← All chapters · Book · Repository
Chapter 10: Networking Answers
Red Hat RHCSA 10 Study Companion: Getting Ready for the EX200 Exam by Andrey Markelov (May 2026).
Topics
- Network interface configuration
- NetworkManager (nmcli)
- Static and DHCP configurations
- Hostname and DNS management
- Firewall configuration (firewall-cmd)
exercise_01.sh
executable safe: yes#!/bin/bash
# @type: executable
# @requires: none
# @safe: yes
set -euo pipefail
# Exercise 1: Use the ip a command to list all network interfaces.
# Identify the IP address, netmask (in CIDR format), and MAC address for your primary Ethernet interface.
#
# Task: Display network interface information.
ip addr show
exercise_02.sh
executable safe: yes#!/bin/bash
# @type: executable
# @requires: none
# @safe: yes
set -euo pipefail
# Exercise 2: Use the ip route show command to display the system's current routing table.
# Identify the default gateway and its associated metric.
#
# Task: Display routing table with gateway information.
ip route show
exercise_03.sh
executable safe: yes#!/bin/bash
# @type: executable
# @requires: none
# @safe: yes
set -euo pipefail
# Exercise 3: Use nmcli con show to list all available NetworkManager connection profiles.
# Identify which connections are currently active and on which devices.
#
# Task: List all NetworkManager connections and their status.
nmcli connection show
exercise_04.sh
executable safe: yes#!/bin/bash
# @type: executable
# @requires: none
# @safe: yes
set -euo pipefail
# Exercise 4: Use nmcli to display all properties for your primary active connection.
# Note the ipv4.method value.
#
# Task: Display detailed connection properties.
# Get the active connection name
ACTIVE_CON=$(nmcli -t -f NAME,DEVICE connection show --active | head -n1 | cut -d: -f1)
echo "Displaying properties for: $ACTIVE_CON"
echo ""
nmcli con show "$ACTIVE_CON"
exercise_05.sh
executable safe: no requires: root#!/bin/bash
# @type: executable
# @requires: root
# @safe: no
set -euo pipefail
# Exercise 5: Add a new, persistent NetworkManager connection named lab-dhcp
# for your second (likely disconnected) Ethernet interface.
# Ensure it is configured to get an IP address automatically via DHCP and to autoconnect.
#
# Task: Create a new DHCP-based network connection.
#
# Note: Replace 'enp8s0' with your actual second network interface name.
# You may need to identify your second interface first with: ip link show
sudo nmcli con add con-name lab-dhcp type ethernet ifname enp8s0 \
ipv4.method auto \
connection.autoconnect yes
echo ""
echo "Connection 'lab-dhcp' created."
nmcli connection show
exercise_06.sh
executable safe: no requires: root#!/bin/bash
# @type: executable
# @requires: root
# @safe: no
set -euo pipefail
# Exercise 6: Create a new, persistent connection named static1 for your primary interface.
# Configure it with the following manual settings:
# IP Address: 192.168.122.55/24
# Gateway: 192.168.122.1
# DNS Server: 8.8.8.8
# Autoconnect: no
#
# Task: Create a static IP network configuration.
#
# Note: Replace 'enp1s0' with your actual primary interface name.
sudo nmcli con add con-name static1 type ethernet ifname enp1s0 \
ipv4.method manual \
ipv4.addresses 192.168.122.55/24 \
ipv4.gateway 192.168.122.1 \
ipv4.dns 8.8.8.8 \
connection.autoconnect no
echo ""
echo "Connection 'static1' created successfully."
nmcli connection show
exercise_07.sh
executable safe: no requires: root#!/bin/bash
# @type: executable
# @requires: root
# @safe: no
set -euo pipefail
# Exercise 7: Bring the static1 connection up.
# Use ip a and ip route to verify that the static IP and new default gateway are active.
#
# Task: Activate a network connection and verify its status.
sudo nmcli con up static1
echo ""
echo "=== IP Address Information ==="
ip a
echo ""
echo "=== Routing Table ==="
ip route
exercise_08.sh
executable safe: no requires: root#!/bin/bash
# @type: executable
# @requires: root
# @safe: no
set -euo pipefail
# Exercise 8: Add a second IP address, 10.10.10.55/24, to your active static1 connection.
# Do not remove the original 192.168.122.55/24 address.
# Verify with ip a that the interface now has both IP addresses.
#
# Task: Add a secondary IP address to an existing connection.
sudo nmcli con mod static1 +ipv4.addresses 10.10.10.55/24
sudo nmcli con up static1
echo ""
echo "Verifying both IP addresses:"
ip a show enp1s0
exercise_09.sh
executable safe: no requires: root#!/bin/bash
# @type: executable
# @requires: root
# @safe: no
set -euo pipefail
# Exercise 9: Change your system's persistent hostname to server15.test.local.
#
# Task: Set a new system hostname.
sudo hostnamectl set-hostname server15.test.local
echo "Hostname changed to server15.test.local"
echo "Please re-open your shell session to see the change."
echo ""
echo "Current hostname:"
hostnamectl
exercise_10.sh
executable safe: no requires: root#!/bin/bash
# @type: executable
# @requires: root
# @safe: no
set -euo pipefail
# Exercise 10: Edit the /etc/hosts file to add a new entry.
# The entry should map the IP address 192.168.122.55 to the hostnames web55.test.local and web55.
#
# Task: Add a hosts file entry.
echo "192.168.122.55 web55.test.local web55" | sudo tee -a /etc/hosts
echo ""
echo "Entry added to /etc/hosts:"
grep "web55" /etc/hosts
exercise_11.sh
executable safe: no requires: root#!/bin/bash
# @type: executable
# @requires: root
# @safe: no
set -euo pipefail
# Exercise 11: Modify your active connection profile to use the static DNS servers 8.8.8.8 and 8.8.4.4
#
# Task: Configure custom DNS servers for a network connection.
# Get the active connection name
ACTIVE_CON=$(nmcli -t -f NAME,DEVICE connection show --active | grep -v '^lo:' | head -n1 | cut -d: -f1)
echo "Modifying connection: $ACTIVE_CON"
sudo nmcli con mod "$ACTIVE_CON" ipv4.dns "8.8.8.8 8.8.4.4"
sudo nmcli con up "$ACTIVE_CON"
echo ""
echo "DNS servers configured. Contents of /etc/resolv.conf:"
cat /etc/resolv.conf
exercise_12.sh
executable safe: no requires: root#!/bin/bash
# @type: executable
# @requires: root
# @safe: no
set -euo pipefail
# Exercise 12: Modify the same connection profile to set ipv4.ignore-auto-dns to yes.
# Reactivate the connection and then inspect the /etc/resolv.conf file
# to ensure only your manually set DNS servers are present.
#
# Task: Ignore DHCP-provided DNS servers and use only manually configured ones.
# Get the active connection name
ACTIVE_CON=$(nmcli -t -f NAME,DEVICE connection show --active | grep -v '^lo:' | head -n1 | cut -d: -f1)
echo "Modifying connection: $ACTIVE_CON"
sudo nmcli con mod "$ACTIVE_CON" ipv4.ignore-auto-dns yes
sudo nmcli con up "$ACTIVE_CON"
echo ""
echo "Auto-DNS ignored. Contents of /etc/resolv.conf:"
cat /etc/resolv.conf
exercise_13.sh
executable safe: no requires: root#!/bin/bash
# @type: executable
# @requires: root
# @safe: no
set -euo pipefail
# Exercise 13: Add the http service to the default zone's runtime configuration.
# Verify it is listed. Then, reload the firewall using firewall-cmd --reload
# and verify that the http service is now gone (because it was not permanent).
#
# Task: Demonstrate temporary vs permanent firewall rules.
echo "Adding http service temporarily..."
sudo firewall-cmd --add-service=http
echo ""
echo "Current services (runtime):"
sudo firewall-cmd --list-services
echo ""
echo "Reloading firewall..."
sudo firewall-cmd --reload
echo ""
echo "Services after reload (http should be gone):"
sudo firewall-cmd --list-services
exercise_14.sh
executable safe: no requires: root#!/bin/bash
# @type: executable
# @requires: root
# @safe: no
set -euo pipefail
# Exercise 14: Permanently add TCP port 8080 to the public zone.
# Reload the firewall and verify that the port is now active in the runtime configuration.
#
# Task: Add a permanent firewall rule for a custom port.
sudo firewall-cmd --zone=public --add-port=8080/tcp --permanent
echo "Port 8080/tcp added permanently."
echo ""
echo "Reloading firewall..."
sudo firewall-cmd --reload
echo ""
echo "Open ports in public zone:"
sudo firewall-cmd --zone=public --list-ports