How to configure static IP in Linux - Networking Basics Guide

How to Configure Static IP in Linux: Complete Guide for All Distributions Configuring a static IP address in Linux is a fundamental networking task that system administrators and users frequently need to perform. Unlike dynamic IP addresses assigned by DHCP servers, static IP addresses remain constant, making them essential for servers, network devices, and systems that require consistent network identification. This comprehensive guide will walk you through multiple methods to configure static IP addresses across different Linux distributions, from modern Ubuntu systems using netplan to traditional Red Hat-based distributions using network scripts. Table of Contents - [Understanding Static vs Dynamic IP Addresses](#understanding-static-vs-dynamic-ip-addresses) - [Prerequisites and Network Information](#prerequisites-and-network-information) - [Method 1: Using NetworkManager (GUI and CLI)](#method-1-using-networkmanager-gui-and-cli) - [Method 2: Ubuntu/Debian with Netplan](#method-2-ubuntudebian-with-netplan) - [Method 3: Red Hat/CentOS/Fedora Configuration](#method-3-red-hatcentosfedora-configuration) - [Method 4: Manual Configuration with ip Command](#method-4-manual-configuration-with-ip-command) - [Method 5: Legacy Systems Using /etc/network/interfaces](#method-5-legacy-systems-using-etcnetworkinterfaces) - [Verification and Testing](#verification-and-testing) - [Troubleshooting Common Issues](#troubleshooting-common-issues) - [Best Practices and Security Considerations](#best-practices-and-security-considerations) - [Advanced Configuration Scenarios](#advanced-configuration-scenarios) - [Automation and Scripting](#automation-and-scripting) - [Conclusion](#conclusion) Understanding Static vs Dynamic IP Addresses What is a Static IP Address? A static IP address is a fixed network address that doesn't change over time. It's manually configured and remains constant until explicitly modified. Static IPs are crucial for: - Servers and services that need consistent network addresses - Port forwarding configurations - Network security policies and firewall rules - Remote access scenarios where IP changes would disrupt connections Benefits of Static IP Configuration - Reliability: Consistent network addressing for critical services - Easier remote access: No need to track changing IP addresses - Network management: Simplified monitoring and maintenance - Service hosting: Essential for web servers, databases, and other network services When to Use Static IPs Static IP addresses are recommended for: - Web servers and application servers - Database servers - Network infrastructure devices - Development and testing environments - Systems requiring specific firewall rules - Remote access servers (SSH, VPN endpoints) Prerequisites and Network Information Before configuring a static IP address, gather the following network information: Required Network Parameters - IP Address: The static address you want to assign (e.g., 192.168.1.100) - Subnet Mask: Network mask (e.g., 255.255.255.0 or /24) - Default Gateway: Router's IP address (e.g., 192.168.1.1) - DNS Servers: Primary and secondary DNS servers (e.g., 8.8.8.8, 8.8.4.4) - Network Interface Name: Interface identifier (e.g., eth0, enp3s0, wlan0) Identifying Your Network Interface First, identify your network interface name: ```bash List all network interfaces ip addr show Alternative command ip link show Using older ifconfig command ifconfig -a ``` Example output: ``` 2: enp3s0: mtu 1500 qdisc pfifo_fast state UP inet 192.168.1.50/24 brd 192.168.1.255 scope global dynamic enp3s0 ``` Getting Current Network Information ```bash Check current IP and routing ip route show default ip addr show Check DNS servers cat /etc/resolv.conf Check gateway route -n ``` Method 1: Using NetworkManager (GUI and CLI) NetworkManager is the default network management service on many modern Linux distributions, including Ubuntu, Fedora, and CentOS 7+. GUI Configuration 1. Open Network Settings: - Ubuntu: Settings → Network - GNOME: Activities → Settings → Network - KDE: System Settings → Network → Connections 2. Select Your Connection: - Click on the gear icon next to your network connection - Navigate to the IPv4 tab 3. Configure Static IP: - Change method from "Automatic (DHCP)" to "Manual" - Add your network configuration: - Address: 192.168.1.100 - Netmask: 255.255.255.0 - Gateway: 192.168.1.1 - DNS: 8.8.8.8, 8.8.4.4 4. Apply Changes: - Click "Apply" and restart the network connection CLI Configuration with nmcli NetworkManager's command-line interface provides powerful configuration options: ```bash List available connections nmcli connection show Show detailed connection information nmcli connection show "Wired connection 1" Modify existing connection (replace "Wired connection 1" with your connection name) nmcli connection modify "Wired connection 1" \ ipv4.method manual \ ipv4.addresses 192.168.1.100/24 \ ipv4.gateway 192.168.1.1 \ ipv4.dns "8.8.8.8,8.8.4.4" Apply the changes nmcli connection up "Wired connection 1" ``` Creating a New Static Connection ```bash Create new static connection nmcli connection add \ type ethernet \ con-name "static-connection" \ ifname enp3s0 \ ipv4.method manual \ ipv4.addresses 192.168.1.100/24 \ ipv4.gateway 192.168.1.1 \ ipv4.dns "8.8.8.8,8.8.4.4" Activate the connection nmcli connection up "static-connection" Set connection to auto-connect nmcli connection modify "static-connection" connection.autoconnect yes ``` Advanced NetworkManager Configuration ```bash Add multiple IP addresses nmcli connection modify "static-connection" \ +ipv4.addresses 192.168.1.101/24 Configure search domains nmcli connection modify "static-connection" \ ipv4.dns-search "example.com,local.domain" Set connection priority nmcli connection modify "static-connection" \ connection.autoconnect-priority 1 ``` Method 2: Ubuntu/Debian with Netplan Ubuntu 18.04+ uses netplan for network configuration, which generates configuration for NetworkManager or systemd-networkd. Configuring Netplan 1. Navigate to netplan directory: ```bash cd /etc/netplan/ ls -la ``` 2. Edit the configuration file (usually named like `01-network-manager-all.yaml` or `50-cloud-init.yaml`): ```bash sudo nano /etc/netplan/01-network-manager-all.yaml ``` 3. Configure static IP with proper YAML syntax: ```yaml network: version: 2 renderer: networkd ethernets: enp3s0: dhcp4: no addresses: - 192.168.1.100/24 gateway4: 192.168.1.1 nameservers: addresses: - 8.8.8.8 - 8.8.4.4 ``` 4. Apply the configuration: ```bash Test the configuration sudo netplan try Apply permanently sudo netplan apply ``` Advanced Netplan Configuration For more complex setups: ```yaml network: version: 2 renderer: networkd ethernets: enp3s0: dhcp4: no dhcp6: no addresses: - 192.168.1.100/24 - 192.168.1.101/24 # Secondary IP gateway4: 192.168.1.1 nameservers: addresses: - 8.8.8.8 - 8.8.4.4 - 1.1.1.1 search: - example.com routes: - to: 10.0.0.0/8 via: 192.168.1.254 metric: 100 ``` Netplan with NetworkManager Renderer ```yaml network: version: 2 renderer: NetworkManager ethernets: enp3s0: dhcp4: no addresses: - 192.168.1.100/24 gateway4: 192.168.1.1 nameservers: addresses: - 8.8.8.8 - 8.8.4.4 ``` Method 3: Red Hat/CentOS/Fedora Configuration Red Hat-based distributions traditionally use network scripts in `/etc/sysconfig/network-scripts/`. Configuring Network Scripts 1. Navigate to network scripts directory: ```bash cd /etc/sysconfig/network-scripts/ ``` 2. Edit the interface configuration file: ```bash sudo nano ifcfg-enp3s0 ``` 3. Configure static IP settings: ```bash Static IP configuration TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=static DEFROUTE=yes IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_FAILURE_FATAL=no NAME=enp3s0 UUID=12345678-1234-1234-1234-123456789012 DEVICE=enp3s0 ONBOOT=yes Static IP settings IPADDR=192.168.1.100 NETMASK=255.255.255.0 GATEWAY=192.168.1.1 DNS1=8.8.8.8 DNS2=8.8.4.4 ``` 4. Restart networking service: ```bash For CentOS/RHEL 7+ sudo systemctl restart NetworkManager For older systems sudo service network restart Alternative method sudo ifdown enp3s0 && sudo ifup enp3s0 ``` Using nmtui (Text-based GUI) Red Hat systems also provide `nmtui`, a text-based interface: ```bash sudo nmtui ``` Navigate through the interface to: 1. Select "Edit a connection" 2. Choose your network interface 3. Set IPv4 configuration to "Manual" 4. Enter your static IP settings 5. Save and exit Advanced Red Hat Configuration ```bash Configure additional routes echo "10.0.0.0/8 via 192.168.1.254 dev enp3s0" >> /etc/sysconfig/network-scripts/route-enp3s0 Configure interface aliases sudo nano /etc/sysconfig/network-scripts/ifcfg-enp3s0:1 ``` Add the following for alias interface: ```bash DEVICE=enp3s0:1 BOOTPROTO=static IPADDR=192.168.1.101 NETMASK=255.255.255.0 ONBOOT=yes ``` Method 4: Manual Configuration with ip Command The `ip` command provides temporary network configuration that doesn't persist across reboots. Setting Static IP Temporarily ```bash Remove existing IP address sudo ip addr flush dev enp3s0 Add static IP address sudo ip addr add 192.168.1.100/24 dev enp3s0 Bring interface up sudo ip link set enp3s0 up Add default route sudo ip route add default via 192.168.1.1 Add specific routes sudo ip route add 10.0.0.0/8 via 192.168.1.254 ``` Advanced ip Command Usage ```bash Add multiple IP addresses sudo ip addr add 192.168.1.101/24 dev enp3s0 sudo ip addr add 192.168.1.102/24 dev enp3s0 Check current configuration ip addr show enp3s0 ip route show Remove specific route sudo ip route del 10.0.0.0/8 via 192.168.1.254 Add route with specific metric sudo ip route add 0.0.0.0/0 via 192.168.1.1 metric 100 ``` Configuring DNS ```bash Temporarily modify DNS settings sudo nano /etc/resolv.conf ``` Add DNS servers: ``` nameserver 8.8.8.8 nameserver 8.8.4.4 search example.com ``` Note: This method is temporary and will be lost after reboot. Use it for testing or temporary configurations. Method 5: Legacy Systems Using /etc/network/interfaces Older Debian/Ubuntu systems use the `/etc/network/interfaces` file for network configuration. Configuring interfaces File 1. Edit the interfaces file: ```bash sudo nano /etc/network/interfaces ``` 2. Add static IP configuration: ```bash Loopback interface auto lo iface lo inet loopback Static IP configuration auto enp3s0 iface enp3s0 inet static address 192.168.1.100 netmask 255.255.255.0 gateway 192.168.1.1 dns-nameservers 8.8.8.8 8.8.4.4 dns-search example.com ``` 3. Restart networking: ```bash sudo systemctl restart networking or sudo /etc/init.d/networking restart ``` Advanced Interface Configuration ```bash Multiple IP addresses auto enp3s0 iface enp3s0 inet static address 192.168.1.100 netmask 255.255.255.0 gateway 192.168.1.1 dns-nameservers 8.8.8.8 8.8.4.4 Secondary IP auto enp3s0:1 iface enp3s0:1 inet static address 192.168.1.101 netmask 255.255.255.0 Post-up and pre-down scripts auto enp3s0 iface enp3s0 inet static address 192.168.1.100 netmask 255.255.255.0 gateway 192.168.1.1 post-up route add -net 10.0.0.0 netmask 255.0.0.0 gw 192.168.1.254 pre-down route del -net 10.0.0.0 netmask 255.0.0.0 gw 192.168.1.254 ``` Verification and Testing After configuring your static IP, verify the settings work correctly: Checking IP Configuration ```bash Display current IP configuration ip addr show enp3s0 Check routing table ip route show Verify DNS configuration cat /etc/resolv.conf Show network statistics cat /proc/net/dev Display ARP table ip neighbor show ``` Testing Connectivity ```bash Test local network connectivity ping -c 4 192.168.1.1 Test internet connectivity ping -c 4 8.8.8.8 Test DNS resolution nslookup google.com dig google.com Test specific ports telnet google.com 80 nc -zv google.com 80 Trace route to destination traceroute google.com mtr google.com ``` Checking Service Status ```bash NetworkManager status systemctl status NetworkManager systemd-networkd status (for netplan systems) systemctl status systemd-networkd Check active connections nmcli connection show --active View systemd network configuration networkctl status ``` Troubleshooting Common Issues Issue 1: No Internet Access After Configuration Symptoms: Can ping local network but not internet Solutions: ```bash Check default route ip route show default Add missing default route sudo ip route add default via 192.168.1.1 Verify DNS settings cat /etc/resolv.conf Test gateway connectivity ping 192.168.1.1 Check firewall rules sudo iptables -L sudo ufw status ``` Issue 2: DNS Resolution Problems Symptoms: Can ping IP addresses but not domain names Solutions: ```bash Check DNS configuration systemd-resolve --status Flush DNS cache sudo systemd-resolve --flush-caches Test specific DNS server nslookup google.com 8.8.8.8 Check /etc/hosts file cat /etc/hosts Verify DNS service systemctl status systemd-resolved ``` Issue 3: Configuration Doesn't Persist Symptoms: Settings reset after reboot Solutions: ```bash Check which network management service is active systemctl list-unit-files | grep -E "(NetworkManager|systemd-networkd|networking)" Ensure proper service is enabled sudo systemctl enable NetworkManager sudo systemctl enable systemd-networkd Check for conflicting configurations nmcli connection show Verify file permissions ls -la /etc/netplan/ ls -la /etc/NetworkManager/system-connections/ ``` Issue 4: Interface Not Coming Up Symptoms: Network interface remains down Solutions: ```bash Check interface status ip link show enp3s0 Bring interface up manually sudo ip link set enp3s0 up Check for hardware issues dmesg | grep enp3s0 Verify cable connection and switch port ethtool enp3s0 Check kernel modules lsmod | grep -E "(e1000|rtl|broadcom)" Reload network drivers sudo modprobe -r e1000e && sudo modprobe e1000e ``` Issue 5: IP Address Conflicts Symptoms: Duplicate IP address messages in logs Solutions: ```bash Check for IP conflicts arping -D -I enp3s0 192.168.1.100 Scan network for duplicate IPs nmap -sn 192.168.1.0/24 | grep 192.168.1.100 Check DHCP reservations cat /var/lib/dhcp/dhclient.leases Use different IP address from available range ``` Best Practices and Security Considerations IP Address Planning - Use private IP ranges: 10.x.x.x, 172.16-31.x.x, 192.168.x.x - Avoid conflicts: Ensure static IPs don't overlap with DHCP ranges - Document assignments: Keep records of static IP allocations - Plan for growth: Reserve IP ranges for future expansion Network Security Configuration ```bash Configure firewall rules for static IPs sudo ufw allow from 192.168.1.0/24 sudo ufw enable Restrict SSH access to specific IPs sudo nano /etc/ssh/sshd_config Add: AllowUsers admin@192.168.1.100 Configure fail2ban for SSH protection sudo apt install fail2ban sudo systemctl enable fail2ban ``` Performance Optimization ```bash Optimize network interface settings sudo ethtool -K enp3s0 gro on sudo ethtool -K enp3s0 gso on Set MTU size for optimal performance sudo ip link set enp3s0 mtu 1500 Configure network buffer sizes echo 'net.core.rmem_max = 16777216' | sudo tee -a /etc/sysctl.conf echo 'net.core.wmem_max = 16777216' | sudo tee -a /etc/sysctl.conf ``` Network Monitoring ```bash Monitor network interface statistics watch -n 1 'cat /proc/net/dev' Check connection status ss -tuln Monitor network traffic sudo iftop -i enp3s0 sudo nethogs enp3s0 Network performance testing iperf3 -c server_ip ``` Backup and Recovery Always backup your network configuration before making changes: ```bash Backup NetworkManager connections sudo cp -r /etc/NetworkManager/system-connections/ /backup/ Backup netplan configuration sudo cp -r /etc/netplan/ /backup/ Backup network scripts sudo cp -r /etc/sysconfig/network-scripts/ /backup/ Create restoration script cat << 'EOF' > restore_network.sh #!/bin/bash sudo cp -r /backup/netplan/* /etc/netplan/ sudo netplan apply echo "Network configuration restored" EOF chmod +x restore_network.sh ``` Advanced Configuration Scenarios Bonding Multiple Network Interfaces Network bonding combines multiple network interfaces for redundancy and increased throughput: ```yaml Netplan bonding configuration network: version: 2 ethernets: enp3s0: dhcp4: false enp4s0: dhcp4: false bonds: bond0: interfaces: [enp3s0, enp4s0] parameters: mode: active-backup primary: enp3s0 addresses: - 192.168.1.100/24 gateway4: 192.168.1.1 nameservers: addresses: [8.8.8.8, 8.8.4.4] ``` VLAN Configuration Configure VLAN interfaces for network segmentation: ```yaml Netplan VLAN configuration network: version: 2 ethernets: enp3s0: dhcp4: false vlans: vlan100: id: 100 link: enp3s0 addresses: - 192.168.100.10/24 vlan200: id: 200 link: enp3s0 addresses: - 192.168.200.10/24 ``` Bridge Configuration Create bridge interfaces for virtualization or container networking: ```yaml Netplan bridge configuration network: version: 2 ethernets: enp3s0: dhcp4: false bridges: br0: interfaces: [enp3s0] addresses: - 192.168.1.100/24 gateway4: 192.168.1.1 nameservers: addresses: [8.8.8.8] ``` Automation and Scripting Network Configuration Script Create automated scripts for network configuration: ```bash #!/bin/bash network_config.sh - Automated static IP configuration INTERFACE="enp3s0" IP_ADDRESS="192.168.1.100/24" GATEWAY="192.168.1.1" DNS_SERVERS="8.8.8.8,8.8.4.4" Function to configure NetworkManager configure_networkmanager() { echo "Configuring NetworkManager..." nmcli connection modify "$1" \ ipv4.method manual \ ipv4.addresses "$IP_ADDRESS" \ ipv4.gateway "$GATEWAY" \ ipv4.dns "$DNS_SERVERS" nmcli connection up "$1" } Function to configure Netplan configure_netplan() { echo "Configuring Netplan..." cat > /etc/netplan/01-static-ip.yaml << EOF network: version: 2 renderer: networkd ethernets: $INTERFACE: dhcp4: no addresses: - $IP_ADDRESS gateway4: $GATEWAY nameservers: addresses: - 8.8.8.8 - 8.8.4.4 EOF netplan apply } Detect distribution and configure accordingly if command -v nmcli &> /dev/null; then CONNECTION=$(nmcli -t -f NAME connection show --active | head -1) configure_networkmanager "$CONNECTION" elif [ -d "/etc/netplan" ]; then configure_netplan else echo "Unsupported network configuration method" exit 1 fi echo "Network configuration completed successfully!" ``` Validation Script ```bash #!/bin/bash validate_network.sh - Network configuration validation validate_ip() { local ip=$1 if ping -c 1 "$ip" &> /dev/null; then echo "✓ $ip is reachable" return 0 else echo "✗ $ip is not reachable" return 1 fi } validate_dns() { local domain=$1 if nslookup "$domain" &> /dev/null; then echo "✓ DNS resolution for $domain works" return 0 else echo "✗ DNS resolution for $domain failed" return 1 fi } echo "Network Configuration Validation" echo "================================" Check interface status echo "Interface Status:" ip addr show | grep -E "(enp|eth|wlan)" | grep "state UP" echo -e "\nConnectivity Tests:" validate_ip "8.8.8.8" validate_ip "1.1.1.1" echo -e "\nDNS Resolution Tests:" validate_dns "google.com" validate_dns "github.com" echo -e "\nRouting Information:" ip route show default echo -e "\nDNS Configuration:" cat /etc/resolv.conf | grep nameserver ``` Conclusion Configuring static IP addresses in Linux is an essential skill for system administrators and users managing servers or network services. This comprehensive guide covered multiple methods across different Linux distributions and scenarios: - NetworkManager: Modern, user-friendly approach for desktop and server systems with both GUI and CLI options - Netplan: Ubuntu's modern configuration system with YAML syntax, supporting advanced networking features - Network Scripts: Traditional Red Hat/CentOS configuration method using interface configuration files - Manual IP commands: Temporary configuration for testing and troubleshooting scenarios - Legacy interfaces file: Older Debian/Ubuntu systems using traditional configuration methods Key Takeaways 1. Choose the appropriate method based on your Linux distribution and specific requirements 2. Always gather network information before starting configuration to avoid connectivity issues 3. Test thoroughly after making changes to ensure proper network functionality 4. Follow security best practices including firewall configuration and access restrictions 5. Maintain proper documentation and backups of working configurations 6. Use automation scripts for consistent and repeatable network deployments Advanced Considerations Modern network configuration in Linux has evolved significantly with the introduction of systemd-networkd and netplan, providing more sophisticated networking capabilities. Understanding multiple configuration methods ensures you can work effectively across different environments and distributions. Whether you're configuring a single server or managing a complex network infrastructure, the principles and methods outlined in this guide provide a solid foundation for Linux network administration. Remember that network configuration is critical infrastructure – always test changes in a controlled environment before applying them to production systems. The networking landscape continues to evolve with containerization, cloud computing, and software-defined networking. However, the fundamental concepts of IP addressing, routing, and DNS resolution remain constant, making these configuration skills valuable for any Linux administrator or user. For ongoing network management, consider implementing monitoring and automation tools to maintain network health and quickly identify issues. Regular backup of network configurations and documentation of changes will save significant time during troubleshooting and disaster recovery scenarios.