用 gnome 图形界面的 Linux 一般都用 NetworkManager 管理网络
NetworkManager就是network-manager
systemctl status NetworkManager
在Debian10中 等效
systemctl status network-manager
debian10 用 sudo apt install network-manager
安装
安装NetworkManager后可以用nmcli
和nmtui
命令
NetworkManager网络配置文件是/etc/NetworkManager/system-connections/*.nmconnection
ls /etc/NetworkManager/system-connections/
cd /etc/NetworkManager/system-connections/
gnome图形界面配置网络 和 nmtui
的控制台图形界面配置网络 或 nmcli
命令行语句配置网络
都会在 /etc/NetworkManager/system-connections/
生成 名称.nmconnection
配置文件
nmtui
nmcli
[connection]
id=NetworkManager连接演示001 # 连接名
uuid=d17c0801-9ba8-4204-9f36-ced5af9ba666
type=ethernet
interface-name=ens33 # 网络接口名
[ethernet]
[ipv4]
# 逗号 网关写在这里
# ↓
address1=192.168.168.224/24,192.168.168.2 # 只能第一个地址有网关
address2=192.168.168.225/24 # ip地址2
address3=192.168.168.226/24 # 可以有多个IP地址, 但网关只能有一个
address4=192.168.168.227/24
address5=192.168.168.228/24
address6=192.168.168.229/24
address7=192.168.168.230/24
address8=192.168.168.231/24
address9=192.168.168.232/24
address10=192.168.168.233/24
address11=192.168.168.234/24
address12=192.168.168.235/24
# 图形界面里的dns用逗号分隔, 这里的dns用分号分隔 ↓
dns=192.168.168.2;119.29.29.29;180.76.76.76;223.6.6.6;8.8.4.4;114.114.115.115;223.5.5.5;8.8.8.8;1.1.1.1;114.114.114.114;101.226.4.6;123.125.81.6;
dns-search=qq.com; # 搜索域
ignore-auto-dns=true # 跳过自动DNS
method=manual # 手动配置ip,静态ip
[ipv6]
addr-gen-mode=stable-privacy
method=auto
[proxy]
一些由gnome,nmtui,nmcli 生成的l *.nmconnection 的例子
[connection]
id=ens33ConnTest001
uuid=47b1917a-5eea-4160-b56f-680654c338c9
type=ethernet
interface-name=ens33
[ethernet]
[ipv4]
address1=192.168.168.224/24,192.168.168.2
address2=192.168.168.225/24
address3=192.168.168.226/24
address4=192.168.168.227/24
address5=192.168.168.228/24
address6=192.168.168.229/24
address7=192.168.168.230/24
address8=192.168.168.231/24
address9=192.168.168.232/24
address10=192.168.168.233/24
address11=192.168.168.234/24
address12=192.168.168.235/24
dns=192.168.168.2;119.29.29.29;180.76.76.76;223.6.6.6;8.8.4.4;114.114.115.115;223.5.5.5;8.8.8.8;1.1.1.1;114.114.114.114;101.226.4.6;123.125.81.6;
dns-search=qq.com;
ignore-auto-dns=true
method=manual
[ipv6]
addr-gen-mode=stable-privacy
method=auto
[proxy]
cd /etc/NetworkManager/system-connections/
[connection]
id=ens33-nutui-001
uuid=bbfc8a1f-b9fc-49a8-929b-52c90d227031
type=ethernet
interface-name=ens33
permissions=
[ethernet]
mac-address-blacklist=
[ipv4]
address1=192.168.168.20/24,192.168.168.2
dns=180.76.76.76;223.6.6.6;192.168.168.2;8.8.4.4;
dns-search=baidu.com;pcpop.com;
method=manual
[ipv6]
addr-gen-mode=stable-privacy
dns-search=
method=auto
[connection]
id=有线连接 1
uuid=fdae7e35-2f0e-3c31-8717-2b998d902f57
type=ethernet
autoconnect-priority=-999
interface-name=ens33
timestamp=1665711319
[ethernet]
[ipv4]
address1=192.168.168.224/24,192.168.168.2
dns=192.168.168.2;8.8.4.4;223.6.6.6;101.226.4.6;180.76.76.76;119.29.29.29;114.114.114.114;8.8.8.8;1.1.1.1
ignore-auto-dns=true
method=manual
[ipv6]
addr-gen-mode=stable-privacy
method=auto
[proxy]
[connection]
id=有线连接 1
uuid=d428e1fc-fbec-3ead-9a7b-bb1af34b74c7
type=ethernet
autoconnect-priority=-999
interface-name=ens33
timestamp=1666687829
[ethernet]
[ipv4]
address1=192.168.168.224/24,192.168.168.2
dns=192.168.168.2;8.8.4.4;223.6.6.6;180.76.76.76;123.125.81.6;1.1.1.1;8.8.8.8;114.114.114.114;
method=manual
[ipv6]
addr-gen-mode=stable-privacy
method=auto
[proxy]
ip,掩码,网关 都写在 address1 一行上
address1=192.168.168.199/24,192.168.168.2
dns以分号分隔
ls /etc/NetworkManager/system-connections/
cd /etc/NetworkManager/system-connections/
con
可以写成 c
到 connection
之间的字段mod
可以写成 m
到 modify
之间的字段nmcli connection modify
nmcli connec modify
nmcli conne modif
nmcii conn modi
nmcli con mod
nmcli co mo
nmcli c m
nmcli c modify
nmcli connection m
ipv4.
可以接 [method, dns, dns-search, dns-options, dns-priority, addresses, gateway, routes, route-metric, route-table, routing-rules, ignore-auto-routes, ignore-auto-dns, dhcp-client-id, dhcp-iaid, dhcp-timeout, dhcp-send-hostname, dhcp-hostname, dhcp-fqdn, dhcp-hostname-flags, never-default, may-fail, required-timeout, dad-timeout, dhcp-vendor-class-identifier, dhcp-reject-servers] 。ipv4.method
的可选]值有 [auto, link-local, manual, shared, disabled] , ipv4.method
最简可写成ipv.me
ipv4.addresses
设置IP地址, 最简可写成 ipv4.a
, 可设置多个地址,以逗号分隔, 也可多次用 +ipv4.a
ipv4.a
(ipv4.addresses)可以设置多个(,逗号分隔,可以有空格),但只能出现一次, +ipv4.a
(+ipv4.addresses)可以设置多个(,逗号分隔)可以出现多次ipv4.g
(ipv4.gateway)只能有一个, (在图形界面也只能设置一个), 如果没设置网关就不能上网,但只要有ip地址,就能让网段内其它主机访问,比如ssh连接,没有网关就是能进不能出ipv4.dns
不能简写,可一次设置多个, +ipv4.dns
可多次设置多个ipv4.dns-search
可简写为ipv4.dns-s
, 搜索域ipv4.ignore-auto-dns
取值 true
|fasle
是否跳过自动域名 , 最简只能写成ipv4.ignore-auto-d
对应图形界面
ipv4.x
前面可以加(加号或减号±), ipv4.x
表示设置 +ipv4.x
表示新增, -ipv4.x
表示移除ipv4.x
,后面的ipv4.x
会覆盖前面的ipv4.x
+ipv4.x
和 -ipv4.x
sudo nmcli c m "netplan-ens33" ipv4.method manual ipv4.addr 192.168.168.224/24 ipv4.gateway 192.168.168.2 ipv4.dns 192.168.168.2
最好加上单引号或双引号
sudo nmcli connection modify "有线连接 1" ipv4.method 'manual' ipv4.addr "192.168.168.225/24" ipv4.gateway "192.168.168.2" ipv4.dns '192.168.168.2'
也可以分成多句
sudo nmcli c m "有线连接 1" ipv4.addr "192.168.168.224/24"
sudo nmcli connection modify "有线连接 1" ipv4.gateway "192.168.168.2"
sudo nmcli co mo "有线连接 1" ipv4.method 'manual'
sudo nmcli co mo "有线连接 1" ipv4.method 'auto'
sudo nmcli co mo "有线连接 1" ipv4.method 'manual' ipv4.addresses "192.168.168.224/24" ###### ipv4.gateway "192.168.168.2"
sudo nmcli co mo "有线连接 1" ipv4.ignore-auto-d 'true'
相同的dns不会重复
sudo nmcli co mo "有线连接 1" ipv4.dns "192.168.168.2 , 8.8.4.4 , 223.6.6.6 , 180.76.76.76"
sudo nmcli co mo "有线连接 1" +ipv4.dns "123.125.81.6 ,1.1.1.1,8.8.8.8,114.114.114.114"
sudo nmcli co mo "有线连接 1" +ipv4.dns "192.168.168.2 , 6.6.6.6" # 不会重复
sudo nmcli co mo "有线连接 1" -ipv4.dns "6.6.6.6"
sudo nmcli co mo "有线连接 1" ipv4.dns-search 'baidu.com , google.cn , qq.com'
method
, addresses
, gateway
, dns
, 跳过自动DNS , search
sudo nmcli c m "有线连接 1" ipv4.method 'manual' ipv4.addresses "192.168.168.224/24" ipv4.gateway "192.168.168.2" ipv4.dns "192.168.168.2 , 8.8.4.4 , 223.6.6.6 , 180.76.76.76, 123.125.81.6, 1.1.1.1,8.8.8.8,114.114.114.114" ipv4.ignore-auto-dns 'true' ipv4.dns-search 'baidu.com' ; sudo systemctl restart NetworkManager
method可写成me , addresses可写成a , gateway可写成g , dns不能简写 , dns-serarch可写成dns-s
sudo nmcli c m "有线连接 1" ipv4.me manual ipv4.a "192.168.168.224/24" ipv4.g "192.168.168.1" ipv4.dns "192.168.168.2 , 223.6.6.6 , 180.76.76.76, 123.125.81.6, 1.1.1.1,8.8.8.8,114.114.114.114,8.8.4.4" ipv4.ignore-auto-d 'true' ipv4.dns-s 'baidu.com' ; sudo systemctl restart NetworkManager
没有空格等一些特殊字符的话, 也可以不加引号, 点号不影响
sudo nmcli c m "有线连接 1" ipv4.me manual ipv4.a 192.168.168.224/24 ipv4.g 192.168.168.2 ipv4.dns 192.168.168.2,223.6.6.6,180.76.76.76,123.125.81.6,1.1.1.1,8.8.8.8,114.114.114.114,8.8.4.4 ipv4.ignore-auto-d true ipv4.dns-s baidu.com ; sudo systemctl restart NetworkManager
对于使用 NetworkManager
的系统, 一般用GNOME桌面图形界面的系统都默认用NetworkManager, 如 CentOS7,8,9 , Fedora36 等 都可以使用nmcli
和 nmtui
命令来配置网络
可以用 nmcli help
, nmcli c help
和 nmcli c m help
查看对应的帮助
$ nmcli help
用法:nmcli [选项] 对象 { 命令 | help }
选项
-a, --ask 询问缺少的参数
-c, --colors auto|yes|no 是否在输出中使用颜色
-e, --escape yes|no 转义值中的列分隔符
-f, --fields <字段,...>|all|common 指定要输出的字段
-g, --get-values <字段,...>|all|common -m tabular -t -f 的快捷方式
-h, --help 打印此帮助
-m, --mode tabular|multiline 输出模式
-o, --overview 概览模式
-p, --pretty 美化输出
-s, --show-secrets 允许显示密码
-t, --terse 简介输出
-v, --version 显示程序版本
-w, --wait <秒数> 设定操作完成的等待超时
对象
g[eneral] NetworkManager 的常规状态和操作
n[etworking] 整体网络控制
r[adio] NetworkManager 无线电开关
c[onnection] NetworkManager 的连接
d[evice] NetworkManager 管理的设备
a[gent] NetworkManager 机密(secret)或 polkit 代理
m[onitor] 监视 NetworkManager 更改
$ nmcli connection help
用法:nmcli connection { 命令 | help }
命令 := { show | up | down | add | modify | clone | edit | delete | monitor | reload | load | import | export }
show [--active] [--order <排序规则>]
show [--active] [id | uuid | path | apath] <ID> ...
up [[id | uuid | path] <ID>] [ifname <接口名称>] [ap <BSSID>] [passwd-file <密码文件>]
down [id | uuid | path | apath] <ID> ...
add 常用选项 类型特定选项 从选项 IP_选项 [-- ([+|-]<设置>.<属性> <值>)+]
modify [--temporary] [id | uuid | path] <ID> ([+|-]<设置>.<属性> <值>)+
clone [--temporary] [id | uuid | path ] <ID> <新名称>
edit [id | uuid | path] <ID>
edit [type <新连接类型>] [con-name <新连接名称>]
delete [id | uuid | path] <ID>
monitor [id | uuid | path] <ID> ...
reload
load <文件名> [ <文件名>... ]
import [--temporary] type <类型> file <要导入的文件>
$ nmcli connection modify help
用法:nmcli connection modify { 参数 | help }
参数 := [id | uuid | path] <ID> ([+|-]<设置>.<属性> <值>)+
修改连接配置集的一个或多个属性。
配置集由它的名称、UUID 或 D-Bus 路径代表。对于有多个值
的属性,可以使用 "+" 或 "-" 为属性名加前缀。
"+" 代表附加项而不是覆盖整个值。
"-"代表删除选项的项而不是整个值。
参数 := remove <设置>
从连接配置集中删除一个设置。
示例:
nmcli con mod home-wifi wifi.ssid rakosnicek
nmcli con mod em1-1 ipv4.method manual ipv4.addr "192.168.1.2/24, 10.10.1.5/8"
nmcli con mod em1-1 +ipv4.dns 8.8.4.4
nmcli con mod em1-1 -ipv4.dns 1
nmcli con mod em1-1 -ipv6.addr "abbe::cafe/56"
nmcli con mod bond0 +bond.options mii=500
nmcli con mod bond0 -bond.options downdelay
nmcli con mod em1-1 remove sriov
NetworkManager官网
NetworkManager官网—man pages
Archlinux的nmcli用例—nmcli-examples - usage examples of nmcli
Archlinux的NMCLI(1)—nmcli - command-line tool for controlling NetworkManager
ARGUMENTS := COMMON_OPTIONS TYPE_SPECIFIC_OPTIONS SLAVE_OPTIONS IP_OPTIONS [-- ([+|-]. )+]
COMMON_OPTIONS:
type
ifname | "*"
[con-name ]
[autoconnect yes|no]
[save yes|no]
[master ]
[slave-type ]
nmcli connection add
等效nmcli c a
sudo nmcli c a con-name 'ens33ConnTest001' ifname 'ens33' type ethernet ipv4.method 'manual' ipv4.addresses "192.168.168.224/24 , 192.168.168.225/24,192.168.168.226/24" +ipv4.address '192.168.168.227/24' +ipv4.a '192.168.168.228/24' +ipv4.addre '192.168.168.229/24 , 192.168.168.230/24 , 192.168.168.231/24' +ipv4.addr "192.168.168.232/24" +ipv4.ad '192.168.168.233/24' +ipv4.a 192.168.168.234/24,192.168.168.235/24 ipv4.gate 192.168.168.2 ipv4.dns 192.168.168.2,119.29.29.29,180.76.76.76,223.6.6.6,8.8.4.4,114.114.115.115 +ipv4.dns '223.5.5.5 , 8.8.8.8 , 1.1.1.1 , 114.114.114.114' +ipv4.dns 101.226.4.6,123.125.81.6 ipv4.ignore-auto-dns true ipv4.dns-search qq.com
ipv4.a
(ipv4.addresses)可以设置多个(,逗号分隔,可以有空格),但只能出现一次, +ipv4.a
(+ipv4.addresses)可以设置多个(,逗号分隔)可以出现多次
网关ipv4.g
(ipv4.gateway)只能有一个, (在图形界面也只能设置一个)
ipv4.dns
不能简写,可一次设置多个, +ipv4.dns
可多次设置多个
ipv4.dns-search
可简写为ipv4.dns-s
, 搜索域
ipv4.ignore-auto-dns
取值 true
|fasle
是否跳过自动域名 , 最简只能写成ipv4.ignore-auto-d
上面的nmcli控制台语句会在/etc/NetworkManager/system-connections/
目录生成 con-name
指定的名称加上 .nmconnection
后缀的配置文件, 如果同名文件已存在, 就会再加一个UID
上面的nmcli控制台语句生成的对应的配置文件的内容为
[connection]
id=ens33ConnTest001
uuid=47b1917a-5eea-4160-b56f-680654c338c9
type=ethernet
interface-name=ens33
[ethernet]
[ipv4]
address1=192.168.168.224/24,192.168.168.2
address2=192.168.168.225/24
address3=192.168.168.226/24
address4=192.168.168.227/24
address5=192.168.168.228/24
address6=192.168.168.229/24
address7=192.168.168.230/24
address8=192.168.168.231/24
address9=192.168.168.232/24
address10=192.168.168.233/24
address11=192.168.168.234/24
address12=192.168.168.235/24
dns=192.168.168.2;119.29.29.29;180.76.76.76;223.6.6.6;8.8.4.4;114.114.115.115;223.5.5.5;8.8.8.8;1.1.1.1;114.114.114.114;101.226.4.6;123.125.81.6;
dns-search=qq.com;
ignore-auto-dns=true
method=manual
[ipv6]
addr-gen-mode=stable-privacy
method=auto
[proxy]
netplan
可以从配置文件创建连接, NetworkManager
暂时不知可否从配置文件创建连接,只能从图形界面或nmtui
或nmcli c a
创建新连接, nmcli c load
只能加载已创建连接的配置文件, 不能加载自己添加的配置文件
添加一个简洁的,可当基础模板
sudo nmcli connection add con-name 'Concise' ifname 'ens33' type 'ethernet' ipv4.method 'manual' ipv4.addresses "192.168.168.224/24" ipv4.gateway '192.168.168.2' ipv4.dns '192.168.168.2' ipv4.ignore-auto-dns false ipv4.dns-search google.cn
con-name
, ifname
, type
没法简写 , 区分大小写
可以添加几个连接可用于做试验,或者方便快速切换
sudo nmcli c a con-name 'con-name' ifname 'ens33' type 'EtherneT' ipv4.me 'manual' ipv4.a 192.168.168.224/24 ipv4.g 192.168.168.2
EtHeRnEt 不区分大小写 , 到配置文件会变为小写 ethernet
sudo nmcli c a con-name 'ens33自动获取IP' ifname 'ens33' type EtHeRnEt ipv4.me auto
ipv4.xxx 也不区分大小写, 到配置文件都变小写
sudo nmcli c a con-name '阿里dns' ifname ens33 type ethernet IpV4.me ManuaL iPV4.A 192.168.168.224/24 IPv4.g 192.168.168.2 ipv4.ignore-auto-dns true ipv4.dns 223.6.6.6,223.5.5.5
sudo nmcli c m '阿里dns' iPv4.iGnore-aUto-dNs true Ipv4.dnS 223.6.6.6,223.5.5.5 iPv4.dNs-SeArCh alibaba.com,aliyun.com,taobao.com
con-name
, ifname
, type
没法简写 , 而且区分大小写
sudo nmcli c a con-name '谷歌dns' ifname ens33 type ETHERnet iPV4.mE mANuAl IpV4.aDDr 192.168.168.224/24 ipV4.GAte 192.168.168.2 IpV4.IgNorE-AUto-DnS TruE ipV4.dNS 8.8.4.4,8.8.8.8 ipV4.DnS-sEaRcH google.cn
sudo nmcli c a con-name 百度dns ifname ens33 type ethernet ipv4.me manual ipv4.a 192.168.168.224/24 ipv4.g 192.168.168.2 ipv4.ignore-auto-dns true ipv4.dns 180.76.76.76 ipv4.dns-search baidu.com
单引号
sudo nmcli c a con-name '腾讯dns' ifname 'ens33' type 'ethernet' ipv4.me 'manual' ipv4.a '192.168.168.224/24' ipv4.g '192.168.168.2' ipv4.ignore-auto-dns 'true' ipv4.dns '119.29.29.29' ipv4.dns-search 'qq.com'
双引号
sudo nmcli c a con-name "114dns" ifname "ens33" type "ethernet" ipv4.me "manual" ipv4.a "192.168.168.224/24" ipv4.g "192.168.168.2" ipv4.ignore-auto-dns "true" ipv4.dns "114.114.114.114,114.114.115.115"
大写
sudo nmcli c a con-name 'IBMdns' ifname 'ens33' type 'ethernet' IPV4.ME manual IPV4.A 192.168.168.224/24 IPV4.G 192.168.168.2 IPV4.IGNORE-AUTO-DNS true IPV4.DNS '9.9.9.9'
全名大写
sudo nmcli c a con-name 'CNNICdns' ifname 'ens33' type 'ethernet' IPV4.METHOD 'manual' IPV4.ADDRESSES 192.168.168.224/24 IPV4.GATEWAY 192.168.168.2 IPV4.IGNORE-AUTO-DNS 'true' IPV4.DNS '1.2.4.8,210.2.4.8' IPV4.DNS-SEARCH 'baidu.com,google.cn'
全名小写
sudo nmcli c a con-name 'CloudflareDNS' ifname 'ens33' type 'ethernet' ipv4.method 'manual' ipv4.addresses '192.168.168.224/24' ipv4.gateway '192.168.168.2' ipv4.ignore-auto-dns 'true' ipv4.dns '1.1.1.1,1.0.0.1' ipv4.dns-search 'baidu.com,google.cn'
sudo nmcli c a con-name "360电信移动铁通dns" ifname "ens33" type "ethernet" ipv4.method "manual" ipv4.addresses "192.168.168.224/24" ipv4.gateway "192.168.168.2" ipv4.ignore-auto-dns "true" ipv4.dns "101.226.4.6 , 218.30.118.6" ipv4.dns-search "360.com"
sudo nmcli c a con-name 360联通dns ifname ens33 type ethernet ipv4.method manual ipv4.addresses 192.168.168.224/24 ipv4.gateway 192.168.168.2 ipv4.ignore-auto-dns true ipv4.dns 123.125.81.6,140.207.198.6 ipv4.dns-search "360.com"
sudo nmcli c a con-name 微软dns ifname ens33 type ethernet ipv4.me manual ipv4.a 192.168.168.224/24 ipv4.g 192.168.168.2 ipv4.ignore-auto-dns true ipv4.dns 4.2.2.1,4.2.2.2 ipv4.dns-s bing.com
sudo nmcli c a con-name OpenDNS ifname ens33 type ethernet ipv4.me manual ipv4.a 192.168.168.224/24 ipv4.g 192.168.168.2 ipv4.ignore-auto-dns true ipv4.dns 208.67.222.222,208.67.220.220 ipv4.dns-s bing.com
修改为手动DNS
sudo nmcli c m 'ens33ConnTest001' ipv4.ignore-auto-dns true
修改自动DNS
sudo nmcli c m 'ens33ConnTest001' ipv4.ignore-auto-dns false
resolvectl
命令可以查看 dns