Managing network connections in Linux using the nmcli console utility
Utility nmcli accesses the API directly to access NetworkManager functions.
It appeared in 2010 and for many has become an alternative way to configure network interfaces and connections. Although someone still uses ifconfig… Since nmcli is a command line interface (CLI) tool designed for use in terminal windows and scripts, it is ideal for non-GUI sysadmins.
Ncmli Command Syntax
In general, the syntax looks like this:
- options are parameters that determine the subtleties of nmcli,
- section – defines what features of the utility to use,
- action – allows you to specify what actually needs to be done.
There are 8 sections in total, each of which is associated with a set of commands (actions):
- Help provides information on ncmcli commands and their use.
- General returns NetworkManager status and global configuration.
- Networking includes commands to query network connection status and enable / disable connections.
- Radio includes commands to query the status of the WiFi connection and enable / disable connections.
- Monitor includes commands for monitoring NetworkManager activity and monitoring changes in the state of network connections.
- Connection includes commands for managing network interfaces, for adding new connections and deleting existing ones.
- Device mainly used to change device-related parameters (such as interface name) or to connect devices using an existing connection.
- Secret registers nmcli as a “secret agent” NetworkManager listening for secret messages. This section is rarely used because nmcli works this way when connected to networks by default.
Before getting started, make sure NetworkManager is running and nmcli can talk to it:
$ nmcli general STATE CONNECTIVITY WIFI-HW WIFI WWAN-HW WWAN connected full enabled enabled enabled enabled
Often, you start by looking at all network connection profiles:
$ nmcli connection show NAME UUID TYPE DEVICE Wired connection 1 ac3241e4-b424-35d6-aaa7-07498561688d ethernet enp0s3 Wired connection 2 2279d917-fa02-390c-8603-3083ec5a1d3e ethernet enp0s8 Wired connection 3 52d89737-de92-35ec-b082-8cf2e5ac36e6 ethernet enp0s9
This command uses act show for the Connection section.
The test machine is running Ubuntu 20.04. In this case, we found three wired connections: enp0s3, enp0s8, and enp0s9.
It is important to understand that in nmcli, by the term Connection we mean an entity that contains all the information about the connection. In other words, it is the network configuration. Connection encapsulates all connection-related information, including link layer and IP addressing information. These are Layer 2 and Layer 3 in the OSI networking model.
When you set up a network in Linux, you usually set up connections that will eventually bind to network devices, which in turn are the network interfaces installed on the computer. When a device uses a connection, it is considered active or up. If the connection is not in use, then it is inactive or dropped.
Adding network connections
The ncmli utility allows you to quickly add and immediately configure connections. For example, to add Wired connection 2 (with enp0s8), you need to run the following command as the superuser:
$ sudo nmcli connection add type ethernet ifname enp0s8 Connection 'ethernet-enp0s8' (09d26960-25a0-440f-8b20-c684d7adc2f5) successfully added.
In the type option, we indicate that this will be an Ethernet connection, and in the ifname (interface name) option, we indicate the network interface that we want to use.
Here’s what happens after running the command:
$ nmcli connection show NAME UUID TYPE DEVICE Wired connection 1 ac3241e4-b424-35d6-aaa7-07498561688d ethernet enp0s3 Wired connection 2 2279d917-fa02-390c-8603-3083ec5a1d3e ethernet enp0s8 Wired connection 3 52d89737-de92-35ec-b082-8cf2e5ac36e6 ethernet enp0s9 ethernet-enp0s8 09d26960-25a0-440f-8b20-c684d7adc2f5 ethernet --
A new connection has been created, ethernet-enp0s8. It was assigned a UUID, the connection type was Ethernet. Let’s bring it up with the up command:
$ nmcli connection up ethernet-enp0s8 Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/4)
Check the list of active connections again:
$ nmcli connection show --active NAME UUID TYPE DEVICE Wired connection 1 ac3241e4-b424-35d6-aaa7-07498561688d ethernet enp0s3 ethernet-enp0s8 09d26960-25a0-440f-8b20-c684d7adc2f5 ethernet enp0s8 Wired connection 3 52d89737-de92-35ec-b082-8cf2e5ac36e6 ethernet enp0s9
Added a new connection ethernet-enp0s8, it is active and uses the enp0s8 network interface.
Setting up connections
The ncmli utility makes it easy to change the parameters of existing connections. For example, you need to change dynamic (DHCP) to static IP address.
Let’s say we need to set the IP address to 192.168.4.26. For this we use two commands. The first will directly set the IP address, and the second will switch the method for setting the IP address to manual:
$ nmcli connection modify ethernet-enp0s8 ipv4.address 192.168.4.26/24 $ nmcli connection modify ethernet-enp0s8 ipv4.method manual
Don’t forget to set the subnet mask as well. For our test connection, this is 255.255.255.0, or s / 24 for Classless Routing (CIDR).
For the changes to take effect, you need to deactivate and then activate the connection again:
$ nmcli connection down ethernet-enp0s8 Connection 'ethernet-enp0s8' successfully deactivated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/4) $ nmcli connection up ethernet-enp0s8 Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveC
If you need to install DHCP on the contrary, use auto instead of manual:
$ nmcli connection modify ethernet-enp0s8 ipv4.method auto
Working with devices
For this we use the Device section.
Checking device status
$ nmcli device status DEVICE TYPE STATE CONNECTION enp0s3 ethernet connected Wired connection 1 enp0s8 ethernet connected ethernet-enp0s8 enp0s9 ethernet connected Wired connection 3 lo loopback unmanaged --
Requesting device information
To do this, use the show action from the Device section (you must specify the device name). The utility displays a lot of information, often on several pages.
Let’s take a look at the enp0s8 interface that our new connection uses. Let’s make sure that it uses exactly the same IP address that we set earlier:
$ nmcli device show enp0s8 GENERAL.DEVICE: enp0s8 GENERAL.TYPE: ethernet GENERAL.HWADDR: 08:00:27:81:16:20 GENERAL.MTU: 1500 GENERAL.STATE: 100 (connected) GENERAL.CONNECTION: ethernet-enp0s8 GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/6 WIRED-PROPERTIES.CARRIER: on IP4.ADDRESS: 192.168.4.26/24 IP4.GATEWAY: -- IP4.ROUTE: dst = 192.168.4.0/24, nh = 0.0.0.0, mt = 103 IP6.ADDRESS: fe80::6d70:90de:cb83:4491/64 IP6.GATEWAY: -- IP6.ROUTE: dst = fe80::/64, nh = ::, mt = 103 IP6.ROUTE: dst = ff00::/8, nh = ::, mt = 256, table=255
There is a lot of information. Let’s highlight the main thing:
- Network interface name: enp0s8.
- Connection type: wired Ethernet connection.
- We see the MAC address of the device.
- Maximum transmission unit (MTU) specified – the maximum size of the payload of one packet that can be transmitted by the protocol without fragmentation.
- Device currently connected…
- Connection namewhich the device is using: ethernet-enp0s8.
- The device uses one IP addresswhich we installed earlier: 192.168.4.26/24.
Other information relates to the default routing and gateway settings for the connection. They are network specific.
Interactive nmcli editor
Nmcli also has a simple interactive editor in which someone may be more comfortable working. To start it for example for ethernet-enp0s8 connection use act edit:
$ nmcli connection edit ethernet-enp0s8
He also has a little help, which, however, is smaller in size than the console version:
===| nmcli interactive connection editor |=== Editing existing '802-3-ethernet' connection: 'ethernet-enp0s8' Type 'help' or '?' for available commands. Type 'print' to show all the connection properties. Type 'describe [
. ]' for detailed property description. You may edit the following settings: connection, 802-3-ethernet (ethernet), 802-1x, dcb, sriov, ethtool, match, ipv4, ipv6, tc, proxy nmcli>
If you enter the print command and press Enter, nmcli will display all the connection properties:
=============================================================================== Connection profile details (ethernet-enp0s8) =============================================================================== connection.id: ethernet-enp0s8 connection.uuid: 09d26960-25a0-440f-8b20-c684d7adc2f5 connection.stable-id: -- connection.type: 802-3-ethernet connection.interface-name: enp0s8 connection.autoconnect: yes connection.autoconnect-priority: 0 connection.autoconnect-retries: -1 (default) connection.multi-connect: 0 (default) connection.auth-retries: -1 connection.timestamp: 1593967212 connection.read-only: no connection.permissions: -- connection.zone: -- connection.master: -- connection.slave-type: -- connection.autoconnect-slaves: -1 (default) connection.secondaries: --
For example, to set the DHCP property for the connection, type goto ipv4 and click Enter:
nmcli> goto ipv4 You may edit the following properties: method, dns, dns-search, dns-options, dns-priority, addresses, gateway, routes, route-metric, route-table, routing-rules, ignore-auto-routes, ignore-auto-dns, dhcp-client-id, dhcp-iaid, dhcp-timeout, dhcp-send-hostname, dhcp-hostname, dhcp-fqdn, dhcp-hostname-flags, never-default, may-fail, dad-timeout nmcli ipv4>
Then write set method auto and click Enter:
nmcli ipv4> set method auto Do you also want to clear 'ipv4.addresses'? [yes]:
If you want to clear the static IP, click Enter… Otherwise, enter no and press Enter. You can keep it if you think you will need it in the future. But even with a static IP address stored, DHCP will be used if method is set to auto.
Use the save command to save your changes:
nmcli ipv4> save Connection 'ethernet-enp0s8' (09d26960-25a0-440f-8b20-c684d7adc2f5) successfully updated. nmcli ipv4>
Enter quit to exit the nmcli Interactive Editor. If you change your mind about leaving, use the back command.
And that’s not all
Open the nmcli Interactive Editor and see how many settings there are and how many properties each setting has. The interactive editor is a great tool, but if you want to use nmcli in one-liners or scripts, you’ll need the regular command line version.
Now that you have the basics, check out man page nmcli to see how else it can help you.
Epic servers – this is virtual servers on Windows or Linux with powerful AMD EPYC processors and very fast Intel NVMe drives. Hurry to order!