Note:

Work with nmcli and ip on Oracle Linux 8

Introduction

In this tutorial you work with the Oracle Linux CLI utilities, nmcli and ip, to monitor and manage network devices and connections.

The lab’s intent is to introduce you to these utilities and practice using their common features to simulate a work environment. Not all of the features are presented. The lab runs in a virtualized environment and therefore limits what can be presented and practiced.

Background

Linux handles network communications through software configuration files and the physical networking devices in your system. Each physical network device has an associated configuration file, named ifcfg-<interface>, located in the /etc/sysconfig/network-scripts directory.

NetworkManager includes a command-line utility, nmcli, which you can use to create, display, edit, delete, activate, and deactivate network connections, as well as control and display network device status.

The ip is another utility for displaying and manipulating network devices, network routing, and tunnels.

Objectives

What Do You Need?

A client system with Oracle Linux 8 installed with at least three disk devices.

(Hands-on Lab) Connect to the Compute Instance

Note: This step is specific to the Oracle provided free lab environment.

The Desktop environment will display before the instances are ready. Deployment of this environment can take two to five minutes, depending on the number of resources and provisioning steps needed.

First, to access the lab compute instances, connect to the Oracle Cloud Console and copy the compute instance public IP address.

  1. Sign in to Oracle Cloud Console, and select your Compartment.

  2. Click Instances.

  3. Copy the public IP address to a temporary location (such as a text file) on your computer.

    copy public IP

    Note:

    • To copy, highlight the IP address with the mouse and press Ctrl+C.
  4. Right-click the virtual desktop and select Open Terminal Here.

  5. Connect to the instance.

    ssh oracle@<IP_ADDRESS_OF_COMPUTE_INSTANCE>
    

    Where <IP_ADDRESS_OF_COMPUTE_INSTANCE> is the IP address copied from the Oracle Cloud Console.

  6. Accept the ECDSA key fingerprint by typing yes at the prompt.

  7. You are now connected to the compute instance for this lab.

    • If the connection fails with the Permission denied (publickey,gssapi-keyex,gssapi-with-mic) message, wait a bit longer for the provisioning process to complete and try making the ssh connection again.
  8. Use the sudo command to switch to the root user.

    sudo -i
    

Run nmcli general Object Commands

You use nmcli general object commands to show overall network status and to perform operations.

  1. Run the command nmcli help and note the available options.

    nmcli help
    

    Note: The different modes for displaying command output.

    • -t|--terse: This mode is designed and suitable for script processing.
    • -p|--pretty: This mode produces easily readable output with a header.
    • -m|--mode tabular|multiline: This mode produces output in table format or on multiple lines.

    Refer to the nmcli man page for a description for all available options.

  2. Run the command nmcli general help.

    nmcli general help
    

    Note: The general option provides four command arguments: status, hostname, permissions, and logging.

  3. Run the command nmcli general status. The status argument is the default.

    nmcli general status
    

    Full connectivity means the host is connected to a network and has full access to the Internet.

  4. Use the systemctl command to stop the NetworkManager service.

    systemctl stop NetworkManager
    
  5. Rerun the command nmcli general status.

    Running the command with the NetworkManager service stopped causes an error.

  6. Use the systemctl command to start the NetworkManager service.

    systemctl start NetworkManager
    
  7. Run the command nmcli general hostname.

    nmcli general hostname
    

    This argument reports the system hostname. You can also use nmcli general hostname to change the name of the host.

  8. Run the command nmcli general hostname and change the host name to “myhost”.

    nmcli general hostname myhost
    

    The /etc/hostname file stores the hostname information.

  9. Run the command cat /etc/hostname to confirm the name change.

    cat /etc/hostname
    
  10. Rerun the command nmcli general hostname and change the host name back to “ol8-server”.

    nmcli general hostname ol8-server
    

    Rerun the command cat /etc/hostname to verify the hostname change.

  11. Run the command nmcli general permissions.

    nmcli general permissions
    

    The output shows all premissions are set to yes, which means that you can enable and disable networking and modify all connections and settings.

  12. Run the nmcli general logging command.

    nmcli general logging
    

    Use the logging argument to view and change NetworkManager logging levels and domains. Without any arguments, the current logging level and domains are shown. In this case, the logging level is INFO for all domains. Refer to the NetworkManager.conf man page for information about logging levels and domain descriptions.

  13. Use the nmcli general logging command to change the logging level to DEBUG for the IP4 domain.

    nmcli general logging level DEBUG domains IP4
    
  14. Rerun the nmcli general logging command to verify the logging level for the IP4 domain changed to DEBUG.

    The logging level for the IP4 domain is now set to DEBUG

  15. Use the nmcli general logging command to change the logging level to INFO for the ALL domains.

    nmcli general logging level INFO domains ALL
    

    This command returns the logging level to the default setting.

Run nmcli networking Object Commands.

You use the nmcli networking object to manage networking connectivity and view networking status.

  1. Run the nmcli networking help command.

    nmcli networking help
    

    The networking object provides three commands: on, off, connectivity.

  2. Run the nmcli networking command with no arguments to show the networking status.

    nmcli networking
    

    The output shows the networking status is enabled.

    Important Information LEAVE networking enabled. The instance on which you are working runs in a virtualized environment and becomes inaccessible if you disable networking. This causes you to loose connectivity to the instance and requires a restart of the lab.

    • The command nmcli networking off disables networking to all enabled devices.
    • The command nmcli networking on enables networking to all enabled devices.
  3. Use the command ip addr to display your available network interfaces.

    ip address
    

    Note: Ethernet interface ens5 is UP and without an IP address.

  4. Run the command nmcli networking connectivity to show the network connectivity state.

    • Include the check argument.
    • Without the check argument, the command displays the most recent known connectivity state without re-checking.
    nmcli networking connectivity check
    

    Connectivity state full means the host is connected to a network and has full access to the Internet.

Run nmcli radio Object Commands

Use nmcli radio object commands to manage wireless networking.

  1. Run the command nmcli radio help.

    nmcli radio help
    

    Note: The three available command options: all, wifi, wwan. Each command has two arguments.

  2. Run the command nmcli radio with no options or arguments to show radio switches status.

    nmcli radio
    

    The output shows that all of the switches are enabled.

  3. Run the command nmcli radio wifi off command to disable the WI-FI radio switch.

    nmcli radio wifi off
    

    Rerun the command nmcli radio to verify the WI-FI radio switch status is now disabled.

  4. Run the command nmcli radio wifi on to enable the WI-FI radio switch.

    nmcli radio wifi on
    

    Rerun the command nmcli radio to verify the WI-FI radio switch status is now enabled.

Run nmcli connection Object Commands

Use the nmcli connection object to start, stop, and manage network connections.

  1. Run the command nmcli connection help command.

    nmcli connection help
    

    Note: The nmcli connection object provides 13 commands, as shown:

    connection objects

  2. Run the command nmcli connection show to list all the connection profiles.

    nmcli connection show
    

    The output lists device ens3 as the only connection profile.

  3. Run the command nmcli connection show with the --active argument to list the active profiles.

    nmcli connection show --active
    

    Again, the output lists device ens3 as the only connection profile.

  4. Run the command ls -l /etc/sysconfig/network-scripts/ and pipe the output to grep ens to list the connection profiles for all ens devices.

    ls -l /etc/sysconfig/network-scripts/ | grep ens
    

    The only ens device with a connection profile is ens3.

  5. Create a configuration profile for ens5 and bring the device online. By design, NetworkManager allows a single device to have multiple connections or profiles. These profiles allow for different network configurations such as DHCP or static IP address assignments.

    1. Obtain the Private IP of the second VNIC device attached to your lab instance.

      1. Return to the Cloud Console > Compute > Instances page.

        compute instances

      2. In the list of names, click the link to your instance (ol8-server) to open its details page.

      3. Scroll down the details page to the Resources section, and then click Attached VNICs from the list to view the VNICs.

        attached vnics

      4. From the list of VNICs, click the link to vnic-2 to view details about the VNIC.

      5. In the Primary IP section of the page, copy the Private IP Address (e.g. 10.0.0.155) and return the the terminal window.

        private ip

    2. Run the command nmcli connection add type ethernet con-name ens5 ifname ens5 ip4 <PRIVATE_IP_ADDRESS_OF_COMPUTE_INSTANCE>, for example: 10.0.0.155/24 to create the a configuration profile for ens5.

      nmcli connection add type ethernet con-name ens5 ifname ens5 ip4 10.0.0.155/24
      

      The configuration defines a static IP address assignment and presents the ip4 address in CIDR notation. NetworkManager writes these values in a /etc/sysconfig/network-scripts/ifcfg-<interface> file to keep the configuration persistent after reboots.

    3. Run the cat command to view the ens5 configuration file.

      cat /etc/sysconfig/network-scripts/ifcfg-ens5
      
    4. Run the command nmcli conn show to view the updated list of connections.

      nmcli conn show
      

      The command shows the new connection profile created for ens5. NetworkManager allows the use of abbreviations for nmcli commands.

    5. Run the command nmcli conn up ens5 to bring the device online.

      nmcli conn up ens5
      
    6. Verify the connection started by typing nmcli d status, where the d is an abbreviation for the device command.

      nmcli d status
      

      The command shows ens5 in the connected state.

    7. Run the command ping -c 3 -I ens5 followed by the IP address used previously, for example 10.0.0.155

      ping -c 3 -I ens5 <PRIVATE_IP_ADDRESS_OF_COMPUTE_INSTANCE
      

      The -c sends out only three packets, and then -I parameter ensures the packets go out on the ens5 interface.

    8. Run the command nmcli connection show id ens5 command and pipe the output to grep interconnect

      nmcli connection show id ens5 | grep autoconnect
      

      The output shows the autoconnect parameter is set to yes.

You use the ip utility to configure network interfaces. You need elevated privileges to use the ip utility. It is important to note that any network changes made using the ip command do not persist across system reboots.

In the following tasks, you continue to use device ens5.

In this exercise, you use the ip link utility to add, edit, and delete a link.

  1. Run the ip command without any options or arguments.

    ip
    

    Note: The various options available. Refer to the ip (8) man page for a description of all options.

  2. Run ip link object commands. You use the ip link object commands to display and configure network devices.

    1. Run the ip link help command to show the six available object commands.

      ip link help
      

      The commands are add, delete, set, show, xstats, afstats, help.

    2. Run the ip link show command to identify the existing network devices.

      ip link show
      

      The show command is the default for the ip link object, so it is not required. The output identifies three network devices, two Ethernet devices (ens3 and ens5). There is also one loopback device (lo). The output lists the same devices as the nmcli device status did in the previous exercise.

    3. Run the ip link add command to add a virtual link. Refer to the ip-link(8) man page for more information about link types. Use the following parameters to add a new VLAN link:

      • Use physical device ens5
      • Assign the name ens5.10
      • Use vlan for the device type
      • Assigh the VLAN ID (id) to 10
      ip link add link ens5 name ens5.10 type vlan id 10
      
    4. Rerun the ip link to list the new device.

      The virtual link, ens5.10@ens5, appears in the list.

    5. Run the ip link set command to change the MTU device attribute to 1400.

      ip link set ens5.10 mtu 1400
      
    6. Run the ip link delete command to delete the ens5.10 device.

      ip link delete ens5.10
      
      • Rerun the ip link to list the verify the virtual device no longer exists.

Run ip addr Object Commands

The ip addr command to displays and manages IP addresses on network devices.

  1. Run the ip addr help command to show the available object commands.

    A partial list of available commands include add, change, replace, del, show, andsave. Refer to the ip-address(8) man page for a complete list of ip addr commands.

  2. Run the ip addr show command to identify existing networking devices.

    ip addr
    

    The show command is also the default for ip addr. It shows the same information as ip link but includes IP addresses.

  3. Run the ip addr add command to add a second IP address to ens5.

    ip addr add 10.1.1.1/24 dev ens5
    
  4. Run the ip addr show command to show the ens5 device. The show command is required when specifying a device as an argument.

    ip addr show ens5
    

    The device now has two IP addresses.

  5. Run the ip addr del command to delete an IP address from ens5.

    ip addr del 10.1.1.1/24 dev ens5
    
  6. Run the ip addr show command again to show the ens5 device.

Video demonstrations

The video demonstration provided at https://www.youtube.com/watch?v=EkI3RKl4loE may also be useful if you need more information on using nmcli commands.

Using NetworkManager CLI (nmcli) on Oracle Linux 8

The video demonstration provided at https://www.youtube.com/watch?v=JcipLuWymNc may also be useful if you need more information on using the ip command.

Using the ip command on Oracle Linux 8

More Learning Resources

Explore other labs on docs.oracle.com/learn or access more free learning content on the Oracle Learning YouTube channel. Additionally, visit education.oracle.com/learning-explorer to become an Oracle Learning Explorer.

For product documentation, visit Oracle Help Center.