b55ec  bond            –Wired connection 1  55233f6e-a015-4a51-afd5-d56d0eb9ddd2  802-3-ethernet  enp0s8enp0s3              b9babcc0-79bf-41a6-9d2b-34728a2dcb01  802-3-ethernet  enp0s3[[email protected] ~]# nmcli connection show 55233f6e-a015-4a51-afd5-d56d0eb9ddd2connection.id:                          Wired connection 1connection.uuid:                        55233f6e-a015-4a51-afd5-d56d0eb9ddd2connection.interface-name:              –connection.type:                        802-3-ethernetconnection.autoconnect:                 yes…802-3-ethernet.auto-negotiate:          yes802-3-ethernet.mac-address:             08:00:DD:C3:FF:9D802-3-ethernet.cloned-mac-address:      –…GENERAL.UUID:                           55233f6e-a015-4a51-afd5-d56d0eb9ddd2GENERAL.DEVICES:                        enp0s8GENERAL.STATE:                          activated…IP4.ADDRESS[1]:                         10.0.3.15/24IP4.GATEWAY:                            10.0.3.2IP4.DNS[1]:                             172.18.20.13IP4.DNS[2]:                             172.20.100.29IP4.DOMAIN[1]:                          lab.cloudibee.comDHCP4.OPTION[1]:                        requested_ms_classless_static_routes = 1DHCP4.OPTION[2]:                        requested_domain_search = 1…[[email protected] ~]#

NetworkManager is not automatically aware of the change that are made to ifcfg files manually. For example, if configuration files have been changed using an editor, NetworkManager must be told to read the configuration files again. To do that, issue the following command.

[[email protected] ~]# nmcli connection reload [[email protected] ~]# echo $? 0 [[email protected] ~]#

1234[[email protected] ~]# nmcli connection reload[[email protected] ~]# echo $?0[[email protected] ~]#

Setting IP using NMCLI : To add a connection and set ipv4 properties, use the “nnmcli connection add type ethernet” command.

[[email protected] ~]# nmcli con add type ethernet con-name test ifname ens9 ip4 10.10.10.10/24 gw4 10.10.10.254 Connection ‘test-lab’ (16210b8c-ea06-477e-91ca-f229edd4e940) successfully added. [[email protected] ~]# nmcli con NAME                UUID                                  TYPE            DEVICE bond0             4de6866f-d793-4a25-a197-c301ab7b55ec  bond            — Wired connection 1  55233f6e-a015-4a51-afd5-d56d0eb9ddd2  802-3-ethernet  enp0s8 enp0s3              b9babcc0-79bf-41a6-9d2b-34728a2dcb01  802-3-ethernet  enp0s3 test                aee65ad7-3ca2-49b8-b11d-89c9d955881e  802-3-ethernet  ens9 [[email protected] ~]# [[email protected] ~]# nmcli con show test connection.id:                          test-lab connection.uuid:                        aee65ad7-3ca2-49b8-b11d-89c9d955881e connection.interface-name:              ens9 connection.type:                        802-3-ethernet connection.autoconnect:                 yes connection.autoconnect-priority:        0 connection.timestamp:                   0 … [[email protected] ~]#

12345678910111213141516171819[[email protected] ~]# nmcli con add type ethernet con-name test ifname ens9 ip4 10.10.10.10/24 gw4 10.10.10.254Connection ‘test-lab’ (16210b8c-ea06-477e-91ca-f229edd4e940) successfully added.[[email protected] ~]# nmcli conNAME                UUID                                  TYPE            DEVICEbond0               4de6866f-d793-4a25-a197-c301ab7b55ec  bond            –Wired connection 1  55233f6e-a015-4a51-afd5-d56d0eb9ddd2  802-3-ethernet  enp0s8enp0s3              b9babcc0-79bf-41a6-9d2b-34728a2dcb01  802-3-ethernet  enp0s3test                aee65ad7-3ca2-49b8-b11d-89c9d955881e  802-3-ethernet  ens9[[email protected] ~]# [[email protected] ~]# nmcli con show testconnection.id:                          test-labconnection.uuid:                        aee65ad7-3ca2-49b8-b11d-89c9d955881econnection.interface-name:              ens9connection.type:                        802-3-ethernetconnection.autoconnect:                 yesconnection.autoconnect-priority:        0connection.timestamp:                   0…[[email protected] ~]#

Bonding using NMCLI : Network bonding also can be configured using nmcli. To enable bonding, load the bonding module and create the bond (bond0) as specified in this example.

[[email protected] ~]# modprobe –first-time bonding [[email protected] ~]# nmcli connection add type bond con-name bond0 ifname bond0 mode active-backup

12[[email protected] ~]# modprobe –first-time bonding[[email protected] ~]# nmcli connection add type bond con-name bond0 ifname bond0 mode active-backup

This will create the bond0 and now to add the slave interface to the bond, use the following bond-slave commands.

[[email protected] ~]# nmcli con add type bond-slave ifname ens3 master bond0 [[email protected] ~]# nmcli con add type bond-slave ifname ens4 master bond0

12[[email protected] ~]# nmcli con add type bond-slave ifname ens3 master bond0[[email protected] ~]# nmcli con add type bond-slave ifname ens4 master bond0

Enable the slaves and the bond.

[[email protected] ~]# nmcli con up bond-slave-ens3 [[email protected] ~]# nmcli con up bond-slave-ens4 [[email protected] ~]# nmcli con up bond-bond0

123[[email protected] ~]# nmcli con up bond-slave-ens3[[email protected] ~]# nmcli con up bond-slave-ens4[[email protected] ~]# nmcli con up bond-bond0

Now you can set an IP address to the bond and start using it. Hope this helps in starting to use nmcli as an alternative to the commands we have been using to manage the Linux networking.

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Disabling TLS 1.0 on nginx web servers

Next Post

Disabling TLS 1.0 on Apache Linux Server

Related Posts