nmcli is a part of the NetworkManager package that was released in 2010. It can be used like other modes of configuring network interfaces and connections, such as the ip command.
1. The nmcli syntax:
nmcli [OPTIONS...] { help | general | networking | radio | connection | device | agent | monitor } [COMMAND] [ARGUMENTS...]There are eight sections, each one targeting a specific networking function:
- General retrieves NetworkManager's status and global configuration.
- Networking provides commands to query a network connection's status and enable or disable connections.
- Radio provides commands to query a WiFi network connection's status and enable or disable connections.
- Connection provides commands to bring network interfaces up and down, to add new connections, and to delete existing connections.
- Device is mainly used to modify parameters associated with a device (e.g., the interface name) or to connect a device using an existing connection.
- Agent registers nmcli as a NetworkManager secret agent listening for secret messages. This is very rarely required because nmcli does this automatically when connecting to networks.
- Monitor provides commands to monitor NetworkManager activity and observe network connections' status changes.
2. nmcli command examples
Status of all network devices :
nmcli dev statusTo view all network connections:
nmcli con showNAME UUID TYPE DEVICE
Wired connection 1 18b2624a-b237-3427-862e-b2e5f10e0bde ethernet enp4s1
lo 437aad2f-b414-4f91-9d58-ec1c275e9ac3 loopback lo
client1 c4198798-10b5-4b6a-8893-691bdc95597d vpn --
client4 523750ac-3c44-46d8-b254-ba37d124cb0b vpn -- To list details of a specific connection, we need to add its name or UUID as argument
nmcli con show "Wired connection 1"
or
nmcli con show 18b2624a-b237-3427-862e-b2e5f10e0bde
connection.id: Wired connection 1
connection.uuid: 18b2624a-b237-3427-862e-b2e5f10e0bde
connection.stable-id: --
connection.type: 802-3-ethernet
connection.interface-name: --
connection.autoconnect: yes
connection.autoconnect-priority: -100
connection.autoconnect-retries: -1 (default)
connection.multi-connect: 0 (default)
connection.auth-retries: -1
connection.timestamp: 1753343047
connection.permissions: --
connection.zone: --
connection.controller: --
connection.master: --
connection.slave-type: --
connection.port-type: --
connection.autoconnect-slaves: -1 (default)
connection.autoconnect-ports: -1 (default)
connection.secondaries: --
connection.gateway-ping-timeout: 0
connection.metered: unknown
connection.lldp: default
connection.mdns: -1 (default)
connection.llmnr: -1 (default)
connection.dns-over-tls: -1 (default)
connection.mptcp-flags: 0x0 (default)
connection.wait-device-timeout: -1
connection.wait-activation-delay: -1
802-3-ethernet.port: --
802-3-ethernet.speed: 0
802-3-ethernet.duplex: --
802-3-ethernet.auto-negotiate: no
802-3-ethernet.mac-address: --
802-3-ethernet.cloned-mac-address: --
802-3-ethernet.generate-mac-address-mask:--
802-3-ethernet.mac-address-blacklist: --
802-3-ethernet.mtu: auto
802-3-ethernet.s390-subchannels: --
802-3-ethernet.s390-nettype: --
802-3-ethernet.s390-options: --
802-3-ethernet.wake-on-lan: default
802-3-ethernet.wake-on-lan-password: --
802-3-ethernet.accept-all-mac-addresses:-1 (default)
ipv4.method: manual
ipv4.dns: 8.8.8.8,4.4.4.4
ipv4.dns-search: --
ipv4.dns-options: --
ipv4.dns-priority: 0
ipv4.addresses: 192.168.0.2/24
ipv4.gateway: 192.168.0.1
ipv4.routes: --
ipv4.route-metric: -1
ipv4.route-table: 0 (unspec)
ipv4.routing-rules: --
ipv4.replace-local-rule: -1 (default)
ipv4.ignore-auto-routes: no
ipv4.ignore-auto-dns: no
ipv4.dhcp-client-id: --
ipv4.dhcp-iaid: --
ipv4.dhcp-dscp: --
ipv4.dhcp-timeout: 0 (default)
ipv4.dhcp-send-hostname: yes
ipv4.dhcp-hostname: --
ipv4.dhcp-fqdn: --
ipv4.dhcp-hostname-flags: 0x0 (none)
ipv4.never-default: no
ipv4.may-fail: yes
ipv4.required-timeout: -1 (default)
ipv4.dad-timeout: -1 (default)
ipv4.dhcp-vendor-class-identifier: --
ipv4.link-local: 0 (default)
ipv4.dhcp-reject-servers: --
ipv4.auto-route-ext-gw: -1 (default)
ipv6.method: auto
ipv6.dns: --
ipv6.dns-search: --
ipv6.dns-options: --
ipv6.dns-priority: 0
ipv6.addresses: --
ipv6.gateway: --
ipv6.routes: --
ipv6.route-metric: -1
ipv6.route-table: 0 (unspec)
ipv6.routing-rules: --
ipv6.replace-local-rule: -1 (default)
ipv6.ignore-auto-routes: no
ipv6.ignore-auto-dns: no
ipv6.never-default: no
ipv6.may-fail: yes
ipv6.required-timeout: -1 (default)
ipv6.ip6-privacy: -1 (unknown)
ipv6.addr-gen-mode: stable-privacy
ipv6.ra-timeout: 0 (default)
ipv6.mtu: auto
ipv6.dhcp-pd-hint: --
ipv6.dhcp-duid: --
ipv6.dhcp-iaid: --
ipv6.dhcp-timeout: 0 (default)
ipv6.dhcp-send-hostname: yes
ipv6.dhcp-hostname: --
ipv6.dhcp-hostname-flags: 0x0 (none)
ipv6.auto-route-ext-gw: -1 (default)
ipv6.token: --
proxy.method: none
proxy.browser-only: no
proxy.pac-url: --
proxy.pac-script: --
GENERAL.NAME: Wired connection 1
GENERAL.UUID: 18b2624a-b237-3427-862e-b2e5f10e0bde
GENERAL.DEVICES: enp4s1
GENERAL.IP-IFACE: enp4s1
GENERAL.STATE: activated
GENERAL.DEFAULT: yes
GENERAL.DEFAULT6: no
GENERAL.SPEC-OBJECT: --
GENERAL.VPN: no
GENERAL.DBUS-PATH: /org/freedesktop/NetworkManager/ActiveConnection/2
GENERAL.CON-PATH: /org/freedesktop/NetworkManager/Settings/3
GENERAL.ZONE: --
GENERAL.MASTER-PATH: --
IP4.ADDRESS[1]: 192.168.0.2/24
IP4.GATEWAY: 192.168.0.1
IP4.ROUTE[1]: dst = 192.168.0.0/24, nh = 0.0.0.0, mt = 100
IP4.ROUTE[2]: dst = 0.0.0.0/0, nh = 192.168.0.1, mt = 100
IP4.DNS[1]: 8.8.8.8
IP4.DNS[2]: 4.4.4.4
IP6.ADDRESS[1]: fe80::88d7:584b:6090:23db/64
IP6.GATEWAY: --
IP6.ROUTE[1]: dst = fe80::/64, nh = ::, mt = 1024
3. Adding network connections
This following connection will receive an IP address from the DHCP server (dynamic).
nmcli con add con-name privatecon type ethernet ifname enp4s1 ipv4.method autoConnection 'privatecon' (cef7c6e2-6f96-4805-90b3-c50a975dd6a0) successfully added.type : requests an ethernet connection
ifname (interface name): specifies the network interface device to use.
Modify the connection to static IP :
nmcli con modify privatecon ipv4.method manual ipv4.address 192.168.0.10/24 ipv4.gateway 192.168.0.14. Interactive editor
Although it is a command-line tool, nmcli command also offers an interactive editor to edit a connection :
nmcli con edit privatecon===| nmcli interactive connection editor |===
Editing existing '802-3-ethernet' connection: 'privatecon'
Type 'help' or '?' for available commands.
Type 'print' to show all the connection properties.
Type 'describe [<setting>.<prop>]' for detailed property description.
You may edit the following settings: connection, 802-3-ethernet (ethernet), 802-1x, dcb, sriov, ethtool, match, ipv4, ipv6, hostname, link, tc, proxy
nmcli> help
------------------------------------------------------------------------------
---[ Main menu ]---
goto [<setting> | <prop>] :: go to a setting or property
remove <setting>[.<prop>] | <prop> :: remove setting or reset property value
set [<setting>.<prop> <value>] :: set property value
describe [<setting>.<prop>] :: describe property
print [all | <setting>[.<prop>]] :: print the connection
verify [all | fix] :: verify the connection
save [persistent|temporary] :: save the connection
activate [<ifname>] [/<ap>|<nsp>] :: activate the connection
back :: go one level up (back)
help/? [<command>] :: print this help
nmcli <conf-option> <value> :: nmcli configuration
quit :: exit nmcli
------------------------------------------------------------------------------
nmcli>
When we type print, all properties of the connection are dispayed :
nmcli> print
===============================================================================
Connection profile details (privatecon)
===============================================================================
connection.id: privatecon
connection.uuid: cef7c6e2-6f96-4805-90b3-c50a975dd6a0
connection.stable-id: --
connection.type: 802-3-ethernet
connection.interface-name: enp4s1
connection.autoconnect: yes
connection.autoconnect-priority: 0
connection.autoconnect-retries: -1 (default)
connection.multi-connect: 0 (default)
connection.auth-retries: -1
connection.timestamp: 0
connection.permissions: --
connection.zone: --
connection.controller: --
connection.master: --
connection.slave-type: --
connection.port-type: --
connection.autoconnect-slaves: -1 (default)
connection.autoconnect-ports: -1 (default)
connection.secondaries: --
connection.gateway-ping-timeout: 0
connection.metered: unknown
connection.lldp: default
connection.mdns: -1 (default)
connection.llmnr: -1 (default)
connection.dns-over-tls: -1 (default)
connection.mptcp-flags: 0x0 (default)
connection.wait-device-timeout: -1
connection.wait-activation-delay: -1
-------------------------------------------------------------------------------
802-3-ethernet.port: --
802-3-ethernet.speed: 0
802-3-ethernet.duplex: --
802-3-ethernet.auto-negotiate: no
802-3-ethernet.mac-address: --
802-3-ethernet.cloned-mac-address: --
802-3-ethernet.generate-mac-address-mask:--
802-3-ethernet.mac-address-blacklist: --
802-3-ethernet.mtu: auto
802-3-ethernet.s390-subchannels: --
802-3-ethernet.s390-nettype: --
802-3-ethernet.s390-options: --
802-3-ethernet.wake-on-lan: default
802-3-ethernet.wake-on-lan-password: --
802-3-ethernet.accept-all-mac-addresses:-1 (default)
-------------------------------------------------------------------------------
ipv4.method: manual
ipv4.dns: --
ipv4.dns-search: --
ipv4.dns-options: --
ipv4.dns-priority: 0
ipv4.addresses: 192.168.0.99/24
ipv4.gateway: 192.168.0.1
ipv4.routes: --
ipv4.route-metric: -1
ipv4.route-table: 0 (unspec)
ipv4.routing-rules: --
ipv4.replace-local-rule: -1 (default)
ipv4.ignore-auto-routes: no
ipv4.ignore-auto-dns: no
ipv4.dhcp-client-id: --
ipv4.dhcp-iaid: --
ipv4.dhcp-dscp: --
ipv4.dhcp-timeout: 0 (default)
ipv4.dhcp-send-hostname: yes
ipv4.dhcp-hostname: --
ipv4.dhcp-fqdn: --
ipv4.dhcp-hostname-flags: 0x0 (none)
ipv4.never-default: no
ipv4.may-fail: yes
ipv4.required-timeout: -1 (default)
ipv4.dad-timeout: -1 (default)
ipv4.dhcp-vendor-class-identifier: --
ipv4.link-local: 0 (default)
ipv4.dhcp-reject-servers: --
ipv4.auto-route-ext-gw: -1 (default)
-------------------------------------------------------------------------------
ipv6.method: auto
ipv6.dns: --
ipv6.dns-search: --
ipv6.dns-options: --
ipv6.dns-priority: 0
ipv6.addresses: --
ipv6.gateway: --
ipv6.routes: --
ipv6.route-metric: -1
ipv6.route-table: 0 (unspec)
ipv6.routing-rules: --
ipv6.replace-local-rule: -1 (default)
ipv6.ignore-auto-routes: no
ipv6.ignore-auto-dns: no
ipv6.never-default: no
ipv6.may-fail: yes
ipv6.required-timeout: -1 (default)
ipv6.ip6-privacy: -1 (unknown)
ipv6.addr-gen-mode: default
ipv6.ra-timeout: 0 (default)
ipv6.mtu: auto
ipv6.dhcp-pd-hint: --
ipv6.dhcp-duid: --
ipv6.dhcp-iaid: --
ipv6.dhcp-timeout: 0 (default)
ipv6.dhcp-send-hostname: yes
ipv6.dhcp-hostname: --
ipv6.dhcp-hostname-flags: 0x0 (none)
ipv6.auto-route-ext-gw: -1 (default)
ipv6.token: --
-------------------------------------------------------------------------------
proxy.method: none
proxy.browser-only: no
proxy.pac-url: --
proxy.pac-script: --
-------------------------------------------------------------------------------
nmcli>
We can change the staic IP adress :
nmcli> print ipv4.addresses
ipv4.addresses: 192.168.0.99/24
nmcli> set ipv4.addresses 192.168.0.101/24
nmcli> print ipv4.addresses
ipv4.addresses: 192.168.0.99/24, 192.168.0.101/24
nmcli> remove ipv4.addresses 192.168.0.99/24
nmcli> print ipv4.addresses
ipv4.addresses: 192.168.0.101/24
nmcli> save
Connection 'privatecon' (cef7c6e2-6f96-4805-90b3-c50a975dd6a0) successfully updated.
nmcli> We have to remove the old IP and save our modifications once finished.
It is also possible to modify the gateway using the same method :
nmcli> print ipv4.gateway
ipv4.gateway: 192.168.0.1
nmcli> set ipv4.gateway 192.168.0.2
nmcli> print ipv4.gateway
ipv4.gateway: 192.168.0.2
nmcli> Reload and restart connections
Generally, for the changes to take effect we need to shut down the connection and bring it back up : down :
nmcli con down privateconand up :
nmcli con up privatecon to reload all connections :
nmcli con reloadTo delete a specific connection :
nmcli con del privatecon
Connection 'privatecon' (cef7c6e2-6f96-4805-90b3-c50a975dd6a0) successfully deleted.About Me
aedes: The sanctuary in Latin language. This website is related to my fields of interrest...
Gallery
social
Translate
