Presentation
nmcli stands for Network Manager Command Line Interface.
With the Network Manager Text User Interface command called nmtui, it is part of the NetworkManager component in charge of the network subsystem (the NetworkManager changelog is available here).
nmcli is a new way to integrate network configuration into scripts.
Five domains are available:
- general: it deals with NetworkManager’s general status and operations,
- networking: it’s about overall networking control,
- radio: it manages NetworkManager radio switches,
- connection: it’s all about NetworkManager’s connections,
- device: it deals with devices managed by NetworkManager.
In addition, the display can be altered by some options: -p to get a nice output, -t to get a minimal one.
Shortcuts are intensively used: g for general, n for networking, etc.
It’s time to see what we can expect from this command.
General
To get a general status, type:
# nmcli general STATE CONNECTIVITY WIFI-HW WIFI WWAN-HW WWAN connected full enabled enabled enabled disabled
To get the same result in a better output, type:
# nmcli -p g ============================================================== NetworkManager status ============================================================== STATE CONNECTIVITY WIFI-HW WIFI WWAN-HW WWAN -------------------------------------------------------------- connected full enabled enabled enabled disabled
To get some informations about the permissions, type:
# nmcli g permissions PERMISSION VALUE org.freedesktop.NetworkManager.enable-disable-network yes org.freedesktop.NetworkManager.enable-disable-wifi yes org.freedesktop.NetworkManager.enable-disable-wwan yes org.freedesktop.NetworkManager.enable-disable-wimax yes org.freedesktop.NetworkManager.sleep-wake yes org.freedesktop.NetworkManager.network-control yes org.freedesktop.NetworkManager.wifi.share.protected yes org.freedesktop.NetworkManager.wifi.share.open yes org.freedesktop.NetworkManager.settings.modify.system yes org.freedesktop.NetworkManager.settings.modify.own yes org.freedesktop.NetworkManager.settings.modify.hostname yes
To get some informations about the level of logging, type:
# nmcli g logging LEVEL DOMAINS WARN PLATFORM,RFKILL,ETHER,WIFI,BT,MB,DHCP4,DHCP6,PPP,IP4,IP6,AUTOIP4,DNS,VPN, SHARING,SUPPLICANT,AGENTS,SETTINGS,SUSPEND,CORE,DEVICE,OLPC,WIMAX,INFINIBAND,FIR EWALL,ADSL,BOND,VLAN,BRIDGE,TEAM,CONCHECK,DCB
To get the server hostname, type:
# nmcli g hostname server.example.com
To assign a new hostname (here desktop.example.com) to the server, type:
# nmcli g hostname desktop.example.com
Networking
To know if you are connected, type:
# nmcli networking enabled
Note: you can stop all connectivity by typing: # nmcli n off
To know the kind of connectivity you’ve got, type:
# nmcli n connectivity full
Note: the other values can be: none if you don’t get any connectivity, portal if you are behind a captive portal and can’t reach the full Internet, limited if you are connected to a host but without access to the Internet, unknown if your status can’t be defined.
Radio
To get the general status of radio, type:
# nmcli radio WIFI-HW WIFI WWAN-HW WWAN enabled enabled enabled disabled
To get the status of wifi, type:
# nmcli radio wifi enabled
Note: Wifi can be enabled or disabled by adding respectively on and off to the previous command.
To get the status of mobile broadband, type:
# nmcli radio wwan disabled
Connection
To get the list of all the available network configurations, type:
# nmcli connection NAME UUID TYPE TIMESTAMP-REAL eth0 94aaedf1-ca71-4789-87c8-88e5367125d5 802-3-ethernet Tue 28 Jan 2014 02:40:18 AM CET eth0 914d2052-f0fd-4a05-86b7-405512427101 802-3-ethernet never EEE 9a3642f0-600d-43f9-b9ce-7e555dd7b45d 802-11-wireless Tue 28 Jan 2014 01:01:58 PM CET
To display details about the network configuration that has never been used, type:
# nmcli c show configured 914d2052-f0fd-4a05-86b7-405512427101 connection.id: eth0 connection.uuid: 914d2052-f0fd-4a05-86b7-405512427101 connection.interface-name: eth0 connection.type: 802-3-ethernet connection.autoconnect: yes connection.timestamp: 0 connection.read-only: no connection.permissions: connection.zone: -- connection.master: -- connection.slave-type: -- connection.secondaries: connection.gateway-ping-timeout: 0 802-3-ethernet.port: -- 802-3-ethernet.speed: 0 802-3-ethernet.duplex: -- 802-3-ethernet.auto-negotiate: yes 802-3-ethernet.mac-address: 52:54:00:8A:45:52 802-3-ethernet.cloned-mac-address: -- 802-3-ethernet.mac-address-blacklist: 802-3-ethernet.mtu: auto 802-3-ethernet.s390-subchannels: 802-3-ethernet.s390-nettype: -- 802-3-ethernet.s390-options: ipv4.method: manual ipv4.dns: 192.168.1.1 ipv4.dns-search: ipv4.addresses: { ip = 192.168.1.2/24, gw = 192.168.1.1 } ipv4.routes: ipv4.ignore-auto-routes: no ipv4.ignore-auto-dns: no ipv4.dhcp-client-id: -- ipv4.dhcp-send-hostname: yes ipv4.dhcp-hostname: -- ipv4.never-default: no ipv4.may-fail: yes ipv6.method: ignore ipv6.dns: ipv6.dns-search: ipv6.addresses: ipv6.routes: ipv6.ignore-auto-routes: no ipv6.ignore-auto-dns: no ipv6.never-default: no ipv6.may-fail: yes ipv6.ip6-privacy: -1 (unknown) ipv6.dhcp-hostname: --
To delete this network configuration, type:
# nmcli c delete 914d2052-f0fd-4a05-86b7-405512427101
To get the list of the active network configurations, type:
# nmcli c show active NAME UUID DEVICES DEFAULT VPN MASTER-PATH eth0 94aaedf1-ca71-4789-87c8-88e5367125d5 eth0 no no --
Note: It would have been possible to activate the previous network configuration before removal by typing:
# nmcli c up 914d2052-f0fd-4a05-86b7-405512427101
To get more information about connection management, go to the page about configuring IPv4 addresses.
You can also edit any kind of connection in an interactive way:
# nmcli c edit 914d2052-f0fd-4a05-86b7-405512427101 ===| nmcli interactive connection editor |=== Editing existing '802-3-ethernet' connection: '914d2052-f0fd-4a05-86b7-405512427101' Type 'help' or '?' for available commands. Type 'describe [<setting>.<prop>]' for detailed property description. You may edit the following settings: connection, 802-3-ethernet (ethernet), 802-1x, ipv4, ipv6, dcb nmcli>
Device
To get the list of all the devices, type:
# nmcli device DEVICE TYPE STATE eth0 ethernet connected wlp3s0 wifi disconnected lo loopback unmanaged
To get details about all the devices, type:
# nmcli d show GENERAL.DEVICE: eth0 GENERAL.TYPE: ethernet GENERAL.VENDOR: Red Hat, Inc GENERAL.PRODUCT: Virtio network device GENERAL.DRIVER: virtio_net GENERAL.DRIVER-VERSION: 1.0.0 GENERAL.FIRMWARE-VERSION: GENERAL.HWADDR: 52:54:00:8A:45:52 GENERAL.STATE: 100 (connected) GENERAL.REASON: 0 (No reason given) GENERAL.UDI: /sys/devices/pci0000:00/0000:00:03.0/virtio0/net/eth0 GENERAL.IP-IFACE: eth0 GENERAL.NM-MANAGED: yes GENERAL.AUTOCONNECT: yes GENERAL.FIRMWARE-MISSING: no GENERAL.CONNECTION: /org/freedesktop/NetworkManager/ActiveConnection/0 CAPABILITIES.CARRIER-DETECT: yes CAPABILITIES.SPEED: unknown CONNECTIONS.AVAILABLE-CONNECTION-PATHS: /org/freedesktop/NetworkManager/Settings/{1} CONNECTIONS.AVAILABLE-CONNECTIONS[1]: 94aaedf1-ca71-4789-87c8-88e5367125d5 | eth0 WIRED-PROPERTIES.CARRIER: on IP4.ADDRESS[1]: ip = 192.168.1.2/24, gw = 0.0.0.0 IP4.ROUTE[1]: dst = 169.254.0.0/16, nh = 0.0.0.0, mt = 1002 IP6.ADDRESS[1]: ip = fe80::5054:ff:fe8a:4552/64, gw = :: GENERAL.DEVICE: wlp3s0 GENERAL.TYPE: wifi GENERAL.VENDOR: Realtek Semiconductor Co., Ltd. GENERAL.PRODUCT: RTL8191SEvB Wireless LAN Controller GENERAL.DRIVER: rtl8192se GENERAL.DRIVER-VERSION: 3.10.0-54.0.1.el7.x86_64 GENERAL.FIRMWARE-VERSION: N/A GENERAL.HWADDR: B4:82:FE:90:41:45 GENERAL.STATE: 30 (disconnected) GENERAL.REASON: 42 (The supplicant is now available) GENERAL.UDI: /sys/devices/pci0000:00/0000:00:1c.1/0000:03:00.0/net/wlp3s0 GENERAL.IP-IFACE: GENERAL.NM-MANAGED: yes GENERAL.AUTOCONNECT: yes GENERAL.FIRMWARE-MISSING: no GENERAL.CONNECTION: not connected CAPABILITIES.CARRIER-DETECT: no CAPABILITIES.SPEED: unknown CONNECTIONS.AVAILABLE-CONNECTION-PATHS: WIFI-PROPERTIES.WEP: yes WIFI-PROPERTIES.WPA: yes WIFI-PROPERTIES.WPA2: yes WIFI-PROPERTIES.TKIP: yes WIFI-PROPERTIES.CCMP: yes WIFI-PROPERTIES.AP: yes WIFI-PROPERTIES.ADHOC: yes AP[1].*: AP[1].SSID: AAA AP[1].MODE: Infra AP[1].CHAN: 1 AP[1].RATE: 54 MB/s AP[1].SIGNAL: 10 AP[1].BARS: ▂___ AP[1].SECURITY: WPA1 AP[2].*: AP[2].SSID: BBB AP[2].MODE: Infra AP[2].CHAN: 11 AP[2].RATE: 54 MB/s AP[2].SIGNAL: 100 AP[2].BARS: ▂▄▆█ AP[2].SECURITY: WPA1 AP[3].*: AP[3].SSID: CCC AP[3].MODE: Infra AP[3].CHAN: 11 AP[3].RATE: 54 MB/s AP[3].SIGNAL: 100 AP[3].BARS: ▂▄▆█ AP[3].SECURITY: WPA2 802.1X AP[4].*: AP[4].SSID: DDD AP[4].MODE: Infra AP[4].CHAN: 6 AP[4].RATE: 54 MB/s AP[4].SIGNAL: 100 AP[4].BARS: ▂▄▆█ AP[4].SECURITY: WPA1 WPA2 AP[5].*: AP[5].SSID: EEE AP[5].MODE: Infra AP[5].CHAN: 11 AP[5].RATE: 54 MB/s AP[5].SIGNAL: 100 AP[5].BARS: ▂▄▆█ AP[5].SECURITY: WEP GENERAL.DEVICE: lo GENERAL.TYPE: loopback GENERAL.VENDOR: -- GENERAL.PRODUCT: -- GENERAL.DRIVER: unknown GENERAL.DRIVER-VERSION: GENERAL.FIRMWARE-VERSION: GENERAL.HWADDR: (unknown) GENERAL.STATE: 10 (unmanaged) GENERAL.REASON: 0 (No reason given) GENERAL.UDI: /sys/devices/virtual/net/lo GENERAL.IP-IFACE: lo GENERAL.NM-MANAGED: no GENERAL.AUTOCONNECT: yes GENERAL.FIRMWARE-MISSING: no GENERAL.CONNECTION: not connected CAPABILITIES.CARRIER-DETECT: yes CAPABILITIES.SPEED: unknown CONNECTIONS.AVAILABLE-CONNECTION-PATHS: IP4.ADDRESS[1]: ip = 127.0.0.1/8, gw = 0.0.0.0 IP6.ADDRESS[1]: ip = ::1/128, gw = ::
To get the list of available wifi access points, type:
# nmcli d wifi * SSID MODE CHAN RATE SIGNAL BARS SECURITY AAA Infra 11 54 MB/s 55 ▂▄__ WPA2 802.1X BBB Infra 11 54 MB/s 54 ▂▄__ WPA1 CCC Infra 1 54 MB/s 49 ▂▄__ WPA1 DDD Infra 11 54 MB/s 44 ▂▄__ WPA1 802.1X EEE Infra 11 54 MB/s 92 ▂▄▆█ WEP
To connect to a wifi access point specified by a SSID (here EEE), type:
# nmcli d wifi connect EEE password '12345678901234567890123456'
To request that NetworkManager rescans for available access points, type:
# nmcli d wifi rescan
Sources: nmcli and nmcli-examples man pages.
Additional Resources
You can browse the official NetworkManager documentation (easier than man pages).
Lubomir Rintel’s blog, Thomas Haller’s blog, and Dan Williams’ blog provide information about NetworkManager and were used for this article about some NetworkManager evolutions.
Francisco Giudici gave a presentation about NetworkManager at DevConf CZ (24min/2018).
Daniel Aleksandersen explains How to take back control of /etc/resolv.conf on Linux.
I had an issue with dates to dns. Any way the reload didn’t work. I was testing this using a virtual client!
Note: suggest not doing through an network client ie ssh!
# nmcli con mod “Wired connection1” ipv4.dns 192.168.1.1
# nmcli con down “Wired connection1”
# nmcli con up “Wired connection1”
Note: it may be an idea placing a reference from the /rhel7-debug-network-services/ to this page !
sam
Try this:
nmcli device disconnect [dev_name]
nmcli connection up [con_name]
where is the base command:
nmcli connection edit [con_name]?
It is the main advantage of nmcli vs text files.
I don’t know whether it’s the main advantage but you are right, I should have mentioned it.
I will try to add it in the tutorial.
Thanks.