Centos7 使用 nmcli 命令配置网络详解

使用nmcli命令配置网络 

NetworkManager是管理和监控网络设置的守护进程,设备既就是网络接口,连接是对网络接口的配置,一个网络接口可以有多个连接配置,但同时只有一个连接配置生效。

1 配置主机名 

CentOS6 之前主机配置文件:/etc/sysconfig/network

CentOS7主机名配置文件:/etc/hostname,默认没有这个文件,通过DNS反向解析获取主机名,主机名默认为:localhost.localdomain

显示主机名信息

hostname

hostnamectl status

创建并修改文件并生效

hostnamectl set-hostname deskX.example.com

1

2

3

4

5

[[email protected] ~]# hostnamectl set-hostname centos7.3.com

[[email protected] ~]# hostname

centos7.3.com

[[email protected] ~]# cat /etc/hostname

centos7.3.com

可以看到已经修改成功。

删除文件。回复默认主机名localhost.localdomain

2 常用命令 

nmcli connection show 显示所有连接

nmcli connection show –active    显示所有活动的连接状态

nmcli connection show “ens33”    显示网络连接配置

nmcli device status            显示设备状态

nmcli device show ens33        显示网络接口属性

nmcli connection add help        查看帮助

nmcli connection reload        重新加载配置

nmcli connection down test2        禁用test2的配置,注意一个网卡可以有多个配置。

nmcli connection up test2        启用test2的配置

nmcli device disconnect ens33    禁用ens33网卡,物理网卡

nmcli device connect ens33    启用ens33网卡

图形工具

nm-connection-editor

字符工具

nmtui

nmtui-connect

nmtui-edit

nmtui-hostname

3 创建新连接配置 

(1)创建新连接配置default,IP通过DHCP自动获取

1

2

[[email protected] ~]# nmcli connection add con-name default type Ethernet ifname eth0

Connection ‘default’ (d62f98af-86ed-4735-80aa-2d80351765b2) successfully added.

删除连接

1

2

[[email protected] ~]# nmcli connection delete default

Connection ‘default’ (d62f98af-86ed-4735-80aa-2d80351765b2) successfully deleted.

(2)创建新的连接配置test2,指定静态IP,不自动连接

1

2

[[email protected] ~]# nmcli connection add con-name test2 ipv4.method manual ifname ens33 autoconnect no type Ethernet ipv4.addresses 172.25.100.100/24 gw4 172.25.100.1

Connection ‘test2’ (98385bf5-8cc3-47e3-a5f2-51e2d736be6d) successfully added.

参数说明:

con-name 指定连接名字,没有特殊要求,

ipv4.methmod 指定获取IP地址的方式

ifname 指定网卡设被名,既就是次配置所生效的网卡

autoconnect 指定是否自动启动

ipv4.addresses 指定IPv4地址

gw4指定网关

 

4查看/etc/sysconfig/network-scripts/目录 

会看到多出一个文件ifcfg-test2。说明添加确实生效了。

/etc/sysconfig/network-scripts/ifcfg-test2

1

2

3

[[email protected] ~]# ls /etc/sysconfig/network-scripts/ifcfg-*

/etc/sysconfig/network-scripts/ifcfg-ens33 /etc/sysconfig/network-scripts/ifcfg-lo

/etc/sysconfig/network-scripts/ifcfg-ens34 /etc/sysconfig/network-scripts/ifcfg-test2

5 启用test2连接配置 

1

2

3

[[email protected] ~]# nmcli connection up test2

Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/7)

[[email protected] ~]# systemctl restart network

看下是否生效

[[email protected] ~]# nmcli device show ens33

 

GENERAL.DEVICE: ens33

GENERAL.TYPE: ethernet

GENERAL.HWADDR: 00:0C:29:3A:00:82

GENERAL.MTU: 1500

GENERAL.STATE: 100 (connected)

GENERAL.CONNECTION: test2

GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/7

WIRED-PROPERTIES.CARRIER: on

IP4.ADDRESS[1]: 172.25.100.100/24

IP4.GATEWAY: 172.25.100.1

IP6.ADDRESS[1]: fe80::5a5b:2cc3:a448:e2e1/64

IP6.GATEWAY:

好了,基本的IP地址配置成功

6 修改连接设置 

(1)修改test2为自动启动

1 [[email protected] ~]# nmcli connection modify test2 connection.autoconnect yes

(2)修改DNS为172.25.1.1

1 [[email protected] ~]# nmcli connection modify test2 ipv4.dns 172.25.1.1

(3)添加DNS 114.114.114.114

1 [[email protected] ~]# nmcli connection modify test2 +ipv4.dns 114.114.114.114

看下是否成功

[[email protected] ~]# cat /etc/sysconfig/network-scripts/ifcfg-test2

 

TYPE=Ethernet

[……]

NAME=test2

UUID=98385bf5-8cc3-47e3-a5f2-51e2d736be6d

DEVICE=ens33

ONBOOT=yes

DNS1=172.25.1.1

IPADDR=172.25.100.100

PREFIX=24

GATEWAY=172.25.100.1

DNS2=114.114.114.114

可以看到均已生效

(4)删除DNS

1 [[email protected] ~]# nmcli connection modify test2 -ipv4.dns 114.114.114.114

(5)修改IP地址

1 [[email protected] ~]# nmcli connection modify test2 ipv4.addresses 200.100.100.100/24 gw4 200.100.100.1

(6)还可以添加多个IP

1 [[email protected] ~]# nmcli connection modify test2 +ipv4.addresses 10.10.10.10/8

7 nmcli 命令和/etc/sysconfig/network-scripts/ifcfg-*文件的对应关系 

ipv4.method manual        BOOTPROTO=none

ipv4.method auto        BOOTPROTO=dhcp

ipv4.addresses “192.0.2.1/24   IPADDR=192.0.2.1

PREFIX=24

gw4 192.0.2.254”          GATEWAY=192.0.2.254

ipv4.dns 8.8.8.8         DNS0=8.8.8.8

ipv4.dns-search example.com   DOMAIN=example.com

ipv4.ignore-auto-dns true     PEERDNS=no

connection.autoconnect yes    ONBOOT=yes

connection.id eth0         NAME=eth0

connection.interface-name eth0   DEVICE=eth0

802-3-ethernet.mac-address . . .   HWADDR= . . .

 

 

8 Nmcli命令详解

# nmcli connection help

Usage: nmcli connection { COMMAND | help }

 

COMMAND := { show | up | down | add | modify | clone | edit | delete | monitor | reload | load | import | export }

 

show [–active] [–order <order spec>]

show [–active] [id | uuid | path | apath] <ID> …

 

up [[id | uuid | path] <ID>] [ifname <ifname>] [ap <BSSID>] [passwd-file <file with passwords>]

 

down [id | uuid | path | apath] <ID> …

 

add COMMON_OPTIONS TYPE_SPECIFIC_OPTIONS SLAVE_OPTIONS IP_OPTIONS [– ([+|-]<setting>.<property> <value>)+]

 

modify [–temporary] [id | uuid | path] <ID> ([+|-]<setting>.<property> <value>)+

 

clone [–temporary] [id | uuid | path ] <ID> <new name>

 

edit [id | uuid | path] <ID>

edit [type <new_con_type>] [con-name <new_con_name>]

 

delete [id | uuid | path] <ID>

 

monitor [id | uuid | path] <ID> …

 

reload

 

load <filename> [ <filename>… ]

 

import [–temporary] type <type> file <file to import>

 

export [id | uuid | path] <ID> [<output file>]

 

nmcli 修改网络连接方式,IP 地址, 网关等方法

# nmcli connection edit enp0s8

 

===| nmcli 交互式连接编辑器 |===

 

正在编辑已存的连接“802-3-ethernet”:“enp0s8”

 

对于可用的命令输入“help”或“?”。

输入“describe [<设置>.<属性>]”来获得详细的属性描述。

 

您可编辑下列设置:connection, 802-3-ethernet (ethernet), 802-1x, dcb, ipv4, ipv6, proxy

nmcli>

#查看帮助

nmcli> help

——————————————————————————

—[ Main menu ]—

goto     [<setting> | <prop>]        :: go to a setting or property

remove   <setting>[.<prop>] | <prop> :: remove setting or reset property value

set      [<setting>.<prop> <value>]  :: set property value

describe [<setting>.<prop>]          :: describe property

print    [all | <setting>[.<prop>]]  :: print the connection

verify   [all | fix]                 :: verify the connection

save     [persistent|temporary]      :: save the connection

activate [<ifname>] [/<ap>|<nsp>]    :: activate the connection

back                                 :: go one level up (back)

help/?   [<command>]                 :: print this help

nmcli    <conf-option> <value>       :: nmcli configuration

quit                                 :: exit nmcli

——————————————————————————

nmcli>

 

#设置网卡的连接方式 auto / static / manual / dhcp

set ipv4.method static

#设置IP地址 192.168.1.9 【 24表示子网掩码为255.255.255.0】

set. ipv4.address 192.168.1.9/24

#设置DNS 8.8.8.8 8.8.4.4

set ipv4.dns 8.8.8.8,8.8.4.4

#设置网关

set ipv4.gateway 172.17.0.1

#保存网络设置

Save

#退出nmcli交互式设置界面

Quit

 

 

BOOTPROTO=static 静态IP

BOOTPROTO=dhcp 动态IP

 

利用好 print 命令 打印配置信息 和 help帮助命令,不知道具体的属性可以随便给一个不存在的属性 比如 xxx , 回车后就会显示正确的属性提示

 

nmcli> help

——————————————————————————

—[ Main menu ]—

goto     [<setting> | <prop>]        :: go to a setting or property

remove   <setting>[.<prop>] | <prop> :: remove setting or reset property value

set      [<setting>.<prop> <value>]  :: set property value

describe [<setting>.<prop>]          :: describe property

print    [all | <setting>[.<prop>]]  :: print the connection

verify   [all | fix]                 :: verify the connection

save     [persistent|temporary]      :: save the connection

activate [<ifname>] [/<ap>|<nsp>]    :: activate the connection

back                                 :: go one level up (back)

help/?   [<command>]                 :: print this help

nmcli    <conf-option> <value>       :: nmcli configuration

quit                                 :: exit nmcli

——————————————————————————

nmcli> set

错误:未选择设置;有效的为 [connection, 802-3-ethernet (ethernet), 802-1x, dcb, ipv4, ipv6, proxy]

先使用“goto <设置>”,或“set <设置>.<属性>”

nmcli> set ethernet.xx

错误:无效属性:’xx’ 不在 [port, speed, duplex, auto-negotiate, mac-address, cloned-mac-address, generate-mac-address-mask, mac-address-blacklist, mtu, s390-subchannels, s390-nettype, s390-options, wake-on-lan, wake-on-lan-password] 中

nmcli> set ipv4.xx

错误:无效属性:’xx’ 不在 [method, dns, dns-search, dns-options, dns-priority, addresses, gateway, routes, route-metric, ignore-auto-routes, ignore-auto-dns, dhcp-hostname, dhcp-send-hostname, never-default, may-fail, dad-timeout, dhcp-timeout, dhcp-client-id, dhcp-fqdn] 中

 

nmcli> set dcb.xx

错误:无效属性:’xx’ 不在 [app-fcoe-flags, app-fcoe-priority, app-fcoe-mode, app-iscsi-flags, app-iscsi-priority, app-fip-flags, app-fip-priority, priority-flow-control-flags, priority-flow-control, priority-group-flags, priority-group-id, priority-group-bandwidth, priority-bandwidth, priority-strict-bandwidth, priority-traffic-class] 中

nmcli> set 802-1x.xx

错误:无效属性:’xx’ 不在 [eap, identity, anonymous-identity, pac-file, ca-cert, ca-cert-password, ca-cert-password-flags, ca-path, subject-match, altsubject-matches, domain-suffix-match, client-cert, client-cert-password, client-cert-password-flags, phase1-peapver, phase1-peaplabel, phase1-fast-provisioning, phase1-auth-flags, phase2-auth, phase2-autheap, phase2-ca-cert, phase2-ca-cert-password, phase2-ca-cert-password-flags, phase2-ca-path, phase2-subject-match, phase2-altsubject-matches, phase2-domain-suffix-match, phase2-client-cert, phase2-client-cert-password, phase2-client-cert-password-flags, password, password-flags, password-raw, password-raw-flags, private-key, private-key-password, private-key-password-flags, phase2-private-key, phase2-private-key-password, phase2-private-key-password-flags, pin, pin-flags, system-ca-certs, auth-timeout] 中

nmcli> set proxy.xx

错误:无效属性:’xx’ 不在 [method, browser-only, pac-url, pac-script] 中

nmcli>

 

nmcli connection 里面的 print命令

以下的所有的配置信息可以通过 nmcli con mod enp0s8 连接配置项  值  来设置

===============================================================================

连接配置集详情 (enp0s8)

===============================================================================

connection.id:                          enp0s8

connection.uuid:                        f8c1e3eb-8d0d-32f0-a875-8e3b6326744f

connection.stable-id:                   —

connection.interface-name:              —

connection.type:                        802-3-ethernet

connection.autoconnect:                 yes

connection.autoconnect-priority:        -999

connection.autoconnect-retries:         -1 (默认)

connection.timestamp:                   1516070244

connection.read-only:                   no

connection.permissions:                 —

connection.zone:                        —

connection.master:                      —

connection.slave-type:                  —

connection.autoconnect-slaves:          -1 (默认)

connection.secondaries:                 —

connection.gateway-ping-timeout:        0

connection.metered:                     未知

connection.lldp:                        -1 (default)

——————————————————————————-

802-3-ethernet.port:                    —

802-3-ethernet.speed:                   0

802-3-ethernet.duplex:                  —

802-3-ethernet.auto-negotiate:          no

802-3-ethernet.mac-address:             08:00:27:D4:51:67

802-3-ethernet.cloned-mac-address:      —

802-3-ethernet.generate-mac-address-mask:–

802-3-ethernet.mac-address-blacklist:   —

802-3-ethernet.mtu:                     自动

802-3-ethernet.s390-subchannels:        —

802-3-ethernet.s390-nettype:            —

802-3-ethernet.s390-options:            —

802-3-ethernet.wake-on-lan:             1 (default)

802-3-ethernet.wake-on-lan-password:    —

——————————————————————————-

ipv4.method:                            auto

ipv4.dns:                               —

ipv4.dns-search:                        —

ipv4.dns-options:                       (默认)

ipv4.dns-priority:                      0

ipv4.addresses:                         172.17.0.20/24

ipv4.gateway:                           172.17.0.1

ipv4.routes:                            —

ipv4.route-metric:                      -1

ipv4.ignore-auto-routes:                no

ipv4.ignore-auto-dns:                   no

ipv4.dhcp-client-id:                    —

ipv4.dhcp-timeout:                      0

ipv4.dhcp-send-hostname:                yes

ipv4.dhcp-hostname:                     —

ipv4.dhcp-fqdn:                         —

ipv4.never-default:                     no

ipv4.may-fail:                          yes

ipv4.dad-timeout:                       -1 (默认)

——————————————————————————-

ipv6.method:                            auto

ipv6.dns:                               —

ipv6.dns-search:                        —

ipv6.dns-options:                       (默认)

ipv6.dns-priority:                      0

ipv6.addresses:                         —

ipv6.gateway:                           —

ipv6.routes:                            —

ipv6.route-metric:                      -1

ipv6.ignore-auto-routes:                no

ipv6.ignore-auto-dns:                   no

ipv6.never-default:                     no

ipv6.may-fail:                          yes

ipv6.ip6-privacy:                       -1 (未知)

ipv6.addr-gen-mode:                     stable-privacy

ipv6.dhcp-send-hostname:                yes

ipv6.dhcp-hostname:                     —

ipv6.token:                             —

——————————————————————————-

proxy.method:                           none

proxy.browser-only:                     no

proxy.pac-url:                          —

proxy.pac-script:                       —

——————————————————————————-

 

 

nmcli device help

Usage: nmcli device { COMMAND | help }

 

COMMAND := { status | show | set | connect | reapply | modify | disconnect | delete | monitor | wifi | lldp }

 

status

 

show [<ifname>]

 

set [ifname] <ifname> [autoconnect yes|no] [managed yes|no]

 

connect <ifname>

 

reapply <ifname>

 

modify <ifname> ([+|-]<setting>.<property> <value>)+

 

disconnect <ifname> …

 

delete <ifname> …

 

monitor <ifname> …

 

wifi [list [ifname <ifname>] [bssid <BSSID>]]

 

wifi connect <(B)SSID> [password <password>] [wep-key-type key|phrase] [ifname <ifname>]

[bssid <BSSID>] [name <name>] [private yes|no] [hidden yes|no]

 

wifi hotspot [ifname <ifname>] [con-name <name>] [ssid <SSID>] [band a|bg] [channel <channel>] [password <password>]

 

wifi rescan [ifname <ifname>] [[ssid <SSID to scan>] …]

 

lldp [list [ifname <ifname>]]

 

 

示例查看 modify <ifname> ([+|-]<setting>.<property> <value>)+ 中setting和 property的值都有哪些,可以使用以下方式

 

# nmcli device modify enp0s8 set.xx

错误:无效或不允许的设置“set”:’set’ 不在 [connection, 802-3-ethernet (ethernet), 802-1x, dcb, ipv4, ipv6, proxy] 中。

上面的提示可以看到 modify <ifname> ([+|-]<setting>.<property> <value>)+ 中setting 的项目有 connection, 802-3-ethernet (ethernet), 802-1x, dcb, ipv4, ipv6, proxy,

继续查看property的值都有哪些

# nmcli device modify enp0s8 connection.xxx 00

错误:无效的属性“xxx”:’xxx’ 不在 [id, uuid, interface-name, type, permissions, autoconnect, autoconnect-priority, autoconnect-retries, timestamp, read-only, zone, master, slave-type, autoconnect-slaves, secondaries, gateway-ping-timeout, metered, lldp, stable-id] 中。

从上面的提示可以看出connection项目的 property有 id, uuid, interface-name, type, permissions, autoconnect, autoconnect-priority, autoconnect-retries, timestamp, read-only, zone, master, slave-type, autoconnect-slaves, secondaries, gateway-ping-timeout, metered, lldp, stable-id

# nmcli device modify enp0s8 ethernet.xxx 00

错误:无效的属性“xxx”:’xxx’ 不在 [port, speed, duplex, auto-negotiate, mac-address, cloned-mac-address, generate-mac-address-mask, mac-address-blacklist, mtu, s390-subchannels, s390-nettype, s390-options, wake-on-lan, wake-on-lan-password] 中。

从上面的提示可以看出ethernet项目的 property有port, speed, duplex, auto-negotiate, mac-address, cloned-mac-address, generate-mac-address-mask, mac-address-blacklist, mtu, s390-subchannels, s390-nettype, s390-options, wake-on-lan, wake-on-lan-password

 

修改连接名称

nmcli device modify enp0s8 connection.

 

#nmcli con

名称                UUID                                  类型            设备

Wired connection 1  f8c1e3eb-8d0d-32f0-a875-8e3b6326744f  802-3-ethernet  enp0s8

 

修改Wired connection 1为 enp0s8

nmcli con modify ‘Wired connection 1’ connection.id enp0s8

 

https://asciinema.org/a/eEoTTYXXYGKjGcDTkfAiW0fLe

打赏作者

您的支持将鼓励我们继续创作!

[微信] 扫描二维码打赏

[支付宝] 扫描二维码打赏

发表评论

电子邮件地址不会被公开。 必填项已用*标注