If you are managing an Ubuntu server, you have likely faced the frustration of setting a temporary IP address using legacy commands only to have it vanish after a system reboot. Whether you are assigning a static IP for a production web server, setting up a network bridge for virtualization, doing these things manually is inefficient and temporary.
Enter Netplan.
Developed by Canonical, Netplan is a high-level, distribution-agnostic network configuration tool that serves as the “source of truth” for your system’s connectivity. It uses a human-readable YAML configuration format to define your network intent, which it then “renders” into instructions for underlying backends like systemd-networkd or NetworkManager. Mastering Netplan is essential for anyone following linux server security best practices to ensure stable and predictable remote access.
Table of Contents
Key Takeaways: Mastering Netplan
- YAML Syntax → Netplan uses a structured, indented format to define interfaces, addresses, and routes.
- Backend Abstraction → It works with both NetworkManager (typically for Desktop) and systemd-networkd (typically for Server).
- Validation → The
netplan generatecommand allows you to catch syntax errors before they break your connection. - Persistence → Configurations stored in
/etc/netplan/survive reboots and system updates.
Step 1: Locate Your Configuration Files
Netplan reads configuration files from the /etc/netplan/ directory. Typically, you will find a file named something like 01-netcfg.yaml or 50-cloud-init.yaml. If you are unsure of your current setup, it is helpful to start by understanding linux commands like ls to list the directory contents.
Step 2: Understand the YAML Structure
A standard Netplan file is divided into sections: network, version, renderer, and the interface types like ethernets, bridges, or wifis.
Example of a basic DHCP configuration:
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: true
Step 3: Configure Common Scenarios
Netplan is highly flexible and can handle complex setups with just a few lines of code.
Example 1: Setting a Static IP and Custom DNS
If you need a fixed identity for your server, you must define an addresses block and specify your routes.
network:
version: 2
renderer: networkd
ethernets:
eth0:
addresses:
- 10.10.10.2/24
routes:
- to: default
via: 10.10.10.1
nameservers:
search: [example.internal]
addresses: [10.10.4.5, 1.1.1.1]
Note: In Ubuntu 18.04, you should use the older gateway4 key instead of the routes block.
Example 2: Creating a Network Bridge
For virtualization environments, you can bridge a physical interface (like enp3s0) to a virtual one (br0).
See also: Mastering the Linux Command Line — Your Complete Free Training Guide
network:
version: 2
renderer: networkd
ethernets:
enp3s0:
dhcp4: no
bridges:
br0:
dhcp4: yes
interfaces:
- enp3s0
Step 4: Validate and Apply Changes
Applying network changes can be risky, especially over SSH. Always follow this two-step process to avoid a lockout.
- Check for syntax errors:
sudo netplan generate - Apply the configuration:
sudo netplan apply
If you encounter issues during this process, you may need to check system logs to identify where the backend renderer is failing.
Step 5: Monitor and Verify the Network Status
Once applied, you can verify that your settings are active using Netplan’s built-in status tool.
Command: sudo netplan status -a
Expected Output:
Online state: online
DNS Addresses: 127.0.0.53 (stub)
2: eth0 ethernet UP (networkd: eth0)
Addresses: 10.10.10.2/24 (static)
This summary provides a high-level overview of your interfaces, correlated default routes, and DNS servers.
Important Best Practices
- YAML Indentation: Netplan is extremely sensitive to spaces. Never use tabs in your
.yamlfiles. - SSH Warning: Be extremely careful when changing parameters over an SSH connection. A single typo in your IP or gateway can permanently lock you out of a remote server.
- Backup Configs: Always keep a copy of your working configuration before making edits.
- Hooks: While Netplan doesn’t support hook scripts directly in the YAML, you can use networkd-dispatcher to run scripts when specific network states are reached.
Summary Tables
| Goal | Key Parameter | Value Example |
|---|---|---|
| Enable DHCP | dhcp4 | true |
| Set Static IP | addresses | [10.10.10.2/24] |
| Set DNS | nameservers | addresses: [1.1.1.1] |
| Define Gateway | via | 10.10.10.1 |
| Select Backend | renderer | networkd or NetworkManager |
| Command | Action | Recommended Use |
|---|---|---|
sudo netplan generate | Validates YAML syntax. | Before applying any change. |
sudo netplan apply | Pushes config to backends. | To make changes permanent. |
sudo netplan status -a | Shows interface overview. | To troubleshoot connectivity. |
FAQ
Where are the Netplan logs stored? If netplan apply fails, you can find detailed output by checking the system logs for the specific renderer (NetworkManager or systemd-networkd).
Can I use Netplan on Ubuntu Desktop? Yes. While it defaults to the NetworkManager renderer on Desktop, the YAML syntax remains the same.
How do I find my current IP address without Netplan? You can use the standard ip addr command to see low-level interface details.
