Search

Chapter 2. Configuring an Ethernet connection

download PDF

NetworkManager creates a connection profile for each Ethernet adapter that is installed in a host. By default, this profile uses DHCP for both IPv4 and IPv6 connections. Modify this automatically-created profile or add a new one in the following cases:

  • The network requires custom settings, such as a static IP address configuration.
  • You require multiple profiles because the host roams among different networks.

Red Hat Enterprise Linux provides administrators different options to configure Ethernet connections. For example:

  • Use nmcli to configure connections on the command line.
  • Use nmtui to configure connections in a text-based user interface.
  • Use the GNOME Settings menu or nm-connection-editor application to configure connections in a graphical interface.
  • Use nmstatectl to configure connections through the Nmstate API.
  • Use RHEL system roles to automate the configuration of connections on one or multiple hosts.
Note

If you want to manually configure Ethernet connections on hosts running in the Microsoft Azure cloud, disable the cloud-init service or configure it to ignore the network settings retrieved from the cloud environment. Otherwise, cloud-init will override on the next reboot the network settings that you have manually configured.

2.1. Configuring an Ethernet connection by using nmcli

If you connect a host to the network over Ethernet, you can manage the connection’s settings on the command line by using the nmcli utility.

Prerequisites

  • A physical or virtual Ethernet Network Interface Controller (NIC) exists in the server’s configuration.

Procedure

  1. List the NetworkManager connection profiles:

    # nmcli connection show
    NAME                UUID                                  TYPE      DEVICE
    Wired connection 1  a5eb6490-cc20-3668-81f8-0314a27f3f75  ethernet  enp1s0

    By default, NetworkManager creates a profile for each NIC in the host. If you plan to connect this NIC only to a specific network, adapt the automatically-created profile. If you plan to connect this NIC to networks with different settings, create individual profiles for each network.

  2. If you want to create an additional connection profile, enter:

    # nmcli connection add con-name <connection-name> ifname <device-name> type ethernet

    Skip this step to modify an existing profile.

  3. Optional: Rename the connection profile:

    # nmcli connection modify "Wired connection 1" connection.id "Internal-LAN"

    On hosts with multiple profiles, a meaningful name makes it easier to identify the purpose of a profile.

  4. Display the current settings of the connection profile:

    # nmcli connection show Internal-LAN
    ...
    connection.interface-name:     enp1s0
    connection.autoconnect:        yes
    ipv4.method:                   auto
    ipv6.method:                   auto
    ...
  5. Configure the IPv4 settings:

    • To use DHCP, enter:

      # nmcli connection modify Internal-LAN ipv4.method auto

      Skip this step if ipv4.method is already set to auto (default).

    • To set a static IPv4 address, network mask, default gateway, DNS servers, and search domain, enter:

      # nmcli connection modify Internal-LAN ipv4.method manual ipv4.addresses 192.0.2.1/24 ipv4.gateway 192.0.2.254 ipv4.dns 192.0.2.200 ipv4.dns-search example.com
  6. Configure the IPv6 settings:

    • To use stateless address autoconfiguration (SLAAC), enter:

      # nmcli connection modify Internal-LAN ipv6.method auto

      Skip this step if ipv6.method is already set to auto (default).

    • To set a static IPv6 address, network mask, default gateway, DNS servers, and search domain, enter:

      # nmcli connection modify Internal-LAN ipv6.method manual ipv6.addresses 2001:db8:1::fffe/64 ipv6.gateway 2001:db8:1::fffe ipv6.dns 2001:db8:1::ffbb ipv6.dns-search example.com
  7. To customize other settings in the profile, use the following command:

    # nmcli connection modify <connection-name> <setting> <value>

    Enclose values with spaces or semicolons in quotes.

  8. Activate the profile:

    # nmcli connection up Internal-LAN

Verification

  1. Display the IP settings of the NIC:

    # ip address show enp1s0
    2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
        link/ether 52:54:00:17:b8:b6 brd ff:ff:ff:ff:ff:ff
        inet 192.0.2.1/24 brd 192.0.2.255 scope global noprefixroute enp1s0
           valid_lft forever preferred_lft forever
        inet6 2001:db8:1::fffe/64 scope global noprefixroute
           valid_lft forever preferred_lft forever
  2. Display the IPv4 default gateway:

    # ip route show default
    default via 192.0.2.254 dev enp1s0 proto static metric 102
  3. Display the IPv6 default gateway:

    # ip -6 route show default
    default via 2001:db8:1::ffee dev enp1s0 proto static metric 102 pref medium
  4. Display the DNS settings:

    # cat /etc/resolv.conf
    search example.com
    nameserver 192.0.2.200
    nameserver 2001:db8:1::ffbb

    If multiple connection profiles are active at the same time, the order of nameserver entries depend on the DNS priority values in these profile and the connection types.

  5. Use the ping utility to verify that this host can send packets to other hosts:

    # ping <host-name-or-IP-address>

Troubleshooting

  • Verify that the network cable is plugged-in to the host and a switch.
  • Check whether the link failure exists only on this host or also on other hosts connected to the same switch.
  • Verify that the network cable and the network interface are working as expected. Perform hardware diagnosis steps and replace defect cables and network interface cards.
  • If the configuration on the disk does not match the configuration on the device, starting or restarting NetworkManager creates an in-memory connection that reflects the configuration of the device. For further details and how to avoid this problem, see the NetworkManager duplicates a connection after restart of NetworkManager service solution.

Additional resources

  • nm-settings(5) man page on your system

2.2. Configuring an Ethernet connection by using the nmcli interactive editor

If you connect a host to the network over Ethernet, you can manage the connection’s settings on the command line by using the nmcli utility.

Prerequisites

  • A physical or virtual Ethernet Network Interface Controller (NIC) exists in the server’s configuration.

Procedure

  1. List the NetworkManager connection profiles:

    # nmcli connection show
    NAME                UUID                                  TYPE      DEVICE
    Wired connection 1  a5eb6490-cc20-3668-81f8-0314a27f3f75  ethernet  enp1s0

    By default, NetworkManager creates a profile for each NIC in the host. If you plan to connect this NIC only to a specific network, adapt the automatically-created profile. If you plan to connect this NIC to networks with different settings, create individual profiles for each network.

  2. Start nmcli in interactive mode:

    • To create an additional connection profile, enter:

      # nmcli connection edit type ethernet con-name "<connection-name>"
    • To modify an existing connection profile, enter:

      # nmcli connection edit con-name "<connection-name>"
  3. Optional: Rename the connection profile:

    nmcli> set connection.id Internal-LAN

    On hosts with multiple profiles, a meaningful name makes it easier to identify the purpose of a profile.

    Do not use quotes to set an ID that contains spaces to avoid that nmcli makes the quotes part of the name. For example, to set Example Connection as ID, enter set connection.id Example Connection.

  4. Display the current settings of the connection profile:

    nmcli> print
    ...
    connection.interface-name:     enp1s0
    connection.autoconnect:        yes
    ipv4.method:                   auto
    ipv6.method:                   auto
    ...
  5. If you create a new connection profile, set the network interface:

    nmcli> set connection.interface-name enp1s0
  6. Configure the IPv4 settings:

    • To use DHCP, enter:

      nmcli> set ipv4.method auto

      Skip this step if ipv4.method is already set to auto (default).

    • To set a static IPv4 address, network mask, default gateway, DNS servers, and search domain, enter:

      nmcli> ipv4.addresses 192.0.2.1/24
      Do you also want to set 'ipv4.method' to 'manual'? [yes]: yes
      nmcli> ipv4.gateway 192.0.2.254
      nmcli> ipv4.dns 192.0.2.200
      nmcli> ipv4.dns-search example.com
  7. Configure the IPv6 settings:

    • To use stateless address autoconfiguration (SLAAC), enter:

      nmcli> set ipv6.method auto

      Skip this step if ipv6.method is already set to auto (default).

    • To set a static IPv6 address, network mask, default gateway, DNS servers, and search domain, enter:

      nmcli> ipv6.addresses 2001:db8:1::fffe/64
      Do you also want to set 'ipv6.method' to 'manual'? [yes]: yes
      nmcli> ipv6.gateway 2001:db8:1::fffe
      nmcli> ipv6.dns 2001:db8:1::ffbb
      nmcli> ipv6.dns-search example.com
  8. Save and activate the connection:

    nmcli> save persistent
  9. Leave the interactive mode:

    nmcli> quit

Verification

  1. Display the IP settings of the NIC:

    # ip address show enp1s0
    2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
        link/ether 52:54:00:17:b8:b6 brd ff:ff:ff:ff:ff:ff
        inet 192.0.2.1/24 brd 192.0.2.255 scope global noprefixroute enp1s0
           valid_lft forever preferred_lft forever
        inet6 2001:db8:1::fffe/64 scope global noprefixroute
           valid_lft forever preferred_lft forever
  2. Display the IPv4 default gateway:

    # ip route show default
    default via 192.0.2.254 dev enp1s0 proto static metric 102
  3. Display the IPv6 default gateway:

    # ip -6 route show default
    default via 2001:db8:1::ffee dev enp1s0 proto static metric 102 pref medium
  4. Display the DNS settings:

    # cat /etc/resolv.conf
    search example.com
    nameserver 192.0.2.200
    nameserver 2001:db8:1::ffbb

    If multiple connection profiles are active at the same time, the order of nameserver entries depend on the DNS priority values in these profile and the connection types.

  5. Use the ping utility to verify that this host can send packets to other hosts:

    # ping <host-name-or-IP-address>

Troubleshooting

  • Verify that the network cable is plugged-in to the host and a switch.
  • Check whether the link failure exists only on this host or also on other hosts connected to the same switch.
  • Verify that the network cable and the network interface are working as expected. Perform hardware diagnosis steps and replace defect cables and network interface cards.
  • If the configuration on the disk does not match the configuration on the device, starting or restarting NetworkManager creates an in-memory connection that reflects the configuration of the device. For further details and how to avoid this problem, see the NetworkManager duplicates a connection after restart of NetworkManager service solution

Additional resources

  • nm-settings(5) and nmcli(1) man pages on your system

2.3. Configuring an Ethernet connection by using nmtui

If you connect a host to the network over Ethernet, you can manage the connection’s settings in a text-based user interface by using the nmtui application. Use nmtui to create new profiles and to update existing ones on a host without a graphical interface.

Note

In nmtui:

  • Navigate by using the cursor keys.
  • Press a button by selecting it and hitting Enter.
  • Select and clear checkboxes by using Space.

Prerequisites

  • A physical or virtual Ethernet Network Interface Controller (NIC) exists in the server’s configuration.

Procedure

  1. If you do not know the network device name you want to use in the connection, display the available devices:

    # nmcli device status
    DEVICE     TYPE      STATE                   CONNECTION
    enp1s0     ethernet  unavailable             --
    ...
  2. Start nmtui:

    # nmtui
  3. Select Edit a connection, and press Enter.
  4. Choose whether to add a new connection profile or to modify an existing one:

    • To create a new profile:

      1. Press Add.
      2. Select Ethernet from the list of network types, and press Enter.
    • To modify an existing profile, select the profile from the list, and press Enter.
  5. Optional: Update the name of the connection profile.

    On hosts with multiple profiles, a meaningful name makes it easier to identify the purpose of a profile.

  6. If you create a new connection profile, enter the network device name into the Device field.
  7. Depending on your environment, configure the IP address settings in the IPv4 configuration and IPv6 configuration areas accordingly. For this, press the button next to these areas, and select:

    • Disabled, if this connection does not require an IP address.
    • Automatic, if a DHCP server dynamically assigns an IP address to this NIC.
    • Manual, if the network requires static IP address settings. In this case, you must fill further fields:

      1. Press Show next to the protocol you want to configure to display additional fields.
      2. Press Add next to Addresses, and enter the IP address and the subnet mask in Classless Inter-Domain Routing (CIDR) format.

        If you do not specify a subnet mask, NetworkManager sets a /32 subnet mask for IPv4 addresses and /64 for IPv6 addresses.

      3. Enter the address of the default gateway.
      4. Press Add next to DNS servers, and enter the DNS server address.
      5. Press Add next to Search domains, and enter the DNS search domain.

    Figure 2.1. Example of an Ethernet connection with static IP address settings

    nmtui ethernet static IP
  8. Press OK to create and automatically activate the new connection.
  9. Press Back to return to the main menu.
  10. Select Quit, and press Enter to close the nmtui application.

Verification

  1. Display the IP settings of the NIC:

    # ip address show enp1s0
    2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
        link/ether 52:54:00:17:b8:b6 brd ff:ff:ff:ff:ff:ff
        inet 192.0.2.1/24 brd 192.0.2.255 scope global noprefixroute enp1s0
           valid_lft forever preferred_lft forever
        inet6 2001:db8:1::fffe/64 scope global noprefixroute
           valid_lft forever preferred_lft forever
  2. Display the IPv4 default gateway:

    # ip route show default
    default via 192.0.2.254 dev enp1s0 proto static metric 102
  3. Display the IPv6 default gateway:

    # ip -6 route show default
    default via 2001:db8:1::ffee dev enp1s0 proto static metric 102 pref medium
  4. Display the DNS settings:

    # cat /etc/resolv.conf
    search example.com
    nameserver 192.0.2.200
    nameserver 2001:db8:1::ffbb

    If multiple connection profiles are active at the same time, the order of nameserver entries depend on the DNS priority values in these profile and the connection types.

  5. Use the ping utility to verify that this host can send packets to other hosts:

    # ping <host-name-or-IP-address>

Troubleshooting

  • Verify that the network cable is plugged-in to the host and a switch.
  • Check whether the link failure exists only on this host or also on other hosts connected to the same switch.
  • Verify that the network cable and the network interface are working as expected. Perform hardware diagnosis steps and replace defect cables and network interface cards.
  • If the configuration on the disk does not match the configuration on the device, starting or restarting NetworkManager creates an in-memory connection that reflects the configuration of the device. For further details and how to avoid this problem, see the NetworkManager duplicates a connection after restart of NetworkManager service solution.

2.4. Configuring an Ethernet connection by using control-center

If you connect a host to the network over Ethernet, you can manage the connection’s settings with a graphical interface by using the GNOME Settings menu.

Note that control-center does not support as many configuration options as the nm-connection-editor application or the nmcli utility.

Prerequisites

  • A physical or virtual Ethernet Network Interface Controller (NIC) exists in the server’s configuration.
  • GNOME is installed.

Procedure

  1. Press the Super key, enter Settings, and press Enter.
  2. Select Network in the navigation on the left.
  3. Choose whether to add a new connection profile or to modify an existing one:

    • To create a new profile, click the + button next to the Ethernet entry.
    • To modify an existing profile, click the gear icon next to the profile entry.
  4. Optional: On the Identity tab, update the name of the connection profile.

    On hosts with multiple profiles, a meaningful name makes it easier to identify the purpose of a profile.

  5. Depending on your environment, configure the IP address settings on the IPv4 and IPv6 tabs accordingly:

    • To use DHCP or IPv6 stateless address autoconfiguration (SLAAC), select Automatic (DHCP) as method (default).
    • To set a static IP address, network mask, default gateway, DNS servers, and search domain, select Manual as method, and fill the fields on the tabs:

      IP settings gnome settings
  6. Depending on whether you add or modify a connection profile, click the Add or Apply button to save the connection.

    The GNOME control-center automatically activates the connection.

Verification

  1. Display the IP settings of the NIC:

    # ip address show enp1s0
    2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
        link/ether 52:54:00:17:b8:b6 brd ff:ff:ff:ff:ff:ff
        inet 192.0.2.1/24 brd 192.0.2.255 scope global noprefixroute enp1s0
           valid_lft forever preferred_lft forever
        inet6 2001:db8:1::fffe/64 scope global noprefixroute
           valid_lft forever preferred_lft forever
  2. Display the IPv4 default gateway:

    # ip route show default
    default via 192.0.2.254 dev enp1s0 proto static metric 102
  3. Display the IPv6 default gateway:

    # ip -6 route show default
    default via 2001:db8:1::ffee dev enp1s0 proto static metric 102 pref medium
  4. Display the DNS settings:

    # cat /etc/resolv.conf
    search example.com
    nameserver 192.0.2.200
    nameserver 2001:db8:1::ffbb

    If multiple connection profiles are active at the same time, the order of nameserver entries depend on the DNS priority values in these profile and the connection types.

  5. Use the ping utility to verify that this host can send packets to other hosts:

    # ping <host-name-or-IP-address>

Troubleshooting steps

  • Verify that the network cable is plugged-in to the host and a switch.
  • Check whether the link failure exists only on this host or also on other hosts connected to the same switch.
  • Verify that the network cable and the network interface are working as expected. Perform hardware diagnosis steps and replace defect cables and network interface cards.
  • If the configuration on the disk does not match the configuration on the device, starting or restarting NetworkManager creates an in-memory connection that reflects the configuration of the device. For further details and how to avoid this problem, see the NetworkManager duplicates a connection after restart of NetworkManager service solution.

2.5. Configuring an Ethernet connection by using nm-connection-editor

If you connect a host to the network over Ethernet, you can manage the connection’s settings with a graphical interface by using the nm-connection-editor application.

Prerequisites

  • A physical or virtual Ethernet Network Interface Controller (NIC) exists in the server’s configuration.
  • GNOME is installed.

Procedure

  1. Open a terminal, and enter:

    $ nm-connection-editor
  2. Choose whether to add a new connection profile or to modify an existing one:

    • To create a new profile:

      1. Click the + button
      2. Select Ethernet as connection type, and click Create.
    • To modify an existing profile, double-click the profile entry.
  3. Optional: Update the name of the profile in the Connection Name field.

    On hosts with multiple profiles, a meaningful name makes it easier to identify the purpose of a profile.

  4. If you create a new profile, select the device on the Ethernet tab:

    ethernet connection settings

  5. Depending on your environment, configure the IP address settings on the IPv4 Settings and IPv6 Settings tabs accordingly:

    • To use DHCP or IPv6 stateless address autoconfiguration (SLAAC), select Automatic (DHCP) as method (default).
    • To set a static IP address, network mask, default gateway, DNS servers, and search domain, select Manual as method, and fill the fields on the tabs:

      IP settings nm connection editor
  6. Click Save.
  7. Close nm-connection-editor.

Verification

  1. Display the IP settings of the NIC:

    # ip address show enp1s0
    2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
        link/ether 52:54:00:17:b8:b6 brd ff:ff:ff:ff:ff:ff
        inet 192.0.2.1/24 brd 192.0.2.255 scope global noprefixroute enp1s0
           valid_lft forever preferred_lft forever
        inet6 2001:db8:1::fffe/64 scope global noprefixroute
           valid_lft forever preferred_lft forever
  2. Display the IPv4 default gateway:

    # ip route show default
    default via 192.0.2.254 dev enp1s0 proto static metric 102
  3. Display the IPv6 default gateway:

    # ip -6 route show default
    default via 2001:db8:1::ffee dev enp1s0 proto static metric 102 pref medium
  4. Display the DNS settings:

    # cat /etc/resolv.conf
    search example.com
    nameserver 192.0.2.200
    nameserver 2001:db8:1::ffbb

    If multiple connection profiles are active at the same time, the order of nameserver entries depend on the DNS priority values in these profile and the connection types.

  5. Use the ping utility to verify that this host can send packets to other hosts:

    # ping <host-name-or-IP-address>

Troubleshooting steps

  • Verify that the network cable is plugged-in to the host and a switch.
  • Check whether the link failure exists only on this host or also on other hosts connected to the same switch.
  • Verify that the network cable and the network interface are working as expected. Perform hardware diagnosis steps and replace defect cables and network interface cards.
  • If the configuration on the disk does not match the configuration on the device, starting or restarting NetworkManager creates an in-memory connection that reflects the configuration of the device. For further details and how to avoid this problem, see the NetworkManager duplicates a connection after restart of NetworkManager service solution.

2.6. Configuring an Ethernet connection with a static IP address by using nmstatectl

Use the nmstatectl utility to configure an Ethernet connection through the Nmstate API. The Nmstate API ensures that, after setting the configuration, the result matches the configuration file. If anything fails, nmstatectl automatically rolls back the changes to avoid leaving the system in an incorrect state.

Prerequisites

  • A physical or virtual Ethernet Network Interface Controller (NIC) exists in the server’s configuration.
  • The nmstate package is installed.

Procedure

  1. Create a YAML file, for example ~/create-ethernet-profile.yml, with the following content:

    ---
    interfaces:
    - name: enp1s0
      type: ethernet
      state: up
      ipv4:
        enabled: true
        address:
        - ip: 192.0.2.1
          prefix-length: 24
        dhcp: false
      ipv6:
        enabled: true
        address:
        - ip: 2001:db8:1::1
          prefix-length: 64
        autoconf: false
        dhcp: false
    routes:
      config:
      - destination: 0.0.0.0/0
        next-hop-address: 192.0.2.254
        next-hop-interface: enp1s0
      - destination: ::/0
        next-hop-address: 2001:db8:1::fffe
        next-hop-interface: enp1s0
    dns-resolver:
      config:
        search:
        - example.com
        server:
        - 192.0.2.200
        - 2001:db8:1::ffbb

    These settings define an Ethernet connection profile for the enp1s0 device with the following settings:

    • A static IPv4 address - 192.0.2.1 with the /24 subnet mask
    • A static IPv6 address - 2001:db8:1::1 with the /64 subnet mask
    • An IPv4 default gateway - 192.0.2.254
    • An IPv6 default gateway - 2001:db8:1::fffe
    • An IPv4 DNS server - 192.0.2.200
    • An IPv6 DNS server - 2001:db8:1::ffbb
    • A DNS search domain - example.com
  2. Optional: You can define the identifier: mac-address and mac-address: <mac_address> properties in the interfaces property to identify the network interface card by its MAC address instead of its name, for example:

    ---
    interfaces:
    - name: <profile_name>
      type: ethernet
      identifier: mac-address
      mac-address: <mac_address>
      ...
  3. Apply the settings to the system:

    # nmstatectl apply ~/create-ethernet-profile.yml

Verification

  1. Display the current state in YAML format:

    # nmstatectl show enp1s0
  2. Display the IP settings of the NIC:

    # ip address show enp1s0
    2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
        link/ether 52:54:00:17:b8:b6 brd ff:ff:ff:ff:ff:ff
        inet 192.0.2.1/24 brd 192.0.2.255 scope global noprefixroute enp1s0
           valid_lft forever preferred_lft forever
        inet6 2001:db8:1::fffe/64 scope global noprefixroute
           valid_lft forever preferred_lft forever
  3. Display the IPv4 default gateway:

    # ip route show default
    default via 192.0.2.254 dev enp1s0 proto static metric 102
  4. Display the IPv6 default gateway:

    # ip -6 route show default
    default via 2001:db8:1::ffee dev enp1s0 proto static metric 102 pref medium
  5. Display the DNS settings:

    # cat /etc/resolv.conf
    search example.com
    nameserver 192.0.2.200
    nameserver 2001:db8:1::ffbb

    If multiple connection profiles are active at the same time, the order of nameserver entries depend on the DNS priority values in these profile and the connection types.

  6. Use the ping utility to verify that this host can send packets to other hosts:

    # ping <host-name-or-IP-address>

Additional resources

  • nmstatectl(8) man page on your system
  • /usr/share/doc/nmstate/examples/ directory

2.7. Configuring an Ethernet connection with a static IP address by using the network RHEL system role with an interface name

To connect a Red Hat Enterprise Linux host to an Ethernet network, create a NetworkManager connection profile for the network device. By using Ansible and the network RHEL system role, you can automate this process and remotely configure connection profiles on the hosts defined in a playbook.

You can use the network RHEL system role to configure an Ethernet connection with static IP addresses, gateways, and DNS settings, and assign them to a specified interface name.

Prerequisites

  • You have prepared the control node and the managed nodes
  • You are logged in to the control node as a user who can run playbooks on the managed nodes.
  • The account you use to connect to the managed nodes has sudo permissions on them.
  • A physical or virtual Ethernet device exists in the server’s configuration.
  • The managed nodes use NetworkManager to configure the network.

Procedure

  1. Create a playbook file, for example ~/playbook.yml, with the following content:

    ---
    - name: Configure the network
      hosts: managed-node-01.example.com
      tasks:
        - name: Ethernet connection profile with static IP address settings
          ansible.builtin.include_role:
            name: rhel-system-roles.network
          vars:
            network_connections:
              - name: enp1s0
                interface_name: enp1s0
                type: ethernet
                autoconnect: yes
                ip:
                  address:
                    - 192.0.2.1/24
                    - 2001:db8:1::1/64
                  gateway4: 192.0.2.254
                  gateway6: 2001:db8:1::fffe
                  dns:
                    - 192.0.2.200
                    - 2001:db8:1::ffbb
                  dns_search:
                    - example.com
                state: up

    For details about all variables used in the playbook, see the /usr/share/ansible/roles/rhel-system-roles.network/README.md file on the control node.

  2. Validate the playbook syntax:

    $ ansible-playbook --syntax-check ~/playbook.yml

    Note that this command only validates the syntax and does not protect against a wrong but valid configuration.

  3. Run the playbook:

    $ ansible-playbook ~/playbook.yml

Verification

  • Query the Ansible facts of the managed node and verify the active network settings:

    # ansible managed-node-01.example.com -m ansible.builtin.setup
    ...
            "ansible_default_ipv4": {
                "address": "192.0.2.1",
                "alias": "enp1s0",
                "broadcast": "192.0.2.255",
                "gateway": "192.0.2.254",
                "interface": "enp1s0",
                "macaddress": "52:54:00:17:b8:b6",
                "mtu": 1500,
                "netmask": "255.255.255.0",
                "network": "192.0.2.0",
                "prefix": "24",
                "type": "ether"
            },
            "ansible_default_ipv6": {
                "address": "2001:db8:1::1",
                "gateway": "2001:db8:1::fffe",
                "interface": "enp1s0",
                "macaddress": "52:54:00:17:b8:b6",
                "mtu": 1500,
                "prefix": "64",
                "scope": "global",
                "type": "ether"
            },
    	...
            "ansible_dns": {
                "nameservers": [
                    "192.0.2.1",
                    "2001:db8:1::ffbb"
                ],
                "search": [
                    "example.com"
                ]
            },
    ...

Additional resources

  • /usr/share/ansible/roles/rhel-system-roles.network/README.md file
  • /usr/share/doc/rhel-system-roles/network/ directory

2.8. Configuring an Ethernet connection with a static IP address by using the network RHEL system role with a device path

To connect a Red Hat Enterprise Linux host to an Ethernet network, create a NetworkManager connection profile for the network device. By using Ansible and the network RHEL system role, you can automate this process and remotely configure connection profiles on the hosts defined in a playbook.

You can use the network RHEL system role to configure an Ethernet connection with static IP addresses, gateways, and DNS settings, and assign them to a device based on its path instead of its name.

Prerequisites

  • You have prepared the control node and the managed nodes
  • You are logged in to the control node as a user who can run playbooks on the managed nodes.
  • The account you use to connect to the managed nodes has sudo permissions on them.
  • A physical or virtual Ethernet device exists in the server’s configuration.
  • The managed nodes use NetworkManager to configure the network.
  • You know the path of the device. You can display the device path by using the udevadm info /sys/class/net/<device_name> | grep ID_PATH= command.

Procedure

  1. Create a playbook file, for example ~/playbook.yml, with the following content:

    ---
    - name: Configure the network
      hosts: managed-node-01.example.com
      tasks:
        - name: Ethernet connection profile with static IP address settings
          ansible.builtin.include_role:
            name: rhel-system-roles.network
          vars:
            network_connections:
              - name: example
                match:
                  path:
                    - pci-0000:00:0[1-3].0
                    - &!pci-0000:00:02.0
                type: ethernet
                autoconnect: yes
                ip:
                  address:
                    - 192.0.2.1/24
                    - 2001:db8:1::1/64
                  gateway4: 192.0.2.254
                  gateway6: 2001:db8:1::fffe
                  dns:
                    - 192.0.2.200
                    - 2001:db8:1::ffbb
                  dns_search:
                    - example.com
                state: up

    The settings specified in the example playbook include the following:

    match
    Defines that a condition must be met in order to apply the settings. You can only use this variable with the path option.
    path
    Defines the persistent path of a device. You can set it as a fixed path or an expression. Its value can contain modifiers and wildcards. The example applies the settings to devices that match PCI ID 0000:00:0[1-3].0, but not 0000:00:02.0.

    For details about all variables used in the playbook, see the /usr/share/ansible/roles/rhel-system-roles.network/README.md file on the control node.

  2. Validate the playbook syntax:

    $ ansible-playbook --syntax-check ~/playbook.yml

    Note that this command only validates the syntax and does not protect against a wrong but valid configuration.

  3. Run the playbook:

    $ ansible-playbook ~/playbook.yml

Verification

  • Query the Ansible facts of the managed node and verify the active network settings:

    # ansible managed-node-01.example.com -m ansible.builtin.setup
    ...
            "ansible_default_ipv4": {
                "address": "192.0.2.1",
                "alias": "enp1s0",
                "broadcast": "192.0.2.255",
                "gateway": "192.0.2.254",
                "interface": "enp1s0",
                "macaddress": "52:54:00:17:b8:b6",
                "mtu": 1500,
                "netmask": "255.255.255.0",
                "network": "192.0.2.0",
                "prefix": "24",
                "type": "ether"
            },
            "ansible_default_ipv6": {
                "address": "2001:db8:1::1",
                "gateway": "2001:db8:1::fffe",
                "interface": "enp1s0",
                "macaddress": "52:54:00:17:b8:b6",
                "mtu": 1500,
                "prefix": "64",
                "scope": "global",
                "type": "ether"
            },
            ...
            "ansible_dns": {
                "nameservers": [
                    "192.0.2.1",
                    "2001:db8:1::ffbb"
                ],
                "search": [
                    "example.com"
                ]
            },
    ...

Additional resources

  • /usr/share/ansible/roles/rhel-system-roles.network/README.md file
  • /usr/share/doc/rhel-system-roles/network/ directory

2.9. Configuring an Ethernet connection with a dynamic IP address by using nmstatectl

Use the nmstatectl utility to configure an Ethernet connection through the Nmstate API. The Nmstate API ensures that, after setting the configuration, the result matches the configuration file. If anything fails, nmstatectl automatically rolls back the changes to avoid leaving the system in an incorrect state.

Prerequisites

  • A physical or virtual Ethernet Network Interface Controller (NIC) exists in the server’s configuration.
  • A DHCP server is available in the network.
  • The nmstate package is installed.

Procedure

  1. Create a YAML file, for example ~/create-ethernet-profile.yml, with the following content:

    ---
    interfaces:
    - name: enp1s0
      type: ethernet
      state: up
      ipv4:
        enabled: true
        auto-dns: true
        auto-gateway: true
        auto-routes: true
        dhcp: true
      ipv6:
        enabled: true
        auto-dns: true
        auto-gateway: true
        auto-routes: true
        autoconf: true
        dhcp: true

    These settings define an Ethernet connection profile for the enp1s0 device. The connection retrieves IPv4 addresses, IPv6 addresses, default gateway, routes, DNS servers, and search domains from a DHCP server and IPv6 stateless address autoconfiguration (SLAAC).

  2. Optional: You can define the identifier: mac-address and mac-address: <mac_address> properties in the interfaces property to identify the network interface card by its MAC address instead of its name, for example:

    ---
    interfaces:
    - name: <profile_name>
      type: ethernet
      identifier: mac-address
      mac-address: <mac_address>
      ...
  3. Apply the settings to the system:

    # nmstatectl apply ~/create-ethernet-profile.yml

Verification

  1. Display the current state in YAML format:

    # nmstatectl show enp1s0
  2. Display the IP settings of the NIC:

    # ip address show enp1s0
    2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
        link/ether 52:54:00:17:b8:b6 brd ff:ff:ff:ff:ff:ff
        inet 192.0.2.1/24 brd 192.0.2.255 scope global noprefixroute enp1s0
           valid_lft forever preferred_lft forever
        inet6 2001:db8:1::fffe/64 scope global noprefixroute
           valid_lft forever preferred_lft forever
  3. Display the IPv4 default gateway:

    # ip route show default
    default via 192.0.2.254 dev enp1s0 proto static metric 102
  4. Display the IPv6 default gateway:

    # ip -6 route show default
    default via 2001:db8:1::ffee dev enp1s0 proto static metric 102 pref medium
  5. Display the DNS settings:

    # cat /etc/resolv.conf
    search example.com
    nameserver 192.0.2.200
    nameserver 2001:db8:1::ffbb

    If multiple connection profiles are active at the same time, the order of nameserver entries depend on the DNS priority values in these profile and the connection types.

  6. Use the ping utility to verify that this host can send packets to other hosts:

    # ping <host-name-or-IP-address>

Additional resources

  • nmstatectl(8) man page on your system
  • /usr/share/doc/nmstate/examples/ directory

2.10. Configuring an Ethernet connection with a dynamic IP address by using the network RHEL system role with an interface name

To connect a Red Hat Enterprise Linux host to an Ethernet network, create a NetworkManager connection profile for the network device. By using Ansible and the network RHEL system role, you can automate this process and remotely configure connection profiles on the hosts defined in a playbook.

You can use the network RHEL system role to configure an Ethernet connection that retrieves its IP addresses, gateways, and DNS settings from a DHCP server and IPv6 stateless address autoconfiguration (SLAAC). With this role you can assign the connection profile to the specified interface name.

Prerequisites

  • You have prepared the control node and the managed nodes
  • You are logged in to the control node as a user who can run playbooks on the managed nodes.
  • The account you use to connect to the managed nodes has sudo permissions on them.
  • A physical or virtual Ethernet device exists in the server’s configuration.
  • A DHCP server and SLAAC are available in the network.
  • The managed nodes use the NetworkManager service to configure the network.

Procedure

  1. Create a playbook file, for example ~/playbook.yml, with the following content:

    ---
    - name: Configure the network
      hosts: managed-node-01.example.com
      tasks:
        - name: Ethernet connection profile with dynamic IP address settings
          ansible.builtin.include_role:
            name: rhel-system-roles.network
          vars:
            network_connections:
              - name: enp1s0
                interface_name: enp1s0
                type: ethernet
                autoconnect: yes
                ip:
                  dhcp4: yes
                  auto6: yes
                state: up

    The settings specified in the example playbook include the following:

    dhcp4: yes
    Enables automatic IPv4 address assignment from DHCP, PPP, or similar services.
    auto6: yes
    Enables IPv6 auto-configuration. By default, NetworkManager uses Router Advertisements. If the router announces the managed flag, NetworkManager requests an IPv6 address and prefix from a DHCPv6 server.

    For details about all variables used in the playbook, see the /usr/share/ansible/roles/rhel-system-roles.network/README.md file on the control node.

  2. Validate the playbook syntax:

    $ ansible-playbook --syntax-check ~/playbook.yml

    Note that this command only validates the syntax and does not protect against a wrong but valid configuration.

  3. Run the playbook:

    $ ansible-playbook ~/playbook.yml

Verification

  • Query the Ansible facts of the managed node and verify that the interface received IP addresses and DNS settings:

    # ansible managed-node-01.example.com -m ansible.builtin.setup
    ...
            "ansible_default_ipv4": {
                "address": "192.0.2.1",
                "alias": "enp1s0",
                "broadcast": "192.0.2.255",
                "gateway": "192.0.2.254",
                "interface": "enp1s0",
                "macaddress": "52:54:00:17:b8:b6",
                "mtu": 1500,
                "netmask": "255.255.255.0",
                "network": "192.0.2.0",
                "prefix": "24",
                "type": "ether"
            },
            "ansible_default_ipv6": {
                "address": "2001:db8:1::1",
                "gateway": "2001:db8:1::fffe",
                "interface": "enp1s0",
                "macaddress": "52:54:00:17:b8:b6",
                "mtu": 1500,
                "prefix": "64",
                "scope": "global",
                "type": "ether"
            },
            ...
            "ansible_dns": {
                "nameservers": [
                    "192.0.2.1",
                    "2001:db8:1::ffbb"
                ],
                "search": [
                    "example.com"
                ]
            },
    ...

Additional resources

  • /usr/share/ansible/roles/rhel-system-roles.network/README.md file
  • /usr/share/doc/rhel-system-roles/network/ directory

2.11. Configuring an Ethernet connection with a dynamic IP address by using the network RHEL system role with a device path

To connect a Red Hat Enterprise Linux host to an Ethernet network, create a NetworkManager connection profile for the network device. By using Ansible and the network RHEL system role, you can automate this process and remotely configure connection profiles on the hosts defined in a playbook.

You can use the network RHEL system role to configure an Ethernet connection that retrieves its IP addresses, gateways, and DNS settings from a DHCP server and IPv6 stateless address autoconfiguration (SLAAC). The role can assign the connection profile to a device based on its path instead of an interface name.

Prerequisites

  • You have prepared the control node and the managed nodes
  • You are logged in to the control node as a user who can run playbooks on the managed nodes.
  • The account you use to connect to the managed nodes has sudo permissions on them.
  • A physical or virtual Ethernet device exists in the server’s configuration.
  • A DHCP server and SLAAC are available in the network.
  • The managed hosts use NetworkManager to configure the network.
  • You know the path of the device. You can display the device path by using the udevadm info /sys/class/net/<device_name> | grep ID_PATH= command.

Procedure

  1. Create a playbook file, for example ~/playbook.yml, with the following content:

    ---
    - name: Configure the network
      hosts: managed-node-01.example.com
      tasks:
        - name: Ethernet connection profile with dynamic IP address settings
          ansible.builtin.include_role:
            name: rhel-system-roles.network
          vars:
            network_connections:
              - name: example
                match:
                  path:
                    - pci-0000:00:0[1-3].0
                    - &!pci-0000:00:02.0
                type: ethernet
                autoconnect: yes
                ip:
                  dhcp4: yes
                  auto6: yes
                state: up

    The settings specified in the example playbook include the following:

    match: path
    Defines that a condition must be met in order to apply the settings. You can only use this variable with the path option.
    path: <path_and_expressions>
    Defines the persistent path of a device. You can set it as a fixed path or an expression. Its value can contain modifiers and wildcards. The example applies the settings to devices that match PCI ID 0000:00:0[1-3].0, but not 0000:00:02.0.
    dhcp4: yes
    Enables automatic IPv4 address assignment from DHCP, PPP, or similar services.
    auto6: yes
    Enables IPv6 auto-configuration. By default, NetworkManager uses Router Advertisements. If the router announces the managed flag, NetworkManager requests an IPv6 address and prefix from a DHCPv6 server.

    For details about all variables used in the playbook, see the /usr/share/ansible/roles/rhel-system-roles.network/README.md file on the control node.

  2. Validate the playbook syntax:

    $ ansible-playbook --syntax-check ~/playbook.yml

    Note that this command only validates the syntax and does not protect against a wrong but valid configuration.

  3. Run the playbook:

    $ ansible-playbook ~/playbook.yml

Verification

  • Query the Ansible facts of the managed node and verify that the interface received IP addresses and DNS settings:

    # ansible managed-node-01.example.com -m ansible.builtin.setup
    ...
            "ansible_default_ipv4": {
                "address": "192.0.2.1",
                "alias": "enp1s0",
                "broadcast": "192.0.2.255",
                "gateway": "192.0.2.254",
                "interface": "enp1s0",
                "macaddress": "52:54:00:17:b8:b6",
                "mtu": 1500,
                "netmask": "255.255.255.0",
                "network": "192.0.2.0",
                "prefix": "24",
                "type": "ether"
            },
            "ansible_default_ipv6": {
                "address": "2001:db8:1::1",
                "gateway": "2001:db8:1::fffe",
                "interface": "enp1s0",
                "macaddress": "52:54:00:17:b8:b6",
                "mtu": 1500,
                "prefix": "64",
                "scope": "global",
                "type": "ether"
            },
            ...
            "ansible_dns": {
                "nameservers": [
                    "192.0.2.1",
                    "2001:db8:1::ffbb"
                ],
                "search": [
                    "example.com"
                ]
            },
    ...

Additional resources

  • /usr/share/ansible/roles/rhel-system-roles.network/README.md file
  • /usr/share/doc/rhel-system-roles/network/ directory

2.12. Configuring multiple Ethernet interfaces by using a single connection profile by interface name

In most cases, one connection profile contains the settings of one network device. However, NetworkManager also supports wildcards when you set the interface name in connection profiles. If a host roams between Ethernet networks with dynamic IP address assignment, you can use this feature to create a single connection profile that you can use for multiple Ethernet interfaces.

Prerequisites

  • Multiple physical or virtual Ethernet devices exist in the server’s configuration.
  • A DHCP server is available in the network.
  • No connection profile exists on the host.

Procedure

  1. Add a connection profile that applies to all interface names starting with enp:

    # nmcli connection add con-name "Wired connection 1" connection.multi-connect multiple match.interface-name enp* type ethernet

Verification

  1. Display all settings of the single connection profile:

    # nmcli connection show "Wired connection 1"
    connection.id:                      Wired connection 1
    ...
    connection.multi-connect:           3 (multiple)
    match.interface-name:               enp*
    ...

    3 indicates the number of interfaces active on the connection profile at the same time, and not the number of network interfaces in the connection profile. The connection profile uses all devices that match the pattern in the match.interface-name parameter and, therefore, the connection profiles have the same Universally Unique Identifier (UUID).

  2. Display the status of the connections:

    # nmcli connection show
    NAME                UUID                                  TYPE      DEVICE
    ...
    Wired connection 1  6f22402e-c0cc-49cf-b702-eaf0cd5ea7d1  ethernet  enp7s0
    Wired connection 1  6f22402e-c0cc-49cf-b702-eaf0cd5ea7d1  ethernet  enp8s0
    Wired connection 1  6f22402e-c0cc-49cf-b702-eaf0cd5ea7d1  ethernet  enp9s0

Additional resources

  • nmcli(1) man page on your system
  • nm-settings(5) man page

2.13. Configuring a single connection profile for multiple Ethernet interfaces using PCI IDs

The PCI ID is a unique identifier of the devices connected to the system. The connection profile adds multiple devices by matching interfaces based on a list of PCI IDs. You can use this procedure to connect multiple device PCI IDs to the single connection profile.

Prerequisites

  • Multiple physical or virtual Ethernet devices exist in the server’s configuration.
  • A DHCP server is available in the network.
  • No connection profile exists on the host.

Procedure

  1. Identify the device path. For example, to display the device paths of all interfaces starting with enp, enter :

    # udevadm info /sys/class/net/enp | grep ID_PATH=*
    ...
    E: ID_PATH=pci-0000:07:00.0
    E: ID_PATH=pci-0000:08:00.0
  2. Add a connection profile that applies to all PCI IDs matching the 0000:00:0[7-8].0 expression:

    # nmcli connection add type ethernet connection.multi-connect multiple match.path "pci-0000:07:00.0 pci-0000:08:00.0" con-name "Wired connection 1"

Verification

  1. Display the status of the connection:

    # nmcli connection show
    NAME                 UUID                                  TYPE      DEVICE
    Wired connection 1   9cee0958-512f-4203-9d3d-b57af1d88466  ethernet  enp7s0
    Wired connection 1   9cee0958-512f-4203-9d3d-b57af1d88466  ethernet  enp8s0
    ...
  2. To display all settings of the connection profile:

    # nmcli connection show "Wired connection 1"
    connection.id:               Wired connection 1
    ...
    connection.multi-connect:    3 (multiple)
    match.path:                  pci-0000:07:00.0,pci-0000:08:00.0
    ...

    This connection profile uses all devices with a PCI ID which match the pattern in the match.path parameter and, therefore, the connection profiles have the same Universally Unique Identifier (UUID).

Additional resources

  • nmcli(1) man page on your system
  • nm-settings(5) man page
Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.