Linux 使用nmcli配置网络
前提:
在虚拟机中添加一张桥接模式的网卡,如果是VirtualBox虚拟机中要shutdown才能添加。
1、启动NetworkManager工具,安装nmcli命令支持tab补全的包
[root@despotic ~]# systemctl start NetworkManager [root@despotic ~]# yum install bash-completion -y [root@despotic ~]# bash
安装完成之后就可以在nmcli配置的时候使用tab补全命令了
2、查看新增加的网卡信息和设备信息
[root@despotic ~]# nmcli device DEVICE TYPE STATE CONNECTION ens33 ethernet connected ens33 ens37 ethernet disconnected -- lo loopback unmanaged --
[root@despotic ~]# nmcli connection NAME UUID TYPE DEVICE ens33 e2301185-1a8d-4b12-b1c7-bfbdf84f7a50 802-3-ethernet ens33
可以看见ens37已经有了设备的信息,但是没有ens37网络连接的信息
3、添加网卡信息,此时可以看见ens37的信息
[root@despotic ~]# nmcli connection add type ethernet con-name ens37 ifname ens37 autoconnect yes Connection 'ens37' (894ebf60-16c9-4344-8674-62ad5fb9b2b7) successfully added. [root@despotic ~]# nmcli connection NAME UUID TYPE DEVICE ens33 e2301185-1a8d-4b12-b1c7-bfbdf84f7a50 802-3-ethernet ens33 ens37 894ebf60-16c9-4344-8674-62ad5fb9b2b7 802-3-ethernet ens37
4、为ens37配置ip地址等信息
[root@despotic ~]# nmcli connection modify ens37 ipv4.addresses "192.168.27.36/16" ipv4.gateway 192.168.0.1 ipv4.dns 192.168.0.1 ipv4.method manual connection.autoconnect yes connection.interface-name ens37
重新加载一下,启动ens37就可以看见ens37的网络信息了
[root@despotic ~]# nmcli connection reload [root@despotic ~]# nmcli connection up ens37 Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/4) [root@despotic ~]# nmcli connection show ens37 | grep ipv4 ipv4.method: manual ipv4.dns: 192.168.0.1 ipv4.dns-search: -- ipv4.dns-options: (default) ipv4.dns-priority: 0 ipv4.addresses: 192.168.27.36/16 ipv4.gateway: 192.168.0.1 ipv4.routes: -- ipv4.route-metric: -1 ipv4.ignore-auto-routes: no ipv4.ignore-auto-dns: no ipv4.dhcp-client-id: -- ipv4.dhcp-timeout: 0 ipv4.dhcp-send-hostname: yes ipv4.dhcp-hostname: -- ipv4.dhcp-fqdn: -- ipv4.never-default: no ipv4.may-fail: yes ipv4.dad-timeout: -1 (default) [root@despotic ~]# ifconfig ens37: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.27.36 netmask 255.255.0.0 broadcast 192.168.255.255 inet6 fe80::7649:713d:ac99:83cc prefixlen 64 scopeid 0x20<link> ether 00:0c:29:5f:90:9d txqueuelen 1000 (Ethernet) RX packets 92068 bytes 6024278 (5.7 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 151 bytes 12582 (12.2 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
排除其他因素,此时就可以使用物理机ping同ens37的ip了
如果ping不通,请检查vmware的虚拟网络配置,防火墙等一切因素
5、如果不小心配置错误,可将配置信息删除重新配置(重复3-4步骤)
[root@despotic ~]# nmcli connection delete ens37 Connection 'ens37' (894ebf60-16c9-4344-8674-62ad5fb9b2b7) successfully deleted. [root@despotic ~]# nmcli connection NAME UUID TYPE DEVICE ens33 e2301185-1a8d-4b12-b1c7-bfbdf84f7a50 802-3-ethernet ens33
附加:
(1)给ens37再添加一个ip地址
[root@despotic ~]# nmcli connection modify ens37 +ipv4.addresses "192.168.27.37/16" ipv4.gateway 192.168.0.1 [root@despotic ~]# nmcli connection down ens37 Connection 'ens37' successfully deactivated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/8) [root@despotic ~]# nmcli connection up ens37 Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/9)
可以看见ens37有两个ip
[root@despotic ~]# ip addr show ens37 3: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:5f:90:9d brd ff:ff:ff:ff:ff:ff inet 192.168.27.36/16 brd 192.168.255.255 scope global ens37 valid_lft forever preferred_lft forever inet 192.168.27.37/16 brd 192.168.255.255 scope global secondary ens37 valid_lft forever preferred_lft forever inet6 fe80::8de7:fb4:1c03:22da/64 scope link valid_lft forever preferred_lft forever
(2)给ens37加一个ipv6的地址
[root@despotic ~]# nmcli connection modify ens37 ipv6.addresses 2001::1/64 ipv6.gateway 2001::1 ipv6.dns 2001::1 [root@despotic ~]# nmcli connection reload [root@despotic ~]# nmcli connection down ens37 Connection 'ens37' successfully deactivated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/9) [root@despotic ~]# nmcli connection up ens37 Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/10)
可以看见ens37中已经有了ipv6的地址
[root@despotic ~]# ifconfig ens37: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.27.36 netmask 255.255.0.0 broadcast 192.168.255.255 inet6 fe80::8de7:fb4:1c03:22da prefixlen 64 scopeid 0x20<link> inet6 2001::1 prefixlen 64 scopeid 0x0<global> ether 00:0c:29:5f:90:9d txqueuelen 1000 (Ethernet) RX packets 103348 bytes 6768910 (6.4 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 698 bytes 54398 (53.1 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ping一下也可以pin通
[root@despotic ~]# ping6 2001::1 PING 2001::1(2001::1) 56 data bytes 64 bytes from 2001::1: icmp_seq=1 ttl=64 time=0.121 ms 64 bytes from 2001::1: icmp_seq=2 ttl=64 time=0.128 ms ^C --- 2001::1 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1000ms rtt min/avg/max/mdev = 0.121/0.124/0.128/0.011 ms
注意:
有的时候配置可能没有ipv4.gateway这个选项,可用如下方式配置
ipv4.address "192.168.0.11/24 192.168.0.1"
使用ip addr show eth1 | grep ipv4 可以看见有一条是这样写的,这条信息包含了ip,掩码,网关
ipv.addresses { ip = 192.168.0.11/24, gw = 192.168.0.1 }
附:
nmcli参数和网络配置文件关系对照表
nmcli con mod ---> ifcfg-*文件 ipv4.method manual BOOTRROTO=none ipv4.method auto BOOTRROTO=dhcp ipv4.address "192.168.0.10/24 192.168.0.1" IPAEDDR=192.168.0.10 PREFIX=24 GATEWAY=192.168.0.1 ipv4.dns 8.8.8.8 DNS=8.8.8.8 ipv4.dns-search example.com DOMAIN=example.com ipv4.ignore-auto-dns true PEERNDS=no connection.autoconnect yes ONBOOT=yes connection.id eth0 NAME=eth0 connection.interface-name eth0 DEVICE=eth0 802-3-ethernet.mac-address... HWADDR=...