You can't do much with a computer these days without network connectivity. Whether you need to update the packages on a server or simply browse external websites from your laptop, you will need network access! This guide aims to provide Rocky Linux users the basic knowledge on setting up network connectivity.
A lot has changed with network configuration as of Rocky Linux 9. One of the major changes is the move from Network-Scripts (still available to install-but effectively deprecated) to the use of Network Manager and key files, rather than ifcfg based files. NetworkManager as of 9, prioritizes keyfiles over the previous ifcfg files. Since this is now the default, the act of configuring the network should now take the default as the proper way of doing things, given that other changes over the years have meant the eventual deprecation and removal of older utilities. This guide will attempt to walk you through the use of Network Manager and the latest changes within Rocky Linux 9.
At the user level, the networking stack is managed by NetworkManager. This tool runs as a service, and you can check its state with the following command:
As noted at the beginning, the configuration files by default are now key files. You can see how NetworkManager prioritizes these files by running the following command:
Note at the top of the configuration file the reference to keyfile followed by ifcfg-rh. This means that the default is the keyfile. Any time you run any of the NetworkManager tools to configure an interface (example: nmcli or nmtui), it will automatically build or update key files.
Configuration Storage Location
In Rocky Linux 8, the storage location for network configuration was in /etc/sysconfig/Network-Scripts/.
With Rocky Linux 9, the new default storage location for the key files is in /etc/NetworkManager/system-connections.
The primary (but not the only) utility used for configuring a network interface is the nmtui command. This can also be done with the nmcli command, but is much less intuitive. We can show the interface as it is currently configured using nmcli with:
There are a few ways or mechanisms by which systems can be assigned their IP configuration information.
The two most common methods are - Static IP configuration scheme and Dynamic IP configuration scheme.
The static IP configuration scheme is very popular on server class systems or networks.
The dynamic IP approach is popular on home and office networks or workstation and desktop class systems in a business environment. The dynamic scheme usually needs something extra that is locally available and that can supply proper IP configuration information to requesting workstations and desktops. This something is called the Dynamic Host Configuration Protocol (DHCP). On a home network, and even on most business networks, this service is provided by a DHCP Server configured for the purpose. This can be a separate server or part of a router configuration.
In the previous section, the displayed configuration for the interface enp0s3 is generated from the .ini file /etc/NetworkManager/system-connections/enp0s3.nmconnection. This shows that the IP4.ADDRESS[1] has been statically configured, rather than dynamically configured via DHCP. If we want to switch this interface back to a dynamically allocated address, the easiest way is to use the nmtui command.
First, run the nmtui command at the command-line which should show you the following
It's already on the selection we need "Edit a connection" so hit the TAB key so that "OK" is highlighted and hit ENTER
This will bring up a screen showing the Ethernet connections on the machine and allow you to choose one. In our case, there is ONLY one, so it is already highlighted, we simply need to hit the TAB key until "Edit" is highlighted and then hit ENTER
Once we have done this, we will be on the screen showing our current configuration. What we need to do is switch from "Manual" to "Automatic" so hit the TAB key several times until you get to where "Manual" is highlighted and then hit ENTER.
Arrow up until "Automatic" is highlighted and then hit ENTER
Once we have switched the interface over to "Automatic" we need to remove the statically assigned IP so hit the TAB key until the "Remove" is highlighted next to the IP address and hit ENTER.
Finally, hit the TAB key several times until you get to the bottom of the nmtui screen and the "OK" is highlighted and hit ENTER
You can deactivate and reactivate your interface with nmtui as well, but instead let's do this with nmcli. In this way we can string the deactivation of the interface and the reactivation of the interface so that the interface is never down for long:
nmcli con down enp0s3 && nmcli con up enp0s3
Think of this as the equivalent to the old ifdown enp0s3 && ifup enp0s3 used in older versions of the OS.
To verify that it worked, go ahead and check using either the ip addr command, or the nmcli device show enp0s3 command that we used earlier.
ip addr
If successful, you should now see that the static IP is removed and that a dynamically allocated address has been added, similar to this:
Using the nmtui is nice, but if you just want to quickly reconfigure the network interface without all of the time between screens, you probably will want to use nmcli by itself. Let us look at the example above of a statically assigned IP and the steps to reconfigure the interface to DHCP using only nmcli.
Before we start, be aware that to reconfigure the interface to DHCP we need to:
Remove the IPv4 Gateway
Remove the IPv4 Address that we statically assigned
Change the IPv4 Method to automatic
Down and Up the interface
Note too, that we are not using examples that tell you to use -ipv4.address etc. These do not change the interface completely. To do that we must set the ipv4.address and the ipv4.gateway to an empty string. Again, to save as much time as possible with our command, we are going to string them all together in one line:
nmcli con mod enp0s3 ipv4.gateway '' && nmcli con mod enp0s3 ipv4.address '' && nmcli con mod enp0s3 ipv4.method auto && nmcli con down enp0s3 && nmcli con up enp0s3
Running the ip addr command again, should show you the exact same results as when we ran the changes with nmtui. We could obviously do everything in reverse as well (changing our DHCP address to a static one). To do this, we would run the commands in reverse starting with changing the ipv4.method to manual, setting the ipv4.gateway and then setting the ipv4.address. Since in all of these examples we are completely reconfiguring the interface and not adding or subtracting values to it, we again would not use the examples out there that talk about using +ipv4.method,+ipv4.gateway, and +ipv4.address. If you used these commands instead of the ones we have used above, you would end up with an interface with BOTH a DHCP assigned address and a statically assigned one. That said, this can sometimes be very handy. If you have a web service listening on one IP lets say, and an SFTP server listening on another IP. Having a method of assigning multiple IP's to an interface is quite useful.
Setting DNS servers can be done with either nmtui or nmcli. While the nmtui interface is easy to navigate and much more intuitive, the process is much slower. Doing this with the nmcli is much faster. In the case of the DHCP assigned address, it's not usually necessary to set DNS servers as they normally are forwarded on from the DHCP server. That said, you can statically add DNS servers to a DHCP interface. In the case of the statically assigned interface, you will HAVE to do this as it will need to know how to get DNS resolution and will not have an automatically assigned method.
Since the best example for all of this is a statically assigned IP, let's return to our original statically assigned address in our example interface (enp0s3). Before changing the DNS values, we need to see what they are currently.
To get proper name resolution, remove the already set DNS servers and add different ones. Currently the ipv4.dns is set to 8.8.8.8,8.8.4.4,192.168.1.1. In this case, we do not need to set the ipv4.dns to an empty string. We can simply use the following command to replace our values:
nmcli con mod enp0s3 ipv4.dns '208.67.222.222,208.67.220.220,192.168.1.1'
Running nmcli con show enp0s3 | grep ipv4.dns should show you that we have successfully changed the DNS servers. To activate everything, let's bring our interface down and up again so that our changes are active:
nmcli con down enp0s3 && nmcli con up enp0s3
To test that we do have name resolution, try pinging a known host. We will use google.com as an example:
The ip command (provided by the iproute2 package) is a powerful tool to get information and configure the network of a modern Linux system such as Rocky Linux.
In this example, we will assume the following parameters:
While it is still possible to use this method to bring the interface up and down in Rocky Linux 9, the command reacts much slower than simply using the nmcli command.
To bring the enp0s3 down and up again we can simply use:
While bringing the interface up and down using the ip utility is much slower than nmcli, ip has a distinct advantage when setting new or additional IP addresses, as it happens in real time, without bringing the interface down and up.
Throughout the examples above we have done some testing. Your best bet for testing is to start by pinging the default gateway. This should always work:
There are many changes to the networking stack in Rocky Linux 9. Among these is the prioritization of keyfile over the formerly used ifcfg files found in Network-Scripts. Since the direction of movement here in future versions of Rocky Linux will deprecate and remove Network-Scripts, it is best to focus attention on methodologies such as nmcli, nmtui, and in some cases ip, for network configuration.
At the user level, the networking stack is managed by NetworkManager. This tool runs as a service, and you can check its state with the following command:
NetworkManager simply applies a configuration read from the files found in /etc/sysconfig/network-scripts/ifcfg-<IFACE_NAME>.
Each network interface has its configuration file. The following shows an example of the default configuration of a server:
The interface's name is enp1s0 so this file's name will be /etc/sysconfig/network-scripts/ifcfg-enp1s0.
Tips:
There are a few ways or mechanisms by which systems can be assigned their IP configuration information. The two most common methods are - Static IP configuration scheme and Dynamic IP configuration scheme.
The static IP configuration scheme is very popular on server class systems or networks.
The dynamic IP approach is popular on home and office networks - or workstation and desktop class systems. The dynamic scheme usually needs something extra that is locally available that can supply proper IP configuration information to requesting workstations and desktops. This something is called the Dynamic Host Configuration Protocol (DHCP).
Home or office users often do not have to worry about DHCP. This is because the something else automatically takes care of that in the background. The end user needs to physically or wirelessly connect to the right network (and of course make sure that their systems are powered on)!
In the previous /etc/sysconfig/network-scripts/ifcfg-enp1s0 listing, we see that the value of the BOOTPROTO parameter or key is set to none. The configured system is set to a static IP address scheme.
If instead you want to configure the system to use a dynamic IP address scheme, you will have to change the value of the BOOTPROTO parameter from none to dhcp and also remove the IPADDR, PREFIX and GATEWAY lines. This is necessary because all that information will be automatically obtained from any available DHCP server.
To configure a static IP address attribution, set the following:
NetworkManager's primary function is managing "connections", which map a physical device to more logical network components like an IP address and DNS settings.
To view the existing connections NetworkManager maintains, you can run nmcli connection show.
From the output above, we can determine that NetworkManager manages a connection (NAME) called enp1s0 that maps to the physical device (DEVICE) enp1s0.
Connection name
In this example, the connection and device share the same name, but this may not always be true. It is common to see a connection called System eth0 that maps to a device called eth0, for example.
Now that we know the name of our connection, we can view its settings. To do this, use the nmcli connection show [connection] command, which will print out all of the settings NetworkManager registers for the given connection.
Down the left-hand column, we see the name of the setting, and down the right we see the value.
For example, we can see that the ipv4.method here is currently set to auto. There are many allowed values for the ipv4.method setting, but the main two you will most likely see are:
auto: the appropriate automatic method (DHCP, PPP, etc) is used for the interface and most other properties can be left unset.
manual: static IP addressing is used and at least one IP address must be given in the 'addresses' property.
If instead you want to configure the system to use a static IP address scheme, you will have to change the value of ipv4.method to manual, and also specify the ipv4.gateway and ipv4.addresses.
To modify a setting, you can use the nmcli command nmcli connection modify [connection] [setting] [value].
# set 10.0.0.10 as the static ipv4 address[user@server~]$sudonmcliconnectionmodifyenp1s0ipv4.addresses10.0.0.10
# set 10.0.0.1 as the ipv4 gateway[user@server~]$sudonmcliconnectionmodifyenp1s0ipv4.gateway10.0.0.1
# change ipv4 method to use static assignments (set in the previous two commands)[user@server~]$sudonmcliconnectionmodifyenp1s0ipv4.methodmanual
When does the connection get updated?
nmcli connection modify will not modify the runtime configuration, but update the /etc/sysconfig/network-scripts configuration files with the appropriate values based on what you have told nmcli to configure.
To configure your DNS servers with NetworkManager via the CLI, you can modify the ipv4.dns setting.
# set 10.0.0.1 and 1.1.1.1 as the primary and secondary DNS servers[user@server~]$sudonmcliconnectionmodifyenp1s0ipv4.dns'10.0.0.1 1.1.1.1'
The ip command (provided by the iproute2 package) is a powerful tool to get information and configure the network of a modern Linux system such as Rocky Linux.
In this example, we will assume the following parameters:
Then, to make sure your routing configuration is fine, try to ping a external host, such as this well known public DNS resolver:
ping-c38.8.8.8
If your machine has several network interfaces and you want to make ICMP request via a specific interface, you can use the -I flag:
ping-Iens19-c3192.168.20.42
It is now time to ensure that DNS resolution is working correctly. As a reminder, DNS resolution is a mechanism used to convert human friendly machine names into their IP addresses and the other way round (reverse DNS).
If the /etc/resolv.conf file indicates a reachable DNS server, then the following should work: