Note: This is an RHCSA 7 exam objective.
Presentation
Although it is still possible to define the network configuration through the files in the /etc/sysconfig/network-scripts directory, it’s not the preferred way any more (don’t forget to execute # nmcli con reload if you manually modify the files!).
With RHEL 7, all the network configuration is now mainly done through NetworkManager (the NetworkManager changelog is available here).
You can use:
- the nmtui command and a Text User Interface,
- the nmcli command at the Command Line Interface,
- or the graphical interface.
For the rest of this tutorial, it is the nmcli option that has been chosen because it’s the quickest method and arguably the least prone to errors.
Changes made through the nmcli command are permanent.
Caution: To practice this tutorial in the best conditions, connect to the machine through its console (you could otherwise loose your connection!).
Network Configuration
To display the network configuration, type:
# nmcli con show NAME UUID TYPE DEVICE ethernet-eth0 8d83684f-cd22-42cc-9fff-7704945a5c36 802-3-ethernet eth0
Note: con is a shortcut for connection (you can even type only c).
Alternatively, you can type:
# nmcli dev status DEVICE TYPE STATE CONNECTION eth0 ethernet connected ethernet-eth0 lo loopback unmanaged --
To remove a connection (here ethernet-eth0), type:
# nmcli con del ethernet-eth0
Note1: If a space appears in the interface name (like System eth0), put everything between quotes: nmcli con del “System eth0”.
Note2: del is a shortcut for delete.
or
# nmcli con del 8d83684f-cd22-42cc-9fff-7704945a5c36
Connection Management
To create a connection with the name ethernet-eth0, the IPv4 address 192.168.1.10/24 and the default gateway 192.168.1.1, type:
# nmcli con add con-name net-eth0 ifname eth0 type ethernet ip4 192.168.1.10/24 gw4 192.168.1.1 Connection 'net-eth0' (441085a4-4155-417b-ad8f-78a888d89988) successfully added.
Note1: If you don’t specify con-name net-eth0, the connection is called ethernet-eth0.
Note2: If you don’t specify the ip4 192.168.1.10/24 gw4 192.168.1.1 part, you end up with a connection automatically configured through DHCP.
Note3: nmcli con up net-eth0 is not necessary when initially configuring a connection.
Note4: ip4 and gw4 are used for respectively the ip address and the default gateway. Below, you will see that the syntax when modifying a connection is different: it’s then using ipv4.addresses and a space between the ip address and the default gateway.
To check the configuration, type:
# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff inet 192.168.1.10/24 brd 192.168.1.255 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::0000:00:0000:0000/64 scope link valid_lft forever preferred_lft forever # ip r default via 192.168.1.1 dev eth0 proto static metric 1024 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.10
Note1: ip a is a shortcut for ip address show, ip r a shortcut for ip route show.
Note2: Don’t use the ifconfig command any more. This command is deprecated and no longer displays the correct network configuration (secondary ip addresses, etc).
To get all the information about a connection (here net-eth0), type:
# nmcli con show net-eth0 connection.id: net-eth0 connection.uuid: 441085a4-4155-417b-ad8f-78a888d89988 connection.interface-name: eth0 connection.type: 802-3-ethernet connection.autoconnect: yes connection.timestamp: 1427832564 connection.read-only: no connection.permissions: connection.zone: -- connection.master: -- connection.slave-type: -- connection.secondaries: connection.gateway-ping-timeout: 0 802-3-ethernet.port: -- 802-3-ethernet.speed: 0 802-3-ethernet.duplex: -- 802-3-ethernet.auto-negotiate: yes 802-3-ethernet.mac-address: -- 802-3-ethernet.cloned-mac-address: -- 802-3-ethernet.mac-address-blacklist: 802-3-ethernet.mtu: auto 802-3-ethernet.s390-subchannels: 802-3-ethernet.s390-nettype: -- 802-3-ethernet.s390-options: ipv4.method: manual ipv4.dns: ipv4.dns-search: ipv4.addresses: { ip = 192.168.1.10/24, gw = 192.168.1.1 } ipv4.routes: ipv4.ignore-auto-routes: no ipv4.ignore-auto-dns: no ipv4.dhcp-client-id: -- ipv4.dhcp-send-hostname: yes ipv4.dhcp-hostname: -- ipv4.never-default: no ipv4.may-fail: yes ipv6.method: auto ipv6.dns: ipv6.dns-search: ipv6.addresses: ipv6.routes: ipv6.ignore-auto-routes: no ipv6.ignore-auto-dns: no ipv6.never-default: no ipv6.may-fail: yes ipv6.ip6-privacy: -1 (unknown) ipv6.dhcp-hostname: -- GENERAL.NAME: net-eth0 GENERAL.UUID: 441085a4-4155-417b-ad8f-78a888d89988 GENERAL.DEVICES: eth0 GENERAL.STATE: activated GENERAL.DEFAULT: yes GENERAL.DEFAULT6: no GENERAL.VPN: no GENERAL.ZONE: -- GENERAL.DBUS-PATH: /org/freedesktop/NetworkManager/ActiveConnection/0 GENERAL.CON-PATH: /org/freedesktop/NetworkManager/Settings/0 GENERAL.SPEC-OBJECT: -- GENERAL.MASTER-PATH: -- IP4.ADDRESS[1]: ip = 192.168.1.10/24, gw = 192.168.1.1 IP6.ADDRESS[1]: ip = fe80::0000:00:0000:0000/64, gw = ::
Alternatively, you can type:
# nmcli dev show eth0 GENERAL.DEVICE: eth0 GENERAL.TYPE: ethernet GENERAL.HWADDR: 00:00:00:00:00:00 GENERAL.MTU: 1500 GENERAL.STATE: 100 (connected) GENERAL.CONNECTION: net-eth0 GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/0 WIRED-PROPERTIES.CARRIER: on IP4.ADDRESS[1]: 192.168.1.10/24 IP4.GATEWAY: 192.168.4.10 IP4.DNS[1]: 192.168.4.1 IP6.ADDRESS[1]: fe80::0000:00:0000:0000/64 IP6.GATEWAY:
To stop a network connection from working (here net-eth0), type:
# nmcli con down net-eth0 # nmcli con show NAME UUID TYPE DEVICE net-eth0 441085a4-4155-417b-ad8f-78a888d89988 802-3-ethernet --
Note1: The — shows that the connection isn’t active any more (add the –active option to only display active connections).
Note2: You can specify the UUID (here 441085a4-4155-417b-ad8f-78a888d89988) instead of the network connection name.
Note3: After reboot, the connection still restarts automatically, the property connection.autoconnect being set to yes, equivalent to ONBOOT=yes.
To start a network connection (here net-eth0), type:
# nmcli con up net-eth0 Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/1)
Note: As before, you can specify the UUID (here 441085a4-4155-417b-ad8f-78a888d89988) instead of the network connection name.
To prevent the connection (here net-eth0) to restart after reboot, type:
# nmcli con mod net-eth0 connection.autoconnect no
Note: mod is a shortcut for modify.
To change the ip address and default gateway of the net-eth0 connection to respectively 192.168.2.10/24 and 192.168.2.1, type:
In RHEL 7.0:
# nmcli con mod net-eth0 ipv4.addresses "192.168.2.10/24 192.168.2.1" # nmcli con mod net-eth0 ipv4.method manual # nmcli con up net-eth0 Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/2)
From RHEL 7.1 on:
# nmcli con mod net-eth0 ipv4.addresses 192.168.2.10/24 # nmcli con mod net-eth0 ipv4.gateway 192.168.2.1 # nmcli con mod net-eth0 ipv4.method manual # nmcli con up net-eth0 Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/2)
Caution: The command nmcli con mod net-eth0 ipv4.addresses “192.168.2.10/24 192.168.2.1” with a space between the ip address and the default gateway, all between quotes, was working in RHEL 7.0/CentOS 7.0 but doesn’t in RHEL 7.1/CentOS 7.1 and later due to NetworkManager changes (v0.9.9.1 -> v1.0.0).
Note1: You can use the syntax +ipv4.addresses or -ipv4.addresses to respectively add other ip addresses or remove some previously set (the initial one included).
Note2: The syntax is different from the one you used to initially set up the connection with ip4 and gw4.
Note3: According to the nmcli RedHat documentation, the ipv4.method property can have different values: auto means an appropriate automatic method (DHCP, PPP, etc) will be used for the interface, link-local refers to a link-local address in the 169.254/16 range that will be assigned to the interface, manual means static IP addressing is used and at least one IP address must be given in the addresses property, shared indicates that the connection will provide network access to other computers and the interface will be assigned an address in the 10.42.x.1/24 range with a DHCP and forwarding DNS server being started and the interface is NAT-ed to the current default network connection, disabled means IPv4 will not be used on this connection.
With the RHEL 7.3 release, NetworkManager now performs a check to detect duplicate IPv4 addresses when activating a new connection. If the address in LAN is already assigned, the connection activation fails. This feature is disabled by default, but you can enable it by the ipv4.dad-timeout property or the ARPING_WAIT variable in the ifcfg files.
To assign the net-eth0 connection to the work zone, type:
# firewall-cmd --permanent --zone=work --change-interface=eth0 success # nmcli con mod net-eth0 connection.zone work # nmcli con up net-eth0 Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/3)
Note1: Instead of using the nmcli con mod command, you can also edit the /etc/sysconfig/network-scripts/ifcfg-eth0 file (here for the eth0 network interface), add a ZONE=work statement and restart the network interface with nmcli con up net-eth0.
Note2: For more details about the firewall-cmd command and the concept of zone, see the Firewalld Getting Started page.
Hostname Configuration
In RHEL 7, there are three kinds of hostnames: static, pretty, and transient.
“The static host name is the traditional hostname, which can be chosen by the user, and is stored in the /etc/hostname file. The transient hostname is a dynamic host name maintained by the kernel. It is initialized to the static host name by default, whose value defaults to localhost. It can be changed by DHCP or mDNS at runtime. The pretty hostname is a free-form UTF8 host name for presentation to the user.” Source: RHEL 7 Networking Guide.
To get the server hostnames, type:
# hostnamectl Static hostname: centos7.example.com Icon name: computer Chassis: n/a Machine ID: 8f56e45764474b668b0db97b4127a01b Boot ID: 2ae7e6c78331414b82aa89a0ffcfa9fa Virtualization: kvm Operating System: CentOS Linux 7 (Core) CPE OS Name: cpe:/o:centos:centos:7 Kernel: Linux 3.10.0-123.el7.x86_64 Architecture: x86_64
Alternatively, you can use the hostname command to only get the host name (this reads the /etc/hostname file):
# hostname centos7.example.com
Note: You can even get the same result with the command nmcli gen host.
To permanently assign the rhel7 hostname to the server, type:
# hostnamectl set-hostname rhel7
Note1: With this syntax all three hostnames (static, pretty, and transient) take the rhel7 value at the same time. However, it is possible to set the three hostnames separately by using the –pretty, –static, and –transient options.
Note2: The nmcli gen host rhel7 command will give you the same result.
Caution: With the RHEL 7.3 release, NetworkManager now uses the systemd-hostnamed service to read and write the static host name, which is stored in the /etc/hostname file. Due to this change, manual modifications done to the /etc/hostname file are no longer picked up automatically by NetworkManager. Users should change the system host name through the hostnamectl utility. Also, the use of the HOSTNAME variable in the /etc/sysconfig/network file is now deprecated.
Hostname Resolution
Hostname resolution relies on the /etc/nsswitch.conf file where you can find the following line by default:
hosts: files dns
This means that hostname resolution is at first done through files (static resolution) then dns (dynamic resolution).
The static hostname resolution comes through the /etc/hosts file:
192.168.1.10 centos7.example.com centos7
Note: Always write the IP address, the Full Qualified Domain Name and optionally some aliases in this order, otherwise some services like Kerberos will not work!
The dynamic hostname resolution is based on the /etc/resolv.conf file:
# Generated by NetworkManager search example.com nameserver 192.168.1.1
Note: You can have up to 3 nameservers configured. As nameservers are called in the mentioned order (the second is called if the first doesn’t reply and so on), always put the main nameserver first in the list.
To add a DNS server (here 8.8.8.8) to the configuration of the connection (here net-eth0), type:
# nmcli con mod net-eth0 +ipv4.dns 8.8.8.8 # nmcli con up net-eth0 Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/4) # more /etc/resolv.conf # Generated by NetworkManager search example.com nameserver 192.168.1.1 nameserver 8.8.8.8
Note1: Use +ipv4.dns to add a new DNS server, -ipv4.dns to remove a DNS server and ipv4.dns to replace the current DNS server.
Note2: The change only occurs after the connection is restarted.
Note3: Use the ipv4.dns-search option to change the domain name if necessary. Be careful to set the correct full qualified domain name before with the hostnamectl set-hostname command.
To add a domain name in the search list (here example2.com), type:
# nmcli con mod net-eth0 +ipv4.dns-search example2.com # nmcli con up net-eth0 Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/5) # more /etc/resolv.conf # Generated by NetworkManager search example2.com example.com nameserver 192.168.1.1 nameserver 8.8.8.8
You can’t remove a DNS server provided through DHCP with the previous command (with the -ipv4.dns option for example), you will get this error message: “Error: failed to remove a value from ipv4.dns: the property doesn’t contain DNS server ‘192.168.1.1’.”.
If you want to set your own DNS configuration in this context, type:
# nmcli con mod net-eth0 ipv4.ignore-auto-dns yes
Note: You get the same result by specifying PEERDNS=no in the network configuration files.
With RHEL 7.3 comes the ipv4.dhcp-timeout property or the IPV4_DHCP_TIMEOUT option in the ifcfg files. As a result, NetworkManager now waits for a response from the DHCP server only for a given time.
Additional Resources
You can watch Ralph Nyberg‘s video about Setting up the network configuration (15min/2015).
You can also have a look at a presentation given by Bert Van Vreckem about Troubleshooting Network Services on EL7 (38min/2018) (doc),
Beyond the exam objectives, you could be interested in Tuning 10GB network interface.
IBM wrote a document about Disabling IPv6 in RHEL 7.
Hello,
I am wondering in the exam, can we use nmtui instead of these complex commands?
Yes, you can but the nmtui command is not so simple.
Have you (or anyone) ran into having to use IPv4.address, instead of ipv4? I’ve checked various sources and haven’t seen anywhere use capital letters in any examples.
To my knowledge, capital letters are not used.
To change the ip address and default gateway of the net-eth0 connection to
respectively 192.168.2.10/24 and 192.168.2.1, type:
# nmcli con mod net-eth0 ipv4.addresses 192.168.2.10/24
# nmcli con mod net-eth0 ipv4.gateway 192.168.2.1
# nmcli con mod net-eth0 ipv4.method manual
# nmcli con up net-eth0
Question: It is required to edit the ipv4.method to manual while
changing the ip and gateway? Thanks
Yes, I think so.
When setting ipv4.method to manual, you assign none to the BOOTPROTO environment variable. If you don’t do it or set ipv4.method to auto, there is dhcp in the BOOTPROTO environment variable.
Thanks CertDepot.
You’re welcome.
Hi CertDepot,
If there is a question on the exam to create a static connection, is it okay that instead of editing the dhcp configuration (for example device ens33 with dhcp connection to make it static), can I just add a new connection as static then disable the ens33 connection? Let’s assume that I create con name ‘CertDepot’ using ens33 device. Then I will up CertDepot connection then down ens33 connection?
I don’t think you will have complicated network questions as you just specified.
Keep things simple. Be able to set up static and DHCP configurations. It’s all.
hi CertDepot, please can I edit directly the file config of network /etc/network/interfaces using vim
No, you can’t. The configuration files are located in the /etc/sysconfig/network-scripts directory.
Network interface files have a name starting with ifcfg- followed by the interface name (for example ifcfg-eth0).
You can edit these files with vim, you will then need to reload the configuration with the nmcli con reload command. But, watch out for typos!
One slightly complicated alternative is to use the nmcli con mod command to change an existing configuration.
Finally, you should look at the nmtui tool, it’s perhaps your best option.
Very clear and systematic explanation 🙂 Liked it very much.
Request you add about network testing, once network is setup.
To confirm that the configuration done is correct or not.
What would you like me to add?
I don’t completely understand why you don’t recommend to use nmcli console interactively.
In my opinion, the main advantage of this tool is to not remember distinct commands.
Go to console via: “nmcli connection edit” and you can execute command print, set, remove etc.
almost like on the network devices 🙂
Hi
Can you please help, what is the difference between systemctl restart network and systemctl restart NetworkManager .
See the below behavior, if I have two connections, there is a flapping after apply the above two commands, is this a bug?
[root@server ~]# nmcli con show
NAME UUID TYPE DEVICE
server 5383d2b8-d591-40cf-bfe2-92af2b400394 802-3-ethernet eno16777728
eth 346044d0-a4ff-4290-b64a-39d8d0e304f7 802-3-ethernet —
[root@server ~]# systemctl restart network
[root@server ~]# nmcli con show
NAME UUID TYPE DEVICE
server 5383d2b8-d591-40cf-bfe2-92af2b400394 802-3-ethernet —
eth 346044d0-a4ff-4290-b64a-39d8d0e304f7 802-3-ethernet eno16777728
[root@server ~]# systemctl restart NetworkManager
[root@server ~]# nmcli con show
NAME UUID TYPE DEVICE
server 5383d2b8-d591-40cf-bfe2-92af2b400394 802-3-ethernet eno16777728
eth 346044d0-a4ff-4290-b64a-39d8d0e304f7 802-3-ethernet —
[root@server ~]#
Concerning the difference between systemctl restart network and systemctl restart NetworkManager, I could say this is a very good question!
I think there are two different network components. You can disable NetworkManager and still get a running system.
However, I don’t think you can stop the network component. At the end, I think the network component calls the NetworkManager at some point but can run without it through simple configuration files.
In the next version of RHEL 7 (RHEL 8?), it shouldn’t be possible to disable NetworkManager.
Concerning your flapping problem, it could be a bug, but I don’t know more than you about it.
As @twostep mention, use “nmcli con edit CONNECTIONAME” to edit the connection is way better than knowing all the commands. You can use “print all” to get all the settings.prop value. With that in mind, you can easily use “set setting.property value” to change the configs.
For example, the connection name is “net-eth1” and you want to turn it to DHCP (auto) instead of static:
# nmcli con edit net-eth1
> print all
> remove ipv4.gateway
> remove ipv4.address
> set ipv4.method auto
> set ipv4.dns 8.8.8.8 8.8.4.4
> verify all
> save persistent
> quit
What you say is interesting, but this greatly depends on what you need to do.
Let everyone decide which way he prefers.
A quick question: at this stage of the exam, do I have access to the GUI? If so, then nmtui would be preferable. Waiting for you reply.
You don’t need a GUI to be able to use nmtui (NetworkManager Text User Interface).
Thank you so much. You’re such a nice person
You are too kind. Thank you.
Hello fellow RHCSA candidates. nmcli is hard for everyone, but it doesn’t have to be, even on the exam. I have always been a huge fan of the EXAMPLES section that some man pages offer because I find real-world examples more instructive than reading long lists of command options. The good news for RH exam takers at ALL levels, nmcli has the best EXAMPLES section I’ve ever seen. In fact, there is even a man page called nmcli-examples, though it is overkill for the RHCSA. Just type “man nmcli” and then use “/EXAMPLES” (no quotes) to search for them. If the first match isn’t the right one, you can hit ‘n’ to go to the next match until you find it, and BOOM! Just remember that you aren’t going to have time on the exam to be reading and reading. But if you familiarize yourself with the EXAMPLES section beforehand, you can quickly find a reminder on exam day.
Yes, I agree. Thanks.
I had some issues during the EX200 exam where it appeared that I had to manually specify my route? Its possible that I had done something to clear the routes but just wondering if it is normally required that you set the route manually?
Good day, in the RHCSA exam do I need to install redhat? Do I need to setup lvm partition etc?? Which vm should I prefer??
You should definitively learn how to install an RHEL 7 or CentOS 7 distribution. With CentOS, no registration will be required. With RHEL, you will need a free developer license.
Yes, knowing how to deal with LVM partitions is mandatory but there is nothing complicated.
Thanks, btw which of these tools that we’re going to use in exam. { VMWare, VirtualBox, kvm etc}.
Virtualization should use something like RHEV based on KVM.
What is the difference between, KVM and VIRTUAL BOX?? Kvm is new sounds for me. Apologized for my ignorance.
KVM and Virtual Box are two different solutions of virtualization. KVM is a Linux solution (Linux kernel module) when Virtual Box is a multi-platform solution (it runs on Linux but also on Windows). Virtual Box is easier to install and manage but brings limited performance. KVM is more production grade.
You can choose any one of them to prepare the RHCSA and RHCE exams.
Sadly, I’ve seen both used in production (don’t ask).
CertDepot’s reply makes perfect sense, VirtualBox is easier to deploy because it’s a type-2 hypervisor. KVM is type-1 (or baremetal). That’s the biggest difference if you ask me. Having said that, you can run VirtualBox inside a KVM guestOS, but you cannot run KVM inside a VirtualBox guestOS (VirtualBox does not support nested virtualisation).
Thank, feedback appreciated.!
CD,
This is noted. Last question, when it comes firewall, what should be the status of this service, do I need to kill that service or let it alive during the exam??
Hi CD,
All commands above, is that all we can do in rhcsa exam?? I was just wondering, for what purpose of the command: “vi /etc/sysconfig/network-scrips/ifcfg-enp0s3”??
Which of these the two tools that should I prefer? Please advice.
You can use any command that you like during the exam, be it nmcli, nmtui, iproute2 toolkit or even net-tools (considered deprecated) as long as you can do the job using them. You can also edit configuration files directly (for example vim ifcfg-enp0s3).
Since there are many ways to skin a cat, my advice would be to use whatever tool you feel comfortable with during the exam. The way you do it doesn’t matter that much, the important thing is the outcome.
Ok, very clear to me. “/etc/sysconfig/network-scripts/enp0s3 ” is the easiest way for me.
Is it still necessary to do ipv4.method manual after changing ip address.
nmcli con mod “con-name” ipv4.method manual
I have been following Sander’s 2017 vids and Cert Guide and nowhere did he mention ipv4.method
Initially with RHEL 7.0, you had to do it, otherwise you got your IP address through DHCP.
As NetworkManager saw major new releases, things may have changed.
The best method is to try.
Thank you.
I failed the EX200, one of the reasons was that the VM could not download some files (I used curl for downloading but the telnet was not working either). The DNS resolution was ok, but anything would end in “no route to host”. What I don’t understand, there is no Routing Objective in RHCSA. What’s my mistake?
Why did you need to download files?
I needed to install a kernel which was stored on a web server. Both yum and curl failed although the DNS solving was ok.
Maybe is there anything to check with the networking, I was using a static IP but I can’t find my mistake.
Without the details, the most likely problem is a type-o, or the URL was incorrect. CertDepot has a page on this. This is difficult to troubleshoot without details, and you can’t give details with regard to the NDA. We can only ask what steps you tried. If your are using an ip address or a dns type address, did you reboot/rebuild?
In short practice, use different methods to install a kernel. CertDepot has an example of how to set up a http local server. With a small modification a ftp version of this can be used.
If you look at the comment from HaCKeR 2 months 3 days ago, it is probably something similar.
Did you try ping, or nmap, or nslookup, or dig? “no route to host” could be any number of reason, firewall, etc.
nslookup : ok
ping : ko
curl : ko
stopping firewall and selinux on the guest : still ko
What I would’ve started with:
1. Resolve the DNS name of the webserver to see what IP address it points to.
2. Do “ip ro” to see the routing table of the server.
3. Identify whether the webserver is on the same network and is routable. If so, do “wget http://example.com/download/whatever/required” and see what happens.
Let’s suppose that you configure a static IP with nmtui (ip/24, gateway, dns, search domain). What happens if the webserver is not on the same network?
If the webserver is not on the same network, then a request will go via the default gateway. If the gateway has no knowledge of how to reach the webserver, you will get no route to host. Then you have to add a static route for the webserver.
So I had the same problem in the RHCE exam, that resulted in a failure as well.
Default route was provided by DHCP (I left it on DHCP), and shown via route -n
I added a manual route just to be sure.
Firewall was off (Both iptables and firewalld)
SELinux disabled (Just to be sure)
Nslookup worked
Everything else said no route to host
Traceroute returned !X on the routers
!X means “communication administratively prohibited” and !Z “communication with destination host administratively prohibited”
I’m at a loss as to why it failed too.
Usually a route table (also know as a NAT) is set up. This is a RHCE objective.
What is the solution in this case? eg your vm has dhcp ip 192.168.1.2/24 gw 192.168.1.1…etc the server with the repo is at 10.0.1.10/24?
I’ll be taking my rhcsa next week and this makes me very nervous because being unable to setup a repo pretty much fucks everything else. Please advice ty.
How to resolve
Error: Failed to modify connection ‘virbr0’: (32) ipv4.addresses: this property is not allowed for ‘method=disabled’
What were you trying to do?
The ‘br’ in virbr0 implies this is a virtual bridge.
The order of setting is important, off the top of my head you have to set the method before setting the ip address. you may have to do trial and error approach.
Hello,
Regarding the IPv6 configuration on the RHCE exam, the IPv6 credentials (ip6 address, ip6 gateway, ip6 dns) will be provided by the examiner or will I convert the IPv4 address to a IPv6 address in order to configure it in the NIC?
All details will be provided.
Unfortunately due to a NDA, we can’t tell you what details are on exam. I will direct you to take a closer look at the RHCE objectives.
Ok, thanks. Also in the RHCE objectives the following one: “Configure host-based and user-based security for the service” is related to tcp wrappers?
Possibly, there are different methods to secure different services. The answer is in knowing the relevant service and knowing the method(s) to secure the service.
Not necessarily. To avoid repeating myself, here is the link you can follow:
https://www.lisenet.com/2016/configure-host-based-and-user-based-security-for-the-service-on-rhel-7/
Will nmtui be available in the exam? Can I safely use this tools instead of nmcli (I will study this, anyway!)
Yes, nmtui should be available in the exam.
Hello,
Instead of using nmcli is it possible in the exam to directly modify the ifcfg-ensX file in order to set up the networking ?
nmcli options are not easy to remember and you would have to try it many times to get it right, so it could be a wasting time !
Yes, you can but you have to be careful.
What if you mistakenly delete an ifcfg-em1 ( for example ) file. Is there a way to rebuild / restore it ?
Sorry, I don’t know.
For any reason I now have my lab on VMWARE WORKSTATION which seems broken and I can’t find out to solve the issue. It’s not possible to have the network interface working anymore, I have tried removing the network interfaces, adding new ones, etc.. nothing helped.
[root@ipa ~]# nmcli con up eth33
Error: Connection activation failed: No suitable device found for this connection.
What to do in such case if anyone knows ?
IF it is a VMWARE issue, I cant help.
Have you tried
nmcli device status
nmcli device show
These may point you in the right direction.