How to configure networking in Linux

9 readers like this.
people on top of a connected globe

Pixabay

Connecting your Linux computer to a network is pretty straightforward, except when it is not. In this article I discuss the main network configuration files for Red Hat-based Linux distributions, and take a look at the two network startup services: the venerable network startup, and the controversial NetworkManager.

Linux easily manages multiple network interface adapters. Laptops typically include both wired and wireless interfaces, and may also support WiMax interfaces for cellular networks. Linux desktop computers also support multiple network interfaces, and you can use your Linux computer as a multi-network client, or as a router for internal networks; such is the case with a couple of my own systems.

Interface configuration files

Every network interface has its own configuration file in the /etc/sysconfig/network-scripts directory. Each interface has a configuration file named ifcfg-<interface-name>X, where X is the number of the interface, starting with zero or 1 depending upon the naming convention in use; for example /etc/sysconfig/network-scripts/ifcfg-eth0 for the first Ethernet interface.

Most of the other files in the /etc/sysconfig/network-scripts directory are scripts used to start, stop and perform various network configuration activities.

Each interface configuration file is bound to a specific physical network interface by the MAC address of the interface.

Network interface naming conventions

The naming conventions for network interfaces used to be simple, uncomplicated, and, I thought, easy. Using ethX made sense to me and was easy to type. It did not require extra steps to figure out what long and obscure name belonged to an interface. Unfortunately, adding a new interface often forced the renaming of network interfaces, which broke scripts and configurations. That has all changed, more than once.

After a short stint with some long and unintelligible network interface names, we now have a third set of naming conventions which seem only marginally better.  Names like ethX are still used by CentOS 6.x. The newest naming conventions, with names like eno1 and enp0s3 are used by RHEL 7, CentOS 7, and more recent releases of Fedora. The interface naming convention for RHEL 6 and CentOS 6 is described in Appendix A. Consistent Network Device Naming of the Red Hat Deployment Guide. RHEL 7, CentOS 7, and current versions of Fedora are described in Chapter 8. Consistent Network Device Naming of the Red Hat Networking Guide.

Configuration file examples

This example network interface configuration file, ifcfg-eth0, defines a static IP address configuration for a CentOS 6 server installation.

# Intel Corporation 82566DC-2 Gigabit Network Connection
DEVICE=eth0
HWADDR=00:16:76:02:BA:DB
ONBOOT=yes
IPADDR=192.168.0.10
BROADCAST=192.168.0.255
NETMASK=255.255.255.0
NETWORK=192.168.0.0
SEARCH="example.com"
BOOTPROTO=static
GATEWAY=192.168.0.254
DNS1=192.168.0.254
DNS2=8.8.8.8
TYPE=Ethernet
USERCTL=no
IPV6INIT=no

This file starts the interface on boot, assigns it a static IP address, defines a domain and network gateway, specifies two DNS servers, and does not allow non-root users to start and stop the interface.

The following interface configuration file, ifcfg-eno1, provides a DHCP configuration for a desktop workstation.

TYPE=Ethernet
BOOTPROTO=dhcp
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=no
IPV6_AUTOCONF=no
IPV6_DEFROUTE=no
IPV6_FAILURE_FATAL=no
NAME=eno1
UUID=a67804ff-177a-4efb-959d-c3f98ba0947e
ONBOOT=yes
HWADDR=E8:40:F2:3D:0E:A8
IPV6_PEERDNS=no
IPV6_PEERROUTES=no

In this second configuration file example, the DHCP entries, IP address, the search domain, and all other network information are not defined because they are supplied by the DHCP server. Configuration items like the DNS servers can be overridden in the interface configuration file by adding DNS1 and DNS2 lines, as in the previous static configuration example.

Note that this second example contains a UUID line. As far as I can determine, this line has no effect on the functionality of the configuration file. I usually comment it out or even delete it and have never experienced a detrimental effect on my network. 

In both interface configuration files, the HWADDR line specifies the MAC address of the physical network interface. This binds the physical interface to the interface configuration file.  You must change the MAC address in the file if you replace the interface. 

There are a couple ways to locate the MAC address of a NIC. I usually use the ifconfig command which shows all installed NICs, thier MAC address and various statistics. Many new NICs have their MAC address printed on the box or labelled on the NIC itself. However, most interface configuration files are generated automatically during installation or when the NIC is first detected after being newly installed, and the MAC address is included as part of the new interface configuration file.

The ONBOOT line specifies that the interface is to be activated at startup time. If this line is changed to "no" the interface will have to be activated either manually, or by NetworkManager after a user logs in.

The USERCTL line specifies that non-privileged users cannot manage the interface; that is they cannot turn it on and off. Setting this parameter to "yes" allows regular users to activate and deactivate the interface.

Notice that the lines in the interface configuration files are not sequence-sensitive, and work just fine in any order. By convention, the option names are in uppercase and the values are in lowercase. Option values can be enclosed in quotes, but that is not necessary unless the value is more than a single word or number.

Configuration options

There are many configuration options for the interface configuration files. These are some of the more common options:

  • DEVICE: The logical name of the device, such as eth0 or enp0s2.
  • HWADDR: The MAC address of the NIC that is bound to the file, such as 00:16:76:02:BA:DB
  • ONBOOT: Start the network on this device when the host boots. Options are yes/no. This is typically set to "no" and the network does not start until a user logs in to the desktop. If you need the network to start when no one is logged in, set this to "yes".
  • IPADDR: The IP Address assigned to this NIC such as 192.168.0.10
  • BROADCAST: The broadcast address for this network such as 192.168.0.255
  • NETMASK: The netmask for this subnet such as the class C mask 255.255.255.0
  • NETWORK: The network ID for this subnet such as the class C ID 192.168.0.0
  • SEARCH: The DNS domain name to search when doing lookups on unqualified hostnames such as "example.com"
  • BOOTPROTO: The boot protocol for this interface. Options are static, DHCP, bootp, none. The "none" option defaults to static.
  • GATEWAY: The network router or default gateway for this subnet, such as 192.168.0.254
  • ETHTOOL_OPTS: This option is used to set specific interface configuration items for the network interface, such as speed, duplex state, and autonegotiation state. Because this option has several independent values, the values should be enclosed in a single set of quotes, such as: "autoneg off speed 100 duplex full".
  • DNS1: The primary DNS server, such as 192.168.0.254, which is a server on the local network. The DNS servers specified here are added to the /etc/resolv.conf file when using NetworkManager, or when the peerdns directive is set to yes, otherwise the DNS servers must be added to /etc/resolv.conf manually and are ignored here.
  • DNS2: The secondary DNS server, for example 8.8.8.8, which is one of the free Google DNS servers. Note that a tertiary DNS server is not supported in the interface configuration files, although a third may be configured in a non-volatile resolv.conf file.
  • TYPE: Type of network, usually Ethernet. The only other value I have ever seen here was Token Ring but that is now mostly irrelevant.
  • PEERDNS: The yes option indicates that /etc/resolv.conf is to be modified by inserting the DNS server entries specified by DNS1 and DNS2 options in this file. "No" means do not alter the resolv.conf file. "Yes" is the default when DHCP is specified in the BOOTPROTO line.
  • USERCTL: Specifies whether non-privileged users may start and stop this interface. Options are yes/no.
  • IPV6INIT: Specifies whether IPV6 protocols are applied to this interface. Options are yes/no.

If the DHCP option is specified, most of the other options are ignored. The only required options are BOOTPROTO, ONBOOT and HWADDR. Other options that you might find useful, that are not ignored, are the DNS and PEERDNS options if you want to override the DNS entries supplied by the DHCP server.

The deprecated network file

There is one old and now deprecated file you might encounter. The network file usually contains only a single comment line for current releases of Fedora, RHEL, and CentOS. It is located in /etc/sysconfig and was used in the past to enable or disable networking. It was also used to set the networking host name as shown in the following example:

NETWORKING=yes
HOSTNAME=host.example.com

This file has been present but unused in Fedora since release 19. It is still used in RHEL/CentOS 6.x, but is no longer used in RHEL/CentOS 7.x. The network hostname is now set in the /etc/hostname file.

Other network files

The /etc/sysconfig/network-files directory contains many other files, all of which are usually executable BASH scripts rather than configuration files. This is, to me at least, one of the bothersome exceptions to the Linux Filesystem Hierarchical Standard (FHS) which explicitly states that only configuration files and not executable files are to be located in the /etc tree.

One other network configuration file you might find in /etc/sysconfig/network-files is the route-<interface> file. If you want to set up static routes on a multi-homed system, create a route file for each interface.  For example, the following file is named route-eth0, and defines routes for that specific interface to both networks and individual hosts.

default 192.168.2.1 dev eth0
10.10.10.0/24 via 192.168.0.1 dev eth0
192.168.1.0/24 via 192.168.0.1 dev eth0

192.168.96.11 via 192.168.97.1
192.168.15.100 via 192.168.15.32
192.168.96.12 via 192.168.97.1
192.168.97.100 via 192.168.97.1

The use of this file is uncommon, unless you are using the host as a router with some complex routing needs. See the Networking Guide for your version of Red Hat Enterprise Linux or CentOS for more details on configuring routing.

Network startup

With the advent of wireless networks and mobile devices, reconfiguring the network interfaces for each new wireless network became complicated and time-consuming. It may also create naming conflicts when adding a new network interface.

network

The old network service was used by default on Red Hat based distributions until 2004 to manage network startup and stop tasks. A SystemV start script used static configuration files to start the wired or wireless network at boot time, or with a simple command like service network start command from the command line. This service is still available, although the commands are redirected through systemd.

The network service is unable to monitor pluggable devices or changing wireless networks, so it cannot be used easily on laptops or netbook-style computers.

There were also issues with configuring wired networks with laptops, and servers or desktops with multiple network interfaces. I encountered problems when replacing a defective interface in a host with multiple network interfaces, as the interface name often changed during system startup.

NetworkManager

Red Hat introduced NetworkManager in 2004 to simplify and automate network configuration and connections, especially wireless connections. The intent is to prevent the user from having to manually configure each new wireless network. Although it is intended to make network management easier for non-technical users, it requires some adjustment by the Linux administrator because many of the familiar configuration functions are now handled by a new layer of configuration files and scripts. This means that the standard configuration files are subject to being overwritten by NetworkManager every time the network is restarted, including every reboot.

The udev daemon is a  kernel device manager which is supposed to provide consistent and persistent device naming for all devices, including network devices and removable mass storage devices. It is also used to match network device names, i.e., eth0 or eno1, for example, to the MAC address on the network interface.

How it works, sort of

The udev device manager detects when a new device has been added to the system, such as a new network interface, and creates a rule to identify and name it if one does not already exist. The details of how this works have changed in more recent versions of Fedora, CentOS and RHEL. The current device naming procedure is described in detail in the RHEL 7 Networking Guide, along with a description of how the names are derived.

The current convention is to use the contents of the interface configuration files to generate the rules. However, if an interface configuration file does not exist, plugging in a new device or connecting with a new wireless network causes udev to notify NetworkManager of the new device or wireless connectrion. NetworkManager then creates the new interface configuration file.
The udev daemon creates an entry for each network interface in the network rules file. NetworkManager uses these entries, along with information in the interface configuration files in the /etc/sysconfig/network-scripts/ directory to initialize each interface.

Admins' choice

It is possible to use the older network service and disable NetworkManager. There are plenty of howtos that describe how to disable NetworkManager and return to using the network service, including this one, so I won't go into those details here.
I personally recommend against returning to the older network service because, once I understood how NetworkManager and udev work together provide a consistent naming scheme and automatic configuration for both existing and new devices, it all made sense and made managing network interfaces easier. In my opinion, NetworkManager is the best of both worlds.

As always with Linux, the decision of which service to use is your choice.

David Both
David Both is an Open Source Software and GNU/Linux advocate, trainer, writer, and speaker. He has been working with Linux and Open Source Software since 1996 and with computers since 1969. He is a strong proponent of and evangelist for the "Linux Philosophy for System Administrators."

8 Comments

This is an incredibly useful post. I have to bookmark this. This should be evergreen content on the site.

I agree with Don Watkins. This caused me no end of gas. If would have this, would have saved me weeks of pain. For many years I have used an ancient
Fedora Core release 4 system as a wireless router. It works but getting it working was indistinguishable from magic. Now armed with this knowledge,I can start off being more informed and can upgrade this dinosaur. Kudos and Much thanks.

Thank you for this. It's refreshed some things for me and filled in some gaps - the best type of morning read.

Good post, you should follow up with a 802.1x addendum as most universities and businesses are using secure network access control in some fashion.

Comprehensive!

However, I suggest a small change in the title such as:
"How to configure networking in RHEL / CentOS / Fedora Linux or derivatives thereof" because the settings are specific to Redhat centric Linux.

In Debian / Ubuntu and derivatives thereof - the network config files and parameter names are different.

I rather would have seen a topic on commandline network configuration for wireless interfaces. this somehow never gets any attention. anyone who ever experienced networkmanager failing here knows what i am talking about.

If you're an old-style config file editor watch out for the PREFIX parameter. Much puzzlement why my NETMASK was being ignored until I spotted it.

I don't know what added it to the file, but I can do without that kind of help thanks.

RHEL 6.6

Hi,

Thanks a lot for nice article

Creative Commons LicenseThis work is licensed under a Creative Commons Attribution-Share Alike 4.0 International License.