Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Amending netmask in RedHat ES4

Status
Not open for further replies.
columb

columb

IS-IT--Management
Feb 5, 2004
1,231
EU
The network configuration that one of my servers sits on is changing from a 24 bit netmask to a 23 bit netmask and I need to change the NIC configuration to match. The only problem is I'm on a remote site and have no GUI.

What I propose to do is run
Code: 
ifconfig eth0 netmask 255.255.254.0
ifconfig eth0 down; ifconfig eth0 up
As I'm very aware that any mistakes will mean that I can't connect to the system I'd appreciate any comments before I do something dumb.

Thanks

Ceci n'est pas une signature
Columb Healy
 
Sort by date Sort by votes
I'll toss a couple of ideas out to you...

First, the service "network" on RH boxes is a better choice to refresh your networking. However, it is file driven for its configuration. Which brings me to my next point.

If you ONLY make the changes through ifconfig, these are RAM-only changes that will be lost when you next reboot the box or restart the network service. At such point, you will revert to the settings in your config files...

Sooooooooooooooooooooooooooooo...

Spend some time thinking about the contents of these two files:

/etc/sysconfig/network
/etc/sysconfig/network-scripts/ifcfg-eth0

Between these two files you will need to make the relevant changes to your IP, mask, broadcast, gateway, and network settings (a couple of which you might not have thought of in your first scenario)

You can make changes to these files and they won't impact the system until you either reboot or issue
"service network restart"

You WILL (99%) lose your connection to the server upon either method of restarting...

ALSO!!!! Make VERY sure that you understand your firewall rules. RH has a habit of there being some default firewall rules that are ENABLED when you build the machine. Generally these rules are written agnostically to your IP addressing scheme, but I recommend you be sure by checking iptables before you restart.

Beyond these points you would minimally want to ensure that any IP-specific assignments in your major service configuration files are managed before rebooting.

Generally 'sshd' is NOT bound to listen on a specific IP/mask, so unless you did it specifically you probably are ok.

Often 'httpd'/apache is bound to listen on a specific PORT not IP, but depending upon your environment, it might have been configured for specific IPs.

You may want to let this thread run for a day to see if anyone else spots ways to control your risks before you make your changes.... good luck!








D.E.R. Management - IT Project Management Consulting
 
Upvote 0 Downvote
Thanks thedaver.

I've had a poke around and as
[ul]
[li]The only thing that is changing is the netmask[/li]
[li]I do not use the built in firewall[/li]
[/ul]
Taking your suggestions I've now formulted plan B
[ol]
[li]Make a backup copy of /etc/sysconfig/network-scripts/ifcfg-eth0[/li]
[li]Edit /etc/sysconfig/network-scripts/ifcfg-eth0 to change the line NETMASK=255.255.255.0 to NETMASK=255.255.254.0[/li]
[li]run 'service network restart'[/li]
[/ol]
This change is planned for 18:00 GMT on Tuesday 5th so there's a little time if anyone would like to comment.

Ceci n'est pas une signature
Columb Healy
 
Upvote 0 Downvote
You sure your gateway and broadcast are not changing on a netmask change?! I would think broadcast HAS to change.

D.E.R. Management - IT Project Management Consulting
 
Upvote 0 Downvote
thedaver

The gateway is not changing.

My copy of /etc/sysconfig/network-scripts/ifcfg-eth0 does not have a broadcast setting and the RedHat manual says that BROADCAST is depreciated so I guess it will work it out for itself.

Thanks again for your help.

Ceci n'est pas une signature
Columb Healy
 
Upvote 0 Downvote
i would recomend first run some shell script that changes the network setup (ifconfig, eth down and up), while having scheduled the network restart in about 5 minutes or so - this way you can check if the setup is working - you can reach the network in- and outbound - and if not, everything is reverted to the working current setup (providing that you do not change the network init scripts) after those 5 mins ;-)
 
Upvote 0 Downvote
piti
Hmm... Good idea. Something along the lines of
Code: 
cd /etc/sysconfig/network-scripts
mv ifcfg-eth0 backup_ifcfg-eth0
mv amended_ifcfg-eth0 ifcfg-eth0
service network restart
sleep 600
[[ -f all_ok ]] && exit
mv ifcfg-eth0 amended_ifcfg-eth0
mv backup_ifcfg-eth0 ifcfg-eth0
service network restart
So I've got 10 minutes to login and touch /etc/sysconfig/network-scripts/all_ok to confirm all OK otherwise it will revert the changes.

Ceci n'est pas une signature
Columb Healy
 
Upvote 0 Downvote
well ... looks nice, but i personaly would use this approach
1. "at" to schedule the network restart
2. "ifconfig" to change the settings and bring interface down/up

i think this is less failure jeopardized ...
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

hobbytech
  • Locked
  • Question
Internet not connecting
Replies
5
Views
342
Stephen_Hawk
Stephen_Hawk
bhuv560
  • Locked
  • Question
Postfix Installation on EC2 AWS Linux
Replies
0
Views
161
bhuv560
bhuv560
KannaChan
  • Locked
  • Question
TLS1.2 and TLS1.0 proxy in same Virtualhost
Replies
1
Views
219
ChrisHirst
ChrisHirst
msk69
  • Locked
  • Question
RHEL 7 installation error
Replies
1
Views
247
msk69
msk69
malpa
  • Locked
  • Question
block incoming snmp traps from ip
Replies
1
Views
266
malpa
malpa

Part and Inventory Search

Sponsor

Back
Top