113 lines
3.8 KiB
Markdown
113 lines
3.8 KiB
Markdown
# IP Address Change
|
|
|
|
An IP address change needs following steps
|
|
|
|
**I stay in the same firewall zone**
|
|
- change IP address
|
|
- restart networking or reboot
|
|
|
|
**I move out to the DMZ**
|
|
- change IP address
|
|
- change nameservers (DNS)
|
|
- change timeservers (NTP)
|
|
- change mail relay (SMTP)
|
|
- restart all these services or reboot
|
|
|
|
One day when there is Puppet available in the DMZ then it will handle the later part.
|
|
|
|
## Networking Infrastructure
|
|
|
|
| Zone | Name Server (DNS) | Time Server (NTP) | Mail Relay (SMTP) |
|
|
|-----------|-------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|
|
|
| default | `129.129.190.11` `129.129.230.11` | `pstime1.psi.ch` `pstime2.psi.ch` `pstime3.psi.ch` | `smtpint.psi.ch` |
|
|
| dmz/tier3 | `192.33.120.5` `192.33.121.5` | `dmztime1.psi.ch` `dmztime2.psi.ch` | `smtpdmz.psi.ch` |
|
|
| _source_ | [networking::nameservers](https://git.psi.ch/linux-infra/puppet/-/blob/preprod/data/common.yaml#L538) | [net_client::servers](https://git.psi.ch/linux-infra/puppet/-/blob/preprod/data/common.yaml#L595) | [mta::relays](https://git.psi.ch/linux-infra/puppet/-/blob/preprod/data/common.yaml#L527) |
|
|
## Select the Network Interface Device
|
|
|
|
To see what network interfaces are available, use
|
|
|
|
```
|
|
ip link show
|
|
```
|
|
(all RHEL versions)
|
|
or
|
|
```
|
|
nmcli device status
|
|
```
|
|
(starting from RHEL8)
|
|
|
|
## Edit the IP Configuration of a Network Interface
|
|
|
|
The configuration is done in the file `/etc/sysconfig/network-scripts/ifcfg-$DEVICE`.
|
|
|
|
An example configuration for a static IP address as set up by the kickstart file looks like:
|
|
```
|
|
TYPE=Ethernet
|
|
PROXY_METHOD=none
|
|
BROWSER_ONLY=no
|
|
BOOTPROTO=none
|
|
IPADDR=129.129.187.41
|
|
PREFIX=24
|
|
GATEWAY=129.129.187.1
|
|
DNS1=129.129.190.11
|
|
DNS2=129.129.230.11
|
|
DEFROUTE=yes
|
|
IPV4_FAILURE_FATAL=no
|
|
IPV6INIT=yes
|
|
IPV6_AUTOCONF=yes
|
|
IPV6_DEFROUTE=yes
|
|
IPV6_FAILURE_FATAL=no
|
|
IPV6_ADDR_GEN_MODE=eui64
|
|
NAME=ens160
|
|
UUID=db60a82b-2a4c-4077-b4c1-5dd0e2476be1
|
|
DEVICE=ens160
|
|
ONBOOT=yes
|
|
```
|
|
|
|
Here you need to change the `IPADDR` and possibly the `GATEWAY` and rarely the `PREFIX`. The last two can be looked up in [QIP](https://qip.psi.ch/qip), but the usual pattern is `*.*.*.1` for the gateway and a prefix of 24.
|
|
|
|
When moving to a different zone, then you need also to adapt the DNS servers.
|
|
|
|
If you alterntively change to DHCP, then you can use this:
|
|
```
|
|
TYPE=Ethernet
|
|
PROXY_METHOD=none
|
|
BROWSER_ONLY=no
|
|
BOOTPROTO=dhcp
|
|
DEFROUTE=yes
|
|
IPV4_FAILURE_FATAL=no
|
|
IPV6INIT=yes
|
|
IPV6_AUTOCONF=yes
|
|
IPV6_DEFROUTE=yes
|
|
IPV6_FAILURE_FATAL=no
|
|
IPV6_ADDR_GEN_MODE=eui64
|
|
NAME=ens160
|
|
UUID=b5e9cf25-056d-4acb-958c-7a443300e1e1
|
|
DEVICE=ens160
|
|
ONBOOT=yes
|
|
```
|
|
|
|
This will be active after boot or
|
|
```
|
|
systemctl restart NetworkManager
|
|
```
|
|
(RHEL8) or
|
|
```
|
|
systemctl restart network.service
|
|
```
|
|
(RHEL7)
|
|
|
|
Note if you are in need of a new UUID run `uuidgen`.
|
|
|
|
## Change Time Server (NTP)
|
|
Adapt in the file `/etc/chrony.conf` the `server` list and the `initstepslew` config with the respective time servers.
|
|
```
|
|
systemctl restart chronyd.service
|
|
```
|
|
applies the changes.
|
|
|
|
## Change Server for Outgoing Mails
|
|
This depends on the software running on the system.
|
|
|
|
|