Fedora 21 Static IP Configuration

Fedora 21 Static IP Configuration

Background

• WWS01: One Fedora 21 server (will be configured as a web server later)

• WWS01 Public IP: 104.237.145.168

• WWS01 Private IP: 192.168.176.213

Workflow (Tasks Completed)

• Set Hostname

• Updated /etc/hosts

• Set Time-zone

• Installed Software updates

• Created new user and disabled root login

• Setup SSH Key Pair Authentication

• Created Firewall

• Installed/Configured Fail2Ban

• Installed all server updates for Fedora 21

• Static IP Configuration (https://www.linode.com/docs/networking/ … iguration/">https://www.linode.com/docs/networking/linux-static-ip-configuration/)

Problem (Static IP Configuration)

• I’m currently setting up the Static IP Configuration for the WWS01 server

• The server can ping its private IP after the configuration is complete

• However, if you restart the server the default eth0 connection is loaded and the server can not ping its private IP

• If you execute the nmcli con up "System eth0" command then the private IP is reachable again, but only until you restart

Fedora Version

[myadminsys@WWS01 ~]$ cat /etc/system-release

Fedora release 21 (Twenty One)

[myadminsys@WWS01 ~]$

Eth0 Config Files

sudo nano /etc/sysconfig/network-scripts/ifcfg-eth0

Configuration for eth0

DEVICE=eth0

HWADDR=f2:3c:91:84:7e:42

BOOTPROTO=none

This line ensures that the interface will be brought up during boot.

ONBOOT=yes

eth0 - This is the main IP address that will be used for most outbound connections.

The address, netmask, and gateway are all necessary.

TYPE=Ethernet

DEFROUTE=yes

Network Manager will not control the interface if set to no

NM_CONTROLLED=no

IPV4FAILUREFATAL=no

IPV6INIT=no

NAME="System eth0"

UUID=5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03

IPADDR=104.237.145.168

PREFIX=24

GATEWAY=104.237.145.1

sudo nano /etc/sysconfig/network-scripts/ifcfg-eth0:0

Configuration for eth0:0

DEVICE=eth0:0

BOOTPROTO=none

This line ensures that the interface will be brought up during boot.

ONBOOT=yes

NM_CONTROLLED=no

eth0:0

This is a private IP address. Private IPs do not have a gateway (they are not publicly routable).

All you need to specify is the address and netmask

IPADDR=192.168.176.213

PREFIX=17

GATEWAY=104.237.145.1

Command Outputs (After Restarting the Server)

[myadminsys@WWS01 ~]$ sudo service network restart

Restarting network (via systemctl): Job for network.service failed. See "systemctl status network.service" and "journalctl -xe" for details.

[FAILED]

[myadminsys@WWS01 ~]$

[myadminsys@WWS01 ~]$ sudo systemctl status network.service

network.service - LSB: Bring up/down networking

Loaded: loaded (/etc/rc.d/init.d/network)

Active: failed (Result: exit-code) since Sat 2015-01-17 22:13:03 UTC; 2min 46s ago

Process: 4320 ExecStart=/etc/rc.d/init.d/network start (code=exited, status=6)

Jan 17 22:13:03 WWS01 systemd[1]: Starting LSB: Bring up/down networking…

Jan 17 22:13:03 WWS01 systemd[1]: network.service: control process exited, code=exited status=6

Jan 17 22:13:03 WWS01 systemd[1]: Failed to start LSB: Bring up/down networking.

Jan 17 22:13:03 WWS01 systemd[1]: Unit network.service entered failed state.

Jan 17 22:13:03 WWS01 systemd[1]: network.service failed.

[myadminsys@WWS01 ~]$

[myadminsys@WWS01 ~]$ sudo ip addr

1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

validlft forever preferredlft forever

inet6 ::1/128 scope host

validlft forever preferredlft forever

2: dummy0: mtu 1500 qdisc noop state DOWN group default

link/ether 4e:e4:05:b9:d2:51 brd ff:ff:ff:ff:ff:ff

3: eth0: mtu 1500 qdisc mq state UP group default qlen 1000

link/ether f2:3c:91:84:7e:41 brd ff:ff:ff:ff:ff:ff

inet 104.237.145.168/24 brd 104.237.145.255 scope global dynamic eth0

validlft 69405sec preferredlft 69405sec

inet6 2600:3c03::f03c:91ff:fe84:7e42/64 scope global mngtmpaddr dynamic

validlft 2591979sec preferredlft 604779sec

inet6 fe80::f03c:91ff:fe84:7e42/64 scope link

validlft forever preferredlft forever

4: teql0: mtu 1500 qdisc noop state DOWN group default qlen 100

link/void

5: tunl0@NONE: mtu 1480 qdisc noop state DOWN group default

link/ipip 0.0.0.0 brd 0.0.0.0

6: gre0@NONE: mtu 1476 qdisc noop state DOWN group default

link/gre 0.0.0.0 brd 0.0.0.0

7: gretap0@NONE: mtu 1462 qdisc noop state DOWN group default qlen 1000

link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff

8: ip_vti0@NONE: mtu 1428 qdisc noop state DOWN group default

link/ipip 0.0.0.0 brd 0.0.0.0

9: ip6_vti0@NONE: mtu 1500 qdisc noop state DOWN group default

link/tunnel6 :: brd ::

10: sit0@NONE: mtu 1480 qdisc noop state DOWN group default

link/sit 0.0.0.0 brd 0.0.0.0

11: ip6tnl0@NONE: mtu 1452 qdisc noop state DOWN group default

link/tunnel6 :: brd ::

12: ip6gre0@NONE: mtu 1448 qdisc noop state DOWN group default

link/gre6 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 brd 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00

[myadminsys@WWS01 ~]$

[myadminsys@WWS01 ~]$ sudo ip route

default via 104.237.145.1 dev eth0 proto static metric 1024

default via 104.237.145.1 dev eth0 proto dhcp src 104.237.145.168 metric 1024

96.126.108.78 via 104.237.145.1 dev eth0 proto dhcp metric 1

104.237.145.0/24 dev eth0 proto kernel scope link src 104.237.145.168

104.237.145.1 dev eth0 proto dhcp scope link src 104.237.145.168 metric 1024

[myadminsys@WWS01 ~]$

[myadminsys@WWS01 ~]$ sudo ip neigh

fe80::8678:acff:fe57:aac1 dev eth0 lladdr 84:78:ac:57:aa:c1 router STALE

2600:3c03::8678:acff:fe57:aac1 dev eth0 lladdr 84:78:ac:57:aa:c1 router STALE

fe80::8678:acff:fe57:a841 dev eth0 lladdr 84:78:ac:57:a8:41 router STALE

fe80::1 dev eth0 lladdr 00:05:73:a0:0f:ff router STALE

104.237.145.1 dev eth0 lladdr 00:00:0c:9f:f0:1d REACHABLE

104.237.145.3 dev eth0 lladdr 84:78:ac:57:a8:41 STALE

[myadminsys@WWS01 ~]$

[myadminsys@WWS01 ~]$ sudo iptables -nv -L

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)

pkts bytes target prot opt in out source destination

0 0 ACCEPT all – lo * 0.0.0.0/0 0.0.0.0/0

0 0 REJECT all -- * * 0.0.0.0/0 127.0.0.0/8 reject-with icmp-port-unreachable

8838 938K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED

8 392 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80

2 80 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443

20 1040 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:8080:8090

546 31500 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22

2 68 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8

447 30531 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 5/min burst 5 LOG flags 0 level 7 prefix "iptables denied: "

0 0 ACCEPT all -- * * 96.126.119.66 0.0.0.0/0

458 33469 DROP all -- * * 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)

pkts bytes target prot opt in out source destination

0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)

pkts bytes target prot opt in out source destination

10048 1955K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0

0 0 ACCEPT all -- * * 0.0.0.0/0 96.126.119.66

[myadminsys@WWS01 ~]$

[myadminsys@WWS01 ~]$ sudo nmcli con show "Wired connection 1"

Error: Wired connection 1 - no such connection profile.

[myadminsys@WWS01 ~]$

[myadminsys@WWS01 ~]$ sudo nmcli con show eth0

connection.id: eth0

connection.uuid: f9ddea8a-3a28-4c7f-814a-13641376ef00

connection.interface-name: eth0

connection.type: 802-3-ethernet

connection.autoconnect: no

connection.timestamp: 1421533508

connection.read-only: no

connection.permissions:

connection.zone: –

connection.master: --

connection.slave-type: --

connection.secondaries:

connection.gateway-ping-timeout: 0

802-3-ethernet.port: --

802-3-ethernet.speed: 0

802-3-ethernet.duplex: --

802-3-ethernet.auto-negotiate: yes

802-3-ethernet.mac-address: F2:3C:91:84:7E:43

802-3-ethernet.cloned-mac-address: --

802-3-ethernet.mac-address-blacklist:

802-3-ethernet.mtu: auto

802-3-ethernet.s390-subchannels:

802-3-ethernet.s390-nettype: --

802-3-ethernet.s390-options:

ipv4.method: auto

ipv4.dns: 207.192.69.4, 207.192.69.5, 97.107.133.4

ipv4.dns-search:

ipv4.addresses:

ipv4.routes:

ipv4.ignore-auto-routes: no

ipv4.ignore-auto-dns: no

ipv4.dhcp-client-id: --

ipv4.dhcp-send-hostname: yes

ipv4.dhcp-hostname: --

ipv4.never-default: no

ipv4.may-fail: yes

ipv6.method: auto

ipv6.dns:

ipv6.dns-search:

ipv6.addresses:

ipv6.routes:

ipv6.ignore-auto-routes: no

ipv6.ignore-auto-dns: no

ipv6.never-default: no

ipv6.may-fail: yes

ipv6.ip6-privacy: -1 (unknown)

ipv6.dhcp-hostname: --

GENERAL.NAME: eth0

GENERAL.UUID: f9ddea8a-3a28-4c7f-814a-13641376ef00

GENERAL.DEVICES: eth0

GENERAL.STATE: activated

GENERAL.DEFAULT: yes

GENERAL.DEFAULT6: no

GENERAL.VPN: no

GENERAL.ZONE: --

GENERAL.DBUS-PATH: /org/freedesktop/NetworkManager/ActiveConnection/0

GENERAL.CON-PATH: /org/freedesktop/NetworkManager/Settings/1

GENERAL.SPEC-OBJECT: --

GENERAL.MASTER-PATH: --

IP4.ADDRESS[1]: ip = 104.237.145.168/24, gw = 104.237.145.1

IP4.ROUTE[1]: dst = 96.126.108.78/32, nh = 104.237.145.1, mt = 1

IP4.DNS[1]: 207.192.69.4

IP4.DNS[2]: 207.192.69.5

IP4.DNS[3]: 97.107.133.4

IP4.DOMAIN[1]: members.linode.com

DHCP4.OPTION[1]: network_number = 104.237.145.0

DHCP4.OPTION[2]: requesteddomainsearch = 1

DHCP4.OPTION[3]: requestednisdomain = 1

DHCP4.OPTION[4]: requestedtimeoffset = 1

DHCP4.OPTION[5]: host_name = li833-167

DHCP4.OPTION[6]: requestedrfc3442classlessstaticroutes = 1

DHCP4.OPTION[7]: requestedclasslessstatic_routes = 1

DHCP4.OPTION[8]: requesteddomainname = 1

DHCP4.OPTION[9]: expiry = 1421599857

DHCP4.OPTION[10]: requestedbroadcastaddress = 1

DHCP4.OPTION[11]: next_server = 0.0.0.0

DHCP4.OPTION[12]: broadcast_address = 104.237.145.255

DHCP4.OPTION[13]: dhcpmessagetype = 5

DHCP4.OPTION[14]: requestedinterfacemtu = 1

DHCP4.OPTION[15]: requestedsubnetmask = 1

DHCP4.OPTION[16]: dhcpleasetime = 86400

DHCP4.OPTION[17]: ip_address = 104.237.145.168

DHCP4.OPTION[18]: routers = 104.237.145.1

DHCP4.OPTION[19]: requestedstaticroutes = 1

DHCP4.OPTION[20]: requesteddomainname_servers = 1

DHCP4.OPTION[21]: requestednisservers = 1

DHCP4.OPTION[22]: domainnameservers = 207.192.69.4 207.192.69.5 97.107.133.4

DHCP4.OPTION[23]: domain_name = members.linode.com

DHCP4.OPTION[24]: requestedntpservers = 1

DHCP4.OPTION[25]: requested_routers = 1

DHCP4.OPTION[26]: requestedmsclasslessstaticroutes = 1

DHCP4.OPTION[27]: subnet_mask = 255.255.255.0

DHCP4.OPTION[28]: requestedhostname = 1

DHCP4.OPTION[29]: requested_wpad = 1

DHCP4.OPTION[30]: dhcpserveridentifier = 96.126.108.78

IP6.ADDRESS[1]: ip = 2600:3c03::f03c:91ff:fe84:7e42/64, gw = fe80::1

IP6.ADDRESS[2]: ip = fe80::f03c:91ff:fe84:7e42/64, gw = fe80::1

[myadminsys@WWS01 ~]$

[myadminsys@WWS01 ~]$ sudo nmcli con show "System eth0"

connection.id: System eth0

connection.uuid: 5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03

connection.interface-name: eth0

connection.type: 802-3-ethernet

connection.autoconnect: yes

connection.timestamp: 1421449382

connection.read-only: no

connection.permissions:

connection.zone: –

connection.master: --

connection.slave-type: --

connection.secondaries:

connection.gateway-ping-timeout: 0

802-3-ethernet.port: --

802-3-ethernet.speed: 0

802-3-ethernet.duplex: --

802-3-ethernet.auto-negotiate: yes

802-3-ethernet.mac-address: --

802-3-ethernet.cloned-mac-address: --

802-3-ethernet.mac-address-blacklist:

802-3-ethernet.mtu: auto

802-3-ethernet.s390-subchannels:

802-3-ethernet.s390-nettype: --

802-3-ethernet.s390-options:

ipv4.method: manual

ipv4.dns:

ipv4.dns-search:

ipv4.addresses: { ip = 104.237.145.168/24, gw = 104.237.145.1 }; { ip = 192.168.176.213/17, gw = 104.237.145.1 }

ipv4.routes:

ipv4.ignore-auto-routes: no

ipv4.ignore-auto-dns: no

ipv4.dhcp-client-id: --

ipv4.dhcp-send-hostname: yes

ipv4.dhcp-hostname: --

ipv4.never-default: no

ipv4.may-fail: yes

ipv6.method: ignore

ipv6.dns:

ipv6.dns-search:

ipv6.addresses:

ipv6.routes:

ipv6.ignore-auto-routes: no

ipv6.ignore-auto-dns: no

ipv6.never-default: no

ipv6.may-fail: yes

ipv6.ip6-privacy: -1 (unknown)

ipv6.dhcp-hostname: --

[myadminsys@WWS01 ~]$

[myadminsys@WWS01 ~]$ sudo nmcli con show

NAME UUID TYPE DEVICE

eth0 f9ddea8a-3a28-4c7f-814a-13641376ef00 802-3-ethernet eth0

System eth0 5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03 802-3-ethernet –

[myadminsys@WWS01 ~]$

[myadminsys@WWS01 ~]$ ifconfig

eth0: flags=4163 mtu 1500

inet 104.237.145.168 netmask 255.255.255.0 broadcast 104.237.145.255

inet6 fe80::f03c:91ff:fe84:7e42 prefixlen 64 scopeid 0x20

inet6 2600:3c03::f03c:91ff:fe84:7e42 prefixlen 64 scopeid 0x0 ether f2:3c:91:84:7e:41 txqueuelen 1000 (Ethernet)

RX packets 12469 bytes 1286949 (1.2 MiB)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 10562 bytes 2148083 (2.0 MiB)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73 mtu 65536

inet 127.0.0.1 netmask 255.0.0.0

inet6 ::1 prefixlen 128 scopeid 0x10 loop txqueuelen 0 (Local Loopback)

RX packets 3 bytes 325 (325.0 B)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 3 bytes 325 (325.0 B)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

[myadminsys@WWS01 ~]$

Command Outputs (After running nmcli con up after restart)

[myadminsys@WWS01 ~]$ sudo nmcli con up "System eth0"

Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/1)

[myadminsys@WWS01 ~]$

[myadminsys@WWS01 ~]$ sudo service network restart

Restarting network (via systemctl): Job for network.service failed. See "systemctl status network.service" and "journalctl -xe" for details.

[FAILED]

[myadminsys@WWS01 ~]$

[myadminsys@WWS01 ~]$ sudo systemctl status network.service

network.service - LSB: Bring up/down networking

Loaded: loaded (/etc/rc.d/init.d/network)

Active: failed (Result: exit-code) since Sat 2015-01-17 22:35:35 UTC; 15s ago

Process: 4502 ExecStart=/etc/rc.d/init.d/network start (code=exited, status=6)

Jan 17 22:35:35 WWS01 systemd[1]: network.service: control process exited, code=exited status=6

Jan 17 22:35:35 WWS01 systemd[1]: Failed to start LSB: Bring up/down networking.

Jan 17 22:35:35 WWS01 systemd[1]: Unit network.service entered failed state.

Jan 17 22:35:35 WWS01 systemd[1]: network.service failed.

[myadminsys@WWS01 ~]$

[myadminsys@WWS01 ~]$ sudo ip addr

1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

validlft forever preferredlft forever

inet6 ::1/128 scope host

validlft forever preferredlft forever

2: dummy0: mtu 1500 qdisc noop state DOWN group default

link/ether 4e:e4:05:b9:d2:51 brd ff:ff:ff:ff:ff:ff

3: eth0: mtu 1500 qdisc mq state UP group default qlen 1000

link/ether f2:3c:91:84:7e:41 brd ff:ff:ff:ff:ff:ff

inet 104.237.145.168/24 brd 104.237.145.255 scope global eth0

validlft forever preferredlft forever

inet 192.168.176.213/17 brd 192.168.255.255 scope global eth0:0

validlft forever preferredlft forever

inet6 2600:3c03::f03c:91ff:fe84:7e42/64 scope global mngtmpaddr dynamic

validlft 2591992sec preferredlft 604792sec

inet6 fe80::f03c:91ff:fe84:7e42/64 scope link

validlft forever preferredlft forever

4: teql0: mtu 1500 qdisc noop state DOWN group default qlen 100

link/void

5: tunl0@NONE: mtu 1480 qdisc noop state DOWN group default

link/ipip 0.0.0.0 brd 0.0.0.0

6: gre0@NONE: mtu 1476 qdisc noop state DOWN group default

link/gre 0.0.0.0 brd 0.0.0.0

7: gretap0@NONE: mtu 1462 qdisc noop state DOWN group default qlen 1000

link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff

8: ip_vti0@NONE: mtu 1428 qdisc noop state DOWN group default

link/ipip 0.0.0.0 brd 0.0.0.0

9: ip6_vti0@NONE: mtu 1500 qdisc noop state DOWN group default

link/tunnel6 :: brd ::

10: sit0@NONE: mtu 1480 qdisc noop state DOWN group default

link/sit 0.0.0.0 brd 0.0.0.0

11: ip6tnl0@NONE: mtu 1452 qdisc noop state DOWN group default

link/tunnel6 :: brd ::

12: ip6gre0@NONE: mtu 1448 qdisc noop state DOWN group default

link/gre6 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 brd 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00

[myadminsys@WWS01 ~]$

[myadminsys@WWS01 ~]$ sudo ip route

default via 104.237.145.1 dev eth0 proto static metric 1024

104.237.145.0/24 dev eth0 proto kernel scope link src 104.237.145.168

192.168.128.0/17 dev eth0 proto kernel scope link src 192.168.176.213

[myadminsys@WWS01 ~]$

[myadminsys@WWS01 ~]$ sudo ip neigh

fe80::8678:acff:fe57:aac1 dev eth0 lladdr 84:78:ac:57:aa:c1 router STALE

fe80::8678:acff:fe57:a841 dev eth0 lladdr 84:78:ac:57:a8:41 router STALE

fe80::1 dev eth0 lladdr 00:05:73:a0:0f:ff router STALE

104.237.145.1 dev eth0 lladdr 00:00:0c:9f:f0:1d REACHABLE

[myadminsys@WWS01 ~]$

[myadminsys@WWS01 ~]$ sudo iptables -nv -L

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)

pkts bytes target prot opt in out source destination

0 0 ACCEPT all – lo * 0.0.0.0/0 0.0.0.0/0

0 0 REJECT all -- * * 0.0.0.0/0 127.0.0.0/8 reject-with icmp-port-unreachable

9797 1015K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED

8 392 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80

2 80 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443

20 1040 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:8080:8090

548 31580 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22

3 96 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8

460 31239 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 5/min burst 5 LOG flags 0 level 7 prefix "iptables denied: "

0 0 ACCEPT all -- * * 96.126.119.66 0.0.0.0/0

471 34177 DROP all -- * * 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)

pkts bytes target prot opt in out source destination

0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)

pkts bytes target prot opt in out source destination

10793 2053K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0

0 0 ACCEPT all -- * * 0.0.0.0/0 96.126.119.66

[myadminsys@WWS01 ~]$

[myadminsys@WWS01 ~]$ sudo nmcli con show "Wired connection 1"

Error: Wired connection 1 - no such connection profile.

[myadminsys@WWS01 ~]$

[myadminsys@WWS01 ~]$ sudo nmcli con show eth0

connection.id: eth0

connection.uuid: f9ddea8a-3a28-4c7f-814a-13641376ef00

connection.interface-name: eth0

connection.type: 802-3-ethernet

connection.autoconnect: no

connection.timestamp: 1421533851

connection.read-only: no

connection.permissions:

connection.zone: –

connection.master: --

connection.slave-type: --

connection.secondaries:

connection.gateway-ping-timeout: 0

802-3-ethernet.port: --

802-3-ethernet.speed: 0

802-3-ethernet.duplex: --

802-3-ethernet.auto-negotiate: yes

802-3-ethernet.mac-address: F2:3C:91:84:7E:41

802-3-ethernet.cloned-mac-address: --

802-3-ethernet.mac-address-blacklist:

802-3-ethernet.mtu: auto

802-3-ethernet.s390-subchannels:

802-3-ethernet.s390-nettype: --

802-3-ethernet.s390-options:

ipv4.method: disabled

ipv4.dns:

ipv4.dns-search:

ipv4.addresses:

ipv4.routes:

ipv4.ignore-auto-routes: no

ipv4.ignore-auto-dns: no

ipv4.dhcp-client-id: --

ipv4.dhcp-send-hostname: yes

ipv4.dhcp-hostname: --

ipv4.never-default: no

ipv4.may-fail: yes

ipv6.method: ignore

ipv6.dns:

ipv6.dns-search:

ipv6.addresses:

ipv6.routes:

ipv6.ignore-auto-routes: no

ipv6.ignore-auto-dns: no

ipv6.never-default: no

ipv6.may-fail: yes

ipv6.ip6-privacy: -1 (unknown)

ipv6.dhcp-hostname: --

[myadminsys@WWS01 ~]$

[myadminsys@WWS01 ~]$ sudo nmcli con show "System eth0"

connection.id: System eth0

connection.uuid: 5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03

connection.interface-name: eth0

connection.type: 802-3-ethernet

connection.autoconnect: yes

connection.timestamp: 1421534708

connection.read-only: no

connection.permissions:

connection.zone: –

connection.master: --

connection.slave-type: --

connection.secondaries:

connection.gateway-ping-timeout: 0

802-3-ethernet.port: --

802-3-ethernet.speed: 0

802-3-ethernet.duplex: --

802-3-ethernet.auto-negotiate: yes

802-3-ethernet.mac-address: --

802-3-ethernet.cloned-mac-address: --

802-3-ethernet.mac-address-blacklist:

802-3-ethernet.mtu: auto

802-3-ethernet.s390-subchannels:

802-3-ethernet.s390-nettype: --

802-3-ethernet.s390-options:

ipv4.method: manual

ipv4.dns:

ipv4.dns-search:

ipv4.addresses: { ip = 104.237.145.168/24, gw = 104.237.145.1 }; { ip = 192.168.176.213/17, gw = 104.237.145.1 }

ipv4.routes:

ipv4.ignore-auto-routes: no

ipv4.ignore-auto-dns: no

ipv4.dhcp-client-id: --

ipv4.dhcp-send-hostname: yes

ipv4.dhcp-hostname: --

ipv4.never-default: no

ipv4.may-fail: yes

ipv6.method: ignore

ipv6.dns:

ipv6.dns-search:

ipv6.addresses:

ipv6.routes:

ipv6.ignore-auto-routes: no

ipv6.ignore-auto-dns: no

ipv6.never-default: no

ipv6.may-fail: yes

ipv6.ip6-privacy: -1 (unknown)

ipv6.dhcp-hostname: --

GENERAL.NAME: System eth0

GENERAL.UUID: 5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03

GENERAL.DEVICES: eth0

GENERAL.STATE: activated

GENERAL.DEFAULT: yes

GENERAL.DEFAULT6: no

GENERAL.VPN: no

GENERAL.ZONE: --

GENERAL.DBUS-PATH: /org/freedesktop/NetworkManager/ActiveConnection/2

GENERAL.CON-PATH: /org/freedesktop/NetworkManager/Settings/0

GENERAL.SPEC-OBJECT: --

GENERAL.MASTER-PATH: --

IP4.ADDRESS[1]: ip = 104.237.145.168/24, gw = 104.237.145.1

IP4.ADDRESS[2]: ip = 192.168.176.213/17, gw = 104.237.145.1

IP6.ADDRESS[1]: ip = 2600:3c03::f03c:91ff:fe84:7e42/64, gw = fe80::1

IP6.ADDRESS[2]: ip = fe80::f03c:91ff:fe84:7e42/64, gw = fe80::1

[myadminsys@WWS01 ~]$

[myadminsys@WWS01 ~]$ sudo nmcli con show

NAME UUID TYPE DEVICE

eth0 f9ddea8a-3a28-4c7f-814a-13641376ef00 802-3-ethernet –

System eth0 5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03 802-3-ethernet eth0

[myadminsys@WWS01 ~]$

[myadminsys@WWS01 ~]$ sudo ifconfig

eth0: flags=4163 mtu 1500

inet 104.237.145.168 netmask 255.255.255.0 broadcast 104.237.145.255

inet6 fe80::f03c:91ff:fe84:7e42 prefixlen 64 scopeid 0x20

inet6 2600:3c03::f03c:91ff:fe84:7e42 prefixlen 64 scopeid 0x0 ether f2:3c:91:84:7e:41 txqueuelen 1000 (Ethernet)

RX packets 13565 bytes 1378433 (1.3 MiB)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 11417 bytes 2272241 (2.1 MiB)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

eth0:0: flags=4163 mtu 1500

inet 192.168.176.213 netmask 255.255.128.0 broadcast 192.168.255.255

ether f2:3c:91:84:7e:41 txqueuelen 1000 (Ethernet)

lo: flags=73 mtu 65536

inet 127.0.0.1 netmask 255.0.0.0

inet6 ::1 prefixlen 128 scopeid 0x10 loop txqueuelen 0 (Local Loopback)

RX packets 9 bytes 1003 (1003.0 B)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 9 bytes 1003 (1003.0 B)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

[myadminsys@WWS01 ~]$

Notes

It seems that the default eth0 connection is overriding the static connection. Linode support and myself are stuck on how to resolve the issue. I have also tried to configure the connection using nmtui but it still fails on reboot.

At present the only workaround is to create a script that executes on bootup which will issue the nmcli con up "System eth0" command to allow connections to the private IP.up>up>up>up>

14 Replies

@rssamad:

/etc/sysconfig/network-scripts/ifcfg-eth0:0

NetworkManager does not fully support interface labels, mostly because doing this has been unnecessary since kernel ~2.2 (1999).

I suggest instead a configuration something like this:

DEVICE=eth0

BOOTPROTO=none
ONBOOT=yes

IPADDR0=104.237.145.168
PREFIX0=24

GATEWAY=104.237.145.1

IPADDR1=192.168.176.213
PREFIX1=17

Which is supported by both native ifcfg as well as the ifcfg-rh NM plugin. This is documented in ~~[https://git.fedorahosted.org/cgit/initscripts.git/tree/sysconfig.txt#n473" target="_blank">](https://git.fedorahosted.org/cgit/inits … g.txt#n473">https://git.fedorahosted.org/cgit/initscripts.git/tree/sysconfig.txt#n473](.

@rssamad:

service network restart

Are you wanting to use network.service, or NM? You can't really have both while simultaneously retaining your sanity. Pick one.

@buhman I appreciate the config update. I initially had one config file (excerpt below). But even with the one file, once the server reboots the private IP is lost.

Regarding NM or Network.Service, I'm using NM since the server initially used it. I included the Network.Service commands because I was asked to execute those commands by Linode support. I just wanted to be as thorough as possible when providing the outputs and problem.

In any case, even with the one eth0 file the private IP does not persist after reboot. If you have any other suggestions please let me know. I am wondering if it would make sense to delete the eth0 connection using nmtui. Since it seems that the eth0 connection is being used at boot.

NAME UUID TYPE DEVICE

eth0 50d8d116-cb65-4a09-b2bb-bdbbada79e36 802-3-ethernet eth0

System eth0 5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03 802-3-ethernet eth0

INITIAL IFCFG-ETH0 FILE

/etc/sysconfig/network-scripts/ifcfg-eth0

Configuration for eth0

DEVICE=eth0

BOOTPROTO=none

This line ensures that the interface will be brought up during boot.

ONBOOT=yes

Adding a public IP address.

The netmask is taken from the PREFIX (where 24 is Public IP, 17 is Private IP)

IPADDR0=104.237.145.168

PREFIX0=24

Specifying the gateway

GATEWAY0=104.237.145.1

Adding a private IP address.

IPADDR1=192.168.176.213

PREFIX1=17

@ rssamad:

I included the Network.Service commands because

I suppose I wasn't clear: NM and network.service are mutually exclusive.

@rssamad:

once the server reboots the private IP is lost

"is lost" is not really a valid way to look at this. Interface state is in kernel memory, which is in volatile memory. With no kernel (the thing that vanishes when you reboot), your interface state also ceases to exist.

On boot, you begin with nothingness. The kernel then initializes network interfaces, which does not include things like adding addresses or adding routes.

And only after that, some time probably in late-boot, some userland thing is playing with your network interface–104.237.145.168 does not simply magic itself out of the nether.

@rssamad:

sense to delete the eth0 connection using nmtui

I'm wondering why you never nmcli show'ed that. I bet that one is doing DHCP or similar. Or, you might have network.service enabled, and not NetworkManager. Citation needed, however I suspect NM doesn't touch already-configured interfaces unless you tell it to do so manually with something like nmcli. On the other hand, NM (unlike earlier hacks like ifcfg) knows how to go from X arbitrary initial interface state to Y arbitrary desired interface state (or at least thinks it does). You might be getting one of your NM connections applied, then the other.

find /etc/systemd/system

@buhman I did show the output for nmcli con show in the initial post. I'm not sure what your directions are really, so if you have suggestions please let me know. You are correct there is a connection still using DHCP (that is the problem), the question is how to disable it. I have made changes to the files I know, and Linode Support has also tried to address the issue but nothing works.

Even if I delete the eth0 connection using nmtui, the connection shows up again after reboot. This is puzzling. If I modify the eth0 connection in nmtui then reboot, another eth0 connection is created.

nmcli con show

NAME UUID TYPE DEVICE

eth0 212b7753-634d-4dc4-9c9a-45d3a1479d05 802-3-ethernet eth0

System eth0 5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03 802-3-ethernet –

I'm pretty sure that the Network.Service is not enabled, only the Network Manager is enabled and running:

service NetworkManager status

Redirecting to /bin/systemctl status NetworkManager.service

● NetworkManager.service - Network Manager

Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; enabled)

Active: active (running) since Sun 2015-01-18 02:11:01 UTC; 15min ago

Main PID: 2331 (NetworkManager)

CGroup: /system.slice/NetworkManager.service

├─2331 /usr/sbin/NetworkManager –no-daemon

└─2410 /sbin/dhclient -d -q -sf /usr/libexec/nm-dhcp-helper -pf /v…

find /etc/systemd/system

/etc/systemd/system

/etc/systemd/system/sysstat.service.wants

/etc/systemd/system/sysstat.service.wants/sysstat-collect.timer

/etc/systemd/system/sysstat.service.wants/sysstat-summary.timer

/etc/systemd/system/system-update.target.wants

/etc/systemd/system/system-update.target.wants/systemd-readahead-drop.service

/etc/systemd/system/getty.target.wants

/etc/systemd/system/getty.target.wants/getty@tty1.service

/etc/systemd/system/basic.target.wants

/etc/systemd/system/basic.target.wants/iptables.service

/etc/systemd/system/default.target.wants

/etc/systemd/system/default.target.wants/systemd-readahead-replay.service

/etc/systemd/system/default.target.wants/systemd-readahead-collect.service

/etc/systemd/system/syslog.service

/etc/systemd/system/dbus-org.freedesktop.NetworkManager.service

/etc/systemd/system/multi-user.target.wants

/etc/systemd/system/multi-user.target.wants/sshd.service

/etc/systemd/system/multi-user.target.wants/sysstat.service

/etc/systemd/system/multi-user.target.wants/systemd-resolved.service

/etc/systemd/system/multi-user.target.wants/remote-fs.target

/etc/systemd/system/multi-user.target.wants/mandb.timer

/etc/systemd/system/multi-user.target.wants/auditd.service

/etc/systemd/system/multi-user.target.wants/systemd-networkd.service

/etc/systemd/system/multi-user.target.wants/crond.service

/etc/systemd/system/multi-user.target.wants/NetworkManager.service

/etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service

Turn on the Network Helper, reboot, and be done with it.

https://www.linode.com/docs/platform/network-helper

-Chris

@ rssamad:

/etc/systemd/system/multi-user.target.wants/systemd-networkd.service

/etc/systemd/system/multi-user.target.wants/NetworkManager.service

Wat. Well, that's another option: if NM is too frustrating, you could switch to systemd-networkd, which would fix your problem in about zero seconds. In fact, it's enabled by default in our F21 template.

@ rssamad:

nmcli con show in the initial post

Ahh; forgive me, it was a rather lengthy read ;p.

@ rssamad:

I'm not sure what your directions are really,

Oh, so you want the verbatim answer?

Well then, how about this:

systemctl disable NetworkManager
ln -s /dev/null /etc/systemd/network/10-dhcp.network
cat < <eof>/etc/systemd/network/05-static.network
[Match]
Name=eth0

[Network]
Address=104.237.145.168/24
Address=192.168.176.213/17
Gateway=104.237.145.1
EOF</eof> 

@caker:

Turn on the Network Helper, reboot, and be done with it.

Doesn't help here because:

1) No F21 support

2) Would not do the RightThing™ here anyway (nor should it try to fix this particular type of problem)

@caker I have tried Network Helper, as stated by buhman, it does not support F21

@buhman I have tried doing this with and without Network Manager, the same issue occurs. I have even added NM_CONTROLLED=no to the ifcfg-eth0 file with no luck. If you don't mind, please explain what you're attempting to do (below).

systemctl disable NetworkManager

ln -s /dev/null /etc/systemd/network/10-dhcp.network

cat < /etc/systemd/network/05-static.network

[Match]

Name=eth0

[Network]

Address=104.237.145.168/24

Address=192.168.176.213/17

Gateway=104.237.145.1

EOF

@rssamad:

please explain what you're attempting to do (below).

@buhman:

systemctl disable NetworkManager

1) disable NM (as a result all your sysconfig networking stuff will cease to have effect)

@buhman:

ln -s /dev/null /etc/systemd/network/10-dhcp.network

2) mask the 10-dhcp.network unit, which is in /usr/lib/systemd/network in the Linode F21 template

@buhman:

cat < /etc/systemd/network/05-static.network

3) create 05-static.network (name does not matter, however it might be useful to know that units are applied in lexicographic order) with contents:

[Match]
Name=eth0

[Network]
Address=104.237.145.168/24
Address=192.168.176.213/17
Gateway=104.237.145.1

See ~~[http://www.freedesktop.org/software/systemd/man/systemd.network.html" target="_blank">](http://www.freedesktop.org/software/sys … twork.html">http://www.freedesktop.org/software/systemd/man/systemd.network.html]( for more fun.

In retrospect, I now realize that this whole thing arose from following the F20 section of ~~[https://www.linode.com/docs/networking/linux-static-ip-configuration" target="_blank">](https://www.linode.com/docs/networking/ … figuration">https://www.linode.com/docs/networking/linux-static-ip-configuration](, while, as a result of systemd-networkd being enabled in the F21 template, results in the behavior you describe if the article is followed verbatim. You could have also probably made NM work by going the other way and disabling systemd-networkd, but that seems rather backwards to me.

https://github.com/linode/docs/pull/158

@buhman I appreciate the effort in helping. I looked over the Arch Linux steps. However, the 'Network' directory does not exist in the systemd directory.

[myadminsys@wws01 systemd]$ ln -s /dev/null /etc/systemd/network/10-dhcp.network ln: failed to create symbolic link '/etc/systemd/network/10-dhcp.network': No such file or directory

[myadminsys@wws01 systemd]$

[myadminsys@wws01 systemd]$ ls

bootchart.conf journald.conf resolved.conf system.conf user

coredump.conf logind.conf system timesyncd.conf user.conf

@rssamad:

@buhman I appreciate the effort in helping. I looked over the Arch Linux steps. However, the 'Network' directory does not exist in the systemd directory.

I just tested this and can confirm that if you make the directory and then proceed as the Arch Linux steps suggest you will be all set. Just make sure your system is, in fact, using systemd-networkd and not NetworkManager. However, by default, the Linode distribution image for Fedora 21 is using systemd-networkd, so you should be all set if you just make that directory <3

@buhman I decided to create the 'Network' directory and then execute the commands in the Arch Linux steps. After reboot the server private and public IPs are reachable. It seems that you were correct, the Arch Linux steps works for F21. I choose to stop and disable Network Manager, using systemd-networkd instead. I agree it didn't make sense to disable systemd-networkd and use NM.

I will try a few reboots and let you know if the issue returns, but I'm sure its been resolved. I appreciate your help and patience. Thank you very much.

@drussell Thanks for the confirmation, I saw your post after I posting. I appreciate the effort.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct