Skip to Content

Choosing Your Network Tool: The Key Differences Between nmstatectl and nmcli

By: Author David Cao

Posted on Last updated:

0 Comments

Categories DevOps

In the ever-evolving landscape of network management, having the right tools at your disposal is crucial for ensuring seamless connectivity and efficient resource utilization.

Two powerful command-line utilities, nmstatectl and nmcli, are at the forefront of managing network configurations in Red Hat Enterprise Linux (RHEL). While both tools serve the essential purpose of configuring and monitoring network connections, they approach this task in fundamentally different ways.

In this article, we will explore the key differences between nmstatectl and nmcli, highlighting their unique methodologies, strengths, and ideal use cases.

Whether you’re an experienced system administrator or just starting your journey in network management, understanding these distinctions will empower you to choose the right tool for your specific needs, enhancing both your productivity and the reliability of your network.

Get Your Free Linux training!

Join our free Linux training and discover the power of open-source technology. Enhance your skills and boost your career! Learn Linux for Free!

1. Declarative vs. Imperative Approach

  • nmstatectl uses a declarative approach, where you define the desired network state in a configuration file (typically in YAML format), and the tool ensures that the system reaches that state.
  • nmcli, on the other hand, employs an imperative approach. You execute individual commands to make specific changes to the network configuration.

2. Configuration Format and Complexity

  • nmstatectl relies on YAML or JSON files to define the complete network configuration, including interfaces, IP addresses, routes, DNS settings, and more. This allows for complex configurations to be managed in a structured manner.
  • nmcli uses a series of commands with arguments and options. While this can be flexible, it can become cumbersome for managing intricate network setups.

3. Atomicity and Transactional Operations

  • nmstatectl ensures atomicity, meaning that either all changes in a configuration file are applied successfully, or none are. It also supports transactional operations, allowing for rollbacks in case of errors. This ensures network stability and avoids partial configurations.
  • nmcli executes commands individually, and there’s no built-in mechanism for atomic operations or rollbacks.

4. Use Cases

  • nmstatectl is well-suited for:
    • Automating network configurations: Define the network state in YAML files and apply them consistently across multiple systems.
    • Ensuring consistent and reliable network state: The declarative model and atomicity features guarantee the desired network configuration.
    • Managing complex network setups: YAML/JSON files provide a structured way to handle numerous interfaces, routes, and other settings.
  • nmcli is often used for:
    • Ad-hoc network changes: Quickly modify settings like IP addresses, DNS servers, or connection status.
    • Interactive configuration: The nmcli interactive editor allows for step-by-step configuration.
    • Troubleshooting and diagnostics: nmcli provides commands to view network status, connection details, and device information.

5. Integration with Other Tools

  • nmstatectl can be integrated with tools like Ansible and the network RHEL system role for automated network management.
  • nmcli is also commonly used in scripts and automation workflows.

In summary

Feature nmstatectl nmcli
Approach Declarative Imperative
Configuration YAML/JSON files Individual commands
Atomicity Yes No
Rollbacks Supported Not directly supported
Use Cases Automation, consistency, complex setups Ad-hoc changes, interactive config, troubleshooting

Note: The comparison provided here is based on the information available in the provided sources. It’s possible that there might be additional nuances or features not covered in the source material.

Example Scenario: Configuring Network Bonding for Redundancy and Increased Throughput

Network bonding, also known as link aggregation, allows you to combine multiple physical network interfaces into a single logical interface, providing redundancy in case of a link failure and potentially increasing throughput. Let’s consider how you could achieve this using both nmcli and nmstatectl.

Using nmcli (Imperative Approach)

  1. Identify the Network Interfaces: Begin by identifying the network interfaces you want to bond. You can use the nmcli device status or ip link show command to list available devices. Let’s assume you have two Ethernet interfaces, enp7s0 and enp8s0, that you want to aggregate.
  2. Create the Bond Interface: Use nmcli to create a bond connection profile: 
    # nmcli connection add type bond con-name bond0 ifname bond0
  3. Configure Bond Properties: Set bond properties, such as the bonding mode, using nmcli connection modify: 
    # nmcli connection modify bond0 bond.mode active-backup

    Here, active-backup mode designates one interface as active, while the other acts as a standby.

  4. Add Interfaces to the Bond: Create or modify connection profiles for the interfaces you want to add to the bond. Specify the bond interface (bond0) as the controller: 
    # nmcli connection add type ethernet port-type bond con-name bond0-port1 ifname enp7s0 controller bond0
# nmcli connection add type ethernet port-type bond con-name bond0-port2 ifname enp8s0 controller bond0

    This associates the Ethernet interfaces with the bond.

  5. Activate the Connections: Activate the bond connection and the associated interface connections: 
    # nmcli connection up bond0
# nmcli connection up bond0-port1
# nmcli connection up bond0-port2
  6. Verification: Verify the bond configuration using commands like nmcli connection show bond0, ip link show bond0, or cat /proc/net/bonding/bond0.

Using nmstatectl (Declarative Approach)

  1. Define the Desired State in YAML: Create a YAML file (e.g., create-bond.yml) that describes the complete bond configuration, including interfaces, bonding mode, and any IP or DNS settings. Here’s an example: 
    ---
interfaces:
- name: bond0
  type: bond
  state: up
  bond:
    options:
      mode: active-backup
    port:
    - enp7s0
    - enp8s0
- name: enp7s0
  type: ethernet
  state: up
- name: enp8s0
  type: ethernet
  state: up
# Add IP, routes, DNS settings as needed
  2. Apply the Configuration: Apply the YAML configuration using nmstatectl: 
    # nmstatectl apply ~/create-bond.yml
  3. Verification: Verify the configuration using nmstatectl show bond0, ip link show bond0, or other relevant commands.

Key Differences Highlighted

  • Approach: With nmcli, you use a series of commands to incrementally build the bond configuration. With nmstatectl, you define the entire desired state upfront in a YAML file.
  • Atomicity: nmstatectl ensures that either the entire bond configuration is applied or none of it is, preventing partial configurations. nmcli lacks this atomicity guarantee.
  • Readability and Maintainability: The YAML configuration used with nmstatectl tends to be more readable and easier to maintain, especially for complex network setups.

This example showcases how both nmcli and nmstatectl can be utilized for configuring network bonds. The choice between the two depends on your specific needs and preferences.

By Author David Cao

Posted on Last updated:

Categories DevOps