# 10.1 Network Configuration In this module we will teach you how to check connection information and how to connect a network card to a network. More information on IP Addresses: [ip-wiki](https://en.wikipedia.org/wiki/IP_address) More information on Netmasks:[netmask-wiki](https://nl.wikipedia.org/wiki/Netmask) More information on Subnets: [subnet-wiki](https://nl.wikipedia.org/wiki/Subnet) ### Checking Connection Information We will practice a few ways to check connection information. Identify the current network interfaces and basic network addresses: ```bash ip addr ``` Display the current IP address and netmask for all interfaces: ```bash [root@rhcsa ~]# ip addr 1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens3: mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 56:6f:af:23:01:a0 brd ff:ff:ff:ff:ff:ff inet 192.168.10.151/24 brd 192.168.10.255 scope global noprefixroute ens3 valid_lft forever preferred_lft forever inet6 fe80::546f:afff:fe23:1a0/64 scope link valid_lft forever preferred_lft forever 3: ens5: mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 56:6f:af:23:01:a1 brd ff:ff:ff:ff:ff:ff 4: virbr0: mtu 1500 qdisc noqueue state DOWN group default qlen 1000 link/ether 52:54:00:b6:34:dc brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever preferred_lft forever 5: virbr0-nic: mtu 1500 qdisc fq_codel master virbr0 state DOWN group default qlen 1000 link/ether 52:54:00:b6:34:dc brd ff:ff:ff:ff:ff:ff ``` ```bash ip -s link show ens3 ``` Display the statistics for the ens3 interface: ```bash [root@rhcsa ~]# ip -s link show ens3 2: ens3: mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000 link/ether 56:6f:af:23:01:a0 brd ff:ff:ff:ff:ff:ff RX: bytes packets errors dropped overrun mcast 178448 969 0 0 0 0 TX: bytes packets errors dropped carrier collsns 96110 711 0 0 0 0 ``` Display the routing information. ```bash [root@rhcsa ~]$ ip route default via 192.168.113.1 dev eth0 proto static metric 100 192.168.113.1 dev eth0 proto static scope link metric 100 192.168.113.110/31 dev eth0 proto kernel scope link src 192.168.113.110 metric 100 ``` Ping is the main command, Verify that the gateway is accessible ```bash ping -c3 192.168.10.1 ``` Result looks like this: ```bash [root@rhcsa ~]# ping -c3 192.168.10.1 PING 192.168.10.1 (192.168.10.1) 56(84) bytes of data. 64 bytes from 192.168.10.1: icmp_seq=1 ttl=64 time=0.299 ms 64 bytes from 192.168.10.1: icmp_seq=2 ttl=64 time=0.142 ms 64 bytes from 192.168.10.1: icmp_seq=3 ttl=64 time=0.159 ms --- 192.168.10.1 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 39ms rtt min/avg/max/mdev = 0.142/0.200/0.299/0.070 ms ``` Show all the hops between the local system and ipa.greateracademy.local: ```bash tracepath ipa.greateracademy.local ``` Result should look like this: ```bash [root@rhcsa ~]# tracepath ipa.greateracademy.local 1?: [LOCALHOST] pmtu 1500 1: _gateway 0.201ms 1: _gateway 0.179ms 2: ipa.greateracademy.local 0.460ms !H Resume: pmtu 1500 ``` Display the listening TCP sockets on the local system ```bash [root@rhcsa ~]$ ss -lt State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 *:ssh *:* LISTEN 0 100 127.0.0.1:smtp *:* LISTEN 0 128 :::ssh :::* LISTEN 0 100 ::1:smtp :::* ``` ### Checking connection information with nmcli NMCLI is the prefered network configuration and checking solution of RedHat. So we will teach you how to check and configure the network in NMCLI. ```bash nmcli ``` Result wil look like this: ```bash [root@rhcsa ~]# nmcli ens3: connected to ens3 "Red Hat Virtio" ethernet (virtio_net), 56:6F:AF:23:01:A0, hw, mtu 1500 ip4 default inet4 192.168.10.151/24 route4 192.168.10.0/24 route4 0.0.0.0/0 inet6 fe80::546f:afff:fe23:1a0/64 route6 fe80::/64 route6 ff00::/8 virbr0: connected to virbr0 "virbr0" bridge, 52:54:00:B6:34:DC, sw, mtu 1500 inet4 192.168.122.1/24 route4 192.168.122.0/24 ens5: disconnected "Red Hat Virtio" ethernet (virtio_net), 56:6F:AF:23:01:A1, hw, mtu 1500 lo: unmanaged "lo" loopback (unknown), 00:00:00:00:00:00, sw, mtu 65536 virbr0-nic: unmanaged "virbr0-nic" tun, 52:54:00:B6:34:DC, sw, mtu 1500 DNS configuration: servers: 8.8.8.8 interface: ens3 Use "nmcli device show" to get complete information about known devices and "nmcli connection show" to get an overview on active connection profiles. Consult nmcli(1) and nmcli-examples(5) manual pages for complete usage details. ``` You can see all the connectivity information in 1 screen, if you want a list just of the connections configured use: ```bash nmcli con ``` or ```bash nmcli con show ``` To see indepth information about the configured connection check ens3 with: ```bash nmcli con show ens3 ``` As you can see the result is quite extensive, but you can navigate the information with the ```spacebar``` key to browse through the list and ```q``` to quit the list. You can also use this to combine it with ```grep``` to see specific config information like all IPv4 info. ```bash nmcli con show ens3 |grep ipv4 ``` Result: ```bash [root@rhcsa ~]# nmcli con show ens3 |grep ipv4 ipv4.method: manual ipv4.dns: 8.8.8.8 ipv4.dns-search: -- ipv4.dns-options: "" ipv4.dns-priority: 0 ipv4.addresses: 192.168.10.151/24 ipv4.gateway: 192.168.10.1 ipv4.routes: -- ipv4.route-metric: -1 ipv4.route-table: 0 (unspec) ipv4.ignore-auto-routes: no ipv4.ignore-auto-dns: no ipv4.dhcp-client-id: -- ipv4.dhcp-timeout: 0 (default) ipv4.dhcp-send-hostname: yes ipv4.dhcp-hostname: -- ipv4.dhcp-fqdn: -- ipv4.never-default: no ipv4.may-fail: yes ipv4.dad-timeout: -1 (default) ``` It shows you the connection method is ```manual``` instead of ```dhcp``` which means the IP is staticly configured. ``` ipv4.method: manual ``` You can also see the IP of the connection and the netmask. ``` ipv4.addresses: 192.168.10.151/24 ``` The IP adres of the gateway: ``` ipv4.gateway: 192.168.10.1 ``` And the DNS: ``` ipv4.dns: 8.8.8.8 ``` This is the most important information for a IPv4 network connection. The other aspect of ```nmcli``` is showing the devices: ```bash nmcli device ``` Result: ```bash [root@rhcsa ~]# nmcli device DEVICE TYPE STATE CONNECTION ens3 ethernet connected ens3 virbr0 bridge connected virbr0 ens5 ethernet disconnected -- lo loopback unmanaged -- virbr0-nic tun unmanaged -- ``` As you can see all the devices other then the ```virbr0``` bridge and ```virbr0-nic``` which is from our hypervizor. We have the ```lo``` device which is the localhost loopback. ```ens3``` which is the main network connection we have been connecting with, and ```ens5``` which is currently disconected and does not own a connection. What we can also learn from this is that nmcli creates a connection for a device, and currently ```ens5``` does not have one, and the connection of ```ens3``` is called **ens3**. ### Connecting the second network card to a network You need the following details to complete the assignment. |Type|Value| |:---|:----| |IP|192.168.10.*/24 (see index below)| |Gateway|192.168.10.1| |DNS|8.8.8.8| Table of users and machines. |Student|Machine| IP | |:-----:|:-----:|:-------------:| | 01 | vm01 | 192.168.10.12 | | 02 | vm02 | 192.168.10.22 | | 03 | vm03 | 192.168.10.32 | | 04 | vm04 | 192.168.10.42 | | 05 | vm05 | 192.168.10.52 | | 06 | vm06 | 192.168.10.62 | | 07 | vm07 | 192.168.10.72 | | 08 | vm08 | 192.168.10.82 | | 09 | vm09 | 192.168.10.92 | | 10 | vm10 | 192.168.10.102| | 11 | vm11 | 192.168.10.112| | 12 | vm12 | 192.168.10.122| | 13 | vm13 | 192.168.10.132| From the above examples we learned that ```nmcli``` has alot of information, with the most important one's being: ``` ipv4.method ipv4.addresses ipv4.gateway ipv4.dns ``` For a network connection to work we need to create a connection for a device and assign it a certain type. Types of connections are: ``` 6lowpan bond gsm ovs-bridge vlan 802-11-olpc-mesh bridge infiniband ovs-interface vpn 802-11-wireless cdma ip-tunnel ovs-port vxlan 802-3-ethernet dummy macsec pppoe wifi adsl ethernet macvlan team wimax bluetooth generic olpc-mesh tun wpan ``` Now we do not need to learn about many of those however for this class we must know a connection type is needed and in a work environment you will run mostly into the ```ethernet``` type. So to make a working connection we need to have a connection and add the following. Step 1: - an interface - a connection - a type Step 2: - ipv4.method - ipv4.addresses - ipv4.gateway - ipv4.dns We will go throug the nmcli command in steps, first we need to create a connection for the interface ens5 and define it's type. ```bash nmcli conn add ifname ens5 con-name backup type ethernet ``` This command creates a new connection named ```backup``` and connect it to interface ```ens5``` with the type ```ethernet```. To check the result: ```bash [root@rhcsa ~]# nmcli device DEVICE TYPE STATE CONNECTION ens3 ethernet connected ens3 virbr0 bridge connected virbr0 ens5 ethernet connecting (getting IP configuration) backup lo loopback unmanaged -- virbr0-nic tun unmanaged -- ``` So now we see that we created the connection and it is attempting to connect automaticly via ```dhcp```. Now we need to add the remaining things of step 2. - ipv4.method - ipv4.addresses - ipv4.gateway - ipv4.dns We can do this with the following simple commands: ```bash nmcli connection modify backup ipv4.method static nmcli connection modify backup ipv4.address 192.168.10.152/24 nmcli connection modify backup ipv4.gateway 192.168.10.1 nmcli connection modify backup ipv4.dns 8.8.8.8 ``` or as one command. ```bash nmcli connection modify backup ipv4.method static ipv4.address 192.168.10.152/24 ipv4.gateway 192.168.10.1 ipv4.dns 8.8.8.8 ``` If you then want the connection to update it's settings immediately: ```bash [root@rhcsa ~]# nmcli con up backup Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/11) ``` Check the status with ```nmcli con``` or ```nmcli con show backup```. Now that you understand you can also put it in one whole command: ```bash nmcli connection add ifname ens5 con-name backup type ethernet ipv4.method static ipv4.address 192.168.10.152/24 ipv4.gateway 192.168.10.1 ipv4.dns 8.8.8.8 ``` Lucky us ```nmcli``` comes with tab autocompletion so the moment you forgot something just tab twice. To try it again you can delete the connection with: ```bash nmcli con del backup ``` Now that you know all of this it is time to show you ```nmtui```. Nmcli is the RedHat suggested way of doing things with that said.. let's talk about ```nmtui```
```nmcli``` is the **N**etwork **M**anager **C**ommand **L**ine **I**nterface.
```nmtui``` is the **N**etwork **M**anager **T**ext **U**ser **I**nterface First let's reset the connection: ```bash nmcli con del backup ``` Then run: ```bash nmcli con add ifname ens5 con-name backup type ethernet ``` Start nmtui: ```bash [root@rhcsa ~]# nmtui ``` - Select edit a connection - Select the network backup In our case you will see 2, for now we need to edit the ens5 or backup. If you do not see it at all, exit the menu and run the command ```systemctl restart NetworkManager```. Change the following things: - automatic to Manual - and press show in the IPv4 Line - Add your Address - Add the gateway - Add the DNS servers - Make sure automatically connect is enabled - Enter at the bottom right OK In the ```activate a connection``` menu a ```*``` will let you know if the connection is on and connected. You can quit from the main menu and check if the connection is up with: ```bash ip a ``` ```bash [root@rhcsa ~]# ip a 1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens3: mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 56:6f:af:23:01:a0 brd ff:ff:ff:ff:ff:ff inet 192.168.10.151/24 brd 192.168.10.255 scope global noprefixroute ens3 valid_lft forever preferred_lft forever inet6 fe80::546f:afff:fe23:1a0/64 scope link valid_lft forever preferred_lft forever 3: ens5: mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 56:6f:af:23:01:a1 brd ff:ff:ff:ff:ff:ff inet 192.168.10.152/24 brd 192.168.10.255 scope global noprefixroute ens5 valid_lft forever preferred_lft forever inet6 fe80::b2d3:9bcf:99ca:8951/64 scope link noprefixroute valid_lft forever preferred_lft forever 4: virbr0: mtu 1500 qdisc noqueue state DOWN group default qlen 1000 link/ether 52:54:00:b6:34:dc brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever preferred_lft forever 5: virbr0-nic: mtu 1500 qdisc fq_codel master virbr0 state DOWN group default qlen 1000 link/ether 52:54:00:b6:34:dc brd ff:ff:ff:ff:ff:ff ``` The ens5 part shows all the information we wish to see: ```bash 3: ens5: mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 56:6f:af:23:01:a1 brd ff:ff:ff:ff:ff:ff inet 192.168.10.152/24 brd 192.168.10.255 scope global noprefixroute ens5 valid_lft forever preferred_lft forever inet6 fe80::b2d3:9bcf:99ca:8951/64 scope link noprefixroute valid_lft forever preferred_lft forever ```