10.1 Network Configuration
In this module we will teach you how to check connection information and how to connect a network card to a network.
More information on IP Addresses: ip-wiki
More information on Netmasks:netmask-wiki
More information on Subnets: subnet-wiki
Checking Connection Information
We will practice a few ways to check connection information. Identify the current network interfaces and basic network addresses:
ip addr
Display the current IP address and netmask for all interfaces:
[root@rhcsa ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 56:6f:af:23:01:a0 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.151/24 brd 192.168.10.255 scope global noprefixroute ens3
valid_lft forever preferred_lft forever
inet6 fe80::546f:afff:fe23:1a0/64 scope link
valid_lft forever preferred_lft forever
3: ens5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 56:6f:af:23:01:a1 brd ff:ff:ff:ff:ff:ff
4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
link/ether 52:54:00:b6:34:dc brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
5: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc fq_codel master virbr0 state DOWN group default qlen 1000
link/ether 52:54:00:b6:34:dc brd ff:ff:ff:ff:ff:ff
ip -s link show ens3
Display the statistics for the ens3 interface:
[root@rhcsa ~]# ip -s link show ens3
2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
link/ether 56:6f:af:23:01:a0 brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
178448 969 0 0 0 0
TX: bytes packets errors dropped carrier collsns
96110 711 0 0 0 0
Display the routing information.
[root@rhcsa ~]$ ip route
default via 192.168.113.1 dev eth0 proto static metric 100
192.168.113.1 dev eth0 proto static scope link metric 100
192.168.113.110/31 dev eth0 proto kernel scope link src 192.168.113.110 metric 100
Ping is the main command,
Verify that the gateway is accessible
ping -c3 192.168.10.1
Result looks like this:
[root@rhcsa ~]# ping -c3 192.168.10.1
PING 192.168.10.1 (192.168.10.1) 56(84) bytes of data.
64 bytes from 192.168.10.1: icmp_seq=1 ttl=64 time=0.299 ms
64 bytes from 192.168.10.1: icmp_seq=2 ttl=64 time=0.142 ms
64 bytes from 192.168.10.1: icmp_seq=3 ttl=64 time=0.159 ms
--- 192.168.10.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 39ms
rtt min/avg/max/mdev = 0.142/0.200/0.299/0.070 ms
Show all the hops between the local system and ipa.greateracademy.local:
tracepath ipa.greateracademy.local
Result should look like this:
[root@rhcsa ~]# tracepath ipa.greateracademy.local
1?: [LOCALHOST] pmtu 1500
1: _gateway 0.201ms
1: _gateway 0.179ms
2: ipa.greateracademy.local 0.460ms !H
Resume: pmtu 1500
Display the listening TCP sockets on the local system
[root@rhcsa ~]$ ss -lt
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:ssh *:*
LISTEN 0 100 127.0.0.1:smtp *:*
LISTEN 0 128 :::ssh :::*
LISTEN 0 100 ::1:smtp :::*
Checking connection information with nmcli
NMCLI is the prefered network configuration and checking solution of RedHat. So we will teach you how to check and configure the network in NMCLI.
nmcli
Result wil look like this:
[root@rhcsa ~]# nmcli
ens3: connected to ens3
"Red Hat Virtio"
ethernet (virtio_net), 56:6F:AF:23:01:A0, hw, mtu 1500
ip4 default
inet4 192.168.10.151/24
route4 192.168.10.0/24
route4 0.0.0.0/0
inet6 fe80::546f:afff:fe23:1a0/64
route6 fe80::/64
route6 ff00::/8
virbr0: connected to virbr0
"virbr0"
bridge, 52:54:00:B6:34:DC, sw, mtu 1500
inet4 192.168.122.1/24
route4 192.168.122.0/24
ens5: disconnected
"Red Hat Virtio"
ethernet (virtio_net), 56:6F:AF:23:01:A1, hw, mtu 1500
lo: unmanaged
"lo"
loopback (unknown), 00:00:00:00:00:00, sw, mtu 65536
virbr0-nic: unmanaged
"virbr0-nic"
tun, 52:54:00:B6:34:DC, sw, mtu 1500
DNS configuration:
servers: 8.8.8.8
interface: ens3
Use "nmcli device show" to get complete information about known devices and
"nmcli connection show" to get an overview on active connection profiles.
Consult nmcli(1) and nmcli-examples(5) manual pages for complete usage details.
You can see all the connectivity information in 1 screen, if you want a list just of the connections configured use:
nmcli con
or
nmcli con show
To see indepth information about the configured connection check ens3 with:
nmcli con show ens3
As you can see the result is quite extensive, but you can navigate the information with the spacebar key to browse through the list and q to quit the list.
You can also use this to combine it with grep to see specific config information like all IPv4 info.
nmcli con show ens3 |grep ipv4
Result:
[root@rhcsa ~]# nmcli con show ens3 |grep ipv4
ipv4.method: manual
ipv4.dns: 8.8.8.8
ipv4.dns-search: --
ipv4.dns-options: ""
ipv4.dns-priority: 0
ipv4.addresses: 192.168.10.151/24
ipv4.gateway: 192.168.10.1
ipv4.routes: --
ipv4.route-metric: -1
ipv4.route-table: 0 (unspec)
ipv4.ignore-auto-routes: no
ipv4.ignore-auto-dns: no
ipv4.dhcp-client-id: --
ipv4.dhcp-timeout: 0 (default)
ipv4.dhcp-send-hostname: yes
ipv4.dhcp-hostname: --
ipv4.dhcp-fqdn: --
ipv4.never-default: no
ipv4.may-fail: yes
ipv4.dad-timeout: -1 (default)
It shows you the connection method is manual instead of dhcp which means the IP is staticly configured.
ipv4.method: manual
You can also see the IP of the connection and the netmask.
ipv4.addresses: 192.168.10.151/24
The IP adres of the gateway:
ipv4.gateway: 192.168.10.1
And the DNS:
ipv4.dns: 8.8.8.8
This is the most important information for a IPv4 network connection.
The other aspect of nmcli is showing the devices:
nmcli device
Result:
[root@rhcsa ~]# nmcli device
DEVICE TYPE STATE CONNECTION
ens3 ethernet connected ens3
virbr0 bridge connected virbr0
ens5 ethernet disconnected --
lo loopback unmanaged --
virbr0-nic tun unmanaged --
As you can see all the devices other then the virbr0 bridge and virbr0-nic which is from our hypervizor. We have the lo device which is the localhost loopback. ens3 which is the main network connection we have been connecting with, and ens5 which is currently disconected and does not own a connection.
What we can also learn from this is that nmcli creates a connection for a device, and currently ens5 does not have one, and the connection of ens3 is called ens3.
Connecting the second network card to a network
You need the following details to complete the assignment.
Type |
Value |
|---|---|
IP |
192.168.10.*/24 (see index below) |
Gateway |
192.168.10.1 |
DNS |
8.8.8.8 |
Table of users and machines.
Student |
Machine |
IP |
|---|---|---|
01 |
vm01 |
192.168.10.12 |
02 |
vm02 |
192.168.10.22 |
03 |
vm03 |
192.168.10.32 |
04 |
vm04 |
192.168.10.42 |
05 |
vm05 |
192.168.10.52 |
06 |
vm06 |
192.168.10.62 |
07 |
vm07 |
192.168.10.72 |
08 |
vm08 |
192.168.10.82 |
09 |
vm09 |
192.168.10.92 |
10 |
vm10 |
192.168.10.102 |
11 |
vm11 |
192.168.10.112 |
12 |
vm12 |
192.168.10.122 |
13 |
vm13 |
192.168.10.132 |
From the above examples we learned that nmcli has alot of information, with the most important one’s being:
ipv4.method
ipv4.addresses
ipv4.gateway
ipv4.dns
For a network connection to work we need to create a connection for a device and assign it a certain type.
Types of connections are:
6lowpan bond gsm ovs-bridge vlan
802-11-olpc-mesh bridge infiniband ovs-interface vpn
802-11-wireless cdma ip-tunnel ovs-port vxlan
802-3-ethernet dummy macsec pppoe wifi
adsl ethernet macvlan team wimax
bluetooth generic olpc-mesh tun wpan
Now we do not need to learn about many of those however for this class we must know a connection type is needed and in a work environment you will run mostly into the ethernet type.
So to make a working connection we need to have a connection and add the following.
Step 1:
an interface
a connection
a type
Step 2:
ipv4.method
ipv4.addresses
ipv4.gateway
ipv4.dns
We will go throug the nmcli command in steps, first we need to create a connection for the interface ens5 and define it’s type.
nmcli conn add ifname ens5 con-name backup type ethernet
This command creates a new connection named backup and connect it to interface ens5 with the type ethernet.
To check the result:
[root@rhcsa ~]# nmcli device
DEVICE TYPE STATE CONNECTION
ens3 ethernet connected ens3
virbr0 bridge connected virbr0
ens5 ethernet connecting (getting IP configuration) backup
lo loopback unmanaged --
virbr0-nic tun unmanaged --
So now we see that we created the connection and it is attempting to connect automaticly via dhcp.
Now we need to add the remaining things of step 2.
ipv4.method
ipv4.addresses
ipv4.gateway
ipv4.dns
We can do this with the following simple commands:
nmcli connection modify backup ipv4.method static
nmcli connection modify backup ipv4.address 192.168.10.152/24
nmcli connection modify backup ipv4.gateway 192.168.10.1
nmcli connection modify backup ipv4.dns 8.8.8.8
or as one command.
nmcli connection modify backup ipv4.method static ipv4.address 192.168.10.152/24
ipv4.gateway 192.168.10.1 ipv4.dns 8.8.8.8
If you then want the connection to update it’s settings immediately:
[root@rhcsa ~]# nmcli con up backup
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/11)
Check the status with nmcli con or nmcli con show backup.
Now that you understand you can also put it in one whole command:
nmcli connection add ifname ens5 con-name backup type ethernet ipv4.method static
ipv4.address 192.168.10.152/24 ipv4.gateway 192.168.10.1 ipv4.dns 8.8.8.8
Lucky us nmcli comes with tab autocompletion so the moment you forgot something just tab twice.
To try it again you can delete the connection with:
nmcli con del backup
Now that you know all of this it is time to show you nmtui.
Nmcli is the RedHat suggested way of doing things with that said.. let’s talk about nmtui
nmcli is the Network Manager Command Line Interface.
nmtui is the Network Manager Text User Interface
First let’s reset the connection:
nmcli con del backup
Then run:
nmcli con add ifname ens5 con-name backup type ethernet
Start nmtui:
[root@rhcsa ~]# nmtui
Select edit a connection
Select the network backup
In our case you will see 2, for now we need to edit the ens5 or backup.
If you do not see it at all, exit the menu and run the command systemctl restart NetworkManager.
Change the following things:
automatic to Manual
and press show in the IPv4 Line
Add your Address
Add the gateway
Add the DNS servers
Make sure automatically connect is enabled
Enter at the bottom right OK
In the activate a connection menu a * will let you know if the connection is on and connected.
You can quit from the main menu and check if the connection is up with:
ip a
[root@rhcsa ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 56:6f:af:23:01:a0 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.151/24 brd 192.168.10.255 scope global noprefixroute ens3
valid_lft forever preferred_lft forever
inet6 fe80::546f:afff:fe23:1a0/64 scope link
valid_lft forever preferred_lft forever
3: ens5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 56:6f:af:23:01:a1 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.152/24 brd 192.168.10.255 scope global noprefixroute ens5
valid_lft forever preferred_lft forever
inet6 fe80::b2d3:9bcf:99ca:8951/64 scope link noprefixroute
valid_lft forever preferred_lft forever
4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
link/ether 52:54:00:b6:34:dc brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
5: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc fq_codel master virbr0 state DOWN group default qlen 1000
link/ether 52:54:00:b6:34:dc brd ff:ff:ff:ff:ff:ff
The ens5 part shows all the information we wish to see:
3: ens5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 56:6f:af:23:01:a1 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.152/24 brd 192.168.10.255 scope global noprefixroute ens5
valid_lft forever preferred_lft forever
inet6 fe80::b2d3:9bcf:99ca:8951/64 scope link noprefixroute
valid_lft forever preferred_lft forever