DPOD can be configured with two network interfaces:
...
- Copy the network interface MAC address as displayed in the "ifconfig" command output after the attribute "ether":
change Change directory to /etc/sysconfig/network-scripts:
Code Block language bash theme RDark cd /etc/sysconfig/network-scripts
duplicate the Duplicate eth0 (first network interface) network interface configuration file for the new network interface file (eth1):
Code Block language bash theme RDark cp ifcfg-eth0 ifcfg-eth1Edit the new file (ifcfg-eth1) and alter the following attributes based on the new network interface properties
Code Block DEVICE=eth1 BOOTPROTO=static ONBOOT=yes NM_CONTROLLED=no HWADDR=00:0c:29:14:7a:88 IPADDR=192.168.1.178 NETMASK=255.255.255.0 USERCTL=no DNS1=8.8.8.8 DNS2=8.8.4.4 IFCONFIG_OPTS="txqueuelen 10000"
DEVICE : The network interface device name should be eth1
HWADDR : The network interface MAC address as displayed at section 1.
NETMASK : The network mask based on the new interface properties (the network administrator should supply this information)Restart the network service by entering the following command:
Code Block language bash theme RDark service network restart The command output should be : Restarting network (via systemctl): [ OK ]
- Use the command "ifconfig" to make sure the new network interface is up and configured with the correct IP address:
If the new IP address is not displayed restart the server. - sdf
Configure Routing
In order to support the second network interface, a new routing table and routing rules should be defined.
...
Edit the file /etc/iproute2/rt_tables and add new routing table entry with id "1" named "rt1":
In order to add new routing entry to the new routing table use the "ip route" command.
This command will add new temporary entry to the routing table.
Add a default gateway entry (should be executed only once)
Code Block ip route add default via <interface default gateway> dev <interface name> table <routing table name>
Example : For adding the default gateway 192.168.1.1 to interface eth1:Code Block language bash theme RDark ip route add default via 192.168.1.1 dev eth1 table rt1
Note Adding a default gateway to a network interface should be executed only once.
Add a routing entry entry (should be executed as needed for every monitored device):
Code Block ip route add <destinamtion ip address or subnet> dev <interface name> table <routing table name>
Example : For adding the route entry to subnet 192.168.1.x to interface eth1Code Block language bash theme RDark ip route add 192.168.1.0/24 dev eth1 table rt1
Note Adding specific routing entry should be executed as needed for every monitored device
In order to make these entries permanent edit the file /etc/sysconfig/network-scripts/route-<interface name> and add the following:
Code Block default via <interface default gateway> dev <interface name> table <routing table name> <destinamtion ip address or subnet> dev <interface name> table <routing table name>
For example : Create new permanent routing file for interface eth1 and add the entries used at previous examples :Code Block default via 192.168.1.1 dev eth1 table rt1 192.168.1.0/24 dev eth1 table rt1
To confirm that the new routing table includes the new routing entries use the following command to display the content of the table :
Code Block ip route show tab <routing table name>
For example : To display the content of table rt1:Code Block language bash theme RDark ip route show tab rt1 The output should be : default via 192.168.1.1 dev eth1 192.168.1.0/24 dev eth1 scope link
Create a New Routing Rule
The routing rule instruct instructs the operating system when to use the new routing table.
In order to add a new routing rule entry to the new routing table use the "ip rule" command.
This command will add a new temporary rule entry .Code Block ip rule add from <source ip address or subnet> table <routing table name> ip rule add to <destination ip address or subnet> table <routing table name>
For example : The routing rule for monitored device 192.168.1.120 are :Code Block language bash theme RDark ip rule add from 192.168.1.120/32 table rt1 ip rule add to 192.168.1.120/32 table rt1
The specific IP address can be replaced with subnet if subnet rule is appropriate : 192.168.1.0/24
In order to make these entries permanent edit the file /etc/sysconfig/network-scripts/rule-<interface name> and add the following :
Code Block from <source ip address or subnet> table <routing table name> to <destination ip address or subnet> table <routing table name>
For example : The routing rule for monitored device 192.168.1.120 are :
Code Block from 192.168.1.120/32 table rt1 to 192.168.1.120/32 table rt1
To confirm that the new routing rules entries added use the following command to display them :
Code Block language bash theme RDark ip rule show The output should include the following lines: 32764: from all to 192.168.1.120 lookup rt1 32765: from 192.168.1.120 lookup rt1
...
- Restart the server.
- After the server is up again login via SSH.
Use the "ip route show tab" command and the "ip rule show" command make sure the routing entries and the routing rule persists after the restart. Confirm the needed network connectivity to the monitored device:
Open new CLI session via SSH and start capture network traffic passing through eth1 to the wanted monitored device.
The following command will capture network traffic to 192.168.1.120:Code Block language bash theme RDark tcpdump -i eth1 host 192.168.1.120
On the second SSH session run telnet command to test connectivity to the monitored device using port 5550 (XML Management Interface Port):Code Block language bash theme RDark telnet 192.168.1.120 5550
The output of the tcpdump command should look similar to the following:
The source of the tcp connection is the new eth1 ip address and the destination is the monitored device ip address: