netconfig − modular tool to modify network configuration


netconfig modify

< −s | −−service <service name> >
[ −i | −−interface <interface name> ]
[ −F | −−input−format <input/lease file format> ]
[ −I | −−input−file <input/lease file name> ]
[ −l | −−lease−file <input/lease file name> ]
[ −m | −−module−only < name | prefix > ]
[ −f | −−force−replace ]
[ −v | −−verbose ]

netconfig remove

< −s | −−service <service name> >
[ −i | −−interface <interface name> ]
[ −m | −−module−only < name | prefix > ]
[ −f | −−force−replace ]
[ −v | −−verbose ]

netconfig update

[ −m | −−module−only < name | prefix > ]
[ −f | −−force−replace ]
[ −v | −−verbose ]

netconfig < −h | −−help >


Netconfig is a modular tool to manage additional network configuration settings. It merges statically defined settings with settings provided by autoconfiguration mechanisms as dhcp or ppp according to a predefined policy and applies the required changes to the system by calling netconfig modules.

Each netconfig module is responsible to apply a set of changes for instance by writing of a configuration file and restarting a service or similar.

The netconfig tool knows three main actions:


Modify the current interface and service specific dynamic settings and update the network configuration.

Netconfig reads these settings on its standard input or from the file specified by the −−input−file option and stores them internally until a system reboot or the next modify or remove action. Already existing settings for the same interface and service combination will be overwritten. See the MODIFY INPUT FORMAT section for input format description.


Removes the dynamic settings provided by a modify action for the specified interface and service combination and update the network configuration.


Update the network configuration using current settings. This also required when the policy or the static configuration in sysconfig/network/config changed.

The update can be limited to a group of modules with a common prefix or to a single module name using the -m name-or-prefix option, for example use -m dns to apply all dns settings or -m dns-resolver to apply only settings handled in the dns-resolver module. Note: Especially the second call may cause inconsistent system configuration!

The netconfig policy and the static configuration settings are defined in /etc/sysconfig/network/config variables by the administrator using YaST2, NetworkManager or manually as defined in NETCONFIG VARIABLES section.

The dynamic configuration settings provided by autoconfiguration tools as dhcp or ppp are delivered to netconfig directly by these tools with the modify and remove netconfig actions.



This variable defines the start order of netconfig modules installed in the /etc/netconfig.d/ directory.

To disable the execution of a module, don’t remove it from the list but prepend it with a minus sign, -ntp-runtime.


Netconfig defines a merge policy variable for each set of network settings. An empty policy variable disables any modifications in netconfig.

This variable lists the network interfaces, that netconfig has to consider as a valid source for this set of settings and in which order.

Except of complete interface names, also basic wildcards to match multiple interfaces are allowed. For example, "eth* ppp?" will target first all eth and then all ppp0-ppp9 interfaces.

There are two special predefined policy values which indicate how to apply the static settings defined in the corresponding NETCONFIG_<set>_STATIC_* variables:


the static settings have to be merged together with the dynamic settings.


the static settings have to be used only, when no dynamic are avaliable.

By default, the policy is set to the special value auto. This special policy value is resolved differently by netconfig when the NetworkManager is enabled or disabled:

NetworkManager is disabled

The auto policy value is resolved to a policy "STATIC *".

NetworkManager is enabled

The auto policy value is resolved to "STATIC_FALLBACK NetworkManager" causing to use the NetworkManager build-in merge policy with a fallback to the static settings defined in netconfig variables when the NetworkManager does not provide any.

Note: NetworkManager is not using any of the statically defined netconfig settings.
Please use the (k)nm connection editor to define yout network settings for the NetworkManager!


Defines the DNS merge policy. See also the NETCONFIG_<set>_POLICY section.


The name of the DNS forwarder that has to be configured. Currently implemented are "bind" (dns-bind module), "dnsmasq" (dns-dnsmasq) and "resolver" (dns-resolver module), that causes to write the name server IP addresses directly to /etc/resolv.conf only (no forwarder). Empty string defaults to "resolver", that is also the default setting.

See also NETCONFIG MODULES section for more informations.


When enabled (default) in forwarder mode ("bind", "dnsmasq"), netconfig writes an explicit localhost nameserver address to the /etc/resolv.conf, followed by the policy resolved name server list as fallback for the moments, when the local forwarder is stopped. Otherwise, the fallback is written only, when the NETCONFIG_DNS_STATIC_SERVERS variable contains an localhost address.


List of DNS domain names used for host-name lookup.

It is written as search list into the /etc/resolv.conf file.


List of namserver IP addresses used for host-name lookup.

When the NETCONFIG_DNS_FORWARDER variable is set to "resolver", the name servers are written directly to /etc/resolv.conf.

Otherwise, the nameserver are written into a forwarder specific configuration file. Whether the nameservers are written as fallback to the /etc/resolv.conf, depends on the NETCONFIG_DNS_FORWARDER_FALLBACK variable. When the /etc/resolv.conf does not contain any nameservers, the glibc makes use of the name server running on the local machine (the forwarder). See also NETCONFIG MODULES section for more informations.


Allows to specify a custom DNS service ranking list, that is which services provide preferred (e.g. vpn services), and which services fallback settings (e.g. avahi). It causes a per service sorting of the nameservers and search list settings. Preferred service names have to be prepended with a "+", fallback service names can be marked with a "−" character. Instead of the service name also a regex is supported using +/pattern/ and -/pattern/. The special default value "auto" enables the build-in service ranking list, currently:
"+/vpn/ -/auto/ +strongswan +openswan +racoon -avahi"
the value "none" or "" allows to disable the ranking / sorting.


Allows to specify options to use when writting the /etc/resolv.conf, for example:
"debug attempts:1 timeout:10"
See resolv.conf(5) manual page for details.


Allows to specify a sortlist to use when writting the /etc/resolv.conf, for example:
See resolv.conf(5) manual page for details.


Defines the NTP merge policy. See also the NETCONFIG_<set>_POLICY section.


List of NTP server IP addresses.

Defines the NIS / YP merge policy. See also the NETCONFIG_<set>_POLICY section.
[ _<number> ]

A NIS domain name.


A list of NIS servers for the domain with same suffix number.


Defines whether to set the NIS domain using a setdomainname(2) call. When enabled and the NIS domain is not provided dynamically or defined in the static netconfig variables, the domain from /etc/defaultdomain is used as fallback. Valid values are:


netconfig does not set the domainname at all


netconfig sets the domainname according to the NIS policy using the settings of the first interface and service which provided the NIS domainname.


netconfig sets the domainname according to the NIS policy using the settings of the first service which provided the NIS domainname on the specified interface.



This module writes the DNS settings into the /etc/resolv.conf file.

When the NETCONFIG_DNS_FORWARDER variable is empty or set to "resolver", both, the domain search list and the nameserver list is written.

Otherwise, only the domain search list is written. Whether the nameservers are written to the /etc/resolv.conf or handled by the forwarder specific module (e.g. bind) only, depends on the NETCONFIG_DNS_FORWARDER_FALLBACK variable.


This module writes the DNS nameservers as forwarders for the bind nameserver into the /etc/named.d/forwarders.conf file. Please verify that this file is included in the options section of /etc/named.conf, like:
options {

#forward first;

include "/etc/named.d/forwarders.conf";

# [...]
You can use the yast2 dns-server module to configure bind as forwarder.


This module writes the DNS nameservers as forwarders for the dnsmasq nameserver into the /var/run/dnsmasq-forwarders.conf file. Please verify, that this file is set in the resolv-file keyword in the /etc/dnsmasq.conf.


The netconfig ntp-runtime module does not alter the /etc/ntp.conf file, but makes use of NTP "runtime configuration".

The list of the NTP servers is written to the /var/run/ntp/servers-netconfig file and if the configuration changed meanwhile, the ntp service will be restarted using "rcntp try-restart". The ntp init script provides the functionality to apply the server list at runtime to the ntpd(1) daemon.


This module writes the NIS configuration into the /etc/ypconf file and reloads the "ypbind" service when the configuration changed.


The netconfig modify command expects a simple, single quoted, key-value parameter list in a dhcpcd info file compatible format. The keywords have to be usable as variable name in a shell (identifier). The keyword INTERFACE is mandatory. The currently considered key-value pairs are:

INTERFACE=’<interface name>’
=’<IP address> [/<prefix length>]’
=’<network mask>’
=’<network address>’
=’<broadcast address>’
=’<space separated list of classless route entries>’
Each route entry consists of "network,netmask,router" addresses.
=’<space separated list of gateway IP addresses>’
=’<space separated list of DNS domain names>’
=’<DNS domain name>’
=’<space separated list of DNS nameserver addresses>’
=’<space separated list of ntp server addresses>’
=’<NIS domain name>’
=’<list of server addresses for the NIS domain>’
=’<list of netbios nameserver addresses>’


See also the output of the dhcpcd-test <interface name> command.
Following variables are used by the current netconfig modules:





Please report bugs at <>


Michael Calmer <>
Marius Tomaschewski <>
Milisav Radmanic <>




Personal Opportunity - Free software gives you access to billions of dollars of software at no cost. Use this software for your business, personal use or to develop a profitable skill. Access to source code provides access to a level of capabilities/information that companies protect though copyrights. Open source is a core component of the Internet and it is available to you. Leverage the billions of dollars in resources and capabilities to build a career, establish a business or change the world. The potential is endless for those who understand the opportunity.

Business Opportunity - Goldman Sachs, IBM and countless large corporations are leveraging open source to reduce costs, develop products and increase their bottom lines. Learn what these companies know about open source and how open source can give you the advantage.

Free Software

Free Software provides computer programs and capabilities at no cost but more importantly, it provides the freedom to run, edit, contribute to, and share the software. The importance of free software is a matter of access, not price. Software at no cost is a benefit but ownership rights to the software and source code is far more significant.

Free Office Software - The Libre Office suite provides top desktop productivity tools for free. This includes, a word processor, spreadsheet, presentation engine, drawing and flowcharting, database and math applications. Libre Office is available for Linux or Windows.

Free Books

The Free Books Library is a collection of thousands of the most popular public domain books in an online readable format. The collection includes great classical literature and more recent works where the U.S. copyright has expired. These books are yours to read and use without restrictions.

Source Code - Want to change a program or know how it works? Open Source provides the source code for its programs so that anyone can use, modify or learn how to write those programs themselves. Visit the GNU source code repositories to download the source.


Study at Harvard, Stanford or MIT - Open edX provides free online courses from Harvard, MIT, Columbia, UC Berkeley and other top Universities. Hundreds of courses for almost all major subjects and course levels. Open edx also offers some paid courses and selected certifications.

Linux Manual Pages - A man or manual page is a form of software documentation found on Linux/Unix operating systems. Topics covered include computer programs (including library and system calls), formal standards and conventions, and even abstract concepts.