介绍NetworkManager、centos8、nmcli
CentOS 7中同时支持network.service和NetworkManager.service(简称NM)2种方式配置网络,而在CentOS 8中已经废弃network.service,必须通过NetworkManager.service配置网络。
nmcli是用于控制NetworkManager和报告网络状态的命令行工具。它可以用来替代nm-applet或其他图形客户机。nmcli用于创建、显示、编辑、删除、激活和停用网络连接,以及控制和显示网络设备状态。
nmcli语法及常用选项
Usage: nmcli [OPTIONS] OBJECT { COMMAND | help }
OPTIONS
-a, --ask ask for missing parameters ## 使用此选项时,nmcli将停止并请求任何缺少的必需参数,因此不要将此选项用于脚本等非交互目的。例如,此选项控制在连接到网络时是否需要输入密码。
-c, --colors auto|yes|no whether to use colors in output ## 高亮显示结果到标准输出
-e, --escape yes|no escape columns separators in values ## 指定字段分隔符
-f, --fields <field,...>|all|common specify fields to output ## 指定显示的字段
-g, --get-values <field,...>|all|common shortcut for -m tabular -t -f ## 过滤字段,适用于脚本-m, --mode tabular|multiline output mode ## 指定输出格式。tabular以表格形式显示。multiline多行显示-p, --pretty pretty output ## 优雅的展示结果-t, --terse terse output ## 简洁输出-w, --wait <seconds> set timeout waiting for finishing operations ## 指定超时时间
OBJECT
g[eneral] NetworkManager's general status and operations
n[etworking] overall networking control
r[adio] NetworkManager radio switches
c[onnection] NetworkManager's connections
d[evice] devices managed by NetworkManager
a[gent] NetworkManager secret agent or polkit agent
m[onitor] monitor NetworkManager changes
-a
-f 以指定字段显示网卡信息
可用字段GENERAL,CAPABILITIES,WIFI-PROPERTIES,AP,WIRED-PROPERTIES,WIMAX-PROPERTIES,NSP,IP4,DHCP4,IP6,DHCP6,BOND,TEAM,BRIDGE,VLAN,BLUETOOTH,CONNECTIONS。不区分大小写
[root@test ~]# nmcli -p -f ip4,ip6,general,wifi-properties device show eth0 =============================================================================== Device details (eth0) =============================================================================== IP4.ADDRESS[1]: 172.17.201.88/20 IP4.GATEWAY: 172.17.207.253 IP4.ROUTE[1]: dst = 0.0.0.0/0, nh = 172.17.207.253, mt = 100 IP4.ROUTE[2]: dst = 172.17.192.0/20, nh = 0.0.0.0, mt = 100 IP4.DNS[1]: 100.100.2.136 IP4.DNS[2]: 100.100.2.138 ------------------------------------------------------------------------------- IP6.ADDRESS[1]: fe80::216:3eff:fe0e:4531/64 IP6.GATEWAY: -- IP6.ROUTE[1]: dst = fe80::/64, nh = ::, mt = 256 IP6.ROUTE[2]: dst = ff00::/8, nh = ::, mt = 256, table=255 ------------------------------------------------------------------------------- GENERAL.DEVICE: eth0 GENERAL.TYPE: ethernet GENERAL.NM-TYPE: NMDeviceEthernet GENERAL.VENDOR: Red Hat, Inc. GENERAL.PRODUCT: Virtio network device GENERAL.DRIVER: virtio_net GENERAL.DRIVER-VERSION: 1.0.0 GENERAL.FIRMWARE-VERSION: -- GENERAL.HWADDR: 00:16:3E:0E:45:31 GENERAL.MTU: 1500 GENERAL.STATE: 100 (connected) GENERAL.REASON: 0 (No reason given) GENERAL.IP4-CONNECTIVITY: 4 (full) GENERAL.IP6-CONNECTIVITY: 4 (full) GENERAL.UDI: /sys/devices/pci0000:00/0000:00:05.0/virtio2/net/eth0 GENERAL.IP-IFACE: eth0 GENERAL.IS-SOFTWARE: no GENERAL.NM-MANAGED: yes GENERAL.AUTOCONNECT: yes GENERAL.FIRMWARE-MISSING: no GENERAL.NM-PLUGIN-MISSING: no GENERAL.PHYS-PORT-ID: -- GENERAL.CONNECTION: System eth0 GENERAL.CON-UUID: 5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03 GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1 GENERAL.METERED: no (guessed) -------------------------------------------------------------------------------
常用的object
g[eneral] 常规选项
语法:nmcli general {status | hostname | permissions | logging} [ARGUMENTS...]
使用此命令可以显示NetworkManager的状态和权限。也可以获取和更改系统主机名,以及NetworkManager的日志级别和域。包含4个命令,即status、hostname、permissions、logging
status
显示NetworkManager的状态,这是默认选项
[root@test ~]# nmcli general status STATE CONNECTIVITY WIFI-HW WIFI WWAN-HW WWAN connected full enabled enabled enabled enabled [root@test ~]# nmcli g status STATE CONNECTIVITY WIFI-HW WIFI WWAN-HW WWAN connected full enabled enabled enabled enabled [root@test ~]# nmcli g STATE CONNECTIVITY WIFI-HW WIFI WWAN-HW WWAN connected full enabled enabled enabled enabled
hostname
缺省时,通过读取/etc/hostname文件获取当前主机的主机名。
[root@test ~]# cat /etc/hostname test [root@test ~]# nmcli general hostname test
当指定新的主机名时,NetworkManager会设置一个新的主机名,从而修改/etc/hostname文件
[root@test ~]# nmcli general hostname hehe [root@test ~]# nmcli general hostname hehe [root@test ~]# cat /etc/hostname hehe
permissions
显示当前用户对NetworkManager的操作权限。 如启用和禁用网络、更改WI-FI和WWAN状态、修改连接等
[root@test ~]# nmcli g permissions PERMISSION VALUE org.freedesktop.NetworkManager.enable-disable-network yes org.freedesktop.NetworkManager.enable-disable-wifi yes org.freedesktop.NetworkManager.enable-disable-wwan yes org.freedesktop.NetworkManager.enable-disable-wimax yes org.freedesktop.NetworkManager.sleep-wake yes org.freedesktop.NetworkManager.network-control yes org.freedesktop.NetworkManager.wifi.share.protected yes org.freedesktop.NetworkManager.wifi.share.open yes org.freedesktop.NetworkManager.settings.modify.system yes org.freedesktop.NetworkManager.settings.modify.own yes org.freedesktop.NetworkManager.settings.modify.hostname yes org.freedesktop.NetworkManager.settings.modify.global-dns yes org.freedesktop.NetworkManager.reload yes org.freedesktop.NetworkManager.checkpoint-rollback yes org.freedesktop.NetworkManager.enable-disable-statistics yes org.freedesktop.NetworkManager.enable-disable-connectivity-check yes org.freedesktop.NetworkManager.wifi.scan unknown
logging
获取和更改NetworkManager日志记录级别和域,没有任何参数当前日志记录级别和域显示
[root@test ~]# nmcli -m multiline g logging
LEVEL: INFO
DOMAINS: PLATFORM,RFKILL,ETHER,WIFI,BT,MB,DHCP4,DHCP6,PPP,IP4,IP6,AUTOIP4,DNS,VPN,SHARING,SUPPLICANT,AGENTS,SETTINGS,SUSPEND,CORE,DEVICE,OLPC,INFINIBAND,FIREWALL,ADSL,BOND,VLAN,BRIDGE,TEAM,CONCHECK,DCB,DISPATCH,AUDIT,SYSTEMD,PROXY
n[etworking] 网络控制
语法:nmcli networking {on | off | connectivity} [ARGUMENTS...]
查询NetworkManager的网络状态,开启和关闭网络。有三个命令:
on:开启所有网络接口
off:关闭所有网络接口
connectivity:获取网络状态。check参数告诉NetworkManager重新检测网络连接性,否则将显示最近感知的网络状态,并且不重新检测
- none :主机未连接到任何网络
- portal:主机在一个被捕获的入口之后并且无法访问整个互联网络。
- limited:主机已经连接到网络,但是无法访问互联网
- full:主机已经连接到网络,并且可以访问互联网
- unknown:未知状态
[root@hehe ~]# uname -a Linux hehe 4.18.0-147.5.1.el8_1.x86_64 [root@hehe ~]# nmcli n ## 这时,无法远程连接 disabled [root@hehe ~]# nmcli n on [root@hehe ~]# nmcli n enabled
[root@hehe ~]# nmcli n connectivity check full [root@hehe ~]# nmcli n connectivity full
r[adio] 无线限传输控制
语法:nmcli radio {all | wifi | wwan} [ARGUMENTS...]
显示无线交换机开关状态,或开启和关闭交换机
[root@hehe ~]# nmcli g STATE CONNECTIVITY WIFI-HW WIFI WWAN-HW WWAN connected full enabled enabled enabled enabled [root@hehe ~]# nmcli r WIFI-HW WIFI WWAN-HW WWAN enabled enabled enabled enabled [root@hehe ~]# nmcli r all off [root@hehe ~]# ping baidu.com PING baidu.com (39.156.69.79) 56(84) bytes of data. 64 bytes from 39.156.69.79 (39.156.69.79): icmp_seq=1 ttl=52 time=5.38 ms 64 bytes from 39.156.69.79 (39.156.69.79): icmp_seq=2 ttl=52 time=5.24 ms 64 bytes from 39.156.69.79 (39.156.69.79): icmp_seq=3 ttl=52 time=5.25 ms ^C --- baidu.com ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 4ms rtt min/avg/max/mdev = 5.238/5.291/5.382/0.087 ms [root@hehe ~]# nmcli r WIFI-HW WIFI WWAN-HW WWAN enabled disabled enabled disabled
connection 连接管理
语法: nmcli connection {show | up | down | modify | add | edit | clone | delete | monitor | reload | load | import | export} [ARGUMENTS...]
命令参数:
show 有两种用法
1、查看活动的连接,也可以进行排序(+-为升降序)默认为升序
[root@hehe ~]# nmcli c s NAME UUID TYPE DEVICE System eth0 5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03 ethernet eth0 [root@hehe ~]# nmcli c s --order -active NAME UUID TYPE DEVICE System eth0 5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03 ethernet eth0
将所有连接按类型排序
[root@hehe ~]# nmcli c show --order -type
NAME UUID TYPE DEVICE
System eth0 5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03 ethernet eth0
add
添加一个新的连接,需要指定新创建连接的属性,语法与modify相同。
- con-name连接名称
- type:网络类型
- autoconnect:自动连接
- ifname:连接到的设备名
[root@hehe ~]# nmcli c add con-name eth2 type ethernet autoconnect yes ifname eth2 Connection 'eth2' (dd7e45de-6910-4a7b-88c0-be1ed28b23ae) successfully added.
[root@hehe ~]# nmcli c s NAME UUID TYPE DEVICE eth1 69609727-cbbf-479d-ae87-a76256c520b9 ethernet eth0 eth2 dd7e45de-6910-4a7b-88c0-be1ed28b23ae ethernet -- System eth0 5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03 ethernet --
modify
更改的属性可以使用nmcli connection show 设备名 进行获取,然后进行修改、添加或删除属性,如果要设置属性,只需指定属性名称和值,空值将删除属性,同一属性使用+添加,- 删除
添加多个ip
[root@hehe ~]# nmcli connection modify eth1 +ipv4.addresses 172.16.100.7/24 [root@hehe ~]# nmcli connection modify eth1 +ipv4.addresses 192.168.50.7/24 [root@hehe ~]# nmcli -f IP4 connection show eth1 IP4.ADDRESS[1]: 172.17.203.6/20 IP4.ADDRESS[2]: 172.17.201.88/20 IP4.GATEWAY: 172.17.207.253 IP4.ROUTE[1]: dst = 0.0.0.0/0, nh = 172.17.207.253, mt = 100 IP4.ROUTE[2]: dst = 172.17.192.0/20, nh = 0.0.0.0, mt = 100 IP4.ROUTE[3]: dst = 172.17.192.0/20, nh = 0.0.0.0, mt = 100 IP4.DNS[1]: 100.100.2.136 IP4.DNS[2]: 100.100.2.138 [root@hehe ~]# nmcli connection up eth1 Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/4) [root@hehe ~]# nmcli -f IP4 connection show eth1 IP4.ADDRESS[1]: 172.16.100.7/24 IP4.ADDRESS[2]: 172.17.203.6/20 IP4.ADDRESS[3]: 192.168.50.7/24 IP4.ADDRESS[4]: 172.17.201.88/20 IP4.GATEWAY: 172.17.207.253 IP4.ROUTE[1]: dst = 0.0.0.0/0, nh = 172.17.207.253, mt = 100 IP4.ROUTE[2]: dst = 172.16.100.0/24, nh = 0.0.0.0, mt = 100 IP4.ROUTE[3]: dst = 172.17.192.0/20, nh = 0.0.0.0, mt = 100 IP4.ROUTE[4]: dst = 192.168.50.0/24, nh = 0.0.0.0, mt = 100 IP4.ROUTE[5]: dst = 172.17.192.0/20, nh = 0.0.0.0, mt = 100 IP4.DNS[1]: 100.100.2.136 IP4.DNS[2]: 100.100.2.138
删除指定的IP
[root@hehe ~]# nmcli -f IP4 connection show eth1 IP4.ADDRESS[1]: 172.16.100.7/24 IP4.ADDRESS[2]: 172.17.203.6/20 IP4.ADDRESS[3]: 192.168.50.7/24 IP4.ADDRESS[4]: 172.17.201.88/20 IP4.GATEWAY: 172.17.207.253 IP4.ROUTE[1]: dst = 0.0.0.0/0, nh = 172.17.207.253, mt = 100 IP4.ROUTE[2]: dst = 172.16.100.0/24, nh = 0.0.0.0, mt = 100 IP4.ROUTE[3]: dst = 172.17.192.0/20, nh = 0.0.0.0, mt = 100 IP4.ROUTE[4]: dst = 192.168.50.0/24, nh = 0.0.0.0, mt = 100 IP4.ROUTE[5]: dst = 172.17.192.0/20, nh = 0.0.0.0, mt = 100 IP4.DNS[1]: 100.100.2.136 IP4.DNS[2]: 100.100.2.138
删除索引为2的信息 [root@hehe ~]# nmcli connection modify eth1 -ipv4.addresses 2
查看删除后的路由 [root@hehe ~]# nmcli -f IP4 c show eth1 IP4.ADDRESS[1]: 172.16.100.7/24 IP4.ADDRESS[2]: 172.17.203.6/20 IP4.ADDRESS[3]: 192.168.50.7/24 IP4.ADDRESS[4]: 172.17.201.88/20 IP4.GATEWAY: 172.17.207.253 IP4.ROUTE[1]: dst = 0.0.0.0/0, nh = 172.17.207.253, mt = 100 IP4.ROUTE[2]: dst = 172.16.100.0/24, nh = 0.0.0.0, mt = 100 IP4.ROUTE[3]: dst = 172.17.192.0/20, nh = 0.0.0.0, mt = 100 IP4.ROUTE[4]: dst = 192.168.50.0/24, nh = 0.0.0.0, mt = 100 IP4.ROUTE[5]: dst = 172.17.192.0/20, nh = 0.0.0.0, mt = 100 IP4.DNS[1]: 100.100.2.136 IP4.DNS[2]: 100.100.2.138
激活网卡 [root@hehe ~]# nmcli c u eth1 Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/6)
再次查看 [root@hehe ~]# nmcli -f IP4 c show eth1 IP4.ADDRESS[1]: 172.16.100.7/24 IP4.ADDRESS[2]: 172.17.203.6/20 IP4.ADDRESS[3]: 172.17.201.88/20 IP4.GATEWAY: 172.17.207.253 IP4.ROUTE[1]: dst = 0.0.0.0/0, nh = 172.17.207.253, mt = 100 IP4.ROUTE[2]: dst = 172.16.100.0/24, nh = 0.0.0.0, mt = 100 IP4.ROUTE[3]: dst = 172.17.192.0/20, nh = 0.0.0.0, mt = 100 IP4.ROUTE[4]: dst = 172.17.192.0/20, nh = 0.0.0.0, mt = 100 IP4.DNS[1]: 100.100.2.136 IP4.DNS[2]: 100.100.2.138
delete删除连接
[root@hehe ~]# nmcli c delete System eth0 Connection 'System eth0' (5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03) successfully deleted. [root@hehe ~]# nmcli c s NAME UUID TYPE DEVICE eth1 69609727-cbbf-479d-ae87-a76256c520b9 ethernet eth0 eth1 fde9a03d-8f6d-4f0c-98f9-619f430f7051 ethernet --
up
激活连接,提供连接名称或uuid进行激活,若未提供,则可以使用ifname指定设备名进行激活。
[root@hehe ~]# nmcli connection up eth1 Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/7) [root@hehe ~]# nmcli c s NAME UUID TYPE DEVICE eth1 69609727-cbbf-479d-ae87-a76256c520b9 ethernet eth0 eth1 fde9a03d-8f6d-4f0c-98f9-619f430f7051 ethernet --
[root@hehe ~]# nmcli c clone eth1 eth0
eth1 (69609727-cbbf-479d-ae87-a76256c520b9) cloned as eth0 (d97737e6-6d9c-4033-bff3-078e5773b3c4).
[root@hehe ~]# nmcli connection up eth0
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/8)
[root@hehe ~]# nmcli connection delete eth0
Connection 'eth0' (d97737e6-6d9c-4033-bff3-078e5773b3c4) successfully deleted.
clone
从一个已经存在的连接克隆一个新连接,连接名称和uuid是新生成的
[root@hehe ~]# nmcli c clone eth1 eth0 eth1 (69609727-cbbf-479d-ae87-a76256c520b9) cloned as eth0 (d97737e6-6d9c-4033-bff3-078e5773b3c4). [root@hehe ~]# nmcli c show NAME UUID TYPE DEVICE eth1 69609727-cbbf-479d-ae87-a76256c520b9 ethernet eth0 eth0 d97737e6-6d9c-4033-bff3-078e5773b3c4 ethernet -- eth1 fde9a03d-8f6d-4f0c-98f9-619f430f7051 ethernet --
device 设备管理
语法:
nmcli device {status | show | set | connect | reapply | modify | disconnect | delete | monitor | wifi | lldp} [ARGUMENTS...]
显示和管理设备接口。该选项有很多功能,例如连接wifi,创建热点,扫描无线,邻近发现等,下面仅列出常用选项。
status 查看设备状态
[root@hehe ~]# nmcli device status
DEVICE TYPE STATE CONNECTION
eth0 ethernet connected eth1
lo loopback unmanaged --
show 显示所有接口详细信息
[root@hehe ~]# nmcli device show GENERAL.DEVICE: eth0 GENERAL.TYPE: ethernet GENERAL.HWADDR: 00:16:3E:0E:45:31 GENERAL.MTU: 1500 GENERAL.STATE: 100 (connected) GENERAL.CONNECTION: eth1 GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/9 WIRED-PROPERTIES.CARRIER: on IP4.ADDRESS[1]: 172.16.100.7/24 IP4.ADDRESS[2]: 172.17.203.6/20 IP4.ADDRESS[3]: 172.17.201.88/20 IP4.GATEWAY: 172.17.207.253 IP4.ROUTE[1]: dst = 0.0.0.0/0, nh = 172.17.207.253, mt = 100 IP4.ROUTE[2]: dst = 172.16.100.0/24, nh = 0.0.0.0, mt = 100 IP4.ROUTE[3]: dst = 172.17.192.0/20, nh = 0.0.0.0, mt = 100 IP4.ROUTE[4]: dst = 172.17.192.0/20, nh = 0.0.0.0, mt = 100 IP4.DNS[1]: 100.100.2.136 IP4.DNS[2]: 100.100.2.138 IP6.ADDRESS[1]: fe80::7fb8:d6e7:1c09:caae/64 IP6.GATEWAY: -- IP6.ROUTE[1]: dst = fe80::/64, nh = ::, mt = 100 IP6.ROUTE[2]: dst = ff00::/8, nh = ::, mt = 256, table=255 GENERAL.DEVICE: lo GENERAL.TYPE: loopback GENERAL.HWADDR: 00:00:00:00:00:00 GENERAL.MTU: 65536 GENERAL.STATE: 10 (unmanaged) GENERAL.CONNECTION: -- GENERAL.CON-PATH: -- IP4.ADDRESS[1]: 127.0.0.1/8 IP4.GATEWAY: -- IP6.ADDRESS[1]: ::1/128 IP6.GATEWAY: -- IP6.ROUTE[1]: dst = ::1/128, nh = ::, mt = 256
set设置设备属性
[root@hehe ~]# nmcli device set eth0 autoconnect yes
connect
连接设备。提供一个设备接口,网络管理器将尝试找到一个合适的连接, 将被激活。它还将考虑未设置为自动连接的连接。(默认超时为90s)
[root@hehe ~]# nmcli device connect eth0 Device 'eth0' successfully activated with '69609727-cbbf-479d-ae87-a76256c520b9'.
modify
修改设备上处于活动的设备,但该修改只是临时的,并不会写入文件。(语法与 nmcli connection modify 相同)
[root@hehe ~]# nmcli device modify eth0 con-name eth1 ifname eth0 autoconnect yes +ipv4.addresses 172.16.100.91/24 Connection successfully reapplied to device 'eth0'. [root@hehe ~]# nmcli -f IP4 connection show eth1 IP4.ADDRESS[1]: 172.16.100.7/24 IP4.ADDRESS[2]: 172.16.100.91/24 IP4.ADDRESS[3]: 172.17.203.6/20 IP4.ADDRESS[4]: 172.17.201.88/20 IP4.GATEWAY: 172.17.207.253 IP4.ROUTE[1]: dst = 0.0.0.0/0, nh = 172.17.207.253, mt = 100 IP4.ROUTE[2]: dst = 172.16.100.0/24, nh = 0.0.0.0, mt = 100 IP4.ROUTE[3]: dst = 172.17.192.0/20, nh = 0.0.0.0, mt = 100 IP4.ROUTE[4]: dst = 172.17.192.0/20, nh = 0.0.0.0, mt = 100 IP4.ROUTE[5]: dst = 172.16.100.0/24, nh = 0.0.0.0, mt = 100 IP4.DNS[1]: 100.100.2.136 IP4.DNS[2]: 100.100.2.138
删除IP
[root@hehe ~]# nmcli device modify eth0 -ipv4.addresses 0 Connection successfully reapplied to device 'eth0'. [root@hehe ~]# nmcli device show eth0 GENERAL.DEVICE: eth0 GENERAL.TYPE: ethernet GENERAL.HWADDR: 00:16:3E:0E:45:31 GENERAL.MTU: 1500 GENERAL.STATE: 100 (connected) GENERAL.CONNECTION: eth1 GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/11 WIRED-PROPERTIES.CARRIER: on IP4.ADDRESS[1]: 172.16.100.7/24 IP4.ADDRESS[2]: 172.17.201.88/20 IP4.GATEWAY: 172.17.207.253 IP4.ROUTE[1]: dst = 0.0.0.0/0, nh = 172.17.207.253, mt = 100 IP4.ROUTE[2]: dst = 172.16.100.0/24, nh = 0.0.0.0, mt = 100 IP4.ROUTE[3]: dst = 172.17.192.0/20, nh = 0.0.0.0, mt = 100 IP4.DNS[1]: 100.100.2.136 IP4.DNS[2]: 100.100.2.138 IP6.ADDRESS[1]: fe80::7fb8:d6e7:1c09:caae/64 IP6.GATEWAY: -- IP6.ROUTE[1]: dst = fe80::/64, nh = ::, mt = 100