Table of Contents
In this article, I will take you through 30 nmcli command examples in Linux. nmcli is an open source command-line tool for controlling NetworkManager and reporting network status. It is extensively used by the Linux professionals to harness the power of Network Manager directly from the command line. nmcli is used to create, display, edit, delete, activate, and deactivate network connections, as well as control and display network device status. We will see some of the real world examples in below section.
What is UUID
Universally Unique Identifier or UUID is a 128-bit value which is used to uniquely identify an object or entity on Internet.
Usage
nmcli [OPTIONS] OBJECT { COMMAND | help }
nmcli command examples in Linux (RHEL/CentOS)
Also Read: How to Install Vagrant on Ubuntu 20.04 LTS [Step by Step]
Example 1: How to check nmcli version
If you want to check the current installed nmcli version then you need to use nmcli --version
command as shown below. As you can see current version is 1.20.0
.
root@cyberithub:~# nmcli --version
nmcli tool, version 1.20.0-3.el8
Example 2: How to Check all Network Device Connections
To check all the available network device connections, you need to use nmcli connection
command as shown below. If no parameter specified in nmcli connection command, then by default it will show configured connection from both system and user setting services.
root@cyberithub:~# nmcli connection
NAME UUID TYPE DEVICE
enp0s3 87b06876-6051-4276-8d4c-af3a6197c660 ethernet enp0s3
virbr0 d4af3d7e-8534-4ccd-8896-963ed4c6730e bridge virbr0
virbr0-nic 0923f1f5-9263-46b8-b7c3-c7bd4995458a tun virbr0-nic
enp0s3 289e49aa-d418-44f1-8fad-07e99b78e732 ethernet --
Example 3: How to Check all Network Devices Status
To check all the network device status, you need to use nmcli device status
command as shown below. This command will show both managed as well as unmanaged devices.
root@cyberithub:~# nmcli device status
DEVICE TYPE STATE CONNECTION
virbr0 bridge connected virbr0
enp0s3 ethernet connected enp0s3
virbr0-nic tun connected virbr0-nic
lo loopback unmanaged --
Example 4: How to Show all Network Devices
If you want to see all the available network devices then you need to use nmcli device show
command as shown below.
root@cyberithub:~# nmcli device show
GENERAL.DEVICE: virbr0
GENERAL.TYPE: bridge
GENERAL.HWADDR: 52:54:00:DD:23:08
GENERAL.MTU: 1500
GENERAL.STATE: 100 (connected)
GENERAL.CONNECTION: virbr0
GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1
IP4.ADDRESS[1]: 192.168.122.1/24
IP4.GATEWAY: --
IP4.ROUTE[1]: dst = 192.168.122.0/24, nh = 0.0.0.0, mt = 0
IP6.GATEWAY: --
GENERAL.DEVICE: enp0s3
GENERAL.TYPE: ethernet
GENERAL.HWADDR: 08:00:27:FD:7B:99
GENERAL.MTU: 1500
GENERAL.STATE: 100 (connected)
GENERAL.CONNECTION: enp0s3
GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/4
WIRED-PROPERTIES.CARRIER: on
IP4.ADDRESS[1]: 192.168.29.153/24
IP4.GATEWAY: 192.168.29.1
IP4.ROUTE[1]: dst = 192.168.29.0/24, nh = 0.0.0.0, mt = 0
IP4.ROUTE[2]: dst = 0.0.0.0/0, nh = 192.168.29.1, mt = 0
IP6.GATEWAY: --
IP6.ROUTE[1]: dst = ff00::/8, nh = ::, mt = 256, table=255
Example 5: How to Show Radio Switches Status
If you want to see the current radio switches status then you need to use nmcli radio all
command as shown below.
root@cyberithub:~# nmcli radio all
WIFI-HW WIFI WWAN-HW WWAN
enabled enabled enabled enabled
Example 6: How to Check NetworkManager Running Status
To check the NetworkManager running status in terse output mode then you need to use nmcli -t -f RUNNING general
command.
root@cyberithub:~# nmcli -t -f RUNNING general
running
-t : output is terse. More on nmcli command Man Page.
-f : this option is used to specify what fields(column name) should be displayed.
Example 7: How to Check the Overall Status of Network Manager
If you want to check the overall status of Network Manager in terse output mode then you need to use nmcli -t -f STATE general
command as shown below.
root@cyberithub:~# nmcli -t -f STATE general
connected (local only)
Example 8: How to Check Terse Output
If you want to show all the currently configured network devices in terse output mode then you need to use nmcli -t device
command as shown below.
root@cyberithub:~# nmcli -t device
virbr0:bridge:connected:virbr0
enp0s3:ethernet:connected:enp0s3
virbr0-nic:tun:connected:virbr0-nic
lo:loopback:unmanaged:
Example 9: How to Check Network Manager Logging Settings
If you want to check the current Network Manager logging settings then you need to use nmcli general logging
command as shown below.
root@cyberithub:~# nmcli general logging
LEVEL DOMAINS
INFO PLATFORM,RFKILL,ETHER,WIFI,BT,MB,DHCP4,DHCP6,PPP,IP4,IP6,AUTOIP4,DNS,VPN,SHARING,SUPPLICANT,AGENTS,SETTINGS,SUSPEND,CORE,DEVICE,OLPC,INFINIBAND,FIREWALL,ADSL,BOND,VLAN,BRIDGE,TEAM,CONCHECK,DCB,DISPATCH,AUDIT,SYSTEMD,PROXY
Example 10: How to Create a New Connection Profile
If you are looking to create a ethernet type connection profile using interface enp1s0 then you need to use nmcli c add type ethernet connection.interface-name enp1s0
command as shown below.
root@cyberithub:~# nmcli c add type ethernet connection.interface-name enp1s0
Connection 'ethernet-enp1s0' (34e3e7eb-e135-48aa-a713-abe30bd7b1c5) successfully added.
You can verify the new connection profile by using nmcli connection show
command as shown below.
root@cyberithub:~# nmcli connection show NAME UUID TYPE DEVICE enp0s3 87b06876-6051-4276-8d4c-af3a6197c660 ethernet enp0s3 virbr0 d4af3d7e-8534-4ccd-8896-963ed4c6730e bridge virbr0 virbr0-nic 0923f1f5-9263-46b8-b7c3-c7bd4995458a tun virbr0-nic enp0s3 289e49aa-d418-44f1-8fad-07e99b78e732 ethernet -- ethernet-enp1s0 34e3e7eb-e135-48aa-a713-abe30bd7b1c5 ethernet --
Example 11: How to Check NetworkManager Polkit Permissions
If you want to check configured Polkit permissions for various NetworkManager operations then you need to use nmcli general permissions
command as shown below. These permissions or actions(using Polkit language) are configured by a System Administrator and are not for users to change.
root@cyberithub:~# nmcli general permissions
PERMISSION VALUE
org.freedesktop.NetworkManager.enable-disable-network yes
org.freedesktop.NetworkManager.enable-disable-wifi yes
org.freedesktop.NetworkManager.enable-disable-wwan yes
org.freedesktop.NetworkManager.enable-disable-wimax yes
org.freedesktop.NetworkManager.sleep-wake yes
org.freedesktop.NetworkManager.network-control yes
org.freedesktop.NetworkManager.wifi.share.protected yes
org.freedesktop.NetworkManager.wifi.share.open yes
org.freedesktop.NetworkManager.settings.modify.system yes
org.freedesktop.NetworkManager.settings.modify.own yes
org.freedesktop.NetworkManager.settings.modify.hostname yes
org.freedesktop.NetworkManager.settings.modify.global-dns yes
org.freedesktop.NetworkManager.reload yes
org.freedesktop.NetworkManager.checkpoint-rollback yes
org.freedesktop.NetworkManager.enable-disable-statistics yes
org.freedesktop.NetworkManager.enable-disable-connectivity-check yes
org.freedesktop.NetworkManager.wifi.scan unknown
Example 12: How to Change hostname using nmcli command
You can also use nmcli to change the System hostname. To check the current hostname, you can use nmcli general hostname
command as shown below.
root@cyberithub:~# nmcli general hostname
cyberithub
To change the hostname of your system, you can use nmcli general hostname <host_name>
syntax.
root@cyberithub:~# nmcli general hostname localhost root@cyberithub:~# nmcli general hostname localhost
Example 13: How to create a bridge using nmcli command
If you want to create a bridge then you need to use nmcli con add type bridge ifname <bridge_name>
syntax. In this example we are creating a bridge called br0 using nmcli con add type bridge ifname br0
command as shown below.
root@cyberithub:~# nmcli con add type bridge ifname br0
Connection 'bridge-br0' (d34e1e92-f903-42b5-919f-cf67fa0bda59) successfully added.
Example 14: How to disable STP for a bridge using nmcli command
Spanning tree protocol (STP) will be enabled by default so if you want disable it then you need to use nmcli con modify bridge-br0 bridge.stp no
command as shown below.
root@cyberithub:~# nmcli con modify bridge-br0 bridge.stp no
If you want to re-enable STP then you need to use nmcli con modify bridge-br0 bridge.stp yes
command as shown below.
root@cyberithub:~# nmcli con modify bridge-br0 bridge.stp yes
Example 15: How to Create a new VLAN connection using nmcli
If you want to create a new VLAN connection using nmcli command then you need to use nmcli con add type vlan con-name <vlan_con_name> ifname <interface_name> dev <physical_device> id <vlan_id> ipv4 <ip_address>
syntax. In this example, we are creating a VLAN connection vlan-enp0s3.100 which will bind to interface enp0s3.100 and will be available on device enp0s3 with vlan id 100 and IPV4 address assigned as 192.168.29.1/24.
root@cyberithub:~# nmcli con add type vlan con-name vlan-enp0s3.100 ifname enp0s3.100 dev enp0s3 id 100 ip4 192.168.29.1/24
Connection 'vlan-enp0s3.100' (bda676f8-f144-4908-ae76-5d5686bb8df5) successfully added.
Above command can be explained as follows:-
- con-name vlan-enp0s3.100: Specifies the name of the new VLAN connection
- ifname enp0s3.100: Specifies the interface to bind the connection to
- dev enp0s3: Specifies the physical (parent) device this VLAN is on
- id 100: Specifies the VLAN ID
- ip4 192.168.29.1/24: Specifies IPv4 address to assign to the interface
Example 16: How to enslave an existing VLAN connection to a bridge
If you want to enslave a bridge to a connection then you need to change its both master and slave properties. For example, here we are enslaving an existing VLAN connection named vlan-enp0s3.100 to a bridge bridge-br0 using nmcli connection modify vlan-enp0s3.100 master bridge-br0 slave-type bridge
command as shown below.
root@cyberithub:~# nmcli connection modify vlan-enp0s3.100 master bridge-br0 slave-type bridge
Then you can reactivate the connection to apply the changes using nmcli connection up vlan-enp0s3.100
command as shown below.
root@cyberithub:~# nmcli connection up vlan-enp0s3.100
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/6)
Example 17: How to Change Network Manager Logging
Using nmcli command, you can change the network manager logging settings of one or multiple domains. You can even change the logging settings for ALL domains at once. In this example, we are changing the log level of CORE
, ETHER
and IP
domain to DEBUG
using nmcli g log level DEBUG domains CORE,ETHER,IP
command.
NOTE:
CORE
, ETHER
and IP
domain and for the rest of the other domain it will remain disabled. If you want to enable it for all the domains then always use ALL
argument with domains option.root@cyberithub:~# nmcli g log level DEBUG domains CORE,ETHER,IP
Example 18: How to Change an Interface to an unmanaged Interface
If you check the list of interfaces using nmcli device status
command then the state of the interface will show as given below.
root@cyberithub:~# nmcli device status
DEVICE TYPE STATE CONNECTION
enp0s3 ethernet connected Wired connection 1
enp0s8 ethernet connected Wired connection 2
enp0s9 ethernet connected Wired connection 3
br-92fdc13528ad bridge connected br-92fdc13528ad
docker0 bridge connected docker0
lo loopback unmanaged --
If you want to remove an interface from Network Manager control then you can change the state of the interface to unmanaged. This can be done by using nmcli dev set <interface_name> managed no
command.
root@cyberithub:~# nmcli device set enp0s8 managed no
If now verify the state again by using nmcli device status
command then you will see that the device state is now changed to unmanaged.
root@cyberithub:~# nmcli device status
DEVICE TYPE STATE CONNECTION
enp0s3 ethernet connected Wired connection 1
enp0s9 ethernet connected Wired connection 3
br-92fdc13528ad bridge connected br-92fdc13528ad
docker0 bridge connected docker0
enp0s8 ethernet unmanaged --
lo loopback unmanaged --
Example 19: How to Check the Network Connectivity State
To check network connectivity state, you need to use nmcli networking connectivity check command as shown below.
root@cyberithub:~# nmcli networking connectivity check
full
Example 20: How to Disconnect a Network Interface using nmcli command
If you want to disconnect a network then you need to use nmcli dev disconnect <interface>
syntax. In this example, we are disconnecting interface enp0s8 using nmcli dev disconnect enp0s8
command as shown below.
root@cyberithub:~# nmcli dev disconnect enp0s8
Device 'enp0s8' successfully disconnected.
You can verify the connection status using nmcli device status
command.
root@cyberithub:~# nmcli device status
DEVICE TYPE STATE CONNECTION
enp0s3 ethernet connected Wired connection 1
enp0s9 ethernet connected Wired connection 3
br-92fdc13528ad bridge connected br-92fdc13528ad
docker0 bridge connected docker0
enp0s3.100 vlan connected vlan-enp0s3.100
br0 bridge connected bridge-br0
enp0s8 ethernet disconnected --
lo loopback unmanaged --
Example 21: How to Connect a Network Interface using nmcli command
If you want to connect a network interface then you need to use nmcli dev connect <interface_name> syntax. In this example we are connecting interface enp0s8 using nmcli dev connect enp0s8
command as shown below.
root@cyberithub:~# nmcli dev connect enp0s8
Device 'enp0s8' successfully activated with 'c27ebc24-dede-315f-b587-030c8ac72c1c'.
You can verify the status by using nmcli device status
command as shown below.
root@cyberithub:~# nmcli device status
DEVICE TYPE STATE CONNECTION
enp0s3 ethernet connected Wired connection 1
enp0s8 ethernet connected Wired connection 2
enp0s9 ethernet connected Wired connection 3
br-92fdc13528ad bridge connected br-92fdc13528ad
docker0 bridge connected docker0
enp0s3.100 vlan connected vlan-enp0s3.100
br0 bridge connected bridge-br0
lo loopback unmanaged --
Example 22: How to Interactively Edit a Connection
Sometimes you might be more comfortable in editing the connection interactively. In that case you can use nmcli interactive connection editor to edit any existing connection. For example, here we editing the ipv4 address of connection bridge-br0
and changing it to 192.168.29.2/24
IP using below mentioned edit steps.
root@cyberithub:~# nmcli con edit bridge-br0 ===| nmcli interactive connection editor |=== Editing existing 'bridge' connection: 'bridge-br0' Type 'help' or '?' for available commands. Type 'print' to show all the connection properties. Type 'describe [<setting>.<prop>]' for detailed property description. You may edit the following settings: connection, bridge, 802-3-ethernet (ethernet), ethtool, match, ipv4, ipv6, tc, proxy nmcli> set ipv4.address 192.168.29.2/24 Do you also want to set 'ipv4.method' to 'manual'? [yes]: yes nmcli> print ipv4.address ipv4.addresses: 192.168.29.2/24 nmcli> verify Verify connection: OK nmcli> save Connection 'bridge-br0' (d34e1e92-f903-42b5-919f-cf67fa0bda59) successfully updated. nmcli> quit
Example 23: How to Modify the IPv4 address of a connection
If you are looking to modify the existing IPv4 address of a connection then you need to use nmcli con modify <con_name> ipv4.addresses <ip_address>
syntax. In this example we are modifying the IPv4 address of connection bridge-br0 and changing it to 192.168.3.1/24 using nmcli con modify bridge-br0 ipv4.addresses 192.168.3.1/24 command as shown below.
root@cyberithub:~# nmcli con modify bridge-br0 ipv4.addresses 192.168.3.1/24 root@cyberithub:~# nmcli con show bridge-br0 | grep -i ipv4.addresses ipv4.addresses: 192.168.3.1/24
Example 24: How to set DNS IP using nmcli command
If you want to set the DNS IP of a connection then you need to use nmcli con modify <con_name> ipv4.dns <dns_ip>
syntax. In this example we are setting DNS IP of connection bridge-br0 as 8.8.8.8 using nmcli con modify bridge-br0 ipv4.dns 8.8.8.8
command as shown below. Same can be verified by grepping ipv4.dns from nmcli con show bridge-br0 command output.
root@cyberithub:~# nmcli con modify bridge-br0 ipv4.dns 8.8.8.8 root@cyberithub:~# nmcli con show bridge-br0 | grep -i ipv4.dns: ipv4.dns: 8.8.8.8
Example 25: How to Check the Networking Status
If you want to check the current networking status then you need to use nmcli networking
command as shown below.
root@cyberithub:~# nmcli networking
enabled
Example 26: How to Append DNS IP using nmcli command
If you are looking to append one more DNS IP to an existing connection then all you need to do is to use +ipv4.dns
option and provide the IP address. For example, here we are appending DNS IP 8.8.4.4 to an existing connection bridge-br0 using nmcli con mod bridge-br0 +ipv4.dns 8.8.4.4
command. Previously this connection has DNS IP 8.8.8.8 already set, so now it has two DNS IP set. This can be verified by grepping ipv4.dns value from nmcli con show bridge-br0 command output as shown below.
root@cyberithub:~# nmcli con mod bridge-br0 +ipv4.dns 8.8.4.4 root@cyberithub:~# nmcli con show bridge-br0 | grep -i ipv4.dns: ipv4.dns: 8.8.8.8,8.8.4.4
Example 27: How to Delete a Connection using nmcli command
First you need to check the list of connection using nmcli con show
command.
root@cyberithub:~# nmcli con show
NAME UUID TYPE DEVICE
Wired connection 1 9d72566d-e7ae-3c6c-a20e-e017f1650f92 ethernet enp0s3
bridge-br0 d34e1e92-f903-42b5-919f-cf67fa0bda59 bridge br0
Wired connection 2 c27ebc24-dede-315f-b587-030c8ac72c1c ethernet enp0s8
Wired connection 3 17a5bcff-26f7-303e-934f-a9953f6c36f4 ethernet enp0s9
br-92fdc13528ad 51a61b6f-c6e3-47eb-8102-5c19c97bce9d bridge br-92fdc13528ad
docker0 f47cf62d-5b65-4533-9309-44bd8ff3c6cd bridge docker0
vlan-enp0s3.100 bda676f8-f144-4908-ae76-5d5686bb8df5 vlan enp0s3.100
If you want to delete a connection, then you need to use nmcli connection delete <UUID>
syntax. In this example, we are deleting a connection with UUID 51a61b6f-c6e3-47eb-8102-5c19c97bce9d
using nmcli connection delete 51a61b6f-c6e3-47eb-8102-5c19c97bce9d
command as shown below.
root@cyberithub:~# nmcli connection delete 51a61b6f-c6e3-47eb-8102-5c19c97bce9d
Connection 'br-92fdc13528ad' (51a61b6f-c6e3-47eb-8102-5c19c97bce9d) successfully deleted.
Now if you check the status again using nmcli con show
command then the deleted connection no longer exist.
root@cyberithub:~# nmcli con show
NAME UUID TYPE DEVICE
Wired connection 1 9d72566d-e7ae-3c6c-a20e-e017f1650f92 ethernet enp0s3
bridge-br0 d34e1e92-f903-42b5-919f-cf67fa0bda59 bridge br0
Wired connection 2 c27ebc24-dede-315f-b587-030c8ac72c1c ethernet enp0s8
Wired connection 3 17a5bcff-26f7-303e-934f-a9953f6c36f4 ethernet enp0s9
docker0 f47cf62d-5b65-4533-9309-44bd8ff3c6cd bridge docker0
vlan-enp0s3.100 bda676f8-f144-4908-ae76-5d5686bb8df5 vlan enp0s3.100
Example 28: How to Reload Connection using nmcli command
If you have done any configuration change then Network Manager won't be aware of that until you reload the connection profiles. So to implement all the recently configured changes, either you can reload only that file or you can use the recommended option, that is reload all the connection profiles by using nmcli con reload
command as shown below.
root@cyberithub:~# nmcli con reload
Example 29: How to Check all the options available with nmcli command
If you want to check all the options available with nmcli command then you need to use nmcli --help
command as shown below.
root@cyberithub:~# nmcli --help
Usage: nmcli [OPTIONS] OBJECT { COMMAND | help }
OPTIONS
-a, --ask ask for missing parameters
-c, --colors auto|yes|no whether to use colors in output
-e, --escape yes|no escape columns separators in values
-f, --fields <field,...>|all|common specify fields to output
-g, --get-values <field,...>|all|common shortcut for -m tabular -t -f
-h, --help print this help
-m, --mode tabular|multiline output mode
-o, --overview overview mode
-p, --pretty pretty output
-s, --show-secrets allow displaying passwords
-t, --terse terse output
-v, --version show program version
-w, --wait <seconds> set timeout waiting for finishing operations
Example 30: How to Check the Man Page of nmcli command
If you want to check the man page of nmcli command then you need to use man nmcli
command as shown below.
root@cyberithub:~# man nmcli
NMCLI(1) General Commands Manual NMCLI(1)
NAME
nmcli - command-line tool for controlling NetworkManager
SYNOPSIS
nmcli [OPTIONS...] {help | general | networking | radio | connection | device | agent | monitor} [COMMAND] [ARGUMENTS...]
DESCRIPTION
nmcli is a command-line tool for controlling NetworkManager and reporting network status. It can be utilized as a replacement for nm-applet or
other graphical clients. nmcli is used to create, display, edit, delete, activate, and deactivate network connections, as well as control and
display network device status. See nmcli-examples(7) for ready to run nmcli examples.