๐ AlmaLinux Network Configuration: Complete Connectivity Guide
Ready to connect your AlmaLinux system to the world? ๐ Whether youโre setting up a home server, configuring enterprise infrastructure, or just getting online, proper network configuration is essential! This complete guide takes you from network basics to advanced routing, covering everything from simple DHCP to complex VLANs. Letโs master Linux networking together! โก
๐ค Why Network Configuration Skills Matter?
Networking is the backbone of modern computing! ๐ Hereโs why mastering it is crucial:
- ๐ Global Connectivity: Connect to the internet and local networks
- ๐ง Problem Solving: Diagnose and fix connectivity issues
- ๐ผ Professional Essential: Required skill for IT careers
- ๐ Home Lab Setup: Build your own network infrastructure
- โ๏ธ Cloud Ready: Understand cloud networking fundamentals
- ๐ก๏ธ Security Foundation: Control network access and traffic
- ๐ Performance Optimization: Configure for speed and reliability
- ๐ค Automation Ready: Script network configurations
90% of system issues involve networkingโmaster it to solve them! ๐
๐ฏ What You Need
Letโs prepare for network configuration mastery! โ
- โ AlmaLinux system with root or sudo access
- โ Network interface card (Ethernet or WiFi)
- โ Basic understanding of IP addresses
- โ Access to network gateway/router
- โ 50 minutes to learn comprehensive networking
- โ Network cable or WiFi credentials
- โ Patience for troubleshooting connections
- โ Excitement to connect everything! ๐
Letโs build rock-solid network connectivity! ๐
๐ Step 1: Understanding Network Basics
Master networking fundamentals! ๐ฏ
Network Interface Discovery:
# List all network interfaces:
ip link show
# Or shorter version:
ip l
# Example output:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536
link/loopback 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500
link/ether 52:54:00:12:34:56
3: wlan0: <BROADCAST,MULTICAST> mtu 1500
link/ether aa:bb:cc:dd:ee:ff
# Alternative commands:
nmcli device status # NetworkManager devices
ifconfig -a # Legacy command (if installed)
ls /sys/class/net/ # List interfaces from sysfs
# Get detailed interface information:
ip addr show eth0 # Show specific interface
ip -4 addr show # Show IPv4 addresses only
ip -6 addr show # Show IPv6 addresses onlyNetworkManager vs Network Scripts:
# AlmaLinux uses NetworkManager by default
# Check NetworkManager status:
sudo systemctl status NetworkManager
# NetworkManager advantages:
- Dynamic network management
- GUI and CLI tools
- Automatic connection switching
- VPN and WiFi support
- Modern and actively developed
# Legacy network scripts (deprecated):
/etc/sysconfig/network-scripts/ifcfg-*
# Check which method is active:
nmcli general status # NetworkManager
# OR
systemctl status network.service # Legacy scriptsIP Address Basics:
# Understanding IP addresses:
# IPv4: 192.168.1.100/24
# 192.168.1.100 = IP address
# /24 = Subnet mask (255.255.255.0)
# Network: 192.168.1.0/24
# Broadcast: 192.168.1.255
# Gateway: Usually .1 or .254
# IPv6: 2001:db8::1/64
# 2001:db8::1 = IP address
# /64 = Prefix length
# :: = Compressed zeros
# Private IP ranges (RFC 1918):
10.0.0.0/8 # 10.0.0.0 - 10.255.255.255
172.16.0.0/12 # 172.16.0.0 - 172.31.255.255
192.168.0.0/16 # 192.168.0.0 - 192.168.255.255
# Check current IP configuration:
ip addr show
hostname -I # Show all IPsPerfect! ๐ Network basics understood!
๐ง Step 2: NetworkManager Configuration
Master modern network management! ๐ฆ
Basic NetworkManager Commands:
# nmcli (NetworkManager Command Line Interface)
# Show general status:
nmcli general
# List all connections:
nmcli connection show
nmcli con show # Shorter version
# Show active connections:
nmcli con show --active
# List network devices:
nmcli device status
nmcli dev status # Shorter version
# Show specific device details:
nmcli device show eth0
# Monitor network activity:
nmcli monitorDHCP Configuration (Automatic):
# Create new DHCP connection:
sudo nmcli connection add \
con-name "eth0-dhcp" \
ifname eth0 \
type ethernet \
autoconnect yes
# Modify existing connection for DHCP:
sudo nmcli con mod "eth0-dhcp" ipv4.method auto
sudo nmcli con mod "eth0-dhcp" ipv6.method auto
# Activate connection:
sudo nmcli con up "eth0-dhcp"
# Verify DHCP lease:
nmcli con show "eth0-dhcp" | grep -i dhcp
cat /var/lib/NetworkManager/internal-*-eth0.leaseStatic IP Configuration:
# Create static IP connection:
sudo nmcli connection add \
con-name "eth0-static" \
ifname eth0 \
type ethernet \
ip4 192.168.1.100/24 \
gw4 192.168.1.1
# Or modify existing connection:
sudo nmcli con mod "eth0-static" ipv4.addresses 192.168.1.100/24
sudo nmcli con mod "eth0-static" ipv4.gateway 192.168.1.1
sudo nmcli con mod "eth0-static" ipv4.dns "8.8.8.8 8.8.4.4"
sudo nmcli con mod "eth0-static" ipv4.method manual
# Add multiple IPs to same interface:
sudo nmcli con mod "eth0-static" +ipv4.addresses 192.168.1.101/24
# Set DNS search domains:
sudo nmcli con mod "eth0-static" ipv4.dns-search "example.com,local.domain"
# Apply changes:
sudo nmcli con up "eth0-static"
# Verify configuration:
ip addr show eth0
ip route show
cat /etc/resolv.confWiFi Configuration:
# List available WiFi networks:
nmcli device wifi list
# Connect to WiFi network:
sudo nmcli device wifi connect "SSID_NAME" password "wifi_password"
# Create WiFi connection profile:
sudo nmcli connection add \
con-name "home-wifi" \
ifname wlan0 \
type wifi \
ssid "Home_Network" \
wifi-sec.key-mgmt wpa-psk \
wifi-sec.psk "wifi_password"
# Hidden network:
sudo nmcli connection add \
con-name "hidden-wifi" \
ifname wlan0 \
type wifi \
ssid "Hidden_SSID" \
hidden yes \
wifi-sec.key-mgmt wpa-psk \
wifi-sec.psk "password"
# Enterprise WiFi (WPA2-Enterprise):
sudo nmcli connection add \
con-name "work-wifi" \
ifname wlan0 \
type wifi \
ssid "Corporate_WiFi" \
wifi-sec.key-mgmt wpa-eap \
802-1x.eap peap \
802-1x.phase2-auth mschapv2 \
802-1x.identity "username" \
802-1x.password "password"
# Show WiFi password:
sudo nmcli connection show "home-wifi" --show-secrets | grep pskAmazing! ๐ NetworkManager configuration mastered!
๐ Step 3: Advanced Network Configuration
Implement complex networking setups! โก
Network Bonding (Link Aggregation):
# Create bonded interface for redundancy/performance:
# Install bonding module if needed:
sudo modprobe bonding
# Create bond master:
sudo nmcli connection add \
con-name bond0 \
ifname bond0 \
type bond \
bond.options "mode=active-backup,miimon=100"
# Bond modes:
# mode=0 (balance-rr) - Round-robin
# mode=1 (active-backup) - Failover
# mode=2 (balance-xor) - XOR policy
# mode=4 (802.3ad) - Dynamic link aggregation
# mode=6 (balance-alb) - Adaptive load balancing
# Add slave interfaces:
sudo nmcli connection add \
con-name bond0-slave1 \
ifname eth0 \
type ethernet \
slave-type bond \
master bond0
sudo nmcli connection add \
con-name bond0-slave2 \
ifname eth1 \
type ethernet \
slave-type bond \
master bond0
# Configure IP for bond:
sudo nmcli con mod bond0 ipv4.addresses 192.168.1.100/24
sudo nmcli con mod bond0 ipv4.gateway 192.168.1.1
sudo nmcli con mod bond0 ipv4.dns 8.8.8.8
sudo nmcli con mod bond0 ipv4.method manual
# Activate bond:
sudo nmcli con up bond0
# Monitor bond status:
cat /proc/net/bonding/bond0VLAN Configuration:
# Create VLAN interface:
sudo nmcli connection add \
con-name vlan10 \
ifname eth0.10 \
type vlan \
dev eth0 \
id 10
# Configure IP for VLAN:
sudo nmcli con mod vlan10 ipv4.addresses 192.168.10.100/24
sudo nmcli con mod vlan10 ipv4.method manual
# Multiple VLANs on same interface:
for vlan in 10 20 30; do
sudo nmcli connection add \
con-name vlan$vlan \
ifname eth0.$vlan \
type vlan \
dev eth0 \
id $vlan
done
# Activate VLAN:
sudo nmcli con up vlan10
# Verify VLAN:
ip -d link show eth0.10
cat /proc/net/vlan/eth0.10Bridge Configuration:
# Create network bridge (for VMs, containers):
sudo nmcli connection add \
con-name br0 \
ifname br0 \
type bridge \
bridge.stp yes
# Add physical interface to bridge:
sudo nmcli connection add \
con-name br0-slave \
ifname eth0 \
type ethernet \
slave-type bridge \
master br0
# Configure bridge IP:
sudo nmcli con mod br0 ipv4.addresses 192.168.1.100/24
sudo nmcli con mod br0 ipv4.gateway 192.168.1.1
sudo nmcli con mod br0 ipv4.dns 8.8.8.8
sudo nmcli con mod br0 ipv4.method manual
# Bridge for VM networking:
sudo nmcli con mod br0 bridge.stp no
sudo nmcli con mod br0 bridge.forward-delay 0
# Activate bridge:
sudo nmcli con up br0
# Show bridge details:
bridge link show
brctl show # If bridge-utils installedRouting and Multiple Gateways:
# Add static routes:
sudo nmcli con mod eth0 +ipv4.routes "10.0.0.0/8 192.168.1.254"
sudo nmcli con mod eth0 +ipv4.routes "172.16.0.0/12 192.168.1.253 100"
# Format: "destination/prefix gateway metric"
# Policy-based routing:
# Create custom routing table:
echo "200 custom" | sudo tee -a /etc/iproute2/rt_tables
# Add routing rules:
sudo ip rule add from 192.168.1.0/24 table custom
sudo ip route add default via 192.168.1.254 table custom
# Multiple default gateways with metrics:
sudo nmcli con mod eth0 ipv4.gateway 192.168.1.1
sudo nmcli con mod eth0 +ipv4.routes "0.0.0.0/0 192.168.1.254 100"
# Persistent routes (alternative method):
cat | sudo tee /etc/sysconfig/network-scripts/route-eth0 << EOF
10.0.0.0/8 via 192.168.1.254
172.16.0.0/12 via 192.168.1.253
EOF
# View routing table:
ip route show
ip route show table allExcellent! โก Advanced networking configured!
โ Step 4: DNS and Hostname Configuration
Master name resolution and system identity! ๐ง
DNS Configuration:
# Set DNS servers via NetworkManager:
sudo nmcli con mod eth0 ipv4.dns "8.8.8.8 8.8.4.4"
sudo nmcli con mod eth0 ipv4.dns-search "example.com local.domain"
sudo nmcli con up eth0
# View current DNS configuration:
cat /etc/resolv.conf
nmcli dev show eth0 | grep DNS
resolvectl status # If systemd-resolved is used
# Test DNS resolution:
nslookup google.com
dig google.com
host google.com
getent hosts google.com
# DNS priority (multiple interfaces):
sudo nmcli con mod eth0 ipv4.dns-priority 10
sudo nmcli con mod wlan0 ipv4.dns-priority 20
# Lower number = higher priority
# Disable IPv6 DNS:
sudo nmcli con mod eth0 ipv6.dns-options "single-request"Hostname Configuration:
# View current hostname:
hostname
hostname -f # Fully qualified domain name
hostnamectl
# Set hostname:
sudo hostnamectl set-hostname server.example.com
# Or use traditional method:
sudo hostname server.example.com
echo "server.example.com" | sudo tee /etc/hostname
# Update /etc/hosts:
sudo nano /etc/hosts
# Add:
127.0.0.1 localhost localhost.localdomain
::1 localhost localhost.localdomain
192.168.1.100 server.example.com server
# Pretty hostname (descriptive):
sudo hostnamectl set-hostname "Web Server 01" --pretty
# Verify changes:
hostnamectl statusLocal DNS Cache:
# Install and configure dnsmasq for local caching:
sudo dnf install dnsmasq
# Configure dnsmasq:
cat | sudo tee /etc/dnsmasq.d/cache.conf << EOF
# DNS cache settings
cache-size=1000
no-negcache
domain-needed
bogus-priv
# Upstream DNS servers
server=8.8.8.8
server=8.8.4.4
# Local domain
local=/local.domain/
domain=local.domain
# Interface to listen on
interface=lo
bind-interfaces
EOF
# Start dnsmasq:
sudo systemctl enable dnsmasq
sudo systemctl start dnsmasq
# Configure system to use local DNS:
sudo nmcli con mod eth0 ipv4.dns 127.0.0.1
sudo nmcli con up eth0
# Test cache:
dig @127.0.0.1 google.com
# Second query should be faster (from cache)mDNS and Network Discovery:
# Install Avahi for mDNS (.local domains):
sudo dnf install avahi avahi-tools
# Start Avahi daemon:
sudo systemctl enable avahi-daemon
sudo systemctl start avahi-daemon
# Browse local network services:
avahi-browse -a
avahi-browse _ssh._tcp # Find SSH services
avahi-browse _http._tcp # Find web servers
# Resolve .local names:
avahi-resolve -n server.local
# Publish service:
avahi-publish -s "My Web Server" _http._tcp 80 "path=/"
# Configure firewall for mDNS:
sudo firewall-cmd --add-service=mdns --permanent
sudo firewall-cmd --reloadPerfect! ๐ DNS and hostname configuration complete!
๐ฎ Quick Examples
Real-world network configuration scenarios! ๐ฏ
Example 1: Home Server Network Setup
#!/bin/bash
# Complete home server network configuration
echo "Setting up home server networking..."
# 1. Configure primary Ethernet with static IP
INTERFACE="eth0"
CONNECTION="home-server"
IP_ADDRESS="192.168.1.10/24"
GATEWAY="192.168.1.1"
DNS1="1.1.1.1"
DNS2="8.8.8.8"
# Remove existing connections for interface
sudo nmcli con delete $(nmcli -t -f UUID,DEVICE con show | grep "$INTERFACE" | cut -d: -f1)
# Create new static connection
sudo nmcli connection add \
con-name "$CONNECTION" \
ifname "$INTERFACE" \
type ethernet \
ip4 "$IP_ADDRESS" \
gw4 "$GATEWAY" \
ipv4.dns "$DNS1 $DNS2" \
ipv4.method manual \
autoconnect yes
# 2. Set hostname
sudo hostnamectl set-hostname homeserver.local
# 3. Configure hosts file
cat | sudo tee /etc/hosts << EOF
127.0.0.1 localhost localhost.localdomain
::1 localhost localhost.localdomain
192.168.1.10 homeserver.local homeserver
EOF
# 4. Enable mDNS for .local discovery
sudo dnf install -y avahi
sudo systemctl enable avahi-daemon
sudo systemctl start avahi-daemon
# 5. Configure firewall for services
sudo firewall-cmd --add-service={http,https,ssh,samba,mdns} --permanent
sudo firewall-cmd --reload
# 6. Set up port forwarding for services
cat > ~/port-forwards.txt << EOF
# Router port forwarding configuration:
External 80 -> 192.168.1.10:80 (Web)
External 443 -> 192.168.1.10:443 (HTTPS)
External 22222 -> 192.168.1.10:22 (SSH)
External 32400 -> 192.168.1.10:32400 (Plex)
EOF
# 7. Network performance tuning
cat | sudo tee /etc/sysctl.d/99-network-tuning.conf << EOF
# Network performance tuning
net.core.rmem_max = 134217728
net.core.wmem_max = 134217728
net.ipv4.tcp_rmem = 4096 87380 134217728
net.ipv4.tcp_wmem = 4096 65536 134217728
net.ipv4.tcp_congestion_control = bbr
net.core.default_qdisc = fq
EOF
sudo sysctl -p /etc/sysctl.d/99-network-tuning.conf
# 8. Activate connection
sudo nmcli con up "$CONNECTION"
# 9. Verify configuration
echo -e "\n=== Network Configuration Summary ==="
echo "Hostname: $(hostname -f)"
echo "IP Address: $(ip -4 addr show $INTERFACE | grep -oP '(?<=inet\s)\d+(\.\d+){3}')"
echo "Gateway: $(ip route | grep default | awk '{print $3}')"
echo "DNS Servers: $(grep nameserver /etc/resolv.conf | awk '{print $2}')"
echo -e "\n=== Connectivity Test ==="
ping -c 2 8.8.8.8 && echo "โ
Internet connectivity OK"
echo -e "\nHome server network setup complete!"Example 2: Multi-Network Office Configuration
#!/bin/bash
# Office workstation with multiple networks
echo "Configuring multi-network office setup..."
# 1. Primary network (corporate)
sudo nmcli connection add \
con-name "corporate-lan" \
ifname eth0 \
type ethernet \
ip4 10.0.10.50/24 \
gw4 10.0.10.1 \
ipv4.dns "10.0.10.10 10.0.10.11" \
ipv4.dns-search "corp.example.com" \
ipv4.method manual \
connection.autoconnect-priority 10
# 2. Guest WiFi network
sudo nmcli connection add \
con-name "guest-wifi" \
ifname wlan0 \
type wifi \
ssid "GuestNetwork" \
wifi-sec.key-mgmt wpa-psk \
wifi-sec.psk "guest_password" \
ipv4.method auto \
ipv4.never-default yes \
connection.autoconnect-priority 5
# 3. Management VLAN
sudo nmcli connection add \
con-name "mgmt-vlan" \
ifname eth0.100 \
type vlan \
dev eth0 \
id 100 \
ip4 192.168.100.50/24 \
ipv4.method manual \
ipv4.never-default yes
# 4. Lab network (isolated)
sudo nmcli connection add \
con-name "lab-network" \
ifname eth1 \
type ethernet \
ip4 172.16.0.50/24 \
ipv4.method manual \
ipv4.never-default yes
# 5. Configure routing for specific destinations
# Corporate resources through main gateway
sudo nmcli con mod "corporate-lan" +ipv4.routes "10.0.0.0/8 10.0.10.1"
# Lab resources through lab network
sudo nmcli con mod "lab-network" +ipv4.routes "172.16.0.0/16 172.16.0.1"
# Management through VLAN
sudo nmcli con mod "mgmt-vlan" +ipv4.routes "192.168.100.0/24 192.168.100.1"
# 6. Set up split DNS
cat | sudo tee /etc/NetworkManager/dnsmasq.d/split-dns.conf << EOF
# Corporate DNS
server=/corp.example.com/10.0.10.10
server=/10.in-addr.arpa/10.0.10.10
# Lab DNS
server=/lab.local/172.16.0.10
server=/16.172.in-addr.arpa/172.16.0.10
# Public DNS for everything else
server=1.1.1.1
server=8.8.8.8
EOF
# 7. Network namespace for isolated testing
sudo ip netns add testing
sudo ip link add veth0 type veth peer name veth1
sudo ip link set veth1 netns testing
sudo ip addr add 10.200.200.1/24 dev veth0
sudo ip link set veth0 up
sudo ip netns exec testing ip addr add 10.200.200.2/24 dev veth1
sudo ip netns exec testing ip link set veth1 up
sudo ip netns exec testing ip link set lo up
# 8. Monitoring script
cat > ~/monitor-networks.sh << 'EOF'
#!/bin/bash
echo "=== Network Status ==="
for con in $(nmcli -t -f NAME con show --active | grep -v lo); do
echo -n "$con: "
nmcli -t -f IP4.ADDRESS con show "$con" | cut -d: -f2
done
echo -e "\n=== Routing Table ==="
ip route show | head -5
echo -e "\n=== Network Statistics ==="
for iface in eth0 eth1 wlan0; do
if ip link show $iface &>/dev/null; then
stats=$(ip -s link show $iface | awk '/RX:/{getline; print "RX: "$1" bytes"}; /TX:/{getline; print "TX: "$1" bytes"}')
echo "$iface: $stats"
fi
done
EOF
chmod +x ~/monitor-networks.sh
# 9. Activate all connections
for con in "corporate-lan" "mgmt-vlan" "lab-network"; do
sudo nmcli con up "$con" 2>/dev/null
done
echo "Multi-network configuration complete!"
~/monitor-networks.shExample 3: High Availability Network Setup
#!/bin/bash
# High availability network with failover
echo "Setting up HA network configuration..."
# 1. Create bonded interface for redundancy
sudo nmcli connection add \
con-name bond-ha \
ifname bond0 \
type bond \
bond.options "mode=active-backup,miimon=100,primary=eth0,fail_over_mac=active"
# 2. Add primary interface
sudo nmcli connection add \
con-name bond-slave-primary \
ifname eth0 \
type ethernet \
slave-type bond \
master bond0
# 3. Add backup interface
sudo nmcli connection add \
con-name bond-slave-backup \
ifname eth1 \
type ethernet \
slave-type bond \
master bond0
# 4. Configure bond with static IP
sudo nmcli con mod bond-ha ipv4.addresses 192.168.1.100/24
sudo nmcli con mod bond-ha ipv4.gateway 192.168.1.1
sudo nmcli con mod bond-ha ipv4.dns "8.8.8.8 8.8.4.4"
sudo nmcli con mod bond-ha ipv4.method manual
# 5. Add multiple IPs for services
sudo nmcli con mod bond-ha +ipv4.addresses 192.168.1.101/24 # Web service
sudo nmcli con mod bond-ha +ipv4.addresses 192.168.1.102/24 # Database VIP
# 6. Configure connection monitoring
cat | sudo tee /usr/local/bin/network-monitor.sh << 'EOF'
#!/bin/bash
# Network health monitoring
LOGFILE="/var/log/network-monitor.log"
PRIMARY_GW="192.168.1.1"
BACKUP_GW="192.168.2.1"
log_event() {
echo "[$(date '+%Y-%m-%d %H:%M:%S')] $1" >> "$LOGFILE"
}
# Check primary gateway
if ping -c 3 -W 1 $PRIMARY_GW > /dev/null 2>&1; then
STATE="PRIMARY_OK"
else
log_event "Primary gateway unreachable, checking backup..."
if ping -c 3 -W 1 $BACKUP_GW > /dev/null 2>&1; then
STATE="FAILOVER_ACTIVE"
# Switch to backup route
sudo ip route del default
sudo ip route add default via $BACKUP_GW
log_event "Switched to backup gateway"
else
STATE="NETWORK_DOWN"
log_event "Both gateways unreachable!"
fi
fi
# Check bond status
BOND_STATUS=$(cat /proc/net/bonding/bond0 | grep "Currently Active Slave" | awk '{print $4}')
log_event "Bond status: Active slave is $BOND_STATUS"
# Alert if issues
if [[ "$STATE" != "PRIMARY_OK" ]]; then
echo "Network issue detected: $STATE" | mail -s "Network Alert" [email protected]
fi
EOF
sudo chmod +x /usr/local/bin/network-monitor.sh
# 7. Create systemd service for monitoring
cat | sudo tee /etc/systemd/system/network-monitor.service << EOF
[Unit]
Description=Network Health Monitor
After=network-online.target
Wants=network-online.target
[Service]
Type=simple
ExecStart=/bin/bash -c 'while true; do /usr/local/bin/network-monitor.sh; sleep 60; done'
Restart=always
[Install]
WantedBy=multi-user.target
EOF
# 8. Keepalived for VRRP (install if needed)
sudo dnf install -y keepalived
cat | sudo tee /etc/keepalived/keepalived.conf << EOF
global_defs {
notification_email {
[email protected]
}
notification_email_from keepalived@$(hostname)
smtp_server localhost
smtp_connect_timeout 30
}
vrrp_script check_network {
script "/usr/local/bin/network-monitor.sh"
interval 5
weight -10
}
vrrp_instance VI_1 {
state MASTER
interface bond0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass secretpass
}
virtual_ipaddress {
192.168.1.200/24
}
track_script {
check_network
}
}
EOF
# 9. Activate HA configuration
sudo nmcli con up bond-ha
sudo systemctl enable network-monitor.service
sudo systemctl start network-monitor.service
sudo systemctl enable keepalived
sudo systemctl start keepalived
# 10. Verify setup
echo -e "\n=== HA Network Status ==="
cat /proc/net/bonding/bond0 | grep -E "Mode|Active|Status"
ip addr show bond0
echo -e "\nโ
High availability network configured!"Example 4: Container and VM Network Bridge
#!/bin/bash
# Network configuration for virtualization
echo "Setting up container/VM network bridge..."
# 1. Create main bridge for VMs
sudo nmcli connection add \
con-name br-vms \
ifname br-vms \
type bridge \
ipv4.addresses 192.168.122.1/24 \
ipv4.method manual \
bridge.stp yes \
bridge.priority 32768
# 2. Enable NAT for VM network
sudo firewall-cmd --add-masquerade --permanent
sudo firewall-cmd --add-service=dhcp --permanent
sudo firewall-cmd --add-service=dns --permanent
sudo firewall-cmd --reload
# 3. Configure dnsmasq for DHCP/DNS
cat | sudo tee /etc/dnsmasq.d/vm-network.conf << EOF
# VM Network DHCP/DNS Configuration
interface=br-vms
bind-interfaces
# DHCP range
dhcp-range=192.168.122.100,192.168.122.200,12h
dhcp-option=option:router,192.168.122.1
dhcp-option=option:dns-server,192.168.122.1
# DNS
domain=vm.local
local=/vm.local/
# Static assignments
dhcp-host=52:54:00:11:22:33,webserver,192.168.122.10
dhcp-host=52:54:00:44:55:66,database,192.168.122.20
EOF
# 4. Create container bridge with IPv6
sudo nmcli connection add \
con-name br-containers \
ifname br-containers \
type bridge \
ipv4.addresses 172.17.0.1/16 \
ipv6.addresses fd00::1/64 \
ipv4.method manual \
ipv6.method manual
# 5. Configure iptables for container access
cat | sudo tee /usr/local/bin/container-firewall.sh << 'EOF'
#!/bin/bash
# Container network firewall rules
# Enable forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 1 > /proc/sys/net/ipv6/conf/all/forwarding
# NAT for containers
iptables -t nat -A POSTROUTING -s 172.17.0.0/16 ! -o br-containers -j MASQUERADE
# Allow container traffic
iptables -A FORWARD -i br-containers -j ACCEPT
iptables -A FORWARD -o br-containers -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
# Port forwarding examples
# Web server container
iptables -t nat -A PREROUTING -p tcp --dport 8080 -j DNAT --to 172.17.0.10:80
# Database container
iptables -t nat -A PREROUTING -p tcp --dport 3307 -j DNAT --to 172.17.0.20:3306
EOF
sudo chmod +x /usr/local/bin/container-firewall.sh
sudo /usr/local/bin/container-firewall.sh
# 6. Create network namespaces for testing
for ns in test1 test2 test3; do
sudo ip netns add $ns
sudo ip link add veth-$ns type veth peer name vpeer-$ns
sudo ip link set vpeer-$ns netns $ns
sudo ip link set veth-$ns master br-containers
sudo ip link set veth-$ns up
# Configure namespace interface
sudo ip netns exec $ns ip addr add 172.17.1.$(echo $ns | tr -d 'test')/16 dev vpeer-$ns
sudo ip netns exec $ns ip link set vpeer-$ns up
sudo ip netns exec $ns ip link set lo up
sudo ip netns exec $ns ip route add default via 172.17.0.1
done
# 7. Test connectivity
echo -e "\n=== Testing VM/Container Network ==="
for ns in test1 test2 test3; do
echo -n "Namespace $ns: "
sudo ip netns exec $ns ping -c 1 8.8.8.8 &>/dev/null && echo "โ
Internet access OK" || echo "โ No connectivity"
done
echo -e "\nContainer/VM network bridge setup complete!"๐จ Fix Common Problems
Network troubleshooting and problem resolution! ๐ง
Problem 1: No Network Connectivity
Solution:
# Systematic network diagnosis:
# 1. Check interface status
ip link show
nmcli device status
# 2. Check if interface is UP
sudo ip link set eth0 up
# Or with NetworkManager:
sudo nmcli device connect eth0
# 3. Check IP configuration
ip addr show
# No IP? Try DHCP:
sudo dhclient eth0
# Or with NetworkManager:
sudo nmcli device reapply eth0
# 4. Check cable/WiFi connection
sudo ethtool eth0 | grep "Link detected"
# For WiFi:
nmcli device wifi list
iwconfig wlan0
# 5. Check gateway connectivity
ip route show
ping -c 4 $(ip route | grep default | awk '{print $3}')
# 6. Check DNS resolution
cat /etc/resolv.conf
nslookup google.com
# If DNS fails, try:
echo "nameserver 8.8.8.8" | sudo tee /etc/resolv.conf
# 7. Check firewall blocking
sudo firewall-cmd --list-all
sudo iptables -L -n
# Temporarily disable for testing:
sudo systemctl stop firewalld
# 8. Check NetworkManager logs
journalctl -u NetworkManager -n 50Problem 2: Slow Network Performance
Solution:
# Diagnose network performance issues:
# 1. Test network speed
# Install speedtest-cli:
sudo dnf install speedtest-cli
speedtest-cli
# 2. Check interface statistics
ip -s link show eth0
# Look for errors, dropped packets
# 3. Check MTU size
ip link show eth0 | grep mtu
# Test optimal MTU:
ping -M do -s 1472 google.com
# If fails, reduce size. Set MTU:
sudo ip link set eth0 mtu 1400
# 4. Check network congestion
ss -i
# Look for retransmissions
# 5. Optimize network parameters
cat | sudo tee /etc/sysctl.d/99-network-performance.conf << EOF
# Network performance tuning
net.core.rmem_max = 134217728
net.core.wmem_max = 134217728
net.ipv4.tcp_rmem = 4096 87380 134217728
net.ipv4.tcp_wmem = 4096 65536 134217728
net.ipv4.tcp_congestion_control = bbr
net.core.default_qdisc = fq
net.ipv4.tcp_fastopen = 3
net.ipv4.tcp_mtu_probing = 1
EOF
sudo sysctl -p /etc/sysctl.d/99-network-performance.conf
# 6. Check for duplex mismatch
sudo ethtool eth0
# Set speed/duplex manually if needed:
sudo ethtool -s eth0 speed 1000 duplex full autoneg off
# 7. Monitor bandwidth usage
sudo dnf install iftop
sudo iftop -i eth0Problem 3: NetworkManager Not Working
Solution:
# Fix NetworkManager issues:
# 1. Check service status
systemctl status NetworkManager
sudo systemctl restart NetworkManager
# 2. Reset NetworkManager
sudo systemctl stop NetworkManager
sudo rm -rf /var/lib/NetworkManager/*
sudo systemctl start NetworkManager
# 3. Check for conflicts with network.service
systemctl status network.service
# Disable if conflicting:
sudo systemctl disable network.service
# 4. Recreate connections
# List connections:
nmcli con show
# Delete problematic connection:
sudo nmcli con delete "connection-name"
# Recreate:
sudo nmcli device disconnect eth0
sudo nmcli device connect eth0
# 5. Check permissions
ls -la /etc/NetworkManager/
# Fix if needed:
sudo chmod 755 /etc/NetworkManager/
sudo chmod 644 /etc/NetworkManager/NetworkManager.conf
# 6. Manual network configuration (fallback)
sudo ip addr add 192.168.1.100/24 dev eth0
sudo ip route add default via 192.168.1.1
echo "nameserver 8.8.8.8" | sudo tee /etc/resolv.conf
# 7. Check for conflicting network managers
rpm -qa | grep -E "network|wicd|connman"
# Remove conflicts if foundProblem 4: WiFi Connection Issues
Solution:
# Troubleshoot WiFi problems:
# 1. Check WiFi hardware
lspci | grep -i wireless
lsusb | grep -i wireless
rfkill list all
# Unblock if needed:
sudo rfkill unblock wifi
# 2. Check WiFi driver
lsmod | grep -E "wifi|wireless|80211"
# Load driver if missing:
sudo modprobe iwlwifi # Intel WiFi example
# 3. Scan for networks
sudo iwlist wlan0 scan | grep -E "ESSID|Quality"
nmcli device wifi list
# 4. Reset WiFi connection
sudo nmcli radio wifi off
sudo nmcli radio wifi on
sudo nmcli device disconnect wlan0
sudo nmcli device connect wlan0
# 5. Manual WiFi connection
sudo nmcli device wifi connect "SSID" password "password"
# 6. Check WiFi power management
cat /sys/module/iwlwifi/parameters/power_save
# Disable power saving:
echo "options iwlwifi power_save=0" | sudo tee /etc/modprobe.d/iwlwifi.conf
# 7. WiFi debugging
sudo journalctl -u NetworkManager | grep -i wifi
dmesg | grep -i firmware
# 8. Alternative: use wpa_supplicant directly
cat | sudo tee /etc/wpa_supplicant/wpa_supplicant.conf << EOF
ctrl_interface=/var/run/wpa_supplicant
update_config=1
network={
ssid="Your_SSID"
psk="Your_Password"
key_mgmt=WPA-PSK
}
EOF
sudo wpa_supplicant -B -i wlan0 -c /etc/wpa_supplicant/wpa_supplicant.conf
sudo dhclient wlan0๐ Network Commands Quick Reference
| Task | Command | Purpose |
|---|---|---|
| Show interfaces | ip link show | List all network interfaces |
| Show IP addresses | ip addr show | Display IP configuration |
| Show routes | ip route show | Display routing table |
| Test connectivity | ping -c 4 8.8.8.8 | Test internet connection |
| DNS lookup | nslookup google.com | Test DNS resolution |
| Show connections | nmcli con show | List NetworkManager connections |
| Connect interface | sudo nmcli dev connect eth0 | Activate interface |
| Set static IP | sudo nmcli con mod eth0 ipv4.addresses 192.168.1.100/24 | Configure static IP |
| Show WiFi networks | nmcli device wifi list | Scan for WiFi |
| Network statistics | ss -tuln | Show listening ports |
๐ก Tips for Success
Master network configuration like a professional! ๐
- ๐ Document Everything: Keep network diagrams and IP schemes
- ๐ Test Changes: Verify connectivity after modifications
- ๐พ Backup Configs: Save working network configurations
- ๐ก๏ธ Security First: Use firewall rules with network changes
- ๐ Monitor Performance: Track network metrics regularly
- ๐ง Learn Troubleshooting: Master diagnostic commands
- ๐ฏ Plan IP Addressing: Use consistent subnet schemes
- ๐ฑ Consider Redundancy: Plan for network failures
- ๐ค Team Communication: Share network documentation
- โก Automate Common Tasks: Script repetitive configurations
๐ What You Learned
Congratulations! Youโre now a network configuration expert! ๐
- โ Mastered network interface management with NetworkManager
- โ Configured static and dynamic IP addressing
- โ Implemented advanced networking (VLANs, bonding, bridges)
- โ Set up DNS and hostname resolution
- โ Built real-world network scenarios
- โ Solved common connectivity problems
- โ Optimized network performance
- โ Gained essential Linux networking skills
๐ฏ Why This Matters
Your networking expertise connects everything together! ๐
- ๐ Global Connectivity: Access resources anywhere
- ๐ผ Career Essential: Required skill for all IT roles
- ๐ Home Lab Power: Build complex network setups
- โ๏ธ Cloud Ready: Understand modern infrastructure
- ๐ก๏ธ Security Foundation: Control network access
- ๐ง Problem Solving: Fix connectivity issues quickly
- ๐ Performance: Optimize network throughput
- ๐ค Automation Ready: Script network deployments
You now command the network that powers the digital world! ๐
Connect everything, everywhere! ๐
