DPOD can be configure configured with two network interface interfaces:
- First Interface interface - For for accessing DPOD's Web Console via web browser and DPOD's CLI via SSH.
- Second Interface interface - For for communicating with the monitored devices.
...
Note |
---|
The second network interface can not cannot share the same class C network as the first network interface (for example : , the two interface can not interfaces cannot have IP address addresses on the sub net subnet 192.169.10.x). |
Connect the Second Network Interface to the Server
Use your system administrator assistance to add a second network interface to your virtual machine or physical server.
In some cases, there will be a need to restart the server before the new network will be available.
After the server restartrestarts, the operating system will automatically configure the new network interface interface using DHCP.
Log in to DPOD's Console or CLI via SSH with the user "root" and type the command "ifconfig". The command output should be similar to the following screenshot:
The new network interface should be displayed as "eth1".
Note |
---|
On a Non-Appliance installation when customer provide perprovides pre-installed server, the the network interfaces name names might be different (the network interface naming depends on the operating system configuration). |
...
- Copy the network interface MAC address as displayed in the "ifconfig" command output after the attribute "ether":
change Change directory to /etc/sysconfig/network-scripts:
Code Block language bash theme RDark cd /etc/sysconfig/network-scripts
duplicate the Duplicate eth0 (first network interface) network interface configuration file for the new network interface file (eth1):
Code Block language bash theme RDark cp ifcfg-eth0 ifcfg-eth1
Edit the new file (ifcfg-eth1) and alter the following attributes based on the new network interface properties
Code Block DEVICE=eth1 BOOTPROTO=static ONBOOT=yes NM_CONTROLLED=no HWADDR=00:0c:29:14:7a:88 IPADDR=192.168.1.178 NETMASK=255.255.255.0 USERCTL=no DNS1=8.8.8.8 DNS2=8.8.4.4 IFCONFIG_OPTS="txqueuelen 10000"
DEVICE : The network interface device name should be eth1
HWADDR : The network interface MAC address as displayed at section 1.
NETMASK : The network mask based on the new interface properties (the network administrator should supply this information)Restart the network service by entering the following command:
Code Block language bash theme RDark service network restart The command output should be : Restarting network (via systemctl): [ OK ]
- Use the command "ifconfig" to make sure the new network interface is up and configured with the correct IP address:
If the new IP address is not displayed restart the server. - sdf
Configure Routing
In order to support the second network interface, a new routing table and routing rules should be defined.
...
Edit the file /etc/iproute2/rt_tables and add new routing table entry with id "1" named "rt1":
In order to add new routing entry to the new routing table use the "ip route" command.
This command will add new temporary entry to the routing table.
Add a default gateway entry :(should be executed only once)
Code Block ip route add default via <interface default gateway> dev <interface name> table <routing table name>
Example: For adding the default gateway 192.168.1.1 to interface eth1:Code Block language bash theme RDark ip route add default via 192.168.1.1 dev eth1 table rt1
Note Adding a default gateway to a network interface should be executed only once.
Add a routing entry (should be executed as needed for every monitored device):
Code Block ip route add <destinamtion ip address or subnet> dev <interface name> table <routing table name>
Example: For adding the route entry to subnet 192.168.1.x to interface eth1Code Block language bash theme RDark ip route add 192.168.1.0/24 dev eth1 table rt1
Note Adding specific routing entry should be executed as needed for every monitored device
In order to make these entries permanent edit the file /etc/sysconfig/network-scripts/route-<interface name> and add the following:
Code Block default via <interface default gateway> dev <interface name> table <routing table name> <destinamtion ip address or subnet> dev <interface name> table <routing table name>
For example: Create new permanent routing file for interface eth1 and add the entries used at previous examples:Code Block default via 192.168.1.1 dev eth1 table rt1 192.168.1.0/24 dev eth1 table rt1
To confirm that the new routing table includes the new routing entries use the following command to display the content of the table:
Code Block ip route show tab <routing table name>
For example: To display the content of table rt1:Code Block language bash theme RDark ip route show tab rt1 The output should be: default via 192.168.1.1 dev eth1 192.168.1.0/24 dev eth1 scope link
Create a New Routing Rule
The routing rule instruct instructs the operating system when to use the new routing table.
In order to add a new routing rule entry to the new routing table use the "ip rule" command.
This command will add a new temporary rule entry.Code Block ip rule add from <source ip address or subnet> table <routing table name> ip rule add to <destination ip address or subnet> table <routing table name>
For example: The routing rule for monitored device 192.168.1.120 are :are
Code Block language bash theme RDark ip rule add from 192.168.1.120/32 table rt1 ip rule add to 192.168.1.120/32 table rt1
The specific IP address can be replaced with subnet if subnet rule is appropriate: 192.168.1.0/24
In order to make these entries permanent edit the file /etc/sysconfig/network-scripts/rule-<interface name> and add the following:
Code Block from <source ip address or subnet> table <routing table name> to <destination ip address or subnet> table <routing table name>
For example: The routing rule for monitored device 192.168.1.120 are
:Code Block from 192.168.1.120/32 table rt1 to 192.168.1.120/32 table rt1
dsgfTo confirm that the new routing rules entries added use the following command to display them:
Code Block language bash theme RDark ip rule show The output should include the following lines: 32764: from all to 192.168.1.120 lookup rt1 32765: from 192.168.1.120 lookup rt1
Confirm the new configuration
- Restart the server.
- After the server is up again login via SSH.
Use the "ip route show tab" command and the "ip rule show" command make sure the routing entries and the routing rule persists after the restart. Confirm the needed network connectivity to the monitored device:
Open new CLI session via SSH and start capture network traffic passing through eth1 to the wanted monitored device.
The following command will capture network traffic to 192.168.1.120:Code Block language bash theme RDark tcpdump -i eth1 host 192.168.1.120
On the second SSH session run telnet command to test connectivity to the monitored device using port 5550 (XML Management Interface Port):Code Block language bash theme RDark telnet 192.168.1.120 5550
The output of the tcpdump command should look similar to the following:
- After confirming the needed network connectivity to the monitored device.
- xfd
- sfdg
Add New Routing Rules
...
The source of the tcp connection is the new eth1 ip address and the destination is the monitored device ip address:
Configure DPOD for the New Network Interface
After the new network interface is configured correctly, DPOD configuration needs to change to use the new interface.
Change DPOD Configuration
Edit the file /etc/hosts and alter the following entries to point to the new IP address.
For example, these are the entries for the new IP address 192.168.1.178:Code Block 192.168.1.178 montier-syslog 192.168.1.178 montier-wsm
- Restart the application using the CLI Admin Menu.
Re-configure Syslog and WS-M
After DPOD was configured to use the new IP address, the monitored devices need to be re-configured to communicate with DPOD via the new address.
In order to re-configure the monitored devices, please follow the instructions under "Adding Monitored Devices" - sub items "Setup Syslog for the New Monitored Device" and "WS-M setup for device".