Use of Linux network configuration tools

This article introduces RHEL8 network services and network configuration tools, as well as network firewalls and rule management tools.

NetworkManager network management tool

NetworkManager provides network services for RHEL8. Each network device is associated with a NetworkManager device, and the configuration of the network device is saved in the NetworkManager connection.

NetworkManager provides a D-Bus API interface to configure and manage the network, and provides GUI/TUI/CLI tools to configure the network.

Install NetworkManager

$ yum install NetworkManager

Enable NetworkManager

$ systemctl enable NetworkManager

Start NetworkManager

$ systemctl start NetworkManager

Check NetworkManager Status

$ systemctl status NetworkManager

Network Configuration Tools

RHEL8 provides three network configuration tools:

• nmcli command-line interface
• nmtui Simple TUI interface
• nm-connection-editor graphical interface

The network dispatcher feature supports running related scripts based on the network status. The scripts are stored in the directory /etc/NetworkManager/dispatcher.d/

The network configuration files are stored in the /etc/sysconfig/network-scripts/ directory. No default script is provided by default. In RHEL8, ifup/ifdown are used to open and close the specified network. Modifying the network configuration will not take effect immediately and requires restarting the network or reloading

$ nmcli connection reload

List network devices

$ nmcli device

List Network Connections

$ nmcli connection

Display overall status

$ nmcli general status

Setting up DNS

$ nmcli con mod conn-name ipv4.dns "8.8.8.8 8.8.4.4"
$ nmcli -p con show conn-name

Start the interactive interface

$ nmcli con edit

Firewall management module nftables

Media Access Control Security (MACsec) is a network transmission encryption and authentication technology.
IPsec works at the network layer (2)
SSL works at the application layer (7)
MACsec works at the data link layer (2)

In RHEL8, nftables is used as the firewall backend to replace the original iptables. nftables provides packet filtering and classification functions and integrates multiple tools. It also makes many improvements, such as supporting IPv4/IPv6 at the same time, automatically processing rules, supporting debugging, and so on.

Similar to iptables, nftables uses tables to store network chains. Chains contain rules for each action. The nft tool replaces all components in the previous network packet filtering framework. The libnftnl library can be used to interact with the nftables API at the low-level networking layer via libnml.

In RHEL8, nftables is the default backend for firewall. Although the nftables backend is backwards compatible with the previous firewall configuration iptables backend, you can still switch the firewall backend to iptables. You need to configure the FirewallBackend option in the configuration file /etc/firewalld/firewalld.conf to iptables.

The effects of the nftables rule module can be seen by listing the rules in the nft command. Since nftables rule settings add tables, chains, and rule divisions, you need to pay attention to the impact when operating.

The above is the full content of this article. I hope it will be helpful for everyone’s study. I also hope that everyone will support 123WORDPRESS.COM.