RHEL 9 Networking

Retiring ifcfg-rh

Quote from Red Hat Blog

In RHEL 9, /etc/sysconfig/network-scripts (also known as ifcfg files) will no longer be the primary storage for network configuration files. While the ifcfg style is still available, it is no longer the default location where NetworkManager stores new network profiles.

Historically, various Linux distributions have spread interface configurations over many places: Debian and its derivatives traditionally use /etc/network/interfaces, CentOS and related distros use /etc/sysconfig/network-scripts, and so on. With more distros adopting NetworkManager, keyfiles in /etc/NetworkManager/system-connections have become the canonical place for network connections on Linux.

NetworkManager Plugins

Even if plugins is explicitly set to ifcfg-rh, keyfile is still loaded with lowest priority.

Note that NetworkManager’s native keyfile plugin is always appended to the end of this list (if it doesn’t already appear earlier in the list).

settings: Loaded settings plugin: ifcfg-rh ("/usr/lib64/NetworkManager/...")
settings: Loaded settings plugin: keyfile (internal)

Given the configuration plugins=ifcfg-rh, and rd.neednet=1 (cmdline), preference order is pre-existing connections (e.g. Wired Connection), ifcfg-rh (e.g. System eth0), keyfile (e.g. eth0). Unsetting plugins makes it the default keyfile,ifcfg-rh, reversing preference of the last two.

NetworkManager Configuration

You can configure multiple connection or device sections by having different sections with a name that all start with “connection” or “device”. For example,

[connection]
ipv6.ip6-privacy=0
connection.autoconnect-slaves=1
vpn.timeout=120
 
[connection-wifi-wlan0]
match-device=interface-name:wlan0
ipv4.route-metric=50
 
[connection-wifi-other]
match-device=type:wifi
ipv4.route-metric=55
ipv6.ip6-privacy=1

Auto Config

Prevent generation of in-memory connection

On startup, NetworkManager tries to not interfere with interfaces that are already configured. It does so by generating a in-memory connection based on the interface current configuration.

To let NetworkManager interfere with pre-existing configured interfaces, add

# /etc/NetworkManager/conf.d/20-discard-eth0-config.conf
[device]
match-device=interface-name:eth0
keep-configuration=no

This alone does not apply to connections generated by nm-initrd-generator during early boot, which is native to NetworkManager.

nm-initrd-generator

nm-initrd-generator creates configuration files for an early instance of NetworkManager run from the initial ramdisk.

dracut.cmdline(7) describes all kernel command line parameters processed by dracut. When netroot or rd.neednet is set, a “Wired Connection” is created with a random UUID in /var/run/NetworkManager/system-connections.

sudo cat /var/run/NetworkManager/system-connections/default_connection.nmconnection
# Created by nm-initrd-generator

[connection]
id=Wired Connection
uuid=xxx-...
type=ethernet
autoconnect-priority=-100
autoconnect-retries=1
multi-connect=3
wait-device-timeout=60000

[ethernet]

[ipv4]
dhcp-timeout=10
method=auto
required-timeout=20000

[ipv6]
dhcp-timeout=10
method=auto

[proxy]

[user]
org.freedesktop.NetworkManager.origin=nm-initrd-generator

To let NetworkManager re-configure interfaces after switch root, add

# /etc/NetworkManager/conf.d/20-discard-eth0-config.conf
[device-eth0]
match-device=interface-name:eth0
keep-configuration=no
allowed-connections=except:origin:nm-initrd-generator

References

• https://www.redhat.com/en/blog/rhel-9-networking-say-goodbye-ifcfg-files-and-hello-keyfiles
• https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/685
• https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/commit/bace14fe1f374db26e49e4e7d61d2fbfce4241cc