dotlinux guide

How to Configure Network Settings on Linux: A Comprehensive Guide

Network configuration is a foundational skill for anyone working with Linux, whether managing servers, desktops, or embedded systems. Linux offers a flexible and powerful set of tools to configure network interfaces, IP addresses, routing, and DNS, but the diversity of methods can be overwhelming for beginners. This guide demystifies Linux network configuration by covering fundamental concepts, practical usage, common practices, and best practices. By the end, you’ll be equipped to configure, troubleshoot, and optimize network settings on any Linux distribution.

Table of Contents

  1. Fundamental Concepts
  2. Configuration Methods
  3. Common Practices and Troubleshooting
  4. Best Practices
  5. Conclusion
  6. References

Fundamental Concepts

Before diving into configuration, it’s critical to understand key networking concepts that underpin Linux network setup.

Network Interfaces

A network interface is a software or hardware component that enables communication between a Linux system and a network. Examples include:

  • Physical interfaces: Wired (e.g., eth0, enp0s3—predictable naming) or wireless (e.g., wlan0, wlp3s0).
  • Virtual interfaces: Loopback (lo, for local communication), tunnels (tun0), or bridges (br0).

Linux assigns unique names to interfaces. Modern systems use predictable interface names (e.g., enp0s3 for PCIe devices) instead of legacy names like eth0.

IP Addressing

An IP address is a unique identifier for a device on a network. Linux supports two versions:

  • IPv4: 32-bit address (e.g., 192.168.1.100), limited to ~4 billion addresses.
  • IPv6: 128-bit address (e.g., 2001:db8::1), designed to replace IPv4 with virtually unlimited addresses.

IP addresses can be assigned statically (manually) or dynamically via DHCP (Dynamic Host Configuration Protocol).

Subnetting and CIDR Notation

A subnet divides a network into smaller segments. Subnetting uses a subnet mask to distinguish network and host portions of an IP address. For example:

  • 255.255.255.0 (IPv4) means the first 24 bits are the network, and the last 8 are the host.

CIDR (Classless Inter-Domain Routing) notation simplifies subnet masks. Format: IP_ADDRESS/PREFIX_LENGTH. For example:

  • 192.168.1.100/24 = IPv4 address 192.168.1.100 with subnet mask 255.255.255.0 (24 bits).
  • 2001:db8::1/64 = IPv6 address with a 64-bit network prefix.

Default Gateway

A default gateway is a router that forwards traffic from a local network to external networks (e.g., the internet). Without a gateway, a device can only communicate within its subnet.

DNS Resolution

DNS (Domain Name System) translates human-readable domain names (e.g., google.com) to IP addresses. Linux uses DNS resolvers specified in /etc/resolv.conf (managed by tools like systemd-resolved or NetworkManager).

Configuration Methods

Linux offers multiple tools and daemons to configure network settings. We’ll focus on the most common approaches.

Traditional Tools: ifconfig and route (Legacy)

Older Linux systems used ifconfig (interface configuration) and route for network setup. These tools are deprecated in modern distributions (replaced by iproute2), but they may still work on legacy systems.

Examples:

# View interface status (deprecated)
ifconfig eth0

# Assign a temporary IPv4 address (deprecated)
ifconfig eth0 192.168.1.100 netmask 255.255.255.0

# Add a default gateway (deprecated)
route add default gw 192.168.1.1 eth0

Note: Avoid these tools for new configurations. Use ip (below) instead.

Modern Tools: The ip Command (iproute2)

The ip command (part of the iproute2 package) is the modern replacement for ifconfig and route. It handles interfaces, IP addresses, routing, and more.

Key ip Subcommands:

  • ip link: Manage interfaces (up/down, rename).
  • ip addr: Manage IP addresses.
  • ip route: Manage routing tables.

Examples:

# View all interfaces and their status
ip link show

# Bring an interface up/down
ip link set eth0 up
ip link set eth0 down

# Assign a temporary IPv4 address (lost on reboot)
ip addr add 192.168.1.100/24 dev eth0

# Remove an IP address
ip addr del 192.168.1.100/24 dev eth0

# View IP addresses assigned to interfaces
ip addr show eth0

# Add a default gateway (temporary)
ip route add default via 192.168.1.1 dev eth0

# View routing table
ip route show

Network Management Daemons

For persistent network configurations (surviving reboots), Linux uses network management daemons. The two most common are systemd-networkd and NetworkManager.

systemd-networkd

systemd-networkd is a lightweight, systemd-integrated daemon for managing network interfaces. It’s ideal for servers and headless systems.

Configuration Files:
Define interfaces in /etc/systemd/network/*.network files (e.g., 10-eth0.network).

Example: Static IPv4 Configuration
Create /etc/systemd/network/10-eth0.network:

[Match]
Name=eth0  # Match interface named "eth0"

[Network]
Address=192.168.1.100/24  # Static IP and subnet
Gateway=192.168.1.1       # Default gateway
DNS=8.8.8.8               # DNS server (Google)
DNS=8.8.4.4               # Secondary DNS server

Enable and Start the Daemon:

sudo systemctl enable --now systemd-networkd
sudo systemctl enable --now systemd-resolved  # For DNS resolution

Example: DHCP Configuration
To use DHCP, simplify the .network file:

[Match]
Name=eth0

[Network]
DHCP=yes  # Use DHCP for IPv4

NetworkManager

NetworkManager is a user-friendly daemon designed for desktops and laptops. It supports dynamic networks (e.g., Wi-Fi) and provides a CLI (nmcli), TUI (nmtui), and GUI tools.

Key nmcli Commands:

# View active connections
nmcli con show

# View interface status
nmcli dev status

# Modify a connection (e.g., "Wired connection 1") to static IP
nmcli con mod "Wired connection 1" \
  ipv4.addresses "192.168.1.100/24" \
  ipv4.gateway "192.168.1.1" \
  ipv4.dns "8.8.8.8,8.8.4.4" \
  ipv4.method manual  # Set to "auto" for DHCP

# Activate the modified connection
nmcli con up "Wired connection 1"

# Restart NetworkManager (if needed)
sudo systemctl restart NetworkManager

Static vs. Dynamic (DHCP) Configuration

  • Static IP: Manually assigned IP, ideal for servers, printers, or devices requiring consistent addressing.
  • DHCP: IP assigned automatically by a DHCP server (e.g., home router). Use for desktops, laptops, or temporary devices.

Common Practices and Troubleshooting

Checking Network Status

Verify interface state, IP addresses, and routing with these commands:

# Interface status and IPs
ip addr show

# Routing table
ip route show

# DNS resolvers (managed by systemd-resolved)
resolvectl status

# Or view /etc/resolv.conf (symlink on systemd systems)
cat /etc/resolv.conf

Testing Connectivity

  • Ping: Test layer-3 connectivity to an IP or domain.

    ping -c 4 192.168.1.1  # Ping gateway (4 packets)
ping -c 4 google.com   # Ping domain

  • Traceroute: Trace the path to a remote host.

    traceroute google.com  # IPv4
tracepath6 google.com  # IPv6

  • DNS Lookup: Verify DNS resolution.

    dig google.com  # Detailed DNS query
nslookup google.com  # Simplified lookup

Managing Network Services

Control network daemons with systemctl:

# systemd-networkd
sudo systemctl status systemd-networkd
sudo systemctl restart systemd-networkd

# NetworkManager
sudo systemctl status NetworkManager
sudo systemctl restart NetworkManager

Troubleshooting Common Issues

  1. Interface not up: Use ip link set <interface> up.
  2. No IP address: Check DHCP server availability or static config syntax.
  3. No internet access: Verify gateway (ip route show) and DNS (resolvectl status).
  4. DNS failures: Test with ping 8.8.8.8 (bypasses DNS); if works, fix DNS resolvers.
  5. Logs: Check daemon logs for errors: 
    journalctl -u systemd-networkd  # systemd-networkd logs
journalctl -u NetworkManager    # NetworkManager logs

Best Practices

Documentation

Always document network configurations:

  • IP addresses, subnets, gateways, and DNS servers.
  • Interface names and their roles (e.g., eth0: WAN, eth1: LAN).
  • Changes made (e.g., “Updated eth0 to static IP 192.168.1.100 on 2024-01-01”).

Using Modern Tools

  • Replace ifconfig/route with ip (from iproute2).
  • Prefer systemd-networkd or NetworkManager over manual scripts for persistence.
  • Use resolvectl instead of editing /etc/resolv.conf directly (managed by daemons).

Security Considerations

  • Disable unused interfaces: ip link set <interface> down and mask the interface to prevent auto-start: 
    sudo systemctl mask systemd-networkd@<interface>.service
  • Use static IPs for servers: Avoid DHCP for critical services to prevent IP changes.
  • Encrypt DNS: Use DNS over HTTPS (DoH) or DNS over TLS (DoT) with systemd-resolved: 
    # Edit /etc/systemd/resolved.conf
[Resolve]
DNS=1.1.1.1  # Cloudflare DNS
DNSOverTLS=yes
  • Firewall: Enable ufw or firewalld to restrict traffic.

Backup and Testing

  • Backup configs: Before making changes, backup files (e.g., sudo cp /etc/systemd/network/10-eth0.network{,.bak}).
  • Test temporarily: Use ip addr add for temporary IPs to validate connectivity before making changes permanent.
  • Reboot test: After configuring, reboot to ensure settings persist.

Conclusion

Configuring network settings on Linux requires understanding fundamental concepts (interfaces, IP, routing) and choosing the right tools for your environment. Modern methods like the ip command, systemd-networkd, and NetworkManager offer flexibility and reliability. By following best practices—documenting changes, using modern tools, and prioritizing security—you can ensure stable and secure network configurations.

References