EL7 network management:¶
- Title:
Enterprise Linux ver 7 network management
- Author:
Douglas O’Leary <dkoleary@olearycomputers.com>
- Description:
Commands, examples, sorted tidbits about network mgmt in EL7
- Disclaimer:
Standard: Use the information that follows at your own risk. If you screw up a system, don’t blame it on me…
- Created:
12/14/17
- Updated:
ip command:¶
ifconfig is apparently a dying animal - in fact, not even installed by default in a minimal install. It is available in net-tools, however, for those (like me) that refuse to give up perfectly good tools….
Enter the ip command. I’ve been getting used to using it for display purposes; apparently, there’s quite a bit more to it.
General information retrieval:¶
- ip addr show [ ${int} ]
Display information on all or the listed interface. Add a ‘-[46]’ to filter output to the desired protocol version. Also note that you don’t have to spell the options out:
# ip addr show eth0 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 52:54:00:72:63:35 brd ff:ff:ff:ff:ff:ff inet 192.168.122.218/24 brd 192.168.122.255 scope global dynamic eth0 valid_lft 3246sec preferred_lft 3246sec inet6 fe80::5054:ff:fe72:6335/64 scope link valid_lft forever preferred_lft forever # ip -4 a s eth0 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 inet 192.168.122.218/24 brd 192.168.122.255 scope global dynamic eth0 valid_lft 2982sec preferred_lft 2982sec
Statistics:¶
Add -s to cli to get interface statistics. Addr or link; doesn’t seem to matter:
# ip -4 -s addr show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
inet 192.168.12.9/24 brd 192.168.12.255 scope global eth0
valid_lft forever preferred_lft forever
RX: bytes packets errors dropped overrun mcast
50202937221 35838510 0 2355 0 1498
TX: bytes packets errors dropped carrier collsns
7313634075 9826186 0 0 0 0
# ip -4 -s link show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT qlen 1000
link/ether 00:25:90:84:e2:60 brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
50202942693 35838570 0 2355 0 1498
TX: bytes packets errors dropped carrier collsns
7313710305 9826269 0 0 0 0
Arp cache management:¶
- ip neighbor show
Basically, the same as
arp -a
:# ip n 192.168.12.10 dev eth0 FAILED 192.168.122.188 dev virbr0 lladdr 52:54:00:b9:97:39 STALE 192.168.122.236 dev virbr0 FAILED 192.168.12.7 dev eth0 lladdr 00:13:72:1c:e7:da REACHABLE 192.168.122.88 dev virbr0 lladdr 52:54:00:61:59:6d STALE 192.168.12.108 dev eth0 lladdr 4c:34:88:74:48:57 STALE 192.168.122.218 dev virbr0 lladdr 52:54:00:72:63:35 STALE 192.168.122.47 dev virbr0 FAILED 192.168.122.10 dev virbr0 lladdr 52:54:00:61:59:6d STALE 192.168.12.146 dev eth0 lladdr 38:60:77:11:ae:ca STALE 192.168.122.11 dev virbr0 lladdr 52:54:00:9d:02:d2 STALE 192.168.12.1 dev eth0 lladdr 00:14:d1:26:79:2f STALE
- ip n s nud failed | stale
Displays arps that are in failed state:
# ip n s nud stale 192.168.122.188 dev virbr0 lladdr 52:54:00:b9:97:39 STALE 192.168.122.88 dev virbr0 lladdr 52:54:00:61:59:6d STALE 192.168.12.108 dev eth0 lladdr 4c:34:88:74:48:57 STALE 192.168.122.218 dev virbr0 lladdr 52:54:00:72:63:35 STALE 192.168.122.10 dev virbr0 lladdr 52:54:00:61:59:6d STALE 192.168.12.146 dev eth0 lladdr 38:60:77:11:ae:ca STALE 192.168.122.11 dev virbr0 lladdr 52:54:00:9d:02:d2 STALE 192.168.12.1 dev eth0 lladdr 00:14:d1:26:79:2f STALE
- ip n d ${ip} dev ${int}
Deletes a specific arp cache entry.
- ip n f dev ${int}
Flushes the arp cache.
Manual ip assignment:¶
The equivalent of ifconfig “${int}:${num}”. I can’t imagine this will play well with network manager.
Format: ip addr add ${cidr} dev ${int}:
# ip -4 a s eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
inet 192.168.122.218/24 brd 192.168.122.255 scope global dynamic eth0
valid_lft 2706sec preferred_lft 2706sec
# ip addr add 192.168.122.12/24 dev eth0
# ip -4 a s eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
inet 192.168.122.218/24 brd 192.168.122.255 scope global dynamic eth0
valid_lft 2676sec preferred_lft 2676sec
inet 192.168.122.12/24 scope global secondary eth0
valid_lft forever preferred_lft forever
To delete:
# ip addr del 192.168.122.12/24 dev eth0
# ip -4 a s eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
inet 192.168.122.218/24 brd 192.168.122.255 scope global dynamic eth0
valid_lft 2611sec preferred_lft 2611sec
hostnamectl¶
‘cause editing /etc/hosts is just too difficult… <sigh> To be fair, this doesn’t actually edit /etc/hosts. It replaces the host entries in /etc/sysconfig/network and /etc/sysconfig/network-scripts/ifcfg-*
Files:¶
/etc/hostname
/etc/machine-id
Display informmation:¶
# hostnamectl
Static hostname: localhost.localdomain
Icon name: computer-vm
Chassis: vm
Machine ID: 4f9b8539de994478b143dea9b9007b7f
Boot ID: 1d028ed9090f4485b18b9fdea3288a3a
Virtualization: kvm
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-693.el7.x86_64
Architecture: x86-64
Set hostname:¶
# hostnamectl set-hostname beta.olearycomputers.com
# hostnamectl
Static hostname: beta.olearycomputers.com
Icon name: computer-vm
Chassis: vm
Machine ID: 4f9b8539de994478b143dea9b9007b7f
Boot ID: 1d028ed9090f4485b18b9fdea3288a3a
Virtualization: kvm
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-693.el7.x86_64
Architecture: x86-64
NetworkManager:¶
Interface options:¶
gnome interface (search for control network, if needed). Useful on desktops, laptops, etc.
nmtui: text user interface. Think norton commander.
nmcli
Process:¶
Create and activate a new connection:¶
Create a new connection. Two examples:
# nmcli con add con-name static type ethernet ifname eth0 \ ip4 192.168.122.11/24 gw4 192.168.122.1 # nmcli con add con-name dhcp type ethernet ifname eth1 # nmcli c s NAME UUID TYPE DEVICE dhcp 86abcab1-1d73-4032-a0f7-08d2360ca6a6 802-3-ethernet eth1 eth0 ad7e4f01-33cf-4b66-8dc9-f6ff5c41391a 802-3-ethernet eth0 static 06460184-e76f-4158-8e94-31caa266c7a5 802-3-ethernet --
You can’t see it in text, but dhcp is automatically activated. If no IP is specified, apparently defaults to dhcp.
You can specify the parameter ipv4.method to either auto or manual. Which means which should be self explanatory. If using manual, command will error out if you don’t supply an ip.
So, if you supply an IP, ipv4.method automatically gets set to manual; if you don’t, it’s automatically set to auto.
NOTE: the arg is ipv4.method if identifying the method but ip4 if specifying an ip address… no ‘v’. Consistency is a wonderful thing.
Update DNS information:
# nmcli c mod static ipv4.dns 192.168.122.1,192.168.12.7 \ ipv4.dns-search olearycomputers.com,hsd1.il.comcast.net # nmcli c s static | grep dns ipv4.dns: 192.168.122.1,192.168.12.7 ipv4.dns-search: olearycomputers.com,hsd1.il.comcast.net ipv4.dns-options: (default) ipv4.dns-priority: 0 ipv4.ignore-auto-dns: no ipv6.dns: -- ipv6.dns-search: -- ipv6.dns-options: (default) ipv6.dns-priority: 0 ipv6.ignore-auto-dns: no
Activate the new connection:
nmcli con up static
Disable a connection:¶
Down the link:
nmcli c down eth0
Set autocnnect = no to ensure the link does not come back on a reboot:
nmcli c mod eth0 autoconnect no
Delete a connection:¶
nmcli c del eth0
Rename a connection:¶
A lot simpler than I expected. Simply change connection.id. To wit:
# nmcli c s
NAME UUID TYPE DEVICE
dhcp 86abcab1-1d73-4032-a0f7-08d2360ca6a6 802-3-ethernet eth1
static 06460184-e76f-4158-8e94-31caa266c7a5 802-3-ethernet eth0
# nmcli c s static | grep static
connection.id: static
GENERAL.NAME: static
# nmcli c mod static connection.id eth0
# nmcli c mod dhcp connection.id eth1
# nmcli c s
NAME UUID TYPE DEVICE
eth0 06460184-e76f-4158-8e94-31caa266c7a5 802-3-ethernet eth0
eth1 86abcab1-1d73-4032-a0f7-08d2360ca6a6 802-3-ethernet eth1
Command:¶
- nmcli device wifi list
Displays wifi networks, ssids, strength, etc. Should be possible to scan for other types of network as well but ethernet, for instance, doesn’t work.
- nmcli general permissions
Displays the permissions set via polkit.
- nmcli con show [ –active ]
Displays information on the available connections.
- nmcli dev status
Displays information the available devices. Reverse ‘con show’, if you will.
- nmcli con add con-name ${name} type ethernet ifname ${int} …
Add a new connection. See discusion above for more details.
- nmcli con mod ${con} ${key} ${value}…
Modify connection information.
- nmcli con del ${conn}
Delete a connection
Network time protocol:¶
And I quote:
The provision of NTP on RHEL 7 can be done via the chronyd or ntpd daemon
itself. The chronyd daemon is enabled by default; however, this is
really designed for desktops and machines that are often disconnected from
networks. Synchronizationof tiem with chronyd is much quicker than ntpd
and is therefore suitable for mahcines that are booted frequently or often
suspended. The ntpd daemmon is still preferred for servers because it
supports more authentication optionns and can brodcast time over a
network.
commands:¶
- systemctl status chronyd:
daemon status
- chronyc tracking
Displays synchronization data including current server:
# chronyc tracking Reference ID : D8E50031 (eterna.binary.net) Stratum : 3 Ref time (UTC) : Fri Dec 15 05:49:41 2017 System time : 0.000597588 seconds fast of NTP time Last offset : +0.000220011 seconds RMS offset : 0.001000840 seconds Frequency : 11.023 ppm fast Residual freq : +0.002 ppm Skew : 0.043 ppm Root delay : 0.047105689 seconds Root dispersion : 0.016731955 seconds Update interval : 1028.3 seconds Leap status : Normal
- chronyc sources [ -v ]
Displays the list of available servers. Add a -v arg to have chronyc describe the columns:
# chronyc sources 210 Number of sources = 4 MS Name/IP address Stratum Poll Reach LastRx Last sample =============================================================================== ^* eterna.binary.net 2 10 377 95 -2226us[-2168us] +/- 40ms ^+ static-96-244-96-19.bltm> 2 10 377 726 +292us[ +347us] +/- 52ms ^+ clocka.ntpjs.org 2 10 377 163 -1912us[-1854us] +/- 58ms ^+ mail.coldnorthadmin.com 2 10 377 28m +5631us[+5896us] +/- 69ms