System Hostname and Network Configuration in AlmaLinux

Proper hostname and network configuration is fundamental to any Linux system’s identity and connectivity. In AlmaLinux, these settings determine how your system identifies itself and communicates on the network. This comprehensive guide covers everything from basic hostname configuration to advanced network settings, ensuring your system is properly configured for both local and network operations.

Understanding Hostnames in Linux

Types of Hostnames

Linux systems use three types of hostnames:

1. Static Hostname: The traditional hostname stored in /etc/hostname
2. Transient Hostname: Temporary hostname received from network (DHCP)
3. Pretty Hostname: User-friendly name that can include special characters

Hostname Components

A fully qualified domain name (FQDN) consists of:

• Hostname: The system’s short name (e.g., webserver)
• Domain: The DNS domain (e.g., example.com)
• FQDN: Complete name (e.g., webserver.example.com)

Viewing Current Hostname

# Show all hostname types
hostnamectl

# Show just the hostname
hostname

# Show FQDN
hostname -f

# Show domain name
hostname -d

# Show all aliases
hostname -a

# Show IP address
hostname -I

Hostname Configuration Methods

Method 1: Using hostnamectl (Recommended)

The hostnamectl command is the modern way to manage hostnames:

# Set static hostname
sudo hostnamectl set-hostname webserver.example.com

# Set pretty hostname
sudo hostnamectl set-hostname "Web Server Production" --pretty

# Set transient hostname
sudo hostnamectl set-hostname temp-server --transient

# View all hostname settings
hostnamectl status

Method 2: Traditional Configuration Files

# Edit hostname file directly
sudo nano /etc/hostname
# Add: webserver

# Edit hosts file
sudo nano /etc/hosts
# Add or modify:
127.0.0.1   localhost localhost.localdomain
192.168.1.100   webserver.example.com webserver

Method 3: Using nmcli

# Set hostname via NetworkManager
sudo nmcli general hostname webserver.example.com

# Verify
nmcli general hostname

Method 4: Temporary Hostname Change

# Set hostname temporarily (until reboot)
sudo hostname webserver

# Verify
hostname

DNS and Name Resolution

Understanding /etc/hosts

The /etc/hosts file provides local name resolution:

# Example /etc/hosts configuration
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

# Custom entries
192.168.1.100   webserver.example.com webserver
192.168.1.101   database.example.com database
192.168.1.102   cache.example.com cache

DNS Client Configuration

Configure DNS servers in /etc/resolv.conf:

# Traditional method (may be overwritten by NetworkManager)
sudo nano /etc/resolv.conf

# Add DNS servers
nameserver 8.8.8.8
nameserver 8.8.4.4
nameserver 1.1.1.1

# Add search domains
search example.com internal.example.com
domain example.com

# Set options
options timeout:2 attempts:3

NetworkManager DNS Configuration

# Set DNS servers for a connection
sudo nmcli con mod "System eth0" ipv4.dns "8.8.8.8 8.8.4.4"
sudo nmcli con mod "System eth0" ipv4.dns-search "example.com"

# Apply changes
sudo nmcli con up "System eth0"

# Verify DNS settings
cat /etc/resolv.conf
nmcli dev show eth0 | grep DNS

systemd-resolved Configuration

If using systemd-resolved:

# Check if systemd-resolved is active
systemctl status systemd-resolved

# Configure systemd-resolved
sudo nano /etc/systemd/resolved.conf

# Example configuration:
[Resolve]
DNS=8.8.8.8 8.8.4.4
FallbackDNS=1.1.1.1 1.0.0.1
Domains=example.com
DNSSEC=yes
DNSOverTLS=yes

# Restart service
sudo systemctl restart systemd-resolved

# Check status
resolvectl status

Network Interface Configuration

Viewing Network Interfaces

# List all network interfaces
ip link show

# Show interface details
ip addr show

# Traditional ifconfig (if installed)
ifconfig -a

# Show only active interfaces
ip link show up

# Show interface statistics
ip -s link show eth0

Interface Naming Convention

AlmaLinux uses predictable network interface names:

• eno1: Onboard ethernet
• ens1: PCI Express ethernet
• enp2s0: PCI ethernet
• wlp3s0: PCI wireless
• wwp0s20u4i6: USB wireless wide area network

Basic Interface Management

# Bring interface up
sudo ip link set eth0 up

# Bring interface down
sudo ip link set eth0 down

# Add IP address
sudo ip addr add 192.168.1.100/24 dev eth0

# Remove IP address
sudo ip addr del 192.168.1.100/24 dev eth0

# Add default gateway
sudo ip route add default via 192.168.1.1

# Show routing table
ip route show

NetworkManager Configuration

NetworkManager Basics

# Check NetworkManager status
systemctl status NetworkManager

# List all connections
nmcli connection show

# Show device status
nmcli device status

# Show specific connection details
nmcli connection show "System eth0"

Creating Network Connections

# Create new ethernet connection
sudo nmcli connection add \
    type ethernet \
    con-name "Office Network" \
    ifname eth0 \
    ipv4.method auto

# Create static IP connection
sudo nmcli connection add \
    type ethernet \
    con-name "Static Connection" \
    ifname eth0 \
    ipv4.addresses 192.168.1.100/24 \
    ipv4.gateway 192.168.1.1 \
    ipv4.dns "8.8.8.8 8.8.4.4" \
    ipv4.method manual

# Create Wi-Fi connection
sudo nmcli device wifi connect "SSID" password "password"

Modifying Connections

# Modify existing connection
sudo nmcli connection modify "System eth0" \
    ipv4.addresses 192.168.1.150/24 \
    ipv4.gateway 192.168.1.1

# Add secondary IP
sudo nmcli connection modify "System eth0" \
    +ipv4.addresses 192.168.1.151/24

# Change DNS servers
sudo nmcli connection modify "System eth0" \
    ipv4.dns "1.1.1.1 1.0.0.1"

# Set connection to auto-connect
sudo nmcli connection modify "System eth0" \
    connection.autoconnect yes

# Apply changes
sudo nmcli connection up "System eth0"

Static Network Configuration

Complete Static IP Setup

# 1. Create new connection with static IP
sudo nmcli connection add \
    type ethernet \
    con-name "Static-LAN" \
    ifname eth0 \
    ipv4.addresses 192.168.1.100/24 \
    ipv4.gateway 192.168.1.1 \
    ipv4.dns "8.8.8.8,8.8.4.4" \
    ipv4.dns-search "example.com" \
    ipv4.method manual \
    ipv6.method ignore

# 2. Set hostname to match
sudo hostnamectl set-hostname server.example.com

# 3. Update /etc/hosts
echo "192.168.1.100 server.example.com server" | sudo tee -a /etc/hosts

# 4. Activate connection
sudo nmcli connection up "Static-LAN"

# 5. Verify configuration
ip addr show eth0
ping -c 4 google.com
nslookup google.com

Legacy Network Scripts Method

For systems still using network scripts:

# Edit interface configuration
sudo nano /etc/sysconfig/network-scripts/ifcfg-eth0

# Static IP configuration
TYPE=Ethernet
BOOTPROTO=static
NAME=eth0
DEVICE=eth0
ONBOOT=yes
IPADDR=192.168.1.100
PREFIX=24
GATEWAY=192.168.1.1
DNS1=8.8.8.8
DNS2=8.8.4.4
DOMAIN=example.com

# Restart network
sudo systemctl restart NetworkManager

IPv6 Configuration

# Add IPv6 address
sudo nmcli connection modify "System eth0" \
    ipv6.addresses "2001:db8::100/64" \
    ipv6.gateway "2001:db8::1" \
    ipv6.dns "2001:4860:4860::8888" \
    ipv6.method manual

# Enable IPv6
sudo sysctl -w net.ipv6.conf.all.disable_ipv6=0
sudo sysctl -w net.ipv6.conf.default.disable_ipv6=0

# Make permanent
echo "net.ipv6.conf.all.disable_ipv6 = 0" | sudo tee -a /etc/sysctl.conf
echo "net.ipv6.conf.default.disable_ipv6 = 0" | sudo tee -a /etc/sysctl.conf

Multiple Network Interfaces

Configuring Multiple NICs

# Configure primary interface
sudo nmcli connection add \
    type ethernet \
    con-name "LAN" \
    ifname eth0 \
    ipv4.addresses 192.168.1.100/24 \
    ipv4.gateway 192.168.1.1 \
    ipv4.dns "8.8.8.8" \
    ipv4.method manual

# Configure secondary interface (different network)
sudo nmcli connection add \
    type ethernet \
    con-name "DMZ" \
    ifname eth1 \
    ipv4.addresses 10.0.0.100/24 \
    ipv4.method manual \
    ipv4.never-default yes

# Activate both
sudo nmcli connection up "LAN"
sudo nmcli connection up "DMZ"

Policy-Based Routing

# Create routing table
echo "100 dmz" | sudo tee -a /etc/iproute2/rt_tables

# Add routing rules
sudo ip rule add from 10.0.0.0/24 table dmz
sudo ip route add default via 10.0.0.1 dev eth1 table dmz

# Make persistent with NetworkManager
sudo nmcli connection modify "DMZ" \
    ipv4.routes "10.0.0.0/24 10.0.0.1 table=100" \
    ipv4.routing-rules "priority 100 from 10.0.0.0/24 table 100"

Network Bonding

# Create bond interface
sudo nmcli connection add \
    type bond \
    con-name bond0 \
    ifname bond0 \
    bond.options "mode=active-backup,miimon=100"

# Add slave interfaces
sudo nmcli connection add \
    type ethernet \
    con-name bond0-port1 \
    ifname eth0 \
    master bond0

sudo nmcli connection add \
    type ethernet \
    con-name bond0-port2 \
    ifname eth1 \
    master bond0

# Configure IP for bond
sudo nmcli connection modify bond0 \
    ipv4.addresses 192.168.1.100/24 \
    ipv4.gateway 192.168.1.1 \
    ipv4.dns 8.8.8.8 \
    ipv4.method manual

# Activate bond
sudo nmcli connection up bond0

Hostname and Network Best Practices

1. Hostname Standards

# Good hostname examples:
web01.example.com
db-prod-01.example.com
app-staging.example.com

# Avoid:
# - Special characters (except hyphen)
# - Starting with numbers
# - Spaces
# - Underscores
# - Names over 63 characters

2. Network Configuration Standards

# Create network documentation
cat > /etc/network-documentation.txt << EOF
Network Configuration Documentation
==================================
Generated: $(date)

Hostname: $(hostname -f)
Primary IP: $(hostname -I | awk '{print $1}')

Network Interfaces:
$(ip -br addr show)

DNS Servers:
$(grep nameserver /etc/resolv.conf)

Routing Table:
$(ip route show)

Network Connections:
$(nmcli connection show)
EOF

3. Configuration Backup

# Backup network configuration
sudo mkdir -p /root/network-backup
sudo cp -r /etc/sysconfig/network-scripts/ /root/network-backup/
sudo cp /etc/hostname /root/network-backup/
sudo cp /etc/hosts /root/network-backup/
sudo cp /etc/resolv.conf /root/network-backup/

# Export NetworkManager connections
for conn in $(nmcli -t -f NAME connection show); do
    sudo nmcli connection export "$conn" "/root/network-backup/${conn}.nmconnection"
done

4. Monitoring Script

#!/bin/bash
# /usr/local/bin/network-monitor.sh

LOG_FILE="/var/log/network-monitor.log"

# Function to log messages
log_message() {
    echo "[$(date '+%Y-%m-%d %H:%M:%S')] $1" >> "$LOG_FILE"
}

# Check hostname
HOSTNAME=$(hostname -f)
if [[ -z "$HOSTNAME" ]] || [[ "$HOSTNAME" == "localhost.localdomain" ]]; then
    log_message "WARNING: Hostname not properly configured"
fi

# Check network interfaces
for interface in $(ip -o link show | awk -F': ' '{print $2}' | grep -v lo); do
    if ip link show "$interface" | grep -q "state DOWN"; then
        log_message "WARNING: Interface $interface is DOWN"
    fi
done

# Check DNS resolution
if ! nslookup google.com >/dev/null 2>&1; then
    log_message "ERROR: DNS resolution failed"
fi

# Check default gateway
if ! ip route | grep -q "default"; then
    log_message "ERROR: No default gateway configured"
fi

Troubleshooting Common Issues

Hostname Not Persisting

# Check for multiple hostname sources
grep -r $(hostname) /etc/

# Ensure hostname is set correctly
sudo hostnamectl set-hostname server.example.com

# Check for cloud-init interference
sudo grep preserve_hostname /etc/cloud/cloud.cfg
# Set to true if needed

# Verify systemd-hostnamed is running
sudo systemctl status systemd-hostnamed

DNS Resolution Issues

# Test DNS resolution
nslookup google.com
dig google.com
host google.com

# Check DNS configuration
cat /etc/resolv.conf
resolvectl status

# Test specific DNS server
nslookup google.com 8.8.8.8

# Clear DNS cache
sudo systemctl restart systemd-resolved
# or
sudo systemctl restart nscd

# Check for DNS leaks
cat /etc/NetworkManager/NetworkManager.conf
# Ensure dns=default or dns=systemd-resolved

Network Interface Issues

# Interface not coming up
sudo journalctl -u NetworkManager -n 50
sudo nmcli device status

# Reset network configuration
sudo nmcli networking off
sudo nmcli networking on

# Reload interface
sudo nmcli device reapply eth0

# Check for hardware issues
sudo ethtool eth0
sudo dmesg | grep eth0

# Reset NetworkManager connections
sudo systemctl stop NetworkManager
sudo rm -rf /etc/NetworkManager/system-connections/*
sudo systemctl start NetworkManager

Multiple IP Issues

# Check for duplicate IPs
sudo arping -D -I eth0 192.168.1.100

# View all IPs on interface
ip addr show eth0

# Remove unwanted IP
sudo ip addr del 192.168.1.101/24 dev eth0

# Check for DHCP conflicts
sudo journalctl -u NetworkManager | grep -i dhcp

Advanced Network Configuration

VLANs

# Create VLAN interface
sudo nmcli connection add \
    type vlan \
    con-name VLAN10 \
    dev eth0 \
    id 10 \
    ipv4.addresses 192.168.10.100/24 \
    ipv4.method manual

# Activate VLAN
sudo nmcli connection up VLAN10

# Verify VLAN
ip -d link show eth0.10

Network Bridges

# Create bridge for VMs
sudo nmcli connection add \
    type bridge \
    con-name br0 \
    ifname br0

# Add physical interface to bridge
sudo nmcli connection add \
    type bridge-slave \
    con-name br0-port \
    ifname eth0 \
    master br0

# Configure bridge IP
sudo nmcli connection modify br0 \
    ipv4.addresses 192.168.1.100/24 \
    ipv4.gateway 192.168.1.1 \
    ipv4.dns 8.8.8.8 \
    ipv4.method manual

# Enable STP
sudo nmcli connection modify br0 bridge.stp yes

Traffic Control

# Limit bandwidth on interface
sudo tc qdisc add dev eth0 root tbf rate 100mbit burst 32kbit latency 400ms

# Show traffic control settings
sudo tc -s qdisc show dev eth0

# Remove traffic control
sudo tc qdisc del dev eth0 root

Custom Routes

# Add static route
sudo nmcli connection modify "System eth0" \
    +ipv4.routes "10.0.0.0/24 192.168.1.254"

# Add metric to route
sudo nmcli connection modify "System eth0" \
    +ipv4.routes "172.16.0.0/16 192.168.1.254 100"

# Policy routing
sudo nmcli connection modify "System eth0" \
    +ipv4.routing-rules "priority 100 from 192.168.1.100 table 100"

Automation and Scripting

Ansible Playbook for Network Configuration

---
- name: Configure hostname and network
  hosts: almalinux_servers
  become: yes
  
  tasks:
    - name: Set hostname
      hostname:
        name: "{{ inventory_hostname }}"
    
    - name: Update /etc/hosts
      lineinfile:
        path: /etc/hosts
        regexp: '^{{ ansible_default_ipv4.address }}'
        line: '{{ ansible_default_ipv4.address }} {{ inventory_hostname }} {{ ansible_hostname }}'
    
    - name: Configure network interface
      nmcli:
        type: ethernet
        conn_name: "System {{ ansible_default_ipv4.interface }}"
        ifname: "{{ ansible_default_ipv4.interface }}"
        ip4: "{{ ansible_default_ipv4.address }}/{{ ansible_default_ipv4.prefix }}"
        gw4: "{{ ansible_default_ipv4.gateway }}"
        dns4:
          - 8.8.8.8
          - 8.8.4.4
        state: present

Bash Script for Network Setup

#!/bin/bash
# network-setup.sh - Automated network configuration

set -e

# Configuration variables
HOSTNAME="server.example.com"
IP_ADDRESS="192.168.1.100"
NETMASK="24"
GATEWAY="192.168.1.1"
DNS1="8.8.8.8"
DNS2="8.8.4.4"
INTERFACE="eth0"

echo "Configuring network for $HOSTNAME..."

# Set hostname
hostnamectl set-hostname "$HOSTNAME"

# Configure network interface
nmcli connection modify "System $INTERFACE" \
    ipv4.addresses "$IP_ADDRESS/$NETMASK" \
    ipv4.gateway "$GATEWAY" \
    ipv4.dns "$DNS1 $DNS2" \
    ipv4.method manual

# Update /etc/hosts
sed -i "/$IP_ADDRESS/d" /etc/hosts
echo "$IP_ADDRESS $HOSTNAME ${HOSTNAME%%.*}" >> /etc/hosts

# Restart network
nmcli connection up "System $INTERFACE"

# Verify configuration
echo "Network configuration completed:"
echo "Hostname: $(hostname -f)"
echo "IP Address: $(ip -4 addr show $INTERFACE | grep -oP '(?<=inet\s)\d+(\.\d+){3}')"
echo "Gateway: $(ip route | grep default | awk '{print $3}')"
echo "DNS Servers: $(grep nameserver /etc/resolv.conf | awk '{print $2}')"

Security Considerations

Secure Hostname Configuration

# Avoid exposing internal structure
# Bad: db-mysql-prod-01.internal.company.com
# Good: db01.example.com

# Use generic names for public-facing systems
# Internal: web-prod-01.internal
# External: www.example.com

Network Security Settings

# Disable IPv6 if not needed
echo "net.ipv6.conf.all.disable_ipv6 = 1" | sudo tee -a /etc/sysctl.d/90-disable-ipv6.conf
echo "net.ipv6.conf.default.disable_ipv6 = 1" | sudo tee -a /etc/sysctl.d/90-disable-ipv6.conf
sudo sysctl -p /etc/sysctl.d/90-disable-ipv6.conf

# Enable TCP SYN cookies
echo "net.ipv4.tcp_syncookies = 1" | sudo tee -a /etc/sysctl.d/90-security.conf

# Disable source routing
echo "net.ipv4.conf.all.accept_source_route = 0" | sudo tee -a /etc/sysctl.d/90-security.conf
echo "net.ipv6.conf.all.accept_source_route = 0" | sudo tee -a /etc/sysctl.d/90-security.conf

# Apply settings
sudo sysctl -p /etc/sysctl.d/90-security.conf

DNS Security

# Use DNS over TLS
sudo nano /etc/systemd/resolved.conf
# Add:
# DNSOverTLS=yes
# DNSSEC=yes

# Configure secure DNS servers
sudo nmcli connection modify "System eth0" \
    ipv4.dns "1.1.1.1 1.0.0.1"  # Cloudflare
    # or
    ipv4.dns "9.9.9.9 149.112.112.112"  # Quad9

Firewall Configuration

# Allow only necessary services
sudo firewall-cmd --permanent --add-service=ssh
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https

# Remove unnecessary services
sudo firewall-cmd --permanent --remove-service=cockpit
sudo firewall-cmd --reload

# Verify firewall rules
sudo firewall-cmd --list-all

Conclusion

Proper hostname and network configuration in AlmaLinux requires attention to detail and understanding of various components. Key takeaways:

• Use hostnamectl for hostname management
• Configure both static hostname and /etc/hosts entries
• Use NetworkManager (nmcli) for network configuration
• Maintain proper DNS configuration for name resolution
• Document your network configuration
• Implement security best practices
• Regular monitoring helps prevent issues
• Keep configuration backups

Remember that hostname and network settings are fundamental to system identity and connectivity. Take time to plan and document your configuration for easier management and troubleshooting.