December 16, 2023

Fedora 39 -- nmcli - set up static IP (network manager)

I am new to nmcli, so here we go.
nmcli connection show
NAME                UUID                                  TYPE      DEVICE
Wired connection 1  24d23ba5-8d44-30b6-807e-fa5034338cb0  ethernet  eno1
lo                  f05d5882-f439-44c0-bd2c-de4bceae8c6e  loopback  lo
This could be abbreviated "nmcli c s". In general "c" can be used as an abbreviation for "connection". Also, much to my surprise, you can use autocompletion on "Wired connection 1" in the following commands, typing only "W and then letting a tab finish the command To get lots of details, use either:
nmcli connection show "Wired connection 1"
nmcli con show "Wired connection 1"
nmcli c s "Wired connection 1"

Up and down

These commands work. Be aware that this will trash any ongoing ssh sessions:
nmcli con down "Wired connection 1"
nmcli con up "Wired connection 1"

nmcli interactive

su
nmcli connection edit "Wired connection 1"

First cut at a static IP setup (kills my network)

Using the interactive session just started, I do this:
set ipv4.addresses 196.168.0.5/24
save
quit
Doing just this causes trouble, perhaps I must also set a gateway?

restart the network (seems entirely unnecessary)

I try these, the last works:
service network-manager restart
systemctl restart network.service
systemctl restart NetworkManager.service
Is this lame, or what? No consistency on the names of such things.
Be that as it may, this did not have the desired effect, but doing a down then up does the job and avoids a reboot.

Restore a DHCP setup (get back on the air)

The following got the job done, but there might be better ways.
nmcli con down "Wired connection 1"
nmcli con add type ethernet con-name Bill ifname eno1
And to my amazement, this gets me back on the air! I had expected to have to declare this as auto via "set ipv4.method auto" but that seemed to just happen when I added the new connection. And I did not need to do an "up" on Bill either.

This persists after a reboot, which is nice. I may set up two connections "Wired-dhcp" and "Wired-static". Or maybe just "Wired" for the second. Then I can do up/down on the two while experimenting.

With Bill up and things working, the route command yields:

tom@trona:/u1/home/tom$ route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         agate           0.0.0.0         UG    100    0        0 eno1
192.168.0.0     0.0.0.0         255.255.255.0   U     100    0        0 eno1

We want "Wired" and "Wired-dhcp"

"Bill" above is perfect for Wired-dhcp, so we just need to change the name. We will probably do this by taking it down, deleting it, and staring over.
nmcli con down Bill
nmcli con delete Bill
nmcli con add type ethernet con-name Wired-dhcp ifname eno1
nmcli con up Wired-dhcp
The above worked perfectly and I am back online. I may as well get rid of the overly verbose "Wired connection 1":
nmcli con del "Wired connection 1"
This works fine and does no harm to my existing connection. Now lets try setting up a static "Wired"
nmcli con add type ethernet con-name Wired ifname eno1 ip4 192.168.0.5/24 gw4 192.168.0.1
It adds this without trashing my existing connection (nice!).
Now let's see if we can bring it up via:
nmcli con down Wired-dhcp
nmcli con up Wired
And this works!! I think I am done.
I reboot and verify that I am 192.168.0.5 after a reboot.

What about DNS?

Everything works, but the DNS setup is a mystery. The old reliable "/etc/resolv.conf" is now a link to a stub used by systemd. It specifies 127.0.0.53 as a nameserver, which is some kind of trick to use a service on localhost (or such). The resolv.conf file talks about:
systemd-resolved
resolvectl status
The latter shows:
resolvectl status
Global
         Protocols: LLMNR=resolve -mDNS -DNSOverTLS DNSSEC=no/unsupported
  resolv.conf mode: stub

Link 2 (eno1)
    Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
         Protocols: +DefaultRoute LLMNR=resolve -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: fd4d:b11d:6fb4::1
       DNS Servers: fd80:1456:1955::1 fdd5:c7f2:5d07::1 fd4d:b11d:6fb4::1
So it has several DNS servers specified via ipv6 addresses. I am just going to not worry about it. It works and that is all that matters.

What about the firewall?

I am going to devote an entire page to this.

Where the files live

It is not as bad as I thought. The files are in a directory in /etc and are sensible ascii that can be examined and admired.
cd /etc/NetworkManager/system-connections
ls -l
-rw------- 1 root root 186 Dec 18 13:46 Wired-dhcp.nmconnection
-rw------- 1 root root 219 Dec 18 13:53 Wired.nmconnection

Have any comments? Questions? Drop me a line!

Adventures in Computing / [email protected]