Chapter 13 ⏱️ 60 min read 📚 Advanced

Configure Networking

Master network configuration with NetworkManager and nmcli. Learn to configure IP addresses, manage connections, set hostnames, and troubleshoot network issues.

📋 Table of Contents

🎯 Introduction to Networking

RHEL 9 uses NetworkManager to manage all network configurations. The primary command-line tool is nmcli (NetworkManager Command Line Interface).

NetworkManager Components

Component Description
Device Network interface (eth0, ens33, wlan0)
Connection Network configuration profile
nmcli Command-line tool
nmtui Text-based UI tool

Configuration Files

# Connection profiles (managed by NetworkManager)
/etc/NetworkManager/system-connections/

# Legacy network scripts (deprecated in RHEL 9)
/etc/sysconfig/network-scripts/

# Hostname
/etc/hostname

# DNS resolution
/etc/resolv.conf  # Managed by NetworkManager
/etc/hosts        # Static host mappings

Basic Network Information

# Show IP addresses
ip addr show
ip a

# Show routing table
ip route show
ip r

# Show specific interface
ip addr show ens33

# Legacy commands (still work)
ifconfig  # May need net-tools package
route -n

🔧 nmcli - NetworkManager CLI

Viewing Network Status

# Show all devices
nmcli device status
nmcli dev status

# Output example:
DEVICE  TYPE      STATE      CONNECTION
ens33   ethernet  connected  ens33
lo      loopback  unmanaged  --

# Show all connections
nmcli connection show
nmcli con show

# Output example:
NAME   UUID                                  TYPE      DEVICE
ens33  abc123-def4-5678-9abc-def012345678   ethernet  ens33

# Show connection details
nmcli con show ens33

# Show device details
nmcli dev show ens33

Managing Connections

# Activate connection
nmcli con up ens33

# Deactivate connection
nmcli con down ens33

# Reload connections
nmcli con reload

# Delete connection
nmcli con delete ens33

# Rename connection
nmcli con modify ens33 connection.id "LAN"

Connection Types

# Ethernet connection
nmcli con add type ethernet con-name eth0 ifname eth0

# WiFi connection
nmcli dev wifi connect "SSID" password "password"

# List available WiFi networks
nmcli dev wifi list

# Team/Bond (advanced)
nmcli con add type team con-name team0 ifname team0
nmcli con add type bridge con-name br0 ifname br0

🌐 IP Configuration

Static IP Configuration

# Create new connection with static IP
nmcli con add \
  con-name static-ens33 \
  ifname ens33 \
  type ethernet \
  ipv4.addresses 192.168.1.100/24 \
  ipv4.gateway 192.168.1.1 \
  ipv4.dns "8.8.8.8 8.8.4.4" \
  ipv4.method manual

# Activate the connection
nmcli con up static-ens33

# Verify
ip addr show ens33

Modify Existing Connection

# Change to static IP
nmcli con mod ens33 \
  ipv4.addresses 192.168.1.100/24 \
  ipv4.gateway 192.168.1.1 \
  ipv4.dns "8.8.8.8 8.8.4.4" \
  ipv4.method manual

# Add second IP address
nmcli con mod ens33 +ipv4.addresses 192.168.1.101/24

# Remove IP address
nmcli con mod ens33 -ipv4.addresses 192.168.1.101/24

# Apply changes
nmcli con up ens33

DHCP Configuration

# Create DHCP connection
nmcli con add \
  con-name dhcp-ens33 \
  ifname ens33 \
  type ethernet \
  ipv4.method auto

# Change existing to DHCP
nmcli con mod ens33 ipv4.method auto

# Remove static settings
nmcli con mod ens33 \
  ipv4.addresses "" \
  ipv4.gateway "" \
  ipv4.dns ""

# Apply
nmcli con up ens33

IPv6 Configuration

# Static IPv6
nmcli con mod ens33 \
  ipv6.addresses 2001:db8::1/64 \
  ipv6.gateway 2001:db8::ffff \
  ipv6.method manual

# Auto (SLAAC)
nmcli con mod ens33 ipv6.method auto

# Disable IPv6
nmcli con mod ens33 ipv6.method disabled

# Apply
nmcli con up ens33

Procedure: Configure Static IP Address

  1. Check current configuration: 
    nmcli con show
ip addr show
  2. Modify connection for static IP: 
    sudo nmcli con mod ens33 \
  ipv4.addresses 192.168.1.100/24 \
  ipv4.gateway 192.168.1.1 \
  ipv4.dns "8.8.8.8 8.8.4.4" \
  ipv4.method manual
  3. Activate changes: 
    sudo nmcli con up ens33
  4. Verify configuration: 
    ip addr show ens33
ip route show
cat /etc/resolv.conf
  5. Test connectivity: 
    ping -c 4 8.8.8.8
ping -c 4 google.com

Common nmcli Options

Setting Description
ipv4.method auto (DHCP), manual (static), disabled
ipv4.addresses IP/prefix (192.168.1.100/24)
ipv4.gateway Default gateway IP
ipv4.dns DNS servers (space-separated)
connection.autoconnect yes/no (auto-activate at boot)

🏷️ Hostname Management

Setting Hostname

# Set hostname (persistent)
sudo hostnamectl set-hostname server1.example.com

# View hostname details
hostnamectl

# Output example:
 Static hostname: server1.example.com
       Icon name: computer-vm
         Chassis: vm
      Machine ID: abc123...
         Boot ID: def456...
  Virtualization: kvm
Operating System: Red Hat Enterprise Linux 9.0 (Plow)
     CPE OS Name: cpe:/o:redhat:enterprise_linux:9::baseos
          Kernel: Linux 5.14.0-70.el9.x86_64
    Architecture: x86-64

# View just the hostname
hostname
hostnamectl hostname

Hostname Types

# Static hostname (permanent)
sudo hostnamectl set-hostname server1.example.com

# Pretty hostname (descriptive)
sudo hostnamectl set-hostname "Web Server 1" --pretty

# Transient hostname (temporary, lost on reboot)
sudo hostnamectl set-hostname temp-name --transient

# View all types
hostnamectl status

Manual Hostname Configuration

# Edit hostname file
sudo vi /etc/hostname
server1.example.com

# Or use nmcli
sudo nmcli general hostname server1.example.com

# Update /etc/hosts for local resolution
sudo vi /etc/hosts
127.0.0.1   localhost localhost.localdomain
192.168.1.100   server1.example.com server1
💡 Hostname Best Practices

Use FQDN (Fully Qualified Domain Name) for static hostname: server1.example.com
Update /etc/hosts to include the hostname for local resolution
Avoid special characters, use only letters, numbers, hyphens, and dots

🔍 DNS Configuration

Configuring DNS with nmcli

# Set DNS servers
sudo nmcli con mod ens33 ipv4.dns "8.8.8.8 8.8.4.4"

# Add additional DNS server
sudo nmcli con mod ens33 +ipv4.dns 1.1.1.1

# Set DNS search domains
sudo nmcli con mod ens33 ipv4.dns-search "example.com lab.local"

# Ignore auto DNS (use manual only)
sudo nmcli con mod ens33 ipv4.ignore-auto-dns yes

# Apply changes
sudo nmcli con up ens33

# Verify
cat /etc/resolv.conf

/etc/resolv.conf

# View DNS configuration (managed by NetworkManager)
cat /etc/resolv.conf

# Output example:
# Generated by NetworkManager
nameserver 8.8.8.8
nameserver 8.8.4.4
search example.com lab.local

/etc/hosts

# Static hostname to IP mappings
sudo vi /etc/hosts

127.0.0.1   localhost localhost.localdomain
::1         localhost localhost.localdomain
192.168.1.10   server1.example.com server1
192.168.1.20   server2.example.com server2

# Test host resolution
getent hosts server1
ping server1

Name Resolution Order

# Configure resolution order
/etc/nsswitch.conf

# Default line:
hosts: files dns myhostname

# files = /etc/hosts first
# dns = DNS servers second
# myhostname = systemd hostname resolution

Testing DNS

# Test name resolution
nslookup google.com
dig google.com
host google.com

# Specific DNS server
nslookup google.com 8.8.8.8
dig @8.8.8.8 google.com

# Reverse DNS lookup
nslookup 8.8.8.8
dig -x 8.8.8.8

# Check which DNS server is being used
systemd-resolve --status

🔧 Network Troubleshooting

Connectivity Tests

# Ping gateway
ping -c 4 192.168.1.1

# Ping external IP
ping -c 4 8.8.8.8

# Ping hostname (tests DNS)
ping -c 4 google.com

# Traceroute
traceroute google.com
tracepath google.com

# Check listening ports
ss -tulpn
netstat -tulpn  # Legacy

Interface Troubleshooting

# Check link status
ip link show ens33

# Bring interface up
sudo ip link set ens33 up

# Bring interface down
sudo ip link set ens33 down

# Check driver/hardware info
ethtool ens33

# View connection status
nmcli con show ens33

# Restart NetworkManager
sudo systemctl restart NetworkManager

Route Troubleshooting

# Show routing table
ip route show

# Show specific route
ip route get 8.8.8.8

# Add temporary route
sudo ip route add 10.0.0.0/8 via 192.168.1.1

# Delete route
sudo ip route del 10.0.0.0/8

# Add persistent route with nmcli
sudo nmcli con mod ens33 +ipv4.routes "10.0.0.0/8 192.168.1.1"

Common Network Issues

Problem Check
No IP address Check DHCP, verify ipv4.method, restart connection
Can't ping gateway Check cable, ip link status, firewall
Can't ping external IP Check gateway, routing table, firewall
Can't resolve names Check /etc/resolv.conf, DNS servers, /etc/hosts

Diagnostic Commands

# Show socket statistics
ss -tuln  # TCP/UDP listening
ss -ta    # All TCP connections

# Network statistics
ip -s link show ens33  # Interface statistics

# ARP table (address resolution)
ip neigh show

# Check NetworkManager status
systemctl status NetworkManager

# View NetworkManager logs
journalctl -u NetworkManager -n 50

Procedure: Network Troubleshooting Workflow

  1. Check interface status: 
    ip link show
nmcli dev status
  2. Check IP configuration: 
    ip addr show
nmcli con show ens33
  3. Test local connectivity: 
    ping -c 4 127.0.0.1  # Loopback
ping -c 4 $(ip route | grep default | awk '{print $3}')  # Gateway
  4. Test external connectivity: 
    ping -c 4 8.8.8.8  # Google DNS
  5. Test DNS resolution: 
    ping -c 4 google.com
nslookup google.com
  6. Check routing: 
    ip route show
tracepath google.com
  7. Check logs: 
    journalctl -u NetworkManager -n 50

📝 Practice Questions

Question 1: What command sets a static IP with nmcli?

  • A) nmcli con mod ens33 ipv4.method manual ipv4.addresses 192.168.1.100/24
  • B) ip addr add 192.168.1.100/24 dev ens33
  • C) ifconfig ens33 192.168.1.100 netmask 255.255.255.0
  • D) Both B and C
Answer: A)
nmcli is the proper RHEL 9 method for persistent configuration. Must set ipv4.method to "manual" for static IP. Commands B and C are temporary (lost on reboot). Don't forget to run nmcli con up ens33 to apply changes.

Question 2: How do you set the hostname permanently?

  • A) hostname server1.example.com
  • B) hostnamectl set-hostname server1.example.com
  • C) echo "server1" > /etc/hostname
  • D) Both B and C
Answer: D) Both B and C
hostnamectl set-hostname is the recommended method (updates multiple files). Editing /etc/hostname also works but requires reboot or hostnamectl reload. Command A sets hostname temporarily (lost on reboot).

Question 3: What file contains DNS server configuration?

  • A) /etc/resolv.conf
  • B) /etc/hosts
  • C) /etc/nsswitch.conf
  • D) /etc/sysconfig/network
Answer: A) /etc/resolv.conf
/etc/resolv.conf contains nameserver entries (managed by NetworkManager in RHEL 9). /etc/hosts is for static hostname mappings. /etc/nsswitch.conf defines resolution order. Don't manually edit /etc/resolv.conf - use nmcli instead.

Question 4: What command shows active network connections?

  • A) nmcli connection show
  • B) nmcli con show --active
  • C) nmcli dev status
  • D) All of the above
Answer: D) All of the above
All three commands show active connections/devices. nmcli con show lists all connections (active highlighted). nmcli con show --active filters to active only. nmcli dev status shows device state. Use nmcli -t -f for scripting.

Question 5: How do you add a second DNS server to existing configuration?

  • A) nmcli con mod ens33 ipv4.dns 8.8.4.4
  • B) nmcli con mod ens33 +ipv4.dns 8.8.4.4
  • C) echo "nameserver 8.8.4.4" >> /etc/resolv.conf
  • D) nmcli con add dns 8.8.4.4
Answer: B) nmcli con mod ens33 +ipv4.dns 8.8.4.4
The + prefix adds to existing values. Without +, it replaces all DNS servers. Use - to remove a specific DNS server. Don't manually edit /etc/resolv.conf as NetworkManager will overwrite it.

Question 6: What's the first step in network troubleshooting?

  • A) Ping google.com
  • B) Check link status with ip link show
  • C) Restart NetworkManager
  • D) Check /etc/resolv.conf
Answer: B) Check link status with ip link show
Start with physical layer: verify interface is UP. Then check IP (ip addr), then gateway (ping), then DNS. Follow OSI model bottom-up: Physical → Link → Network → Application. Use nmcli dev status for quick overview.