FedoraRHEL Based

Fedora 42 Network Configuration Guide

r00t

Fedora 42 Network Configuration

In the ever-evolving world of Linux distributions, Fedora continues to be at the forefront of innovation and stability. With the release of Fedora 42, users can expect significant improvements in network management capabilities, offering more flexibility and robust features than previous versions. This comprehensive guide will walk you through everything you need to know about configuring networks in Fedora 42, from basic setups to advanced configurations.

Understanding NetworkManager Architecture

NetworkManager has been the backbone of network configuration in Fedora for many releases, and Fedora 42 continues this tradition with several enhancements to its core functionality. Before diving into configuration methods, it’s essential to understand how NetworkManager works under the hood.

NetworkManager employs a layered architecture that manages all aspects of your system’s network connectivity. At its core, NetworkManager consists of a system daemon that coordinates network activities, interfaces with hardware, and manages connections.

Configuration Hierarchy

NetworkManager follows a specific precedence order when applying configurations:

  • User-specific connections (stored in home directories)
  • System-wide connections (stored in system directories)
  • Default fallback configurations

This hierarchy ensures that user preferences take priority while maintaining system-wide defaults when necessary. In Fedora 42, configuration files are primarily stored in two locations:

  • /etc/NetworkManager/system-connections/ for system-specific connections
  • /usr/lib/NetworkManager/system-connections/ for distribution-provided connections

Understanding this structure is crucial because permissions matter significantly. NetworkManager will ignore configuration files without the correct permissions (mode 0600, or read-write for root only).

Integration with systemd

Fedora 42’s NetworkManager integrates tightly with systemd, the system and service manager, providing better coordination between networking services and other system components. This integration allows for more reliable network activation during boot and more graceful handling of network transitions.

Command-line Network Management with nmcli

For system administrators and power users, the command-line interface offers the most flexible and scriptable approach to network management. The nmcli tool is NetworkManager’s powerful command-line interface, allowing complete control over network connections.

Basic nmcli Commands

To check the overall status of NetworkManager:

$ nmcli general status

To display all configured connections:

$ nmcli connection show

To view only active connections:

$ nmcli connection show --active

Creating New Connections

Creating a new connection with nmcli is straightforward. For example, to create a basic Ethernet connection:

$ nmcli connection add type ethernet con-name "My Office Ethernet" ifname ens3

This command creates a new connection profile named “My Office Ethernet” that will use the network interface ens3 with default settings, typically using DHCP for automatic IP address assignment.

Modifying Existing Connections

To modify an existing connection, you can use the modify subcommand:

$ nmcli connection modify "My Office Ethernet" ipv4.addresses 192.168.1.100/24 ipv4.gateway 192.168.1.1 ipv4.dns "8.8.8.8 8.8.4.4" ipv4.method manual

This command changes the connection from DHCP to a static IP configuration with the specified IP address, gateway, and DNS servers.

Connection Control

Activating and deactivating connections is simple:

$ nmcli connection up "My Office Ethernet"
$ nmcli connection down "My Office Ethernet"

These commands connect to and disconnect from the specified network, respectively.

Graphical Network Configuration Tools

While command-line tools offer power and flexibility, many users prefer graphical interfaces for network management. Fedora 42 provides several user-friendly options depending on your desktop environment.

GNOME Settings

If you’re using GNOME (Fedora’s default desktop environment), you can access network settings through the Settings application:

  1. Click on the system menu in the top-right corner
  2. Select “Settings”
  3. Click on “Network”

This interface provides a straightforward way to manage wired and wireless connections, VPNs, and network proxy settings. The visual layout makes it easy to see your current connection status and modify settings without remembering command syntax.

KDE Plasma Network Management

For KDE Plasma users, the Network Management widget provides comprehensive network controls:

  1. Click on the network icon in the system tray
  2. Select “Configure Network Connections” for detailed settings

KDE’s network manager offers similar capabilities to GNOME’s but with a different interface design that integrates well with the overall Plasma desktop experience.

Cockpit Web Interface

For remote server management, Fedora 42 includes Cockpit, a powerful web-based interface:

  1. Enable and start the cockpit service: sudo systemctl enable --now cockpit.socket
  2. Access the interface at https://your-server-ip:9090
  3. Navigate to the Networking section

Cockpit provides comprehensive network management capabilities in a clean web interface, making it ideal for headless servers or remote administration tasks.

NetworkManager Configuration Files

While GUI and CLI tools offer convenient ways to manage networks, understanding the underlying configuration files gives you deeper control and troubleshooting capabilities.

KeyFile Format

Fedora 42 uses the KeyFile format for NetworkManager configurations. These files use an INI-style syntax with sections and key-value pairs. For example, a basic Ethernet connection file might look like:

[connection]
id=My Office Ethernet
type=ethernet
interface-name=ens3

[ipv4]
method=manual
addresses=192.168.1.100/24
gateway=192.168.1.1
dns=8.8.8.8;8.8.4.4;

File Locations and Permissions

Two primary locations store configuration files:

  • /etc/NetworkManager/system-connections/ for user-created connections
  • /usr/lib/NetworkManager/system-connections/ for connections included in the OS image

The critical detail about these files is their permission requirements. NetworkManager will only read files with mode 0600 (read/write permissions for root only), ignoring files with incorrect permissions.

Configuration Directories

Several directories play important roles in NetworkManager’s configuration system:

  • /etc/NetworkManager/ – Main configuration directory
  • /etc/NetworkManager/conf.d/ – Drop-in configuration snippets
  • /etc/NetworkManager/dispatcher.d/ – Scripts that run when connection states change

For example, to disable the automatic configuration of Ethernet devices (which might be desirable in certain network environments), you could create a file at /usr/lib/NetworkManager/conf.d/noauto.conf with the following content:

[main]
# Do not do automatic (DHCP/SLAAC) configuration on ethernet devices
# with no other matching connections.
no-auto-default=*

DHCP Configuration

Dynamic Host Configuration Protocol (DHCP) provides automatic IP address assignment and is the default method for most network connections in Fedora 42.

Basic DHCP Setup

For most users, DHCP configuration is as simple as:

$ nmcli connection add type ethernet con-name "Office DHCP" ifname ens3 ipv4.method auto

This creates a connection that automatically obtains IP address, subnet mask, gateway, and DNS server information from a DHCP server on the network.

Advanced DHCP Options

Sometimes you need more control over how DHCP operates. Fedora 42 allows you to configure specific DHCP client behaviors:

  • Client Identifier: nmcli connection modify "Office DHCP" ipv4.dhcp-client-id "custom-id"
  • DHCP Hostname: nmcli connection modify "Office DHCP" ipv4.dhcp-hostname "fedora42-workstation"
  • DHCP Timeout: nmcli connection modify "Office DHCP" ipv4.dhcp-timeout 30

DHCPv6 Configuration

For IPv6 networks using DHCP, Fedora 42 supports DHCPv6 with similar configuration options:

$ nmcli connection modify "Office DHCP" ipv6.method dhcp

You can also configure additional DHCPv6-specific options for more complex deployments.

Static IP Configuration

While DHCP works for most scenarios, static IP configuration is necessary in many situations, especially for servers or devices that provide network services.

Basic Static IPv4 Configuration

$ nmcli connection add type ethernet con-name "Office Static" ifname ens3 \
  ipv4.addresses 192.168.1.100/24 ipv4.gateway 192.168.1.1 \
  ipv4.dns "8.8.8.8 8.8.4.4" ipv4.method manual

This creates a connection with a fixed IP address, subnet mask, gateway, and DNS servers.

Static IPv6 Configuration

$ nmcli connection modify "Office Static" \
  ipv6.addresses 2001:db8::1/64 ipv6.gateway 2001:db8::1 \
  ipv6.dns "2001:4860:4860::8888 2001:4860:4860::8844" ipv6.method manual

Multiple IP Addresses

Fedora 42 allows configuring multiple IP addresses on a single interface:

$ nmcli connection modify "Office Static" \
  ipv4.addresses "192.168.1.100/24 192.168.1.101/24 192.168.1.102/24"

This assigns three IP addresses to the same interface, which can be useful for hosting multiple services or for migration scenarios.

Advanced Network Configurations

Fedora 42 supports sophisticated network configurations for enterprise and specialized environments. These include bonding, bridging, VLANs, and team devices.

Network Bonding

Bonding combines multiple network interfaces into a single logical interface for increased bandwidth or redundancy. Here’s how to create a bond with two interfaces in active-backup mode:

$ nmcli connection add type bond con-name bond0 ifname bond0 bond.options "mode=active-backup,miimon=100"
$ nmcli connection add type ethernet con-name bond0-slave-ens2 ifname ens2 master bond0
$ nmcli connection add type ethernet con-name bond0-slave-ens3 ifname ens3 master bond0

This creates a bond interface with two slave interfaces (ens2 and ens3) in active-backup mode, where one interface is active while the other stands by as a backup.

Network Bridges

Bridges connect multiple network segments at the data link layer (Layer 2), which is essential for virtualization and container environments:

$ nmcli connection add type bridge con-name br0 ifname br0
$ nmcli connection add type ethernet con-name br0-port-ens2 ifname ens2 master br0

This creates a bridge interface (br0) with ens2 as a port, allowing virtual machines or containers to connect to the same network segment as the host.

VLAN Configuration

Virtual LANs (VLANs) segment network traffic by adding tags to Ethernet frames. To create a VLAN with ID 100 on interface ens2:

$ nmcli connection add type vlan con-name vlan100 ifname ens2.100 vlan.parent ens2 vlan.id 100

This creates a VLAN interface that processes only traffic tagged with VLAN ID 100, effectively creating a separate logical network on the same physical interface.

Team Devices

Team devices are an alternative to bonding with more flexible configuration options:

$ nmcli connection add type team con-name team0 ifname team0 \
  team.config '{"runner": {"name": "activebackup"}, "link_watch": {"name": "ethtool"}}'
$ nmcli connection add type ethernet con-name team0-slave-ens2 ifname ens2 master team0
$ nmcli connection add type ethernet con-name team0-slave-ens3 ifname ens3 master team0

This creates a team device with two member interfaces using the active-backup runner, similar to bonding but with different implementation details.

Wireless Networking

Fedora 42 offers robust support for wireless networking, including advanced security protocols and management features.

Basic Wireless Connection

$ nmcli device wifi list
$ nmcli device wifi connect "NetworkName" password "password"

This scans for available networks and connects to the specified one with the provided password.

Advanced Wireless Security

$ nmcli connection add type wifi con-name "Corporate WiFi" ssid "CorporateNetwork" \
  wifi-sec.key-mgmt wpa-eap 802-1x.eap ttls 802-1x.identity "username" \
  802-1x.password "password" 802-1x.phase2-auth mschapv2

This creates a connection profile for a WPA-Enterprise network using TTLS authentication with MSCHAPv2.

Wireless Power Management

$ nmcli connection modify "WiFi Home" wifi.powersave on

Options include on (aggressive power saving), off (no power saving), and default (let the system decide).

MAC Address Randomization

$ nmcli connection modify "Coffee Shop WiFi" wifi.cloned-mac-address random

This generates a random MAC address each time you connect, helping to prevent tracking across different wireless networks.

Network Configuration Automation

For system administrators managing multiple systems, automating network configuration is essential. Fedora 42 provides several approaches to network automation.

Scripting with nmcli

#!/bin/bash
# Example script to configure a standard workstation network
nmcli connection add type ethernet con-name "Office Network" ifname ens3 ipv4.method auto
nmcli connection modify "Office Network" connection.autoconnect yes
nmcli connection up "Office Network"

Ansible Integration

---
- name: Configure network on Fedora 42 systems
  hosts: fedora42
  tasks:
    - name: Create Ethernet connection
      community.general.nmcli:
        conn_name: Office Network
        ifname: ens3
        type: ethernet
        ip4: auto
        state: present
        autoconnect: yes

Installation-time Configuration

During Fedora 42 installation, you can pre-configure networking through Anaconda’s kickstart capabilities:

network --device=ens3 --bootproto=dhcp --hostname=fedora42-workstation.example.com

Specialized Network Setups

VPN Configuration

$ nmcli connection add type vpn vpn-type openvpn con-name "Office VPN" \
  vpn.data "connection-type=password,username=myuser,password-flags=2,remote=vpn.example.com"

Fedora 42 also supports WireGuard, IPsec, and other VPN technologies through NetworkManager plugins.

Mobile Broadband

$ nmcli connection add type gsm con-name "Mobile Internet" apn "internet.provider.com" \
  gsm.username "user" gsm.password "password"

Bluetooth Networking

$ nmcli connection add type bluetooth con-name "Phone Tether" bluetooth.bdaddr 12:34:56:78:90:AB

Troubleshooting Network Issues

Diagnostic Commands

$ nmcli device status                 # Check device status
$ nmcli connection show --active      # View active connections
$ ip addr show                        # Display IP addresses
$ ip route show                       # View routing table
$ ping -c 4 8.8.8.8                  # Test basic connectivity
$ dig example.com                     # Test DNS resolution

Reading NetworkManager Logs

$ journalctl -u NetworkManager

Look for error messages or warnings that might indicate configuration problems or hardware issues.

Common Issues and Solutions

No IP Address

  • Check physical connection (cables, WiFi signal)
  • Verify DHCP server is operational
  • Try static IP configuration temporarily

DNS Resolution Problems

  • Check DNS server settings: nmcli connection show "connection-name" | grep dns
  • Test with alternative DNS servers: nmcli connection modify "connection-name" ipv4.dns "1.1.1.1 8.8.8.8"
  • Check /etc/resolv.conf for correct entries

Interface Not Recognized

  • Check if driver is loaded: lspci -k | grep -A 3 Network
  • Update system: sudo dnf upgrade
  • Try loading module manually: sudo modprobe driver_name

Recovery from Broken Configurations

$ sudo rm /etc/NetworkManager/system-connections/broken-connection.nmconnection
$ sudo systemctl restart NetworkManager

This removes the problematic connection profile and restarts NetworkManager, allowing you to reconfigure the network from scratch.

Performance Tuning and Security

MTU Optimization

$ nmcli connection modify "Office Network" 802-3-ethernet.mtu 9000

Increasing the MTU can improve performance on networks that support jumbo frames, such as many data center environments.

TCP/IP Stack Tuning

$ sudo sysctl -w net.ipv4.tcp_rmem='4096 87380 6291456'
$ sudo sysctl -w net.ipv4.tcp_wmem='4096 16384 4194304'

These commands increase TCP receive and send buffer sizes, which can significantly improve throughput on high-bandwidth networks.

Quality of Service

$ sudo tc qdisc add dev ens3 root handle 1: htb default 12
$ sudo tc class add dev ens3 parent 1: classid 1:1 htb rate 100mbit
$ sudo tc class add dev ens3 parent 1:1 classid 1:10 htb rate 50mbit prio 1
$ sudo tc class add dev ens3 parent 1:1 classid 1:12 htb rate 50mbit prio 2

This creates a traffic control configuration that allocates bandwidth and priority to different traffic classes.

Securing Network Configuration

  • Ensure configuration files have correct permissions (0600)
  • Use encrypted connections when possible (WPA3 for wireless, TLS for services)
  • Configure firewall zones appropriately for different connections
  • Use DNS over TLS or DNS over HTTPS for enhanced privacy

For example, to enable DNS over TLS:

$ nmcli connection modify "Secure Network" ipv4.dns-over-tls yes

This encrypts DNS queries to protect against eavesdropping and manipulation.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!
Tags
r00t
Photo of r00t

r00t

r00t is an experienced Linux enthusiast and technical writer with a passion for open-source software. With years of hands-on experience in various Linux distributions, r00t has developed a deep understanding of the Linux ecosystem and its powerful tools. He holds certifications in SCE and has contributed to several open-source projects. r00t is dedicated to sharing her knowledge and expertise through well-researched and informative articles, helping others navigate the world of Linux with confidence.
Copyright © 2025 idroot.us | All Rights Reserved | Follow us for more Linux tutorials!
Back to top button