(RHSA 124)

Chapter 11:
Managing Red Hat
Enterprise Linux
Networking
Prepared by: A h m e d H a m za
SPRING 2020
Outline:
o Goal:
o To configure basic IPv4 networking on Red Hat Enterprise Linux systems
o Objectives:
o Explain fundamental concepts of computer networking
o Test and review current network configuration with basic utilities
o Manage network settings and devices with nmcli and NetworkManager
o Modify network settings by editing the configuration files
o Configure and test system host name and name resolution
Outline (Cont’d):
o Sections:
o Networking Concepts
o Validating Network Configuration
o Configuring Networking with nmcli
o Editing Network configuration files
o Configuring host names and name resolution
o Lab:
o Managing Red Hat Enterprise Linux Networking
Managing Red Hat Enterprise Linux
Networking
NETWORKING CONCEPTS
Network Concepts
o Objectives:
o After completing this section, students should be able to explain
fundamental concepts of computer networking

o IPv4 Networking:
o TCP/IP standards follow a four-layer network model specified in RFC1122
o Application
o Transport
o Internet
o Link
Network Concepts(Cont’d)
o TCP/IPLayers:
o Application:
- Each application has specifications for communication so that clients and servers may
communicate across platforms
- Common Protocols: SSH  Remote login, HTTPS  Secure web, NFS  File sharing, SMTP 
Electronic mail delivery
o Transport:
- Transport protocols are TCP and UDP as TCP is a reliable connection-oriented communication
while UDP is a connectionless datagram protocol
- A list of well-known and registered ports can be found in the /etc/services file
- When a packet is sent on the network, the combination of the service port and IP address
forms a socket, each packet as a source and destination socket.
- This information can be used when monitoring and filtering
Network Concepts(Cont’d)
o TCP/IP Layers:
o Internet:
- The internet or network layer carries data from source host to destination host
- Each host has an ip address and a prefix used to determine network addresses
- ICMP (Internet Control Message Protocol) is a control protocol at this layer
- The ping utility is an example of using ICMP packets to test connectivity
o Link:
- The link layer provides the connection to physical media
- The most common types of networks are wired Ethernet (802.3) and wireless WLAN (802.11)
- Each physical device here has a hardware address (MAC) which is used to identify the
destination of packets on the local network segment
Network Concepts(Cont’d)
o IPv4 addresses:
o An IPv4 address is 32-bit number,
normally expressed in decimal as four
octets ranging in value from 0 to 255,
separated by dots
o The address is divided into two parts:
the network part and host part
o All hosts on the same subnet, which
can talk to each other directly
without a router
o No two hosts on the same subnet can
have the same host part
o In modern internet, the size of an
IPv4 subnet is variable
Network Concepts(Cont’d)
o IPv4 addresses:
o To know which part of IPv4 address is
the network part and which is the
host part, an administrator must
know the netmask which is assigned
to the subnet.
o The netmask indicates how many bits
of the IPv4 address belong to the
subnet.
o The more bits that are available for
the host part, the more hosts can be
on the subnet
o The lowest possible address on a
subnet (host part is all zeros in
binary) is sometimes called network
address
Network Concepts(Cont’d)
o IPv4 addresses:
o The lowest possible address on a
subnet (host part is all zeros in binary)
is called network address
o The highest possible address on a
subnet (host part is all ones in binary)
is used for broadcast messages in
IPv4, and is called the broadcast
address
o Netmasks are expressed in two forms.
o The older syntax: uses X bits for
the network part for example:
255.255.0.0 or 255.255.255.0
o The newer syntax: which specify
a network prefix as shown
here /16 and /24
Network Concepts(Cont’d)
o IPv4 addresses:
o The special address 127.0.0.1 always
points to the local system(“localhost”),
and the network 127.0.0.0/8 belongs
to the local system, so that it can talk
to itself using network protocols
Network Concepts(Cont’d)
o IPv4 routing:
o Whether using IPv4 or IPv6, network traffic needs to move from host to host and from network to
network
o Each host has a routing table, which tells it how to route traffic for particular networks
o The routing table entries will list a destination network, which interface to send the traffic out, and
the IP address of any intermediate router that is required to relay the message to its final
destination
o The routing table entry which matches the destination of the network traffic is used to route it
o If two entries match, the one with longest prefix is used
o If the network traffic does not match a more specific route, the routing table usually has an entry
for a default route to the entire IPv4 internet, 0.0.0.0/0
o This default route points to a router on a reachable subnet
o If a router receives traffic that is not addressed to it, instead of ignoring it like a normal host, it
forwards the traffic based on its own routing table
o This may send the traffic directly to the destination host or it may be forwarded on to another
router. This process of forwarding continues until the traffic reaches its final destination
Network Concepts(Cont’d)
Example routing table:
Destination Interface Router (if needed)
192.0.2.0/24 Interface_1 ----------

192.168.5.0/24 Interface_2 ----------

0.0.0.0/0 (default) Interface_3 192.168.5.254

o In this example, traffic headed for the IP address 192.0.2.102 from this host will be transmitted directly
via interface_1, because it matches the 192.0.2.0/24 route most closely
o Traffic for the IP address 192.168.5.3 will be transmitted directly to that destination via interface_2,
because it matches the 192.168.5.0/24 route most closely
Network Concepts(Cont’d)
Example routing table:
Destination Interface Router (if needed)
192.0.2.0/24 Interface_1 ----------

192.168.5.0/24 Interface_2 ----------

0.0.0.0/0 (default) Interface_3 192.168.5.254

o Traffic for IP address 10.2.24.1 will be transmitted out the interface_3 to router at 192.168.5.245, which
will forward that traffic on its final destination as that traffic matches the 0.0.0.0/0 route most closely as
there is not a more specific route in the routing table of this host
o The router will use its own routing table to determine where to forward that traffic to next
Network Concepts(Cont’d)
o Names and IP addresses:
o The IP protocol uses addresses to communicate, but human beings would rather work with names
o It is long and hard to remember strings of numbers
o DNS, Domain Name System
o It is distributed network of servers that maps host names to IP addresses
o In order for name service to work, the host needs to be pointed at a nameserver
o This nameserver does not need to be on the same subnet; it just needs to be reachable by
the host
o DHCP and Static network configuration:
o Many systems are configured to obtain network settings automatically at boot time
o If DHCP server is not available, the system must use a static configuration where the network
settings are read from a local configuration file. The correct network settings are obtained from
network administrator or architecture team to ensure there are no conflicts with other systems
o Since DHCP uses the hardware address to track assignments, only one address may be assigned
per interface with DHCP, but multiple static addresses may be assigned to a single interface
Network Concepts(Cont’d)
o Network interface names:
o Traditionally, network interfaces in Linux are enumerated as eth0, eth1, eth2 and so on
o As the default naming behavior in Red Ha Enterprise Linux is to assign fixed names based on
firmware, device topology, and device type
o Interface names have the following characters:
o Ethernet interfaces begin with en
o WLAN (Wireless Local Area Network) interfaces begin with wl
o WWAN (Wireless Wide Area Network) interfaces begin with ww
o The next character(s) represents the type of adapter with an
o O for on-board
o S for hotplug slot
o P for PCI geographic location
o A number N is used to represent and index, ID, or port
o If the fixed name cannot be determined, the traditional names such as ethN will be used
Managing Red Hat Enterprise Linux
Networking
VALIDATING NETWORK CONFIGURATION
Network Concepts(Cont’d)
o Objectives:
o After completing this section, students should be able to test and review current network
configuration with basic utilities
o Displaying IP addresses:
o To show all interfaces:
[Student@ServerX ~]$ ip addr
Interface 1

Interface 2

Interface 3

Interface 4
Network Concepts(Cont’d)
o Displaying IP addresses:
o To show a specific interface:
[Student@ServerX ~]$ ip addr show ens33
1
2
3 4

No. Description
1 An active interface has the status of UP
2 The link line specifies the hardware (MAC) address of the device
3 The inet line shows the IPv4 address and prefix
4 The broadcast address, scope, and device name are also on this line
5 The inet6 line shows IPv6 information
 Network Concepts(Cont’d)
o Displaying IP addresses:
o The IP command is also used to show statistics about network performance. The received (RX) and
transmitted (TX) packets, errors, and dropped counters can be used to identify network issues
caused by congestion, low memory, and overruns
o [Student@ServerX ~]$ ip –s link show ens33

Receiver (RX)
Transmitter (TX)
Network Concepts(Cont’d)
o Troubleshooting Routing:
o [Student@ServerX ~]$ ip route
o All packets destined for the 10.1.10.0/24 network will be sent directly to the destination through
the device ens33
o All packets destined for the 192.168.122.0/24 network will be sent directly to the destination
through the device virbr0
o All other packets will be sent to the default router located at 10.1.10.1 via device ens33
Network Concepts(Cont’d)
o Troubleshooting Routing:
o The ping command is used to test
connectivity. The command will continue to
run until a Control-c is pressed unless
options are given to limit the number of
packets sent
o [Student@ServerX ~]$ ping –c3 ip_address
o -c3 is an option that limits the number of
packets sent which here will be 3 (it can be
c4, c5,….)
Network Concepts(Cont’d)
o Troubleshooting Routing:
o To trace the path to a remote host, use either traceroute or tracepath. Both commands can be used
to trace a path with UPD packets; however, many networks block UDP and ICMP traffic.
o The traceroute command has options to trace the path with:
o UDP (default)
o ICMP ( -I )
o TCP ( -T )
o Each line in the output of
tracepath represents a router or hop
that the packet passes through
between the source and the final
destination
o Additional information is provided as
available, including the round trip
time (RTT) and any changes in the
maximum transmission unit (MTU) size
Network Concepts(Cont’d)
o Troubleshooting ports and services:
o TCP services use sockets as end points for communication and are made up of an IP address, protocol,
and port number. Services typically listen on standard ports while clients use a random available port.
o Well known names for standard ports are listed in the /etc/services file
o The ss command is used to display socket statistics
o It is similar to the netstat command, which is also available but may not be installed by default
Network Concepts(Cont’d)
o Troubleshooting ports and services:
o The “*” is used to represent “all” when
referencing IPv4 addresses or ports
o [1]  the port used for SSH is listening
on all IPv4 addresses
o [2]  the port used for SMTP is listening on
127.0.0.1 IPv4 loopback interface
o [3]  the established SSH connection is on
the 172.25.x.10 interface and originates from
a system with an address of 172.25.254.254
o [4]  The port used for SSH is listening on all IPv6 addresses, the “::” syntax is used to represent all IPv6
interfaces
o [5]  the port used for SMTP is listening on the ::1 IPv6 loopback interface
Network Concepts(Cont’d)
o Troubleshooting ports and services:
o Options for ss and netstat:
Option Description
-n Show numbers instead of names for interfaces and ports
-t Show TCP sockets
-u Show UDP sockets
-l Show only listening sockets
-a Show all (listening and established) sockets
-p Show the process using the sockets
Managing Red Hat Enterprise Linux
Networking
CONFIGURING NETWORKING WITH NMCLI
 Configuring Network with nmcli
o Objectives:
o After completing this section, students should be able to manage network settings and devices with
nmcli and NetworkManager
o Network Manager:
o It a daemon (service) that monitors and manages network settings
o In addition, there is a GNOME notification area applet that provides network status information on the
top right
o Command-line and graphical tools talk to NetworkManager and save configuration files in the
/etc/sysconfig/network-scripts directory
o A device is a network interface
o A connection is a configuration used for a device which is made up of a collection of settings
o Multiple connections may exist for a device, but only one may be active at a time
o For example: a system may normally be connected to a network with settings provided by DHCP.
Occasionally, that system needs to be connected to a lab or data center network which only uses
static networking. Instead of changing the configuration manually, each configuration can be
stored as a separate connection
 Configuring Network with nmcli
(Cont’d)
o Viewing network information with nmcli:
o To display a list of all connections, use nmcli con show
o To list only the active connections, add - - active option

Here,
- nmcli  network
manger command
line interface
- con  connection
Configuring Network with nmcli
(Cont’d)
o Viewing network information with nmcli:
o To specify a connection ID (name) to see the details of that connection
o [root@serverX ~]$ nmcli con show connection_name
Configuring Network with nmcli
(Cont’d)
o Viewing network information with nmcli:
o The nmcli command can also be used to show device status and details
o [root@serverX ~]$ nmcli con show connection_name
o [root@serverX ~]$ nmcli dev show connection_name

The first command is used

to show the type, state and
name of the interfaces

The second command is used to

represent details about a
specific interface (device)
Configuring Network with nmcli
(Cont’d)
o Creating network connections with nmcli:
o When creating a new connection with nmcli, the order of the arguments is important
o The common arguments appear first and must include the type and interface
o Next, specify any type-specific arguments and finally specify the IP address, prefix, and
gateway information
o Multiple IP addresses may be specified for a single device “interface”
o Additional settings such as a DNS server are set as modifications once the connection exists
Configuring Network with nmcli
(Cont’d)
o Creating network connections with nmcli:
o Examples of creating new connections:
1. Define a new connection named “default” which will auto connect as an Ethernet connection on
the eth0 device using DHCP
[root@serverX ~]$ nmcli con add con-name connection_name type connect_type ifname device_name
[root@serverX ~]$ nmcli con add con-name default type Ethernet ifname eth0
 Configuring Network with nmcli
(Cont’d)
o Creating network connections with nmcli:
o Examples of creating new connections:
2. Create a new connection named “static” , device name esn33, type is “Ethernet” specify the IP
address and gateway. Do not autoconnect.
“we have to get the IPv4 address and gateway of ens33 interface first”
[root@serverX ~]$ nmcli dev show “ens33”

IPv4 address of “ens33”

IPv4 gateway of “ens33”

Configuring Network with nmcli
(Cont’d)
o Creating network connections with nmcli:
o Examples of creating new connections:
2. Create a new connection named “static” , device name esn33, type is “Ethernet” specify the IP
address and gateway. Do not autoconnect.
“we have to get the IPv4 address and gateway of ens33 interface first”
[root@serverX ~]$ nmcli dev show “ens33”
[root@serverX ~]$ nmcli con add con-name connection_name ifname device_name autoconnect
[Yes/No] type type ipv4 IPv4_address/subnet_mask gw4 gateway_address
[root@serverX ~]$ nmcli con add con-name “static” ifname ens33 autoconnect no type Ethernet ipv4
10.1.10.100/24 gw4 10.1.10.1
Configuring Network with nmcli
(Cont’d)
o Creating network connections with nmcli:
o Examples of creating new connections:
3. The system will autoconnect with the DHCP connection at boot. Change to the static connection
[root@serverX ~]$ nmcli con up “static”

4. Change to the DHCP connection

[root@serverX ~]$ nmcli con up “default”
Configuring Network with nmcli
(Cont’d)
o Modifying network interfaces with nmcli:
o An existing connection may be modified with nmcli con mod arguments
o The arguments are sets of key/value pairs
o The key includes a setting name and a property name
o Use nmcli con show “<ID>” to see a list of current values for a connection
Configuring Network with nmcli
(Cont’d)
o Modifying network interfaces with nmcli:
o Examples of connection modifications:
- Turn off autoconnect for the connection “static”
[root@serverX ~]$ nmcli con mod connection_name connection.autoconnect no
[root@serverX ~]$ nmcli con mod “static” connection.autoconnect no

- Specify a DNS server

[root@serverX ~]$ nmcli con mod connection_name ipv4.dns ipv4_address
[root@serverX ~]$ nmcli con mod “static” ipv4.dns 10.1.10.1

- Some configuration arguments may have values added or removed. Add +/- symbol infront of the
argument. Add a secondary DNS server
[root@serverX ~]$ nmcli con mod connection_name +/- another_configuration_argument
[root@serverX ~]$ nmcli con mod “static” +ipv4.dns 8.8.8.8
Configuring Network with nmcli
(Cont’d)
o Modifying network interfaces with nmcli:
o Examples of connection modifications:
- Replace the static IP address and gateway
[root@serverX ~]$ nmcli con mod connection_name ipv4.addresses IPV4_address/netmask
ipv4.gateway gateway address
[root@serverX ~]$ nmcli con mod “static” ipv4.addresses 172.25.1.10/24 ipv4.gateway
172.25.1.254

- Add a secondary IP address without a gateway

[root@serverX ~]$ nmcli con mod connection_name +ipv4.addresses IPV4_address/netmask

[root@serverX ~]$ nmcli con mod “static” +ipv4.addresses 10.10.10.10/16

 Configuring Network with nmcli
(Cont’d)
o Nmcli commands
Command Use
nmcli dev status List of all devices (interfaces)
nmcli con show List all connections (configurations)
nmcli con show name List the current settings for the connection name
nmcli con add con-name name Add a new connection named name
nmcli con mod name Modify the connection name
nmcli con del name Delete the connection name and its configuration file
nmcli con reload Reload the configuration files (useful after they have been edited by hand)
nmcli con up name Activate the connection name
nmcli dev dis dev Deactivate and disconnect the current connection on the network interface dev
Managing Red Hat Enterprise Linux
Networking
CONFIGURING NETWORK CONFIGURATION FILES
Configuring network configuration files
o Objectives:
o After completing this section, students should be able to modify network settings by editing the
configuration files

o Modifying network configuration:

o It is also possible to configure the network by editing interface configuration files
o Interface configuration files control the software interfaces for individual network devices
o These files are usually named /etc/sysconfig/network-scripts/ifcfg-<name>
o <name> refers to the name of the device or connection that the configuration file controls
 Configuring network configuration files
/etc/sysconfig/
network-scripts
directory

Ethernet devices
(interfaces)
- ens33
- static-eth0
Configuring network configuration files
o Modifying network configuration:
o The following file is ifcfg-ens33 as the standard variables found in the file used for static or
dynamic configuration
Configuring network configuration files
o Modifying network configuration:
o Configuration options for ifcfg File
Static Dynamic Either
BootProto = none BOOTPROTO=dhcp Device = ens33

IPADDR0 = 10.1.10.100 Name = static-eth0 s

s
PERFIX0 = 24 ONBOOT = yes

GATEWAY0 = 10.1.10.1 UUID =b061d866…..

DEFROUTE = yes USERCTL = yes

DNS1 = 10.1.10.1
Configuring network configuration files
o Modifying network configuration:
o Configuration options for ifcfg File
o In the static settings, variables for IP address, prefix, and gateway have a number at the end. This
allows multiple sets of values to be assigned to the interface. (IPADDR0, PERFIX0 and GATEWAY0)
o The DNS variable also has a number which is used to specify the order of lookup when multiple
servers are specified
o After modifying the configuration files, run nmcli con reload to make NetworkManager read the
configuration changes
o The interface still needs to be restarted for changes to take effect
 Configuring network configuration files
o Modifying network configuration:

Show all the devices (interfaces) status

Ens33 is activated

Disable the device (interface) ens33

Restart the interface

Show all the devices (interfaces) status

Ens33 is deactivated

Activate the device (interface) ens33

Show all the devices (interfaces) status

Ens33 is activated again
Managing Red Hat Enterprise Linux
Networking
CONFIGURING HOST NAMES AND NAME RESOLUTION
Configuring host names and name
resolution
o Objectives:
o After completing this section, students should be able to configure and test system host name and
name resolution

o Changing the system host name:

o The hostname command displays or temporarily modifies the system’s fully qualified host name
[root@serverX ~]$ hostname
Configuring host names and name
resolution
o Changing the system host name:
o A static host name may be specified in the /etc/hostname file
o The hostnamectl command is used to modify this file and may be used to view the status of the
system’s fully qualified host name
o If this file does not exist, the host name is set by a reverse DNS query once the interface has an IP
address assigned
[root@serverX ~]$ hostname
Configuring host names and name
resolution
o Changing the system host name:
o A static host name may be specified in the /etc/hostname file
o The hostnamectl command is used to modify this file and may be used to view the status of the
system’s fully qualified host name
[root@serverX ~]$ hostnamectl set-name new_name
This command is used to change the hostname at
/etc/hostname file Old Hostname

[root@serverX ~]$ hostnamectl status New Hostname

This command is used to show the system’s fully qualified System’s fully qualified
hostname hostname
Configuring host names and name
resolution
o Configuring name resolution:
o The stub resolver is used to convert host names to IP address or the reverse
o The contents of the file /etc/hosts are checked first
[root@serverX ~]$ cat /etc/hosts
Configuring host names and name
resolution
o Configuring name resolution:
o The getent hosts hostname command can be used to test host name resolution with the
/etc/hosts file. a
[root@serverX ~]$ getent hosts
www.guc.edu.eg

IP Address  Hostname
Configuring host names and name
resolution
o Configuring name resolution:
o The /etc/resolv.conf file controls how this query is done
[root@serverX ~]$ cat /etc/resolv.conf
Configuring host names and name
resolution
o Configuring name resolution:
o The host hostname command can be used to get the ip address of a website or to get the domain name

[root@serverX ~]$ host www.guc.edu.eg

[root@serverX ~]$ host 127.0.0.1

Thank you
Good luck 