Network Manager 1.56 It is now available This is a stable release of this well-known network connection manager for GNU/Linux systems, widely used on home computers, servers, and in professional environments. It's a significant update, not only for the new technical features it includes, but also because it refines internal behaviors that affect the daily work of administrators and advanced users.
Although the source code can be downloaded directly from its page on GitLab, the usual recommendation in GNU / Linux distributions It's about waiting for the update to reach the official repositories, where it will have gone through the testing and packaging workflow of each project, something especially important in corporate or production environments.
Main new features of NetworkManager 1.56
This edition appears approximately six months after Network Manager 1.54 It introduces changes designed to improve fine-tuning of network configuration, with particular attention to complex environments using technologies such as HSR, SR-IOV, or bonded links with VLANs. The goal is to offer greater flexibility without requiring complete configuration resets.
Among the most notable new features is the ability to configure the HSR redundant network interconnection port using the new property “hsr.interlink”This setting allows for more precise management of high availability configurations in industrial or critical communications networks, where HSR (High-availability Seamless Redundancy) is a key component.
Support for reapplying the property is also added. “sriov.vfs” provided that the value of “sriov.total-vfs” is not modified. This facilitates the dynamic management of virtual functions (VFs) on devices with SR-IOV, which is common in data centers and demanding virtualization environments, without needing to completely reconfigure the physical device.
Similarly, NetworkManager 1.56 now allows reconfiguration “bond-port.vlans” without having to recreate the connection from scratch. This change simplifies the maintenance of bonded links with multiple VLANs, which are very common in business and public administration networks.
Advanced options for DHCP, HSR, and GSM device control
A new option is added at system startup rd.net.dhcp.client-id Within the nm-initrd-generator tool, which offers more control over DHCP client identification in the early stages of booting. This setting can be useful in infrastructures where network booting and IP address assignment are highly automated.
Regarding HSR, in addition to the new interconnect port setting, the application introduces the ability to define the HSR protocol version using the “hsr.protocol-version” property. This allows the behavior of Linux nodes to be aligned with existing network equipment, which is critical when mixing devices from different manufacturers.
For mobile connections, a new configuration is added. gsm device-uidThis feature is designed to explicitly restrict which GSM devices receive a specific connection. It provides greater control in systems with multiple modems or in scenarios where testing is performed with different mobile devices or SIM cards.
Changes to DNS management and per-connection DNSSEC support
One of the most interesting improvements from a security standpoint is the support for configuring the option to DNSSEC of systemd-resolved For each connection, using the new property “connection.dnssec”. This allows you to decide, connection by connection, whether or not to perform cryptographic verification of DNS responses, which is especially relevant in organizations that manage internal and external networks with different policies.
In addition, NetworkManager 1.56 now accepts hostnames longer than 64 characters obtained through DNS queries. This change addresses cases where long domains or very detailed naming schemes are used, common in large companies or distributed infrastructures.
In terms of global configuration, the function of global-dns It has been adjusted to overwrite search domains and DNS options from connections, rather than simply combining all the information. This provides a layer of centralized control over name resolution, useful for administrators who want to enforce consistent DNS policies.
MPTCP and improvements in VPN integration and certificates
Version 1.56 adds a new type of MPTCP endpoint called "laminate"This expands the possibilities for those who take advantage of Multipath TCP, a technology that allows the use of multiple network paths simultaneously for the same connection. This functionality is especially relevant in contexts where different connections are combined (for example, fiber and mobile data) to increase resilience.
The libnm library introduces a function designed to allow plugins to VPN They can verify user permissions for certificates and keys. This provides plugins with a standard way to check if the user actually has access to the necessary cryptographic materials, reducing configuration errors and potential security issues.
For connections marked as private, that is, those where a specific user is specified in the “connection.permissions” property, NetworkManager now performs an explicit check that the user can access 802.1X certificates and keys defined in that connection. This behavior reinforces access control in deployments with certificate-based authentication, common in universities, government agencies, and large organizations.
Updates to nmcli and improved support for WireGuard
The command-line interface nmcliNetworkManager, widely used by system administrators on Linux servers and remote machines, also receives updates. Starting with NetworkManager 1.56, it's possible to directly query and manage WireGuard peers, simplifying the administration of this popular VPN protocol from scripts and the terminal, without needing external tools and improving integration with NetworkManager. Lightweight and efficient VPNs.
This improved support for wire guard It fits well with the trend of many organizations adopting lightweight and efficient VPNs integrated into standard system tools. Centralizing management in nmcli simplifies automation and integration with other parts of the infrastructure.
Bug fixes for broadband and VPN connections
The development team has resolved a bug that was preventing the auto-connect on broadband connections This bug occurred when a reconnection attempt was made while the modem was in a "disconnecting" or "disconnected" state. In practice, this could lead to situations where the mobile connection was not automatically restored, requiring manual intervention.
A problem that caused certain connection properties to not be applied correctly has also been fixed. VPN connectionsThis type of error can impact security policies or expected network routes, so correcting it brings more predictability and consistency to the overall behavior of NetworkManager.
Internal changes in versioning and compilation
Internally, NetworkManager 1.56 unifies the scheme of versioned with suffixes “-rcX” and “-dev” throughout the project. This affects the version's URL and tarball name, as well as the number displayed by the nmcli tool and the running daemon itself, helping to more clearly identify which build is being used at any given time.
Another relevant technical modification is the update of n-acd This ensures that the system is always compiled with eBPF support enabled, detecting at runtime whether the system can actually use this feature. This change simplifies the management of heterogeneous environments, where not all kernels or configurations have the same level of eBPF compatibility.
Availability and update recommendations
The source code for NetworkManager 1.56 can now be obtained from its repository in GitLab For those who prefer to compile manually or integrate it into custom distributions. However, for desktop and server users, the most common practice is to wait for distributions—such as Debian, Ubuntu, Fedora, openSUSE, or their derivatives—to release the update in their stable or long-term repositories.
Before updating on critical systems, it's advisable to review the release notes for the corresponding distribution and check compatibility with existing network modules, VPN plugins, and management tools. Since aspects such as certificate management, DNS and VPNIt is advisable to test in test environments when dealing with sensitive infrastructures.
Overall, NetworkManager 1.56 is presented as an update focused on fine-tuning control over advanced network technologies, strengthening security through better handling of DNSSEC and certificates, improving interoperability with modern VPNs such as WireGuard, and polishing bugs that affected broadband connections and encrypted tunnels, all accompanied by internal adjustments that facilitate version identification and compilation in different Linux environments.
