使用**nmcli命令配置网络 **
NetworkManager是管理和监控网络设置的守护进程,设备既就是网络接口,连接是对网络接口的配置,一个网络接口可以有多个连接配置,但同时只有一个连接配置生效。
1 **配置主机名**
CentOS6 之前主机配置文件:/etc/sysconfig/network
CentOS7主机名配置文件:/etc/hostname,默认没有这个文件,通过DNS反向解析获取主机名,主机名默认为:localhost.localdomain
显示主机名信息
hostname
hostnamectl status
创建并修改文件并生效
hostnamectl set-hostname deskX.example.com
2
3
4
5
[root@centos73 ~]# hostname
centos7.3.com
[root@centos73 ~]# cat /etc/hostname
centos7.3.com
可以看到已经修改成功。
删除文件。回复默认主机名localhost.localdomain
2 **常用命令**
nmcli connection show 显示所有连接
nmcli connection show –active 显示所有活动的连接状态
nmcli connection show “ens33” 显示网络连接配置
nmcli device status 显示设备状态
nmcli device show ens33 显示网络接口属性
nmcli connection add help 查看帮助
nmcli connection reload 重新加载配置
nmcli connection down test2 禁用test2的配置,注意一个网卡可以有多个配置。
nmcli connection up test2 启用test2的配置
nmcli device disconnect ens33 禁用ens33网卡,物理网卡
nmcli device connect ens33 启用ens33网卡
图形工具
nm-connection-editor
字符工具
nmtui
nmtui-connect
nmtui-edit
nmtui-hostname
3 **创建新连接配置**
(1)创建新连接配置default,IP通过DHCP自动获取
2
Connection ‘default’ (d62f98af-86ed-4735-80aa-2d80351765b2) successfully added.
删除连接
2
Connection ‘default’ (d62f98af-86ed-4735-80aa-2d80351765b2) successfully deleted.
(2)创建新的连接配置test2,指定静态IP,不自动连接
2
Connection ‘test2’ (98385bf5-8cc3-47e3-a5f2-51e2d736be6d) successfully added.
参数说明:
con-name 指定连接名字,没有特殊要求,
ipv4.methmod 指定获取IP地址的方式
ifname 指定网卡设被名,既就是次配置所生效的网卡
autoconnect 指定是否自动启动
ipv4.addresses 指定IPv4地址
gw4指定网关
4**查看/etc/sysconfig/network-scripts/目录**
会看到多出一个文件ifcfg-test2。说明添加确实生效了。
/etc/sysconfig/network-scripts/ifcfg-test2
2
3
/etc/sysconfig/network-scripts/ifcfg-ens33 /etc/sysconfig/network-scripts/ifcfg-lo
/etc/sysconfig/network-scripts/ifcfg-ens34 /etc/sysconfig/network-scripts/ifcfg-test2
5 **启用test2连接配置**
2
3
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/7)
[root@centos73 ~]# systemctl restart network
看下是否生效
[root@centos73 ~]# nmcli device show ens33
GENERAL.DEVICE: ens33
GENERAL.TYPE: ethernet
GENERAL.HWADDR: 00:0C:29:3A:00:82
GENERAL.MTU: 1500
GENERAL.STATE: 100 (connected)
GENERAL.CONNECTION: test2
GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/7
WIRED-PROPERTIES.CARRIER: on
IP4.ADDRESS[1]: 172.25.100.100/24
IP4.GATEWAY: 172.25.100.1
IP6.ADDRESS[1]: fe80::5a5b:2cc3:a448:e2e1/64
IP6.GATEWAY:
好了,基本的IP地址配置成功
6 **修改连接设置**
(1)修改test2为自动启动
(2)修改DNS为172.25.1.1
(3)添加DNS 114.114.114.114
看下是否成功
[root@centos73 ~]# cat /etc/sysconfig/network-scripts/ifcfg-test2
TYPE=Ethernet
[……]
NAME=test2
UUID=98385bf5-8cc3-47e3-a5f2-51e2d736be6d
DEVICE=ens33
ONBOOT=yes
DNS1=172.25.1.1
IPADDR=172.25.100.100
PREFIX=24
GATEWAY=172.25.100.1
DNS2=114.114.114.114
可以看到均已生效
(4)删除DNS
(5)修改IP地址
(6)还可以添加多个IP
7 nmcli **命令和/etc/sysconfig/network-scripts/ifcfg-*文件的对应关系**
ipv4.method manual BOOTPROTO=none
ipv4.method auto BOOTPROTO=dhcp
ipv4.addresses “192.0.2.1/24 IPADDR=192.0.2.1
PREFIX=24
gw4 192.0.2.254” GATEWAY=192.0.2.254
ipv4.dns 8.8.8.8 DNS0=8.8.8.8
ipv4.dns-search example.com DOMAIN=example.com
ipv4.ignore-auto-dns true PEERDNS=no
connection.autoconnect yes ONBOOT=yes
connection.id eth0 NAME=eth0
connection.interface-name eth0 DEVICE=eth0
802-3-ethernet.mac-address . . . HWADDR= . . .
8 Nmcli**命令详解**
# nmcli connection help
Usage: nmcli connection { COMMAND | help }
COMMAND := { show | up | down | add | modify | clone | edit | delete | monitor | reload | load | import | export }
show [–active] [–order <order spec>]
show [–active] [id | uuid | path | apath] <ID> …
up [[id | uuid | path] <ID>] [ifname <ifname>] [ap <BSSID>] [passwd-file <file with passwords>]
down [id | uuid | path | apath] <ID> …
add COMMON_OPTIONS TYPE_SPECIFIC_OPTIONS SLAVE_OPTIONS IP_OPTIONS [– ([+|-]<setting>.<property> <value>)+]
modify [–temporary] [id | uuid | path] <ID> ([+|-]<setting>.<property> <value>)+
clone [–temporary] [id | uuid | path ] <ID> <new name>
edit [id | uuid | path] <ID>
edit [type <new_con_type>] [con-name <new_con_name>]
delete [id | uuid | path] <ID>
monitor [id | uuid | path] <ID> …
reload
load <filename> [ <filename>… ]
import [–temporary] type <type> file <file to import>
export [id | uuid | path] <ID> [<output file>]
nmcli 修改网络连接方式,IP 地址, 网关等方法
nmcli connection edit enp0s8
===| nmcli 交互式连接编辑器 |===
正在编辑已存的连接“802-3-ethernet”:“enp0s8”
对于可用的命令输入“help”或“?”。
输入“describe [<设置>.<属性>]”来获得详细的属性描述。
您可编辑下列设置:connection, 802-3-ethernet (ethernet), 802-1x, dcb, ipv4, ipv6, proxy
nmcli>
#查看帮助
nmcli> help
—[ Main menu ]—
goto [<setting> | <prop>] :: go to a setting or property
remove <setting>[.<prop>] | <prop> :: remove setting or reset property value
set [<setting>.<prop> <value>] :: set property value
describe [<setting>.<prop>] :: describe property
print [all | <setting>[.<prop>]] :: print the connection
verify [all | fix] :: verify the connection
save [persistent|temporary] :: save the connection
activate [<ifname>] [/<ap>|<nsp>] :: activate the connection
back :: go one level up (back)
help/? [<command>] :: print this help
nmcli <conf-option> <value> :: nmcli configuration
quit :: exit nmcli
nmcli>
#设置网卡的连接方式 auto / static / manual / dhcp
set ipv4.method static
#设置IP地址 192.168.1.9 【 24表示子网掩码为255.255.255.0】
set. ipv4.address 192.168.1.9/24
#设置DNS 8.8.8.8 8.8.4.4
set ipv4.dns 8.8.8.8,8.8.4.4
#设置网关
set ipv4.gateway 172.17.0.1
#保存网络设置
Save
#退出nmcli交互式设置界面
Quit
BOOTPROTO=static 静态IP
BOOTPROTO=dhcp 动态IP
利用好 print 命令 打印配置信息 和 help帮助命令,不知道具体的属性可以随便给一个不存在的属性 比如 xxx , 回车后就会显示正确的属性提示
nmcli> help
—[ Main menu ]—
goto [<setting> | <prop>] :: go to a setting or property
remove <setting>[.<prop>] | <prop> :: remove setting or reset property value
set [<setting>.<prop> <value>] :: set property value
describe [<setting>.<prop>] :: describe property
print [all | <setting>[.<prop>]] :: print the connection
verify [all | fix] :: verify the connection
save [persistent|temporary] :: save the connection
activate [<ifname>] [/<ap>|<nsp>] :: activate the connection
back :: go one level up (back)
help/? [<command>] :: print this help
nmcli <conf-option> <value> :: nmcli configuration
quit :: exit nmcli
nmcli> set
错误:未选择设置;有效的为 [connection, 802-3-ethernet (ethernet), 802-1x, dcb, ipv4, ipv6, proxy]
先使用“goto <设置>”,或“set <设置>.<属性>”
nmcli> set ethernet.xx
错误:无效属性:’xx’ 不在 [port, speed, duplex, auto-negotiate, mac-address, cloned-mac-address, generate-mac-address-mask, mac-address-blacklist, mtu, s390-subchannels, s390-nettype, s390-options, wake-on-lan, wake-on-lan-password] 中
nmcli> set ipv4.xx
错误:无效属性:’xx’ 不在 [method, dns, dns-search, dns-options, dns-priority, addresses, gateway, routes, route-metric, ignore-auto-routes, ignore-auto-dns, dhcp-hostname, dhcp-send-hostname, never-default, may-fail, dad-timeout, dhcp-timeout, dhcp-client-id, dhcp-fqdn] 中
nmcli> set dcb.xx
错误:无效属性:’xx’ 不在 [app-fcoe-flags, app-fcoe-priority, app-fcoe-mode, app-iscsi-flags, app-iscsi-priority, app-fip-flags, app-fip-priority, priority-flow-control-flags, priority-flow-control, priority-group-flags, priority-group-id, priority-group-bandwidth, priority-bandwidth, priority-strict-bandwidth, priority-traffic-class] 中
nmcli> set 802-1x.xx
错误:无效属性:’xx’ 不在 [eap, identity, anonymous-identity, pac-file, ca-cert, ca-cert-password, ca-cert-password-flags, ca-path, subject-match, altsubject-matches, domain-suffix-match, client-cert, client-cert-password, client-cert-password-flags, phase1-peapver, phase1-peaplabel, phase1-fast-provisioning, phase1-auth-flags, phase2-auth, phase2-autheap, phase2-ca-cert, phase2-ca-cert-password, phase2-ca-cert-password-flags, phase2-ca-path, phase2-subject-match, phase2-altsubject-matches, phase2-domain-suffix-match, phase2-client-cert, phase2-client-cert-password, phase2-client-cert-password-flags, password, password-flags, password-raw, password-raw-flags, private-key, private-key-password, private-key-password-flags, phase2-private-key, phase2-private-key-password, phase2-private-key-password-flags, pin, pin-flags, system-ca-certs, auth-timeout] 中
nmcli> set proxy.xx
错误:无效属性:’xx’ 不在 [method, browser-only, pac-url, pac-script] 中
nmcli>
nmcli connection 里面的 print命令
以下的所有的配置信息可以通过 nmcli con mod enp0s8 连接配置项 值 来设置
===============================================================================
连接配置集详情 (enp0s8)
===============================================================================
connection.id: enp0s8
connection.uuid: f8c1e3eb-8d0d-32f0-a875-8e3b6326744f
connection.stable-id: –
connection.interface-name: –
connection.type: 802-3-ethernet
connection.autoconnect: yes
connection.autoconnect-priority: -999
connection.autoconnect-retries: -1 (默认)
connection.timestamp: 1516070244
connection.read-only: no
connection.permissions: –
connection.zone: –
connection.master: –
connection.slave-type: –
connection.autoconnect-slaves: -1 (默认)
connection.secondaries: –
connection.gateway-ping-timeout: 0
connection.metered: 未知
connection.lldp: -1 (default)
802-3-ethernet.port: –
802-3-ethernet.speed: 0
802-3-ethernet.duplex: –
802-3-ethernet.auto-negotiate: no
802-3-ethernet.mac-address: 08:00:27:D4:51:67
802-3-ethernet.cloned-mac-address: –
802-3-ethernet.generate-mac-address-mask:–
802-3-ethernet.mac-address-blacklist: –
802-3-ethernet.mtu: 自动
802-3-ethernet.s390-subchannels: –
802-3-ethernet.s390-nettype: –
802-3-ethernet.s390-options: –
802-3-ethernet.wake-on-lan: 1 (default)
802-3-ethernet.wake-on-lan-password: –
ipv4.method: auto
ipv4.dns: –
ipv4.dns-search: –
ipv4.dns-options: (默认)
ipv4.dns-priority: 0
ipv4.addresses: 172.17.0.20/24
ipv4.gateway: 172.17.0.1
ipv4.routes: –
ipv4.route-metric: -1
ipv4.ignore-auto-routes: no
ipv4.ignore-auto-dns: no
ipv4.dhcp-client-id: –
ipv4.dhcp-timeout: 0
ipv4.dhcp-send-hostname: yes
ipv4.dhcp-hostname: –
ipv4.dhcp-fqdn: –
ipv4.never-default: no
ipv4.may-fail: yes
ipv4.dad-timeout: -1 (默认)
ipv6.method: auto
ipv6.dns: –
ipv6.dns-search: –
ipv6.dns-options: (默认)
ipv6.dns-priority: 0
ipv6.addresses: –
ipv6.gateway: –
ipv6.routes: –
ipv6.route-metric: -1
ipv6.ignore-auto-routes: no
ipv6.ignore-auto-dns: no
ipv6.never-default: no
ipv6.may-fail: yes
ipv6.ip6-privacy: -1 (未知)
ipv6.addr-gen-mode: stable-privacy
ipv6.dhcp-send-hostname: yes
ipv6.dhcp-hostname: –
ipv6.token: –
proxy.method: none
proxy.browser-only: no
proxy.pac-url: –
proxy.pac-script: –
nmcli device help
Usage: nmcli device { COMMAND | help }
COMMAND := { status | show | set | connect | reapply | modify | disconnect | delete | monitor | wifi | lldp }
status
show [<ifname>]
set [ifname] <ifname> [autoconnect yes|no] [managed yes|no]
connect <ifname>
reapply <ifname>
modify <ifname> ([+|-]<setting>.<property> <value>)+
disconnect <ifname> …
delete <ifname> …
monitor <ifname> …
wifi [list [ifname <ifname>] [bssid <BSSID>]]
wifi connect <(B)SSID> [password <password>] [wep-key-type key|phrase] [ifname <ifname>]
[bssid <BSSID>] [name <name>] [private yes|no] [hidden yes|no]
wifi hotspot [ifname <ifname>] [con-name <name>] [ssid <SSID>] [band a|bg] [channel <channel>] [password <password>]
wifi rescan [ifname <ifname>] [[ssid <SSID to scan>] …]
lldp [list [ifname <ifname>]]
示例查看 modify <ifname> ([+|-]<setting>.<property> <value>)+ 中setting和 property的值都有哪些,可以使用以下方式
nmcli device modify enp0s8 set.xx
错误:无效或不允许的设置“set”:’set’ 不在 [connection, 802-3-ethernet (ethernet), 802-1x, dcb, ipv4, ipv6, proxy] 中。
上面的提示可以看到 modify <ifname> ([+|-]<setting>.<property> <value>)+ 中setting 的项目有 connection, 802-3-ethernet (ethernet), 802-1x, dcb, ipv4, ipv6, proxy,
继续查看property的值都有哪些
nmcli device modify enp0s8 connection.xxx 00
错误:无效的属性“xxx”:’xxx’ 不在 [id, uuid, interface-name, type, permissions, autoconnect, autoconnect-priority, autoconnect-retries, timestamp, read-only, zone, master, slave-type, autoconnect-slaves, secondaries, gateway-ping-timeout, metered, lldp, stable-id] 中。
从上面的提示可以看出connection项目的 property有 id, uuid, interface-name, type, permissions, autoconnect, autoconnect-priority, autoconnect-retries, timestamp, read-only, zone, master, slave-type, autoconnect-slaves, secondaries, gateway-ping-timeout, metered, lldp, stable-id
nmcli device modify enp0s8 ethernet.xxx 00
错误:无效的属性“xxx”:’xxx’ 不在 [port, speed, duplex, auto-negotiate, mac-address, cloned-mac-address, generate-mac-address-mask, mac-address-blacklist, mtu, s390-subchannels, s390-nettype, s390-options, wake-on-lan, wake-on-lan-password] 中。
从上面的提示可以看出ethernet项目的 property有port, speed, duplex, auto-negotiate, mac-address, cloned-mac-address, generate-mac-address-mask, mac-address-blacklist, mtu, s390-subchannels, s390-nettype, s390-options, wake-on-lan, wake-on-lan-password
修改连接名称
nmcli device modify enp0s8 connection.
#nmcli con
名称 UUID 类型 设备
Wired connection 1 f8c1e3eb-8d0d-32f0-a875-8e3b6326744f 802-3-ethernet enp0s8
修改Wired connection 1为 enp0s8
nmcli con modify ‘Wired connection 1’ connection.id enp0s8
https://asciinema.org/a/eEoTTYXXYGKjGcDTkfAiW0fLe
最后更新: 2018年02月02日 23:25
原始链接: http://tekin.yunnan.ws/Linux/201801/16-centos7-nmcli.html
