Red Hat Enterprise Linux 7 Networking Guide

Table of Contents
PART I. BEFORE YOU BEGIN
CHAPTER 1. OVERVIEW OF NETWORKING TOPICS
1.1. COMPARING IP TO NON-IP NETWORKS
Categories of Network Communication
1.2. COMPARING STATIC TO DYNAMIC IP ADDRESSING
1.3. CONFIGURING THE DHCP CLIENT BEHAVIOR
Requesting an IP Address
Requesting a Lease Renewal
1.3.1. Making DHCPv4 Persistent
1.4. SETTING THE WIRELESS REGULATORY DOMAIN
1.5. CONFIGURING NETCONSOLE
1.6. USING NETWORK KERNEL TUNABLES WITH SYSCTL
1.7. MANAGING DATA USING THE NCAT UTILITY
Installing ncat
Brief Selection of ncat Use Cases
PART II. MANAGING IP NETWORKING
CHAPTER 2. GETTING STARTED WITH NETWORKMANAGER
2.1. OVERVIEW OF NETWORKMANAGER
2.1.1. Benefits of Using NetworkManager
2.2. INSTALLING NETWORKMANAGER
2.3. CHECKING THE STATUS OF NETWORKMANAGER
2.4. STARTING NETWORKMANAGER
2.5. NETWORKMANAGER TOOLS
2.6. USING NETWORKMANAGER WITH NETWORK SCRIPTS
Running Network Script
Using Custom Commands in Network Scripts
Running Dispatcher scripts
2.7. USING NETWORKMANAGER WITH SYSCONFIG FILES
2.8. ADDITIONAL RESOURCES
CHAPTER 3. CONFIGURING IP NETWORKING
3.1. SELECTING NETWORK CONFIGURATION METHODS
3.2. CONFIGURING IP NETWORKING WITH NMTUI
3.3. CONFIGURING IP NETWORKING WITH NMCLI
3.3.1. Brief Selection of nmcli Examples
3.3.2. Starting and Stopping a Network Interface Using nmcli
3.3.3. Understanding the nmcli Options
3.3.4. Using the nmcli Interactive Connection Editor
3.3.5. Creating and Modifying a Connection Profile with nmcli
3.3.6. Connecting to a Network Using nmcli
3.3.7. Adding and Configuring a Dynamic Ethernet Connection with nmcli
Adding a Dynamic Ethernet Connection
Configuring a Dynamic Ethernet Connection
3.3.8. Adding and Configuring a Static Ethernet Connection with nmcli
Adding a Static Ethernet Connection
3.3.9. Locking a Profile to a Specific Device Using nmcli
3.3.10. Adding a Wi-Fi Connection with nmcli
Changing a Specific Property Using nmcli
3.3.11. Configuring NetworkManager to Ignore Certain Devices
3.3.11.1. Permanently Configuring a Device as Unmanaged in NetworkManager
Procedure
Verification Steps
Additional Resources
3.3.11.2. Temporarily Configuring a Device as Unmanaged in NetworkManager
Procedure
Verification Steps
Additional Resources
3.4.  CONFIGURING IP NETWORKING WITH GNOME GUI
3.4.1. Connecting to a Network Using the control-center GUI
3.4.2. Configuring New and Editing Existing Connections Using a GUI
3.4.2.1. Configuring New and Editing Existing Connections Using control-center
3.4.2.2. Configuring New and Editing Existing Connections Using nm-connection-editor
3.4.3. Common Configuration Options Using nm-connection-editor
3.4.4. Connecting to a Network Automatically with a GUI
3.4.4.1. Connecting to a Network Automatically with control-center
3.4.4.2. Connecting to a Network Automatically with nm-connection-editor
3.4.5. Managing System-wide and Private Connection Profiles with a GUI
3.4.5.1. Managing Permissions for a Connection Profile with nm-connection-editor
3.4.5.2. Managing Permissions for a Connection Profile with control-center
3.4.6. Configuring a Wired (Ethernet) Connection with a GUI
3.4.6.1. Configuring a Wired Connection Using control-center
3.4.6.2. Configuring a Wired Connection with nm-connection-editor
3.4.7. Configuring a Wi-Fi Connection with a GUI
Connecting Quickly to an Available Access Point
Connecting to a Hidden Wi-Fi Network
Configuring a New Wi-Fi Connection
Editing an Existing Wi-Fi Connection
Basic Configuration Options for a Wi-Fi Connection
Making Further Wi-Fi Configurations
Saving Your New (or Modified) Connection
3.4.8. Configuring a VPN Connection with a GUI
3.4.8.1. Establishing a VPN Connection with control-center
3.4.8.2. Configuring a VPN Connection with nm-connection-editor
3.4.9. Configuring a Mobile Broadband Connection with a GUI
3.4.9.1. Configuring a Mobile Broadband Connection with nm-connection-editor
3.4.10. Configuring a DSL Connection with a GUI
3.4.10.1. Configuring a DSL Connection with nm-connection-editor
3.5. CONFIGURING IP NETWORKING WITH IFCFG FILES
Configuring an Interface with Static Network Settings Using ifcfg Files
Configuring an Interface with Dynamic Network Settings Using ifcfg Files
3.5.1. Managing System-wide and Private Connection Profiles with ifcfg Files
3.6. CONFIGURING IP NETWORKING WITH IP COMMANDS
Assigning a Static Address Using ip Commands
Configuring Multiple Addresses Using ip Commands
3.7. CONFIGURING IP NETWORKING FROM THE KERNEL COMMAND LINE
3.8. ENABLING IP MULTICAST WITH IGMP
3.9. ADDITIONAL RESOURCES
Installed Documentation
Online Documentation
CHAPTER 4. CONFIGURING STATIC ROUTES AND THE DEFAULT GATEWAY
4.1. INTRODUCTION TO UNDERSTANDING ROUTING AND GATEWAY
4.2. CONFIGURING STATIC ROUTES USING NMCLI
4.3. CONFIGURING STATIC ROUTES WITH GUI
4.4. CONFIGURING STATIC ROUTES WITH IP COMMANDS
4.5. CONFIGURING STATIC ROUTES IN IFCFG FILES
Static Routes Using the IP Command Arguments Format
Static Routes Using the Network/Netmask Directives Format
4.5.1. Understanding Policy-routing
4.6. CONFIGURING THE DEFAULT GATEWAY
CHAPTER 5. CONFIGURING NETWORK CONNECTION SETTINGS
5.1. CONFIGURING 802.3 LINK SETTINGS
Ignoring link negotiation
Enforcing auto-negotiation activation
Manually setting the link speed and duplex
Configuring 802.3 Link Settings with the nmcli Tool
Configuring 802.3 Link Settings with nm-connection-editor
5.2. CONFIGURING 802.1X SECURITY
5.2.1. Configuring 802.1X Security for Wi-Fi with nmcli
5.2.2. Configuring 802.1X Security for Wired with nmcli
5.2.3. Configuring 802.1X Security for Wi-Fi with a GUI
5.2.4. Configuring 802.1X Security for Wired with nm-connection-editor
Configuring TLS Settings
Configuring FAST Settings
Configuring Tunneled TLS Settings
Configuring Protected EAP (PEAP) Settings
5.3. USING MACSEC WITH WPA_SUPPLICANT AND NETWORKMANAGER
5.4. CONFIGURING IPV4 SETTINGS
Configuring IPv4 Settings with control-center
Setting the Method for IPV4 Using nm-connection-editor
5.5. CONFIGURING IPV6 SETTINGS
5.6. CONFIGURING PPP (POINT-TO-POINT) SETTINGS
CHAPTER 6. CONFIGURE HOST NAMES
6.1. UNDERSTANDING HOST NAMES
6.1.1. Recommended Naming Practices
6.2. CONFIGURING HOST NAMES USING TEXT USER INTERFACE, NMTUI
6.3. CONFIGURING HOST NAMES USING HOSTNAMECTL
6.3.1. View All the Host Names
6.3.2. Set All the Host Names
6.3.3. Set a Particular Host Name
6.3.4. Clear a Particular Host Name
6.3.5. Changing Host Names Remotely
6.4. CONFIGURING HOST NAMES USING NMCLI
6.5. ADDITIONAL RESOURCES
CHAPTER 7. CONFIGURE NETWORK BONDING
7.1. UNDERSTANDING THE DEFAULT BEHAVIOR OF MASTER AND SLAVE INTERFACES
7.2. CONFIGURE BONDING USING THE TEXT USER INTERFACE, NMTUI
7.3. NETWORK BONDING USING THE NETWORKMANAGER COMMAND LINE TOOL, NMCLI
7.4. USING THE COMMAND LINE INTERFACE (CLI)
7.4.1. Check if Bonding Kernel Module is Installed
7.4.2. Create a Channel Bonding Interface
7.4.3. Creating SLAVE Interfaces
7.4.4. Activating a Channel Bond
7.4.5. Creating Multiple Bonds
7.5. VERIFYING NETWORK CONFIGURATION BONDING FOR REDUNDANCY
7.6. OVERVIEW OF BONDING MODES AND THE REQUIRED SETTINGS ON THE SWITCH
7.7. USING CHANNEL BONDING
7.7.1. Bonding Module Directives
7.8. CREATING A BOND CONNECTION USING A GUI
7.8.1. Establishing a Bond Connection
Saving Your New (or Modified) Connection and Making Further Configurations
7.8.1.1. Configuring the Bond Tab
7.9. ADDITIONAL RESOURCES
Installed Documentation
Online Documentation
CHAPTER 8. CONFIGURE NETWORK TEAMING
8.1. UNDERSTANDING NETWORK TEAMING
8.2. UNDERSTANDING THE DEFAULT BEHAVIOR OF MASTER AND SLAVE INTERFACES
8.3. COMPARISON OF NETWORK TEAMING TO BONDING
8.4. UNDERSTANDING THE NETWORK TEAMING DAEMON AND THE "RUNNERS"
8.5. INSTALL THE NETWORK TEAMING DAEMON
8.6. CONVERTING A BOND TO A TEAM
8.7. SELECTING INTERFACES TO USE AS PORTS FOR A NETWORK TEAM
8.8. SELECTING NETWORK TEAM CONFIGURATION METHODS
8.9. CONFIGURE A NETWORK TEAM USING THE TEXT USER INTERFACE, NMTUI
8.10. CONFIGURE A NETWORK TEAM USING THE COMMAND LINE
8.10.1. Configure Network Teaming Using nmcli
8.10.2. Creating a Network Team Using teamd
8.10.3. Creating a Network Team Using ifcfg Files
8.10.4. Add a Port to a Network Team Using iputils
8.10.5. Listing the ports of a Team Using teamnl
8.10.6. Configuring Options of a Team Using teamnl
8.10.7. Add an Address to a Network Team Using iputils
8.10.8. open an Interface to a Network Team Using iputils
8.10.9. Viewing the Active Port Options of a Team Using teamnl
8.10.10. Setting the Active Port Options of a Team Using teamnl
8.11. CONTROLLING TEAMD WITH TEAMDCTL
8.11.1. Add a Port to a Network Team
8.11.2. Remove a Port From a Network Team
8.11.3. Apply a Configuration to a Port in a Network Team
8.11.4. View the Configuration of a Port in a Network Team
8.12. VERIFYING NETWORK CONFIGURATION TEAMING FOR REDUNDANCY
8.13. CONFIGURE TEAMD RUNNERS
8.13.1. Configure the broadcast Runner
8.13.2. Configure the random Runner
8.13.3. Configure the Round-robin Runner
8.13.4. Configure the activebackup Runner
8.13.5. Configure the loadbalance Runner
8.13.6. Configure the LACP (802.3ad) Runner
8.13.7. Configure Monitoring of the Link State
8.13.7.1. Configure Ethtool for link-state Monitoring
8.13.7.2. Configure ARP Ping for Link-state Monitoring
8.13.7.3. Configure IPv6 NA/NS for Link-state Monitoring
8.13.8. Configure Port Selection Override
8.13.9. Configure BPF-based Tx Port Selectors
8.14. CREATING A NETWORK TEAM USING A GUI
8.14.1. Establishing a Team Connection
Saving Your New (or Modified) Connection and Making Further Configurations
8.14.1.1. Configuring the Team Tab
8.15. ADDITIONAL RESOURCES
Installed Documentation
Online Documentation
CHAPTER 9. CONFIGURE NETWORK BRIDGING
9.1. CONFIGURE BRIDGING USING THE TEXT USER INTERFACE, NMTUI
9.2. USING THE NETWORKMANAGER COMMAND LINE TOOL, NMCLI
9.3. USING THE COMMAND LINE INTERFACE (CLI)
9.3.1. Check if Bridging Kernel Module is Installed
9.3.2. Create a Network Bridge
9.3.3. Network Bridge with Bond
9.4. CONFIGURE NETWORK BRIDGING USING A GUI
9.4.1. Establishing a Bridge Connection with a GUI
Configuring the Connection Name, Auto-Connect Behavior, and Availability Settings
9.4.1.1. Configuring the Bridge Tab
9.5. ETHERNET BRIDGE CONFIGURATION USING IPROUTE
9.6. ADDITIONAL RESOURCES
CHAPTER 10. CONFIGURE 802.1Q VLAN TAGGING
10.1. SELECTING VLAN INTERFACE CONFIGURATION METHODS
10.2. CONFIGURE 802.1Q VLAN TAGGING USING THE TEXT USER INTERFACE, NMTUI
10.3. CONFIGURE 802.1Q VLAN TAGGING USING THE COMMAND LINE TOOL, NMCLI
Assigning Addresses to VLAN Interfaces
10.4. CONFIGURE 802.1Q VLAN TAGGING USING THE COMMAND LINE
10.4.1. Setting Up 802.1Q VLAN Tagging Using ifcfg Files
10.4.2. Configure 802.1Q VLAN Tagging Using ip Commands
10.5. CONFIGURE 802.1Q VLAN TAGGING USING A GUI
10.5.1. Establishing a VLAN Connection
Saving Your New (or Modified) Connection and Making Further Configurations
10.5.1.1. Configuring the VLAN Tab
10.6. VLAN ON BOND AND BRIDGE USING IP COMMANDS
10.7. VLAN ON BOND AND BRIDGE USING THE NETWORKMANAGER COMMAND LINE TOOL, NMCLI
10.8. CONFIGURING VLAN SWITCHPORT MODE
10.9. ADDITIONAL RESOURCES
CHAPTER 11. CONSISTENT NETWORK DEVICE NAMING
11.1. NAMING SCHEMES HIERARCHY
11.2. UNDERSTANDING THE DEVICE RENAMING PROCEDURE
11.3. UNDERSTANDING THE PREDICTABLE NETWORK INTERFACE DEVICE NAMES
11.4. NAMING SCHEME FOR NETWORK DEVICES AVAILABLE FOR LINUX ON SYSTEM Z
11.5. NAMING SCHEME FOR VLAN INTERFACES
11.6. CONSISTENT NETWORK DEVICE NAMING USING BIOSDEVNAME
11.6.1. System Requirements
11.6.2. Enabling and Disabling the Feature
11.7. NOTES FOR ADMINISTRATORS
11.8. CONTROLLING THE SELECTION OF NETWORK DEVICE NAMES
11.9. DISABLING CONSISTENT NETWORK DEVICE NAMING
11.10. TROUBLESHOOTING NETWORK DEVICE NAMING
11.11. ADDITIONAL RESOURCES
Installed Documentation
Online Documentation
CHAPTER 12. CONFIGURING POLICY-BASED ROUTING TO DEFINE ALTERNATIVE ROUTES
12.1. ROUTING TRAFFIC FROM A SPECIFIC SUBNET TO A DIFFERENT DEFAULT GATEWAY
Prerequisites
Procedure
Verification Steps
Troubleshooting Steps
Additional Resources
PART III. INFINIBAND AND RDMA NETWORKING
CHAPTER 13. CONFIGURE INFINIBAND AND RDMA NETWORKS
13.1. UNDERSTANDING INFINIBAND AND RDMA TECHNOLOGIES
Prerequisites
13.2. TRANSFERRING DATA USING ROCE
Prerequisites
13.3. CONFIGURING SOFT-ROCE
Prerequisites
Removing an RXE device
Verifying Connectivity of an RXE device
13.4. INFINIBAND AND RDMA RELATED SOFTWARE PACKAGES
13.5. CONFIGURING THE BASE RDMA SUBSYSTEM
13.5.1. Configuration of the rdma.conf file
13.5.2. Usage of 70-persistent-ipoib.rules
13.5.3. Relaxing memlock restrictions for users
13.5.4. Configuring Mellanox cards for Ethernet operation
13.5.5. Connecting to a Remote Linux SRP Target
Connecting to a Remote Linux SRP Target: High-Level Overview
13.6. CONFIGURING THE SUBNET MANAGER
13.6.1. Determining Necessity
13.6.2. Configuring the opensm master configuration file
13.6.3. Configuring the opensm startup options
13.6.4. Creating a P_Key definition
13.6.5. Enabling opensm
13.7. TESTING EARLY INFINIBAND RDMA OPERATION
13.8. CONFIGURING IPOIB
13.8.1. Understanding the role of IPoIB
13.8.2. Understanding IPoIB communication modes
13.8.3. Understanding IPoIB hardware addresses
13.8.4. Understanding InfiniBand P_Key subnets
13.8.5. Configure InfiniBand Using the Text User Interface, nmtui
13.8.6. Configure IPoIB using the command-line tool, nmcli
13.8.7. Configure IPoIB Using the command line
13.8.8. Testing an RDMA network after IPoIB is configured
13.8.9. Configure IPoIB Using a GUI
Saving Your New (or Modified) Connection and Making Further Configurations
13.8.9.1. Configuring the InfiniBand Tab
13.8.10. Additional Resources
Installed Documentation
Online Documentation
PART IV. SERVERS
CHAPTER 14. DHCP SERVERS
14.1. WHY USE DHCP?
14.2. CONFIGURING A DHCP SERVER
14.2.1. Configuration File
14.2.2. Lease Database
14.2.3. Starting and Stopping the Server
14.3. DHCP RELAY AGENT
14.3.1. Configure dhcrelay as a DHCPv4 and BOOTP relay agent
14.3.2. Configure dhcrelay as a DHCPv6 relay agent
14.4. CONFIGURING A MULTIHOMED DHCP SERVER
14.4.1. Host Configuration
14.5. DHCP FOR IPV6 (DHCPV6)
14.6. CONFIGURING THE RADVD DAEMON FOR IPV6 ROUTERS
14.7. COMPARISON OF DHCPV6 TO RADVD
Manually
Using the radvd Daemon
Using the DHCPv6 Server
14.8. ADDITIONAL RESOURCES
CHAPTER 15. DNS SERVERS
15.1. INTRODUCTION TO DNS
15.1.1. Name server Zones
15.1.2. Name server Types
15.1.3. BIND as a Name server
15.2. BIND
15.2.1. Empty Zones
15.2.2. Configuring the named Service
15.2.2.1. Installing BIND in a chroot Environment
15.2.2.2. Common Statement Types
15.2.2.3. Other Statement Types
15.2.2.4. Comment Tags
15.2.3. Editing Zone Files
15.2.3.1. Common Directives
15.2.3.2. Common Resource Records
15.2.3.3. Comment Tags
15.2.3.4. Example Usage
15.2.4. Using the rndc Utility
15.2.4.1. Configuring the Utility
15.2.4.2. Checking the Service Status
15.2.4.3. Reloading the Configuration and Zones
15.2.4.4. Updating Zone Keys
15.2.4.5. Enabling the DNSSEC Validation
15.2.4.6. Enabling the Query Logging
15.2.5. Using the dig Utility
15.2.5.1. Looking Up a Nameserver
15.2.5.2. Looking Up an IP Address
15.2.5.3. Looking Up a Host Name
15.2.6. Advanced Features of BIND
15.2.6.1. Multiple Views
15.2.6.2. Incremental Zone Transfers (IXFR)
15.2.6.3. Transaction SIGnatures (TSIG)
15.2.6.4. DNS Security Extensions (DNSSEC)
15.2.6.5. Internet Protocol version 6 (IPv6)
15.2.7. Common Mistakes to Avoid
15.2.8. Additional Resources
15.2.8.1. Installed Documentation
15.2.8.2. Online Resources
CHAPTER 16. CONFIGURING THE SQUID CACHING PROXY SERVER
16.1. SETTING UP SQUID AS A CACHING PROXY WITHOUT AUTHENTICATION
Prerequisites
Procedure
Verification Steps
16.2. SETTING UP SQUID AS A CACHING PROXY WITH LDAP AUTHENTICATION
Prerequisites
Procedure
Verification Steps
Troubleshooting Steps
16.3. SETTING UP SQUID AS A CACHING PROXY WITH KERBEROS AUTHENTICATION
Prerequisites
Procedure
Verification Steps
Troubleshooting Steps
16.4. CONFIGURING A DOMAIN BLACKLIST IN SQUID
Prerequisites
Procedure
16.5. CONFIGURING THE SQUID SERVICE TO LISTEN ON A SPECIFIC PORT OR IP ADDRESS
Prerequisites
Procedure
16.6. ADDITIONAL RESOURCES
APPENDIX A. RED HAT CUSTOMER PORTAL LABS RELEVANT TO NETWORKING
BRIDGE CONFIGURATION
NETWORK BONDING HELPER
PACKET CAPTURE SYNTAX GENERATOR
APPENDIX B. REVISION HISTORY
B.1. ACKNOWLEDGMENTS
INDEX