RHEL7: Configure IPv4 addresses and perform basic IPv4 troubleshooting.

Share this link

Note: This is an RHCSA 7 exam objective.

Presentation

Although it is still possible to define the network configuration through the files in the /etc/sysconfig/network-scripts directory, it’s not the preferred way any more (don’t forget to execute # nmcli con reload if you manually modify the files!).

With RHEL 7, all the network configuration is now mainly done through NetworkManager (the NetworkManager changelog is available here).

You can use:

  • the nmtui command and a Text User Interface,
  • the nmcli command at the Command Line Interface,
  • or the graphical interface.

For the rest of this tutorial, it is the nmcli option that has been chosen because it’s the quickest method and arguably the least prone to errors.

Changes made through the nmcli command are permanent.

Caution: To practice this tutorial in the best conditions, connect to the machine through its console (you could otherwise loose your connection!).

Network Configuration

To display the network configuration, type:

# nmcli con show
NAME           UUID                                  TYPE            DEVICE
ethernet-eth0  8d83684f-cd22-42cc-9fff-7704945a5c36  802-3-ethernet  eth0

Note: con is a shortcut for connection (you can even type only c).

Alternatively, you can type:

# nmcli dev status
DEVICE  TYPE      STATE      CONNECTION
eth0    ethernet  connected  ethernet-eth0
lo      loopback  unmanaged  --

To remove a connection (here ethernet-eth0), type:

# nmcli con del ethernet-eth0

Note1: If a space appears in the interface name (like System eth0), put everything between quotes: nmcli con del “System eth0”.
Note2: del is a shortcut for delete.

or

# nmcli con del 8d83684f-cd22-42cc-9fff-7704945a5c36

Connection Management

To create a connection with the name ethernet-eth0, the IPv4 address 192.168.1.10/24 and the default gateway 192.168.1.1, type:

# nmcli con add con-name net-eth0 ifname eth0 type ethernet ip4 192.168.1.10/24 gw4 192.168.1.1
Connection 'net-eth0' (441085a4-4155-417b-ad8f-78a888d89988) successfully added.

Note1: If you don’t specify con-name net-eth0, the connection is called ethernet-eth0.
Note2: If you don’t specify the ip4 192.168.1.10/24 gw4 192.168.1.1 part, you end up with a connection automatically configured through DHCP.
Note3: nmcli con up net-eth0 is not necessary when initially configuring a connection.
Note4: ip4 and gw4 are used for respectively the ip address and the default gateway. Below, you will see that the syntax when modifying a connection is different: it’s then using ipv4.addresses and a space between the ip address and the default gateway.

To check the configuration, type:

# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.10/24 brd 192.168.1.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::0000:00:0000:0000/64 scope link
       valid_lft forever preferred_lft forever
# ip r
default via 192.168.1.1 dev eth0  proto static  metric 1024
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.10

Note1: ip a is a shortcut for ip address show, ip r a shortcut for ip route show.
Note2: Don’t use the ifconfig command any more. This command is deprecated and no longer displays the correct network configuration (secondary ip addresses, etc).

To get all the information about a connection (here net-eth0), type:

# nmcli con show net-eth0
connection.id:                          net-eth0
connection.uuid:                        441085a4-4155-417b-ad8f-78a888d89988
connection.interface-name:              eth0
connection.type:                        802-3-ethernet
connection.autoconnect:                 yes
connection.timestamp:                   1427832564
connection.read-only:                   no
connection.permissions:                 
connection.zone:                        --
connection.master:                      --
connection.slave-type:                  --
connection.secondaries:                 
connection.gateway-ping-timeout:        0
802-3-ethernet.port:                    --
802-3-ethernet.speed:                   0
802-3-ethernet.duplex:                  --
802-3-ethernet.auto-negotiate:          yes
802-3-ethernet.mac-address:             --
802-3-ethernet.cloned-mac-address:      --
802-3-ethernet.mac-address-blacklist:   
802-3-ethernet.mtu:                     auto
802-3-ethernet.s390-subchannels:        
802-3-ethernet.s390-nettype:            --
802-3-ethernet.s390-options:            
ipv4.method:                            manual
ipv4.dns:                               
ipv4.dns-search:                        
ipv4.addresses:                         { ip = 192.168.1.10/24, gw = 192.168.1.1 }
ipv4.routes:                            
ipv4.ignore-auto-routes:                no
ipv4.ignore-auto-dns:                   no
ipv4.dhcp-client-id:                    --
ipv4.dhcp-send-hostname:                yes
ipv4.dhcp-hostname:                     --
ipv4.never-default:                     no
ipv4.may-fail:                          yes
ipv6.method:                            auto
ipv6.dns:                               
ipv6.dns-search:                        
ipv6.addresses:                         
ipv6.routes:                            
ipv6.ignore-auto-routes:                no
ipv6.ignore-auto-dns:                   no
ipv6.never-default:                     no
ipv6.may-fail:                          yes
ipv6.ip6-privacy:                       -1 (unknown)
ipv6.dhcp-hostname:                     --
GENERAL.NAME:                           net-eth0
GENERAL.UUID:                           441085a4-4155-417b-ad8f-78a888d89988
GENERAL.DEVICES:                        eth0
GENERAL.STATE:                          activated
GENERAL.DEFAULT:                        yes
GENERAL.DEFAULT6:                       no
GENERAL.VPN:                            no
GENERAL.ZONE:                           --
GENERAL.DBUS-PATH:                      /org/freedesktop/NetworkManager/ActiveConnection/0
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/Settings/0
GENERAL.SPEC-OBJECT:                    --
GENERAL.MASTER-PATH:                    --
IP4.ADDRESS[1]:                         ip = 192.168.1.10/24, gw = 192.168.1.1
IP6.ADDRESS[1]:                         ip = fe80::0000:00:0000:0000/64, gw = ::

Alternatively, you can type:

# nmcli dev show eth0
GENERAL.DEVICE:                         eth0
GENERAL.TYPE:                           ethernet
GENERAL.HWADDR:                         00:00:00:00:00:00
GENERAL.MTU:                            1500
GENERAL.STATE:                          100 (connected)
GENERAL.CONNECTION:                     net-eth0
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveConnection/0
WIRED-PROPERTIES.CARRIER:               on
IP4.ADDRESS[1]:                         192.168.1.10/24
IP4.GATEWAY:                            192.168.4.10
IP4.DNS[1]:                             192.168.4.1
IP6.ADDRESS[1]:                         fe80::0000:00:0000:0000/64
IP6.GATEWAY:

To stop a network connection from working (here net-eth0), type:

# nmcli con down net-eth0
# nmcli con show
NAME      UUID                                  TYPE            DEVICE 
net-eth0  441085a4-4155-417b-ad8f-78a888d89988  802-3-ethernet  --     

Note1: The shows that the connection isn’t active any more (add the –active option to only display active connections).
Note2: You can specify the UUID (here 441085a4-4155-417b-ad8f-78a888d89988) instead of the network connection name.
Note3: After reboot, the connection still restarts automatically, the property connection.autoconnect being set to yes, equivalent to ONBOOT=yes.

To start a network connection (here net-eth0), type:

# nmcli con up net-eth0
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/1)

Note: As before, you can specify the UUID (here 441085a4-4155-417b-ad8f-78a888d89988) instead of the network connection name.

To prevent the connection (here net-eth0) to restart after reboot, type:

# nmcli con mod net-eth0 connection.autoconnect no

Note: mod is a shortcut for modify.

To change the ip address and default gateway of the net-eth0 connection to respectively 192.168.2.10/24 and 192.168.2.1, type:
In RHEL 7.0:

# nmcli con mod net-eth0 ipv4.addresses "192.168.2.10/24 192.168.2.1"
# nmcli con mod net-eth0 ipv4.method manual
# nmcli con up net-eth0
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/2)

From RHEL 7.1 on:

# nmcli con mod net-eth0 ipv4.addresses 192.168.2.10/24
# nmcli con mod net-eth0 ipv4.gateway 192.168.2.1
# nmcli con mod net-eth0 ipv4.method manual
# nmcli con up net-eth0
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/2)

Caution: The command nmcli con mod net-eth0 ipv4.addresses “192.168.2.10/24 192.168.2.1” with a space between the ip address and the default gateway, all between quotes, was working in RHEL 7.0/CentOS 7.0 but doesn’t in RHEL 7.1/CentOS 7.1 and later due to NetworkManager changes (v0.9.9.1 -> v1.0.0).
Note1: You can use the syntax +ipv4.addresses or -ipv4.addresses to respectively add other ip addresses or remove some previously set (the initial one included).
Note2: The syntax is different from the one you used to initially set up the connection with ip4 and gw4.
Note3: According to the nmcli RedHat documentation, the ipv4.method property can have different values: auto means an appropriate automatic method (DHCP, PPP, etc) will be used for the interface, link-local refers to a link-local address in the 169.254/16 range that will be assigned to the interface, manual means static IP addressing is used and at least one IP address must be given in the addresses property, shared indicates that the connection will provide network access to other computers and the interface will be assigned an address in the 10.42.x.1/24 range with a DHCP and forwarding DNS server being started and the interface is NAT-ed to the current default network connection, disabled means IPv4 will not be used on this connection.

With the RHEL 7.3 release, NetworkManager now performs a check to detect duplicate IPv4 addresses when activating a new connection. If the address in LAN is already assigned, the connection activation fails. This feature is disabled by default, but you can enable it by the ipv4.dad-timeout property or the ARPING_WAIT variable in the ifcfg files.

To assign the net-eth0 connection to the work zone, type:

# firewall-cmd --permanent --zone=work --change-interface=eth0
success
# nmcli con mod net-eth0 connection.zone work 
# nmcli con up net-eth0
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/3)

Note1: Instead of using the nmcli con mod command, you can also edit the /etc/sysconfig/network-scripts/ifcfg-eth0 file (here for the eth0 network interface), add a ZONE=work statement and restart the network interface with nmcli con up net-eth0.
Note2: For more details about the firewall-cmd command and the concept of zone, see the Firewalld Getting Started page.

Hostname Configuration

In RHEL 7, there are three kinds of hostnames: static, pretty, and transient.
“The static host name is the traditional hostname, which can be chosen by the user, and is stored in the /etc/hostname file. The transient hostname is a dynamic host name maintained by the kernel. It is initialized to the static host name by default, whose value defaults to localhost. It can be changed by DHCP or mDNS at runtime. The pretty hostname is a free-form UTF8 host name for presentation to the user.” Source: RHEL 7 Networking Guide.

To get the server hostnames, type:

# hostnamectl
   Static hostname: centos7.example.com
         Icon name: computer
           Chassis: n/a
        Machine ID: 8f56e45764474b668b0db97b4127a01b
           Boot ID: 2ae7e6c78331414b82aa89a0ffcfa9fa
    Virtualization: kvm
  Operating System: CentOS Linux 7 (Core)
       CPE OS Name: cpe:/o:centos:centos:7
            Kernel: Linux 3.10.0-123.el7.x86_64
      Architecture: x86_64

Alternatively, you can use the hostname command to only get the host name (this reads the /etc/hostname file):

# hostname
centos7.example.com

Note: You can even get the same result with the command nmcli gen host.

To permanently assign the rhel7 hostname  to the server, type:

# hostnamectl set-hostname rhel7

Note1: With this syntax all three hostnames (static, pretty, and transient) take the rhel7 value at the same time. However, it is possible to set the three hostnames separately by using the –pretty, –static, and –transient options.
Note2: The nmcli gen host rhel7 command will give you the same result.

Caution: With the RHEL 7.3 release, NetworkManager now uses the systemd-hostnamed service to read and write the static host name, which is stored in the /etc/hostname file. Due to this change, manual modifications done to the /etc/hostname file are no longer picked up automatically by NetworkManager. Users should change the system host name through the hostnamectl utility. Also, the use of the HOSTNAME variable in the /etc/sysconfig/network file is now deprecated.

Hostname Resolution

Hostname resolution relies on the /etc/nsswitch.conf file where you can find the following line by default:

hosts:      files dns

This means that hostname resolution is at first done through files (static resolution) then dns (dynamic resolution).

The static hostname resolution comes through the /etc/hosts file:

192.168.1.10 centos7.example.com centos7

Note: Always write the IP address, the Full Qualified Domain Name and optionally some aliases in this order, otherwise some services like Kerberos will not work!

The dynamic hostname resolution is based on the /etc/resolv.conf file:

# Generated by NetworkManager
search example.com
nameserver 192.168.1.1

Note: You can have up to 3 nameservers configured. As nameservers are called in the mentioned order (the second is called if the first doesn’t reply and so on), always put the main nameserver first in the list.

To add a DNS server (here 8.8.8.8) to the configuration of the connection (here net-eth0), type:

# nmcli con mod net-eth0 +ipv4.dns 8.8.8.8
# nmcli con up net-eth0
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/4)
# more /etc/resolv.conf
# Generated by NetworkManager
search example.com
nameserver 192.168.1.1
nameserver 8.8.8.8

Note1: Use +ipv4.dns to add a new DNS server, -ipv4.dns to remove a DNS server and ipv4.dns to replace the current DNS server.
Note2: The change only occurs after the connection is restarted.
Note3: Use the ipv4.dns-search option to change the domain name if necessary. Be careful to set the correct full qualified domain name before with the hostnamectl set-hostname command.

To add a domain name in the search list (here example2.com), type:

# nmcli con mod net-eth0 +ipv4.dns-search example2.com
# nmcli con up net-eth0
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/5)
# more /etc/resolv.conf
# Generated by NetworkManager
search example2.com example.com
nameserver 192.168.1.1
nameserver 8.8.8.8

You can’t remove a DNS server provided through DHCP with the previous command (with the -ipv4.dns option for example), you will get this error message: “Error: failed to remove a value from ipv4.dns: the property doesn’t contain DNS server ‘192.168.1.1’.”.
If you want to set your own DNS configuration in this context, type:

# nmcli con mod net-eth0 ipv4.ignore-auto-dns yes

Note: You get the same result by specifying PEERDNS=no in the network configuration files.

With RHEL 7.3 comes the ipv4.dhcp-timeout property or the IPV4_DHCP_TIMEOUT option in the ifcfg files. As a result, NetworkManager now waits for a response from the DHCP server only for a given time.

Additional Resources

You can also watch Ralph Nyberg‘s video about Setting up the network configuration (15min/2015).
Beyond the exam objectives, you could be interested in Tuning 10GB network interface.

1 Star2 Stars3 Stars4 Stars5 Stars (2 votes, average: 4.50 out of 5)
Loading...

Leave a Reply

23 Comments on "RHEL7: Configure IPv4 addresses and perform basic IPv4 troubleshooting."

Notify of
Sort by:   newest | oldest
langtu1511
Member
langtu1511

Hello,

I am wondering in the exam, can we use nmtui instead of these complex commands?

JamesM
Member
JamesM

Have you (or anyone) ran into having to use IPv4.address, instead of ipv4? I’ve checked various sources and haven’t seen anywhere use capital letters in any examples.

azmedhs
Member
azmedhs

hi CertDepot, please can I edit directly the file config of network /etc/network/interfaces using vim

Aslam
Member
Aslam

Very clear and systematic explanation 🙂 Liked it very much.
Request you add about network testing, once network is setup.
To confirm that the configuration done is correct or not.

twostep
Member
twostep

I don’t completely understand why you don’t recommend to use nmcli console interactively.
In my opinion, the main advantage of this tool is to not remember distinct commands.
Go to console via: “nmcli connection edit” and you can execute command print, set, remove etc.
almost like on the network devices 🙂

Ahmad
Member
Ahmad
Hi Can you please help, what is the difference between systemctl restart network and systemctl restart NetworkManager . See the below behavior, if I have two connections, there is a flapping after apply the above two commands, is this a bug? [root@server ~]# nmcli con show NAME UUID TYPE DEVICE server 5383d2b8-d591-40cf-bfe2-92af2b400394 802-3-ethernet eno16777728 eth 346044d0-a4ff-4290-b64a-39d8d0e304f7 802-3-ethernet — [root@server ~]# systemctl restart network [root@server ~]# nmcli con show NAME UUID TYPE DEVICE server 5383d2b8-d591-40cf-bfe2-92af2b400394 802-3-ethernet — eth 346044d0-a4ff-4290-b64a-39d8d0e304f7 802-3-ethernet eno16777728 [root@server ~]# systemctl restart NetworkManager [root@server ~]# nmcli con show NAME UUID TYPE DEVICE server 5383d2b8-d591-40cf-bfe2-92af2b400394 802-3-ethernet eno16777728 eth 346044d0-a4ff-4290-b64a-39d8d0e304f7… Read more »
ntorga
Member

As @twostep mention, use “nmcli con edit CONNECTIONAME” to edit the connection is way better than knowing all the commands. You can use “print all” to get all the settings.prop value. With that in mind, you can easily use “set setting.property value” to change the configs.

For example, the connection name is “net-eth1” and you want to turn it to DHCP (auto) instead of static:

# nmcli con edit net-eth1
> print all
> remove ipv4.gateway
> remove ipv4.address
> set ipv4.method auto
> set ipv4.dns 8.8.8.8 8.8.4.4
> verify all
> save persistent
> quit

eleanya
Member
eleanya

A quick question: at this stage of the exam, do I have access to the GUI? If so, then nmtui would be preferable. Waiting for you reply.

wpDiscuz

RHCSA7: Task of the day

Allowed time: 5 minutes.
Set up time services pointing to default time servers.

RHCE7: Task of the day

Allowed time: 10 minutes.
Configure a httpd server that executes a Perl script in the /var/www/cgi-bin directory displaying "Hello!".

Poll for favorite RHEL 7 book

What is your favorite RHEL 7 book to prepare RHCSA & RHCE exams?

View Results

Loading ... Loading ...

Poll for most difficult RHCSA 7 topic

What do you think is the most difficult RHCSA 7 topic?

View Results

Loading ... Loading ...

Poll for most difficult RHCE 7 topic

What do you think is the most difficult RHCE 7 topic?

View Results

Loading ... Loading ...