EL9 - System | Cheatsheet

How to add private vlan connection interface with static IP

Before - second interface doesn't have ip assigned:

# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether b0:7b:25:c1:aa:2a brd ff:ff:ff:ff:ff:ff
    altname enp193s0f0
    inet 190.3.157.13/24 brd 190.3.157.255 scope global noprefixroute eno1
       valid_lft forever preferred_lft forever
    inet6 <public_ipv6>/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
3: eno2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether b0:7b:25:c1:aa:2b brd ff:ff:ff:ff:ff:ff
    altname enp193s0f1

Doublecheck the connection (in the example eno2) doesn't have device:

# nmcli connection show
NAME  UUID                                  TYPE      DEVICE 
eno1  d9a55684-2337-4c87-95b0-82689597000e  ethernet  eno1   
lo    13da71da-d1b3-4e7d-a7c3-fc7aa7ee3b1a  loopback  lo     
eno2  c608fde7-6cf9-47a3-8daa-066a5df18c8c  ethernet  --

Modify connection - assign static IPv4/mask, change to manual, set autoconnect to yes:

# nmcli connection modify <connection-name> ipv4.method manual ipv4.address <IP>/<prefix> connection.autoconnect yes

Bring the connection up:

# nmcli connection up <connection-name>

Check connections - see now the connection has assigned device:

# nmcli connection show
NAME  UUID                                  TYPE      DEVICE 
eno1  d9a55684-2337-4c87-95b0-82689597000e  ethernet  eno1   
eno2  c608fde7-6cf9-47a3-8daa-066a5df18c8c  ethernet  eno2   
lo    13da71da-d1b3-4e7d-a7c3-fc7aa7ee3b1a  loopback  lo

Check ip address:

# ip a
...
3: eno2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether b0:7b:25:c1:61:2f brd ff:ff:ff:ff:ff:ff
    altname enp193s0f1
    inet 10.10.10.18/8 brd 10.255.255.255 scope global noprefixroute eno2
       valid_lft forever preferred_lft forever
    inet6 fe80::b27b:34aa:fec1:543e/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

Reboot and check if after reboot the IP is still set properly, check ping from other machines.

How to disable ipv6

Taken from: https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/configuring_and_managing_networking/using-networkmanager-to-disable-ipv6-for-a-specific-connection_configuring-and-managing-networking#using-networkmanager-to-disable-ipv6-for-a-specific-connection_configuring-and-managing-networking

1. on RHEL9 disabling ipv6 with sysctl method doesn't work after reboot, because NetworkManager overrides with its own configuration

2. one should not change NetworkManager conf files directly, because the resulting configuration might be invalid (e.g. network interfaces didn't come up after reboot, because ipv6 method was set to disabled, but ipv6.dns option was present), but rather use nmcli utility

# nmcli connection modify eno1 ipv6.method "disabled" ipv6.dns ""
# nmcli connection up eno1

//verify the change is correct:
# ip addr

# reboot