Network manager and split DNS for a VPN?

Fri Apr 14 17:51:39 UTC 2017

On Thu, Apr 13, 2017 at 3:32 AM, Xen <list at xenhideout.nl> wrote:
> Tom H schreef op 13-04-2017 7:36:

>> I thought that I'd said in my original email that previous versions of
>> NM had "nm-tool". It's too bad that it was removed, although I'd have
>> preferred it to be "nmtool"...
>
> aye but your nmcli command probably also works with less parameters.

If you know the UUID or ID of the active connection, you can use one "nmcli"

nmcli -f IP4 c sh uuid <UUID>
or
nmcli -f IP4 c sh id <ID>

The command that I'd posted pulled out the active connection with the
"$(nmcli ... --active)" part.

>>> nmcli itself has a syntax I find impossible to remember.
>>
>> The above is the only nmcli command that I know and use.
>>
>> I remember them because
>>
>> "c sh" is short for "connection show" and is similar to ip's "a
>> sh"/address show".
>
> Okay so they modelled it on that. For some reason "ip" is not as hard to
> remember, although I sometimes get lost in the confusion of "ip table show
> second" or "ip show table second" and stuff like that ;-).

It's a question of how often you use them. If I don't use "mdadm" for
three months or so, I have to skim through its man page to refresh my
memory.

>> "-f" stands for "field(s)". I sometimes type "ipv4" rather than "IP4"
>> for the first one and then realize that I've screwed up...
>>
>> I prefer the "uuid ... UUID" version because they correspond, whereas
>> in the "id ... NAME" I have to remember that the output of "NAME" is
>> the input of "id".
>
> Well all of that just goes to show how unusable it is.

Unusable, no. Quirky, yes.

> Not saying, for instance, that's easy in MS Windows. You have some netsh
> command that is equally impossible to remember.
>
> In Windows it would be
>
> netsh interface ipv4 show dnsservers
>
> But I would much rather have it show with "ipconfig", same as "ifconfig".
> Ifconfig in Linux is just a nice informative tool, even if it is
> "deprecated".

The problem, AIUI, is that the CLI commands more or less mimic the GUI tool.

For example, "networksetup" is the macOS CLI command (on my Mac, I've
renamed "Wi-Fi", the default name, "wifi" because it's faster to
type...).

root at localhost ~ # networksetup -listallnetworkservices
An asterisk (*) denotes that a network service is disabled.
*LPSS Serial Adapter
wifi
*Bluetooth PAN

root at localhost ~ # networksetup -getinfo wifi
Manual Configuration
IP address: 192.168.0.54
Subnet mask: 255.255.255.0
Router: 192.168.0.1
IPv6: Off
Wi-Fi ID: a8:66:7f:3a:64:b2

root at localhost ~ # networksetup -getdnsservers wifi
8.8.8.8

Apple has chosen to use very long but clear and verbose options.
There's no way to remember them all but you don't have to remember how
to combine various subcommands and options. If you don't know the
exact option, you can run "networksetup -help | sort" and find the
invocation that you need.

Solaris has split up its previous, standard-Unix "ifconfig" into
"dladm" for layer 2 and "ipadm" for layer 3 but they're unrelated to
any GUI tool and they have add-* create-* down-* enable-* set-* show-*
delete-* disable-* remove-* subcommands.

Solaris also has something similar to NM called NWAM (Network
Auto-Magic) with "netcfg" and "netadm" commands. I've never used
"netcfg" and I've only used "netadm enable -p ncp DefaultFixed" in
order to disable NWAM and set up a static connection manually, then

root at localhost ~ # ipadm show-if
IFNAME     CLASS    STATE    ACTIVE OVER
lo0        loopback ok       yes    --
net0       ip       ok       yes    --

root at localhost ~ # ipadm show-addr
ADDROBJ        TYPE     STATE    ADDR
lo0/v4         static   ok       127.0.0.1/8
net0/v4static  static   ok       192.168.0.192/24
lo0/v6         static   ok       ::1/128

root at localhost ~ # svccfg -s network/dns/client listprop config/nameserver
config/nameserver net_address 8.8.8.8

It's a trend...