Cyberithub

30 nmcli command examples in Linux(RHEL/CentOS) - Cheat Sheet

Table of Contents

Advertisements

In this article, I will take you through 30 nmcli command examples in Linux. nmcli is an open source command-line tool for controlling NetworkManager and reporting network status. It is extensively used by the Linux professionals to harness the power of Network Manager directly from the command line. nmcli is used to create, display, edit, delete, activate, and deactivate network connections, as well as control and display network device status. We will see some of the real world examples in below section.

What is UUID

Universally Unique Identifier or UUID is a 128-bit value which is used to uniquely identify an object or entity on Internet.

Usage

nmcli [OPTIONS] OBJECT { COMMAND | help }

30 nmcli command examples in Linux (RHEL/CentOS) - Cheat Sheet

nmcli command examples in Linux (RHEL/CentOS)

Also Read: How to Install Vagrant on Ubuntu 20.04 LTS [Step by Step]

Example 1: How to check nmcli version

If you want to check the current installed nmcli version then you need to use nmcli --version command as shown below. As you can see current version is 1.20.0.

root@cyberithub:~# nmcli --version
nmcli tool, version 1.20.0-3.el8

 

Example 2: How to Check all Network Device Connections 

To check all the available network device connections, you need to use nmcli connection command as shown below. If no parameter specified in nmcli connection command, then by default it will show configured connection from both system and user setting services.

root@cyberithub:~# nmcli connection
NAME       UUID                                 TYPE     DEVICE
enp0s3     87b06876-6051-4276-8d4c-af3a6197c660 ethernet enp0s3
virbr0     d4af3d7e-8534-4ccd-8896-963ed4c6730e bridge   virbr0
virbr0-nic 0923f1f5-9263-46b8-b7c3-c7bd4995458a tun      virbr0-nic
enp0s3     289e49aa-d418-44f1-8fad-07e99b78e732 ethernet --

 

Example 3: How to Check all Network Devices Status

To check all the network device status, you need to use nmcli device status command as shown below. This command will show both managed as well as unmanaged devices.

root@cyberithub:~# nmcli device status
DEVICE     TYPE     STATE     CONNECTION
virbr0     bridge   connected virbr0
enp0s3     ethernet connected enp0s3
virbr0-nic tun      connected virbr0-nic
lo         loopback unmanaged --

 

Example 4: How to Show all Network Devices

If you want to see all the available network devices then you need to use nmcli device show command as shown below.

root@cyberithub:~# nmcli device show
GENERAL.DEVICE: virbr0
GENERAL.TYPE: bridge
GENERAL.HWADDR: 52:54:00:DD:23:08
GENERAL.MTU: 1500
GENERAL.STATE: 100 (connected)
GENERAL.CONNECTION: virbr0
GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1
IP4.ADDRESS[1]: 192.168.122.1/24
IP4.GATEWAY: --
IP4.ROUTE[1]: dst = 192.168.122.0/24, nh = 0.0.0.0, mt = 0
IP6.GATEWAY: --

GENERAL.DEVICE: enp0s3
GENERAL.TYPE: ethernet
GENERAL.HWADDR: 08:00:27:FD:7B:99
GENERAL.MTU: 1500
GENERAL.STATE: 100 (connected)
GENERAL.CONNECTION: enp0s3
GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/4
WIRED-PROPERTIES.CARRIER: on
IP4.ADDRESS[1]: 192.168.29.153/24
IP4.GATEWAY: 192.168.29.1
IP4.ROUTE[1]: dst = 192.168.29.0/24, nh = 0.0.0.0, mt = 0
IP4.ROUTE[2]: dst = 0.0.0.0/0, nh = 192.168.29.1, mt = 0
IP6.GATEWAY: --
IP6.ROUTE[1]: dst = ff00::/8, nh = ::, mt = 256, table=255

 

Example 5: How to Show Radio Switches Status

If you want to see the current radio switches status then you need to use nmcli radio all command as shown below.

root@cyberithub:~# nmcli radio all
WIFI-HW WIFI    WWAN-HW WWAN
enabled enabled enabled enabled

 

Example 6: How to Check NetworkManager Running Status

To check the NetworkManager running status in terse output mode then you need to use nmcli -t -f RUNNING general command.

root@cyberithub:~# nmcli -t -f RUNNING general
running

-t : output is terse. More on nmcli command Man Page.

-f : this option is used to specify what fields(column name) should be displayed.

 

Example 7: How to Check the Overall Status of Network Manager

If you want to check the overall status of Network Manager in terse output mode then you need to use nmcli -t -f STATE general command as shown below.

root@cyberithub:~# nmcli -t -f STATE general
connected (local only)

 

Example 8: How to Check Terse Output

If you want to show all the currently configured network devices in terse output mode then you need to use nmcli -t device command as shown below.

root@cyberithub:~# nmcli -t device
virbr0:bridge:connected:virbr0
enp0s3:ethernet:connected:enp0s3
virbr0-nic:tun:connected:virbr0-nic
lo:loopback:unmanaged:

 

Example 9: How to Check Network Manager Logging Settings

If you want to check the current Network Manager logging settings then you need to use nmcli general logging command as shown below.

root@cyberithub:~# nmcli general logging
LEVEL DOMAINS 
INFO PLATFORM,RFKILL,ETHER,WIFI,BT,MB,DHCP4,DHCP6,PPP,IP4,IP6,AUTOIP4,DNS,VPN,SHARING,SUPPLICANT,AGENTS,SETTINGS,SUSPEND,CORE,DEVICE,OLPC,INFINIBAND,FIREWALL,ADSL,BOND,VLAN,BRIDGE,TEAM,CONCHECK,DCB,DISPATCH,AUDIT,SYSTEMD,PROXY

 

Example 10: How to Create a New Connection Profile

If you are looking to create a ethernet type connection profile using interface enp1s0 then you need to use nmcli c add type ethernet connection.interface-name enp1s0 command as shown below.

root@cyberithub:~# nmcli c add type ethernet connection.interface-name enp1s0
Connection 'ethernet-enp1s0' (34e3e7eb-e135-48aa-a713-abe30bd7b1c5) successfully added.

You can verify the new connection profile by using nmcli connection show command as shown below.

root@cyberithub:~# nmcli connection show
NAME            UUID                                 TYPE     DEVICE
enp0s3          87b06876-6051-4276-8d4c-af3a6197c660 ethernet enp0s3
virbr0          d4af3d7e-8534-4ccd-8896-963ed4c6730e bridge   virbr0
virbr0-nic      0923f1f5-9263-46b8-b7c3-c7bd4995458a tun      virbr0-nic
enp0s3          289e49aa-d418-44f1-8fad-07e99b78e732 ethernet --
ethernet-enp1s0 34e3e7eb-e135-48aa-a713-abe30bd7b1c5 ethernet --

 

Example 11: How to Check NetworkManager Polkit Permissions

If you want to check configured Polkit permissions for various NetworkManager operations then you need to use nmcli general permissions command as shown below. These permissions or actions(using Polkit language) are configured by a System Administrator and are not for users to change.

root@cyberithub:~# nmcli general permissions
PERMISSION                                                       VALUE
org.freedesktop.NetworkManager.enable-disable-network            yes
org.freedesktop.NetworkManager.enable-disable-wifi               yes
org.freedesktop.NetworkManager.enable-disable-wwan               yes
org.freedesktop.NetworkManager.enable-disable-wimax              yes
org.freedesktop.NetworkManager.sleep-wake                        yes
org.freedesktop.NetworkManager.network-control                   yes
org.freedesktop.NetworkManager.wifi.share.protected              yes
org.freedesktop.NetworkManager.wifi.share.open                   yes
org.freedesktop.NetworkManager.settings.modify.system            yes
org.freedesktop.NetworkManager.settings.modify.own               yes
org.freedesktop.NetworkManager.settings.modify.hostname          yes
org.freedesktop.NetworkManager.settings.modify.global-dns        yes
org.freedesktop.NetworkManager.reload                            yes
org.freedesktop.NetworkManager.checkpoint-rollback               yes
org.freedesktop.NetworkManager.enable-disable-statistics         yes
org.freedesktop.NetworkManager.enable-disable-connectivity-check yes
org.freedesktop.NetworkManager.wifi.scan                         unknown

 

Example 12: How to Change hostname using nmcli command

You can also use nmcli to change the System hostname. To check the current hostname, you can use nmcli general hostname command as shown below.

root@cyberithub:~# nmcli general hostname
cyberithub

To change the hostname of your system, you can use nmcli general hostname <host_name> syntax.

root@cyberithub:~# nmcli general hostname localhost
root@cyberithub:~# nmcli general hostname
localhost

 

Example 13: How to create a bridge using nmcli command

If you want to create a bridge then you need to use nmcli con add type bridge ifname <bridge_name> syntax. In this example we are creating a bridge called br0 using nmcli con add type bridge ifname br0 command as shown below.

root@cyberithub:~# nmcli con add type bridge ifname br0
Connection 'bridge-br0' (d34e1e92-f903-42b5-919f-cf67fa0bda59) successfully added.

 

Example 14: How to disable STP for a bridge using nmcli command

Spanning tree protocol (STP) will be enabled by default so if you want disable it then you need to use nmcli con modify bridge-br0 bridge.stp no command as shown below.

root@cyberithub:~# nmcli con modify bridge-br0 bridge.stp no

If you want to re-enable STP then you need to use nmcli con modify bridge-br0 bridge.stp yes command as shown below.

root@cyberithub:~# nmcli con modify bridge-br0 bridge.stp yes

 

Example 15: How to Create a new VLAN connection using nmcli

If you want to create a new VLAN connection using nmcli command then you need to use nmcli con add type vlan con-name <vlan_con_name> ifname <interface_name> dev <physical_device> id <vlan_id> ipv4 <ip_address> syntax. In this example, we are creating a VLAN connection vlan-enp0s3.100 which will bind to interface enp0s3.100 and will be available on device enp0s3 with vlan id 100 and IPV4 address assigned as 192.168.29.1/24.

root@cyberithub:~# nmcli con add type vlan con-name vlan-enp0s3.100 ifname enp0s3.100 dev enp0s3 id 100 ip4 192.168.29.1/24
Connection 'vlan-enp0s3.100' (bda676f8-f144-4908-ae76-5d5686bb8df5) successfully added.

Above command can be explained as follows:-

  • con-name vlan-enp0s3.100: Specifies the name of the new VLAN connection
  • ifname enp0s3.100: Specifies the interface to bind the connection to
  • dev enp0s3: Specifies the physical (parent) device this VLAN is on
  • id 100: Specifies the VLAN ID
  • ip4 192.168.29.1/24: Specifies IPv4 address to assign to the interface

 

Example 16: How to enslave an existing VLAN connection to a bridge

If you want to enslave a bridge to a connection then you need to change its both master and slave properties. For example, here we are enslaving an existing VLAN connection named vlan-enp0s3.100 to a bridge bridge-br0 using nmcli connection modify vlan-enp0s3.100 master bridge-br0 slave-type bridge command as shown below.

root@cyberithub:~# nmcli connection modify vlan-enp0s3.100 master bridge-br0 slave-type bridge

Then you can reactivate the connection to apply the changes using nmcli connection up vlan-enp0s3.100 command as shown below.

root@cyberithub:~# nmcli connection up vlan-enp0s3.100
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/6)

 

Example 17: How to Change Network Manager Logging

Using nmcli command, you can change the network manager logging settings of one or multiple domains. You can even change the logging settings for ALL domains at once. In this example, we are changing the log level of CORE, ETHER and IP domain to DEBUG using nmcli g log level DEBUG domains CORE,ETHER,IP command.

NOTE:

Please note that below command will enable the logging for only CORE, ETHER and IP domain and for the rest of the other domain it will remain disabled. If you want to enable it for all the domains then always use ALL argument with domains option.
root@cyberithub:~# nmcli g log level DEBUG domains CORE,ETHER,IP

 

Example 18: How to Change an Interface to an unmanaged Interface

If you check the list of interfaces using nmcli device status command then the state of the interface will show as given below.

root@cyberithub:~# nmcli device status
DEVICE           TYPE     STATE     CONNECTION
enp0s3           ethernet connected Wired connection 1
enp0s8           ethernet connected Wired connection 2
enp0s9           ethernet connected Wired connection 3
br-92fdc13528ad  bridge   connected br-92fdc13528ad
docker0          bridge   connected docker0
lo               loopback unmanaged --

If you want to remove an interface from Network Manager control then you can change the state of the interface to unmanaged. This can be done by using nmcli dev set <interface_name> managed no command.

root@cyberithub:~# nmcli device set enp0s8 managed no

If now verify the state again by using nmcli device status command then you will see that the device state is now changed to unmanaged.

root@cyberithub:~# nmcli device status
DEVICE          TYPE     STATE     CONNECTION
enp0s3          ethernet connected Wired connection 1
enp0s9          ethernet connected Wired connection 3
br-92fdc13528ad bridge   connected br-92fdc13528ad
docker0         bridge   connected docker0
enp0s8          ethernet unmanaged --
lo              loopback unmanaged --

 

Example 19: How to Check the Network Connectivity State

To check network connectivity state, you need to use nmcli networking connectivity check command as shown below.

root@cyberithub:~# nmcli networking connectivity check
full

 

Example 20: How to Disconnect a Network Interface using nmcli command

If you want to disconnect a network then you need to use nmcli dev disconnect <interface> syntax. In this example, we are disconnecting interface enp0s8 using nmcli dev disconnect enp0s8 command as shown below.

root@cyberithub:~# nmcli dev disconnect enp0s8
Device 'enp0s8' successfully disconnected.

You can verify the connection status using nmcli device status command.

root@cyberithub:~# nmcli device status
DEVICE          TYPE     STATE        CONNECTION
enp0s3          ethernet connected    Wired connection 1
enp0s9          ethernet connected    Wired connection 3
br-92fdc13528ad bridge   connected    br-92fdc13528ad
docker0         bridge   connected    docker0
enp0s3.100      vlan     connected    vlan-enp0s3.100
br0             bridge   connected    bridge-br0
enp0s8          ethernet disconnected --
lo              loopback unmanaged    --

 

Example 21: How to Connect a Network Interface using nmcli command

If you want to connect a network interface then you need to use nmcli dev connect <interface_name> syntax. In this example we are connecting interface enp0s8 using nmcli dev connect enp0s8 command as shown below.

root@cyberithub:~# nmcli dev connect enp0s8
Device 'enp0s8' successfully activated with 'c27ebc24-dede-315f-b587-030c8ac72c1c'.

You can verify the status by using nmcli device status command as shown below.

root@cyberithub:~# nmcli device status
DEVICE          TYPE     STATE     CONNECTION
enp0s3          ethernet connected Wired connection 1
enp0s8          ethernet connected Wired connection 2
enp0s9          ethernet connected Wired connection 3
br-92fdc13528ad bridge   connected br-92fdc13528ad
docker0         bridge   connected docker0
enp0s3.100      vlan     connected vlan-enp0s3.100
br0             bridge   connected bridge-br0
lo              loopback unmanaged --

 

Example 22: How to Interactively Edit a Connection

Sometimes you might be more comfortable in editing the connection interactively. In that case you can use nmcli interactive connection editor to edit any existing connection. For example, here we editing the ipv4 address of connection bridge-br0 and changing it to 192.168.29.2/24 IP using below mentioned edit steps.

root@cyberithub:~# nmcli con edit bridge-br0

===| nmcli interactive connection editor |===

Editing existing 'bridge' connection: 'bridge-br0'

Type 'help' or '?' for available commands.
Type 'print' to show all the connection properties.
Type 'describe [<setting>.<prop>]' for detailed property description.

You may edit the following settings: connection, bridge, 802-3-ethernet (ethernet), ethtool, match, ipv4, ipv6, tc, proxy
nmcli> set ipv4.address 192.168.29.2/24
Do you also want to set 'ipv4.method' to 'manual'? [yes]: yes
nmcli> print ipv4.address
ipv4.addresses: 192.168.29.2/24
nmcli> verify
Verify connection: OK
nmcli> save
Connection 'bridge-br0' (d34e1e92-f903-42b5-919f-cf67fa0bda59) successfully updated.
nmcli> quit

 

Example 23: How to Modify the IPv4 address of a connection

If you are looking to modify the existing IPv4 address of a connection then you need to use nmcli con modify <con_name> ipv4.addresses <ip_address> syntax. In this example we are modifying the IPv4 address of connection bridge-br0 and changing it to 192.168.3.1/24 using nmcli con modify bridge-br0 ipv4.addresses 192.168.3.1/24 command as shown below.

root@cyberithub:~# nmcli con modify bridge-br0 ipv4.addresses 192.168.3.1/24
root@cyberithub:~# nmcli con show bridge-br0 | grep -i ipv4.addresses
ipv4.addresses: 192.168.3.1/24

 

Example 24: How to set DNS IP using nmcli command

If you want to set the DNS IP of a connection then you need to use nmcli con modify <con_name> ipv4.dns <dns_ip> syntax. In this example we are setting DNS IP of connection bridge-br0 as 8.8.8.8 using nmcli con modify bridge-br0 ipv4.dns 8.8.8.8 command as shown below. Same can be verified by grepping ipv4.dns from nmcli con show bridge-br0 command output.

root@cyberithub:~# nmcli con modify bridge-br0 ipv4.dns 8.8.8.8
root@cyberithub:~# nmcli con show bridge-br0 | grep -i ipv4.dns:
ipv4.dns: 8.8.8.8

 

Example 25: How to Check the Networking Status

If you want to check the current networking status then you need to use nmcli networking command as shown below.

root@cyberithub:~# nmcli networking
enabled

 

Example 26: How to Append DNS IP using nmcli command

If you are looking to append one more DNS IP to an existing connection then all you need to do is to use +ipv4.dns option and provide the IP address. For example, here we are appending DNS IP 8.8.4.4 to an existing connection bridge-br0 using nmcli con mod bridge-br0 +ipv4.dns 8.8.4.4 command. Previously this connection has DNS IP 8.8.8.8 already set, so now it has two DNS IP set. This can be verified by grepping ipv4.dns value from nmcli con show bridge-br0 command output as shown below.

root@cyberithub:~# nmcli con mod bridge-br0 +ipv4.dns 8.8.4.4
root@cyberithub:~# nmcli con show bridge-br0 | grep -i ipv4.dns:
ipv4.dns: 8.8.8.8,8.8.4.4

 

Example 27: How to Delete a Connection using nmcli command

First you need to check the list of connection using nmcli con show command.

root@cyberithub:~# nmcli con show
NAME               UUID                                 TYPE     DEVICE
Wired connection 1 9d72566d-e7ae-3c6c-a20e-e017f1650f92 ethernet enp0s3
bridge-br0         d34e1e92-f903-42b5-919f-cf67fa0bda59 bridge   br0
Wired connection 2 c27ebc24-dede-315f-b587-030c8ac72c1c ethernet enp0s8
Wired connection 3 17a5bcff-26f7-303e-934f-a9953f6c36f4 ethernet enp0s9
br-92fdc13528ad    51a61b6f-c6e3-47eb-8102-5c19c97bce9d bridge   br-92fdc13528ad
docker0            f47cf62d-5b65-4533-9309-44bd8ff3c6cd bridge   docker0
vlan-enp0s3.100    bda676f8-f144-4908-ae76-5d5686bb8df5 vlan     enp0s3.100

If you want to delete a connection, then you need to use nmcli connection delete <UUID> syntax. In this example, we are deleting a connection with UUID 51a61b6f-c6e3-47eb-8102-5c19c97bce9d using nmcli connection delete 51a61b6f-c6e3-47eb-8102-5c19c97bce9d command as shown below.

root@cyberithub:~# nmcli connection delete 51a61b6f-c6e3-47eb-8102-5c19c97bce9d
Connection 'br-92fdc13528ad' (51a61b6f-c6e3-47eb-8102-5c19c97bce9d) successfully deleted.

Now if you check the status again using nmcli con show command then the deleted connection no longer exist.

root@cyberithub:~# nmcli con show
NAME               UUID                                 TYPE    DEVICE
Wired connection 1 9d72566d-e7ae-3c6c-a20e-e017f1650f92 ethernet enp0s3
bridge-br0         d34e1e92-f903-42b5-919f-cf67fa0bda59 bridge   br0
Wired connection 2 c27ebc24-dede-315f-b587-030c8ac72c1c ethernet enp0s8
Wired connection 3 17a5bcff-26f7-303e-934f-a9953f6c36f4 ethernet enp0s9
docker0            f47cf62d-5b65-4533-9309-44bd8ff3c6cd bridge   docker0
vlan-enp0s3.100    bda676f8-f144-4908-ae76-5d5686bb8df5 vlan     enp0s3.100

 

Example 28: How to Reload Connection using nmcli command

If you have done any configuration change then Network Manager won't be aware of that until you reload the connection profiles. So to implement all the recently configured changes, either you can reload only that file or you can use the recommended option, that is reload all the connection profiles by using nmcli con reload command as shown below.

root@cyberithub:~# nmcli con reload

 

Example 29: How to Check all the options available with nmcli command

If you want to check all the options available with nmcli command then you need to use nmcli --help command as shown below.

root@cyberithub:~# nmcli --help
Usage: nmcli [OPTIONS] OBJECT { COMMAND | help }

OPTIONS
-a, --ask ask for missing parameters
-c, --colors auto|yes|no whether to use colors in output
-e, --escape yes|no escape columns separators in values
-f, --fields <field,...>|all|common specify fields to output
-g, --get-values <field,...>|all|common shortcut for -m tabular -t -f
-h, --help print this help
-m, --mode tabular|multiline output mode
-o, --overview overview mode
-p, --pretty pretty output
-s, --show-secrets allow displaying passwords
-t, --terse terse output
-v, --version show program version
-w, --wait <seconds> set timeout waiting for finishing operations

 

Example 30: How to Check the Man Page of nmcli command

If you want to check the man page of nmcli command then you need to use man nmcli command as shown below.

root@cyberithub:~# man nmcli
NMCLI(1) General Commands Manual NMCLI(1)

NAME
nmcli - command-line tool for controlling NetworkManager

SYNOPSIS
nmcli [OPTIONS...] {help | general | networking | radio | connection | device | agent | monitor} [COMMAND] [ARGUMENTS...]

DESCRIPTION
nmcli is a command-line tool for controlling NetworkManager and reporting network status. It can be utilized as a replacement for nm-applet or
other graphical clients. nmcli is used to create, display, edit, delete, activate, and deactivate network connections, as well as control and
display network device status. See nmcli-examples(7) for ready to run nmcli examples.

Leave a Comment