🥇Manage network connections in Linux using nmcli console utility

Use the full power of the NetworkManager network connection management tool from the Linux command line using the nmcli utility.

Utility nmcli directly calls the API to access the NetworkManager functions.

It appeared in 2010 and for many has become an alternative way to configure network interfaces and connections. Although some people still use ifconfig. Since nmcli is a command line interface (CLI) tool designed for use in terminal windows and scripts, it is ideal for non-GUI system administrators.

ncmli command syntax

In general, the syntax looks like this:

$ nmcli <options> <section> <action>

options are parameters that determine the subtleties of how nmcli works,
section (section) - determines what features of the utility to use,
action (action) - allows you to specify what, in fact, needs to be done.

There are 8 sections in total, each of which is associated with some set of commands (actions):

Help gives help about ncmcli commands and their usage.
General returns the status of the NetworkManager and the global configuration.
Networking includes commands to query network connection status and enable/disable connections.
Radio includes commands to query WiFi network connection status and enable/disable connections.
Monitor includes commands for monitoring NetworkManager activity and observing changes in the state of network connections.
Connection includes commands for managing network interfaces, for adding new connections and deleting existing ones.
Device mainly used to change device-related settings (such as interface name) or to connect devices using an existing connection.
Secret registers nmcli as a NetworkManager "secret agent" that listens for secret messages. This section is rarely used because nmcli defaults to doing just that when connecting to networks.

Simple examples

Before you start, make sure NetworkManager is running and nmcli can talk to it:

$ nmcli general
STATE      CONNECTIVITY  WIFI-HW  WIFI     WWAN-HW  WWAN    
connected  full          enabled  enabled  enabled  enabled

Often, work begins by viewing all network connection profiles:

$ nmcli connection show
NAME                UUID                                  TYPE      DEVICE
Wired connection 1  ac3241e4-b424-35d6-aaa7-07498561688d  ethernet  enp0s3
Wired connection 2  2279d917-fa02-390c-8603-3083ec5a1d3e  ethernet  enp0s8
Wired connection 3  52d89737-de92-35ec-b082-8cf2e5ac36e6  ethernet  enp0s9

This command uses действие show for the Connection section.

The test machine is running Ubuntu 20.04. In this case, we found three wired connections: enp0s3, enp0s8, and enp0s9.

Connection management

It is important to understand that in nmcli, by the term Connection we mean an entity that contains all information about the connection. In other words, this is the network configuration. Connection encapsulates all connection-related information, including link layer and IP addressing information. These are layer 2 and layer 3 in the OSI networking model.

When you set up a network in Linux, you usually set up connections that will eventually be tied to network devices, which in turn are network interfaces installed on the computer. When a device is using a connection, it is considered active or up. If the connection is not in use, then it is inactive or dropped.

Adding network connections

The ncmli utility allows you to quickly add and immediately configure connections. For example, to add Wired connection 2 (with enp0s8), you need to run the following command as superuser:

$ sudo nmcli connection add type ethernet ifname enp0s8
Connection 'ethernet-enp0s8' (09d26960-25a0-440f-8b20-c684d7adc2f5) successfully added.

In the type option we indicate that this will be an Ethernet connection, and in the ifname (interface name) option we specify the network interface we want to use.

Here is what happens after running the command:

$ nmcli connection show
NAME                UUID                                  TYPE      DEVICE
Wired connection 1  ac3241e4-b424-35d6-aaa7-07498561688d  ethernet  enp0s3
Wired connection 2  2279d917-fa02-390c-8603-3083ec5a1d3e  ethernet  enp0s8
Wired connection 3  52d89737-de92-35ec-b082-8cf2e5ac36e6  ethernet  enp0s9
ethernet-enp0s8     09d26960-25a0-440f-8b20-c684d7adc2f5  ethernet  --

Created a new connection, ethernet-enp0s8. It was assigned a UUID, the connection type was Ethernet. Let's bring it up with the up command:

$ nmcli connection up ethernet-enp0s8
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/4)

Check the list of active connections again:

$ nmcli connection show --active
NAME                UUID                                  TYPE      DEVICE
Wired connection 1  ac3241e4-b424-35d6-aaa7-07498561688d  ethernet  enp0s3
ethernet-enp0s8     09d26960-25a0-440f-8b20-c684d7adc2f5  ethernet  enp0s8
Wired connection 3  52d89737-de92-35ec-b082-8cf2e5ac36e6  ethernet  enp0s9

A new connection ethernet-enp0s8 has been added, it is active and uses the network interface enp0s8.

Setting up connections

The ncmli utility makes it easy to change the parameters of existing connections. For example, you need to change your dynamic (DHCP) IP address to a static one.

Let's say we need to set the IP address to 192.168.4.26. We use two commands for this. The first will directly set the IP address, and the second will switch the method of setting the IP address to "manual" (manual):

$ nmcli connection modify ethernet-enp0s8 ipv4.address 192.168.4.26/24
$ nmcli connection modify ethernet-enp0s8 ipv4.method manual

Don't forget to set the subnet mask as well. For our test connection, this is 255.255.255.0, or /24 for Classless Routing (CIDR).

For the changes to take effect, you need to deactivate and then reactivate the connection:

$ nmcli connection down ethernet-enp0s8
Connection 'ethernet-enp0s8' successfully deactivated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/4)
$ nmcli connection up ethernet-enp0s8
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveC

If on the contrary you need to set DHCP, use auto instead of manual:

$ nmcli connection modify ethernet-enp0s8 ipv4.method auto

Work with devices

For this we use the Device section.

Checking device status

$ nmcli device status
DEVICE  TYPE      STATE      CONNECTION        
enp0s3  ethernet  connected  Wired connection 1
enp0s8  ethernet  connected  ethernet-enp0s8    
enp0s9  ethernet  connected  Wired connection 3
lo      loopback  unmanaged  --

Requesting device information

To do this, use the show action from the Device section (you must specify the device name). The utility shows a lot of information, often on several pages.
Let's take a look at the enp0s8 interface that our new connection uses. Let's make sure it uses exactly the IP address we set earlier:

$ nmcli device show enp0s8
GENERAL.DEVICE:                         enp0s8
GENERAL.TYPE:                           ethernet
GENERAL.HWADDR:                         08:00:27:81:16:20
GENERAL.MTU:                            1500
GENERAL.STATE:                          100 (connected)
GENERAL.CONNECTION:                     ethernet-enp0s8
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveConnection/6
WIRED-PROPERTIES.CARRIER:               on
IP4.ADDRESS[1]:                         192.168.4.26/24
IP4.GATEWAY:                            --
IP4.ROUTE[1]:                           dst = 192.168.4.0/24, nh = 0.0.0.0, mt = 103
IP6.ADDRESS[1]:                         fe80::6d70:90de:cb83:4491/64
IP6.GATEWAY:                            --
IP6.ROUTE[1]:                           dst = fe80::/64, nh = ::, mt = 103
IP6.ROUTE[2]:                           dst = ff00::/8, nh = ::, mt = 256, table=255

There is enough information. Let's highlight the main thing:

Network interface name: enp0s8.
Connection type: wired Ethernet connection.
We see the MAC address of the device.
Maximum transmission unit (MTU) specified - the maximum size of the useful data block of one packet that can be transmitted by the protocol without fragmentation.
Устройство currently connected.
Connection namethat the device is using: ethernet-enp0s8.
The device uses the IP Address, which we set earlier: 192.168.4.26/24.

Other information refers to the default routing and gateway settings of the connection. They are network specific.

nmcli interactive editor

nmcli also has a simple interactive editor that can be more comfortable for someone to work with. To run it, for example on an ethernet-enp0s8 connection, use действие edit:

$ nmcli connection edit ethernet-enp0s8

It also has a small help, which, however, is inferior in size to the console version:

===| nmcli interactive connection editor |===
Editing existing '802-3-ethernet' connection: 'ethernet-enp0s8'
Type 'help' or '?' for available commands.
Type 'print' to show all the connection properties.
Type 'describe [<setting>.<prop>]' for detailed property description.
You may edit the following settings: connection, 802-3-ethernet (ethernet), 802-1x, dcb, sriov, ethtool, match, ipv4, ipv6, tc, proxy
nmcli>

If you type the print command and press Enter, nmcli will display all connection properties:

===============================================================================
                 Connection profile details (ethernet-enp0s8)
===============================================================================
connection.id:                          ethernet-enp0s8
connection.uuid:                        09d26960-25a0-440f-8b20-c684d7adc2f5
connection.stable-id:                   --
connection.type:                        802-3-ethernet
connection.interface-name:              enp0s8
connection.autoconnect:                 yes
connection.autoconnect-priority:        0
connection.autoconnect-retries:         -1 (default)
connection.multi-connect:               0 (default)
connection.auth-retries:                -1
connection.timestamp:                   1593967212
connection.read-only:                   no
connection.permissions:                 --
connection.zone:                        --
connection.master:                      --
connection.slave-type:                  --
connection.autoconnect-slaves:          -1 (default)
connection.secondaries:                 --

For example, to set the DHCP property for a connection, type goto ipv4 and click Enter:

nmcli> goto ipv4
You may edit the following properties: method, dns, dns-search, 
dns-options, dns-priority, addresses, gateway, routes, route-metric, 
route-table, routing-rules, ignore-auto-routes, ignore-auto-dns, 
dhcp-client-id, dhcp-iaid, dhcp-timeout, dhcp-send-hostname, 
dhcp-hostname, dhcp-fqdn, dhcp-hostname-flags, never-default, may-fail, 
dad-timeout
nmcli ipv4>

Then write set method auto and click Enter:

nmcli ipv4> set method auto
Do you also want to clear 'ipv4.addresses'? [yes]:

If you want to clear a static IP address, click Enter. Otherwise, type no and press Enter. You can keep it if you think you will need it in the future. But even with a static IP stored, DHCP will be used if method is set to auto.

Use the save command to save your changes:

nmcli ipv4> save
Connection 'ethernet-enp0s8' (09d26960-25a0-440f-8b20-c684d7adc2f5) successfully updated.
nmcli ipv4>

Type quit to exit the nmcli Interactive Editor. If you change your mind about exiting, use the back command.

And that's not all

Open the nmcli Interactive Editor and see how many settings there are and how many properties each setting has. The interactive editor is a great tool, but if you want to use nmcli in one-liners or scripts, you'll need the regular command line version.

Now that you have the basics, check out help page nmcli for more information on how it can help you.

As advertising

Epic servers - Is virtual servers on Windows or Linux with powerful AMD EPYC family processors and very fast Intel NVMe drives. Hurry up to order!

Source: habr.com

Managing network connections in Linux using the nmcli console utility