(RHCSA) Manage Basic Networking

This is part of the independent and unofficial RHCSA Exam Study Guide series providing free 🤑 resources to prepare for the exam.

This post covers the objectives under the section:

“MANAGE BASIC NETWORKING”

It contains two main parts:

• Resources: with links to learn and practice for each objective.
• Cheatsheet: containing some examples of commands and actions performed in each objective (when applied).

📚 Resources:

• 📌 Introduction to Networking | Network Fundamentals Part 1

• 📌 Networking basics (2020) | What is a switch, router, gateway, subnet, gateway, firewall & DMZ

• 📌 RHCSA v8 Practice Session: Manage basic networking

CONFIGURE IPV4 AND IPV6 ADDRESSES

• 📌 Internet Protocol - IPv4 vs IPv6 as Fast As Possible

• 📌 How to configure a static IP address on RHEL 8 / CentOS 8 Linux

• 📌 How to change IP address on RHEL 8 / CentOS 8 Linux

• 📌 What you need to know about IPv6

• 📌 Configuring an IPv6 address in Red Hat Enterprise Linux 7 and 8

• 📌 Chapter 2. Getting started with NetworkManager

• 📌 Chapter 4. Using nmtui to manage network connections using a text-based interface

• 📌 Chapter 5. Getting started with nmcli

• 📌 Chapter 32. Configuring ip networking with ifcfg files

• 📌 Chapter 33. Using NetworkManager to disable IPv6 for a specific connection

• 📌 Chapter 45. Testing basic network settings

CONFIGURE HOSTNAME RESOLUTION

• 📌 How a DNS Server (Domain Name System) works

• 📌 What is DNS?

• 📌 How to change your hostname in Linux

• 📌 7 ways to set your hostname in Fedora, CentOS, or Red Hat Enterprise Linux

• 📌 Understanding /etc/hosts file in Linux

• 📌 How to Setup Local DNS Using /etc/hosts File in Linux

• 📌 5 Linux network troubleshooting commands

CONFIGURE NETWORK SERVICES TO START AUTOMATICALLY AT BOOT

• 📌 How to configure networking in Linux

• 📌 Set up a static network connection in Linux

• 📌 3 ways to configure a network interface in Linux

• 📌 Becoming friends with NetworkManager

• 📌 Chapter 8. Configuring an Ethernet connection (Skip items that uses “RHEL System Roles”.)

• 📌 Chapter 26. Manually creating NetworkManager profiles in key file format

• 📌 Chapter 21. Managing the default gateway setting

RESTRICT NETWORK ACCESS USING FIREWALL-CMD/FIREWALL

• 📌 A beginner’s guide to firewalld in Linux

• 📌 An introduction to firewalld rules and scenarios

• 📌 Chapter 51. Using and configuring firewalld

• 📌 Using firewalld

• 📌 How to Restrict Network Access Using FirewallD

• 📌 How To Set Up a Firewall Using FirewallD on CentOS 8

📑 Cheatsheet:

CONFIGURE IPV4 AND IPV6 ADDRESSES

• Change IPv4 address manually editing the network script file:

  • ifconfig or ip a ➡ display information of all network devices.
  • /etc/sysconfig/network-scripts/enp7s0 ➡ edit this file to update the connections settings.

    BOOTPROTO=static
    IPADDR=192.168.1.5
    NETMASK=255.255.255.0
    GATEWAY=192.168.1.1
    

  • nmcli connection down enp7s0 && nmcli connection up enp7s0 ➡ restart the connection.

• Change IPv4 address using nmcli tool:

  • nmcli connection modify enp7s0 IPv4.address 192.168.1.5/24 ➡ change IP address.

  • nmcli connection modify enp7s0 IPv4.gateway 192.168.1.1 ➡ change gateway address.

  • nmcli connection modify enp7s0 IPv4.method manual ➡ sets BOOTPROTO option to none.

• nmcli connection modify enp7s0 ipv6.method "disabled" ➡ Disable ipv6 using nmcli tool.

• ping -c2 alldrops.info ➡ test IPv4 connection issuing two ping packets to alldrops.info.

• ping6 -c2 alldrops.info ➡ test IPv6 connection issuing two ping packets to alldrops.info.

• nmtui ➡ command line tool with graphical interface to manage network connections.

CONFIGURE HOSTNAME RESOLUTION

• cat /etc/resolv.conf ➡ check DNS lookup definitions.

• 192.168.0.120 server20.example.com server20 on /etc/hosts file ➡ map hostname server20 to the ip provided.

• ping -c2 server20 ➡ test hostname resolution issuing two ping packets to server20.

• dig, host, nslookup, getent ➡ tools to query DNS.

CONFIGURE NETWORK SERVICES TO START AUTOMATICALLY AT BOOT

• Configure a Network Connection manually at network-scripts dir:

  • ip address or ip a ➡ verify info for network interfaces.
  • /etc/sysconfig/network-scripts/ifcfg-enp7s0 ➡ create this file to add a new profile for the network interface (use antoher file in the folder as a starting point).
  • ifdown enp7s0, ifup enp7s0 ➡ reactivate interface.

• Configure a Network Connection using nmcli (preferred way):

  (Requires NetworkManager service)

  • systemctl status NetworkManager ➡ check if enabled and active.
  • nmcli d s, nmcli device show ➡ check presence of a new interface.
  • nmcli con add type Ethernet ifname enp7s0 con-name enp7s0 ip4 172.10.10.120/24 gw4 172.10.10.1
  • nmcli c s, nmcli connection show ➡ confirm new connection status.
  • cat /etc/sysconfig/network-scripts/ifcfg-enp7s0
  • ip a ➡ confirm ip assignments for the new connection.
  • nmcli c down enp7s0 ➡ deactivate connection.
  • nmcli c up enp7s0 ➡ deactivate connection.

RESTRICT NETWORK ACCESS USING FIREWALL-CMD/FIREWALL

• firewall-cmd --state, systemctl status firewalld ➡ check if the service is enabled and active.

• firewall-cmd --get-default-zone ➡ display default zone name.

• firewall-cmd --get-active-zones ➡ display active zones.

• firewall-cmd --get-zones ➡ display all available zones.

• firewall-cmd --set-default-zone=home ➡ set default zone to home.

• firewall-cmd --list-all ➡ display information about the defualt zone.

• firewall-cmd --list-all --zone=home ➡ display information about home zone.

• firewall-cmd --list-all-zones ➡ list all zones.

• firewall-cmd --list-services ➡ list allowed services in the current zone.

• firewall-cmd --list-ports ➡ list allowed ports in the current zone.

• firewall-cmd --zone=public --list-services ➡ list allowed services for the specific zone.

• Permanently add a Port to a zone:

  • firewall-cmd --add-port 443/tcp --zone=public --permanent ➡ add port to public zone.

  • firewall-cmd --reload ➡ reload to apply the changes.

• Permanently add a Service to a zone:

  • firewall-cmd --add-service=httpd --zone=public ➡ add port to public zone.

  • firewall-cmd --runtime-to-permanent ➡ make changes persist.

• firewall-cmd --change-interface=enp7s0 --zone=home --permanent ➡ change specified interface to specified zone.

Next:

(RHCSA) Manage Users and Groups

…or back to Red Hat Certified System Administrator (RHCSA) Exam Study Guide

Useful links & references:

• Red Hat Enterprise Linux Documentation

• Enable Sysadmin (a blog from Red Hat)

Footnotes:

• Follow me on Twitter to get more posts like this and other quick tips in your feed.
• If you have any doubts or tips about this article, I’d appreciate knowing and discussing it via email.
• Do you have any other Linux tips? Would you like to publish that in this blog? Please send an email to all drops.
• As English is not my native language, I apologize for the errors. Corrections are welcome.
• Contact: contact [@] alldrops [.] info.