Summary

This procedure will guide you to perform the network conversion from Legacy Rack to Leaseweb’s Next-Generation Network (NGN) rack architecture in order to re-establish the server's network connectivity.

Work instructions

Please, follow these instructions to proceed with the network conversion from Legacy Rack to NGN rack architecture.

Linux

1) Tech Refresh Preparation.

This section explains how to save the basic network information before the server is moved to the new NGN rack, to facilitate the reconfiguration of the network on the server once the server is in the new rack.

Save the minimal network information.

It is important to keep the minimal network's information because you will reconfigure the same IPs once the server is placed in the new Leaseweb NGN rack.

Below you can find the commands to execute.

Command:
ip address > base_network.txt && route -n >> base_network.txt

 Now your IPs and Route are saved in file base_network.txt. 

This result is only an example, you will probably have more information.

Result: cat base_network.txt
1: lo: <LOOPBACK,UP,LOWER_UP> mtu  65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback  00 :00: 00 :00: 00 :00 brd 00: 00 :00: 00 :00: 00
    inet  127.0 .0.1/ 8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1 / 128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu  1500 qdisc fq_codel state UP group default qlen 1000
    link/ether  02 :00: 30 :8f:00:3d brd ff:ff:ff:ff:ff:ff
    altname enp0s3
    altname ens3
    inet  10.20 .20.236/ 24 brd 10.20. 20.255 scope global noprefixroute eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::30ff:fe8f:3d/ 64 scope link noprefixroute
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu  1500 qdisc fq_codel state UP group default qlen 1000
    link/ether  02 :00: 25 :47: 00 :05 brd ff:ff:ff:ff:ff:ff
    altname enp0s4
    altname ens4
 
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0                   10.20 . 20.1              0.0.0.0                   UG     100         0            0      eth0
10.20.20.0            0.0.0.0                    255.255.255.0       U      100          0            0       eth0

2) Post-Tech Refresh (Server already moved to the NGN Rack)

Convert Network Configuration

You will first need to access the remote console of your server. 

To access a server without a network, you need to connect to the VPN and once connected access the IPMI.

Once the server is moved the IPMI connection information will be changed.

You can read the following knowledge base to retrieve the updated credentials.

Two network configuration methods can be used for Linux distribution.

  • Manual Network Configuration
  • Cloud-Init Configuration

This process is only available for the Linux distribution. Windows and VMware networks must be configured manually.

To verify what configuration method to use follow these steps:

  1.  Validate if cloud-init is installed.

    RHEL Distribution Base (RHEL/CentOS/Almalinux)
    rpm -qa cloud-init
    Ubuntu/Debian
    apt -qq list cloud-init
  2. Validate cloud-init services status.

    systemctl status cloud-init-local.service
    systemctl status cloud-init.service
    systemctl status cloud-config.service
    systemctl status cloud-final.service
  3. If Cloud-Init is installed and the services are running Select the "Cloud-Init" Section, otherwise select the "Manual" section.

Cloud-Init

Back to top >

Back up the old configuration

Before you start modifying the network, we advise you to make a backup of the current configuration.

  1. Do the backup of the old configuration.

    Backup old configuration.
    # Create a backup folder in you user directory.
    sudo mkdir -p ~/net_backup/
     
    # Go to the folder
    cd /etc/cloud/
     
    # Save  the file(s)
    sudo cp ./cloud.cfg  ~ /net_backup/
    sudo cp ./cloud.cfg.d/* ~ /net_backup/
  2. If cloud-init is installed & executed, execute : 

    Clean actual cloud-init configuration.
    rm -f /etc/cloud/cloud.cfg
    rm -rf /etc/cloud/cloud.cfg.d/
    cloud-init clean
  3. Write new file: /etc/cloud/cloud.cfg (format will change depending on config PUB, PUB+INT, INT)

If you were using the legacy "DNS Servers", you will need to modify them.

# Legacy DNS servers
209.172.41.202
209.172.41.200
 
# New DNS servers
23.19.53.53
23.19.52.52
/etc/cloud/cloud.cfg
network:
  version: 1
  config:
  type : physical
    id: eth0
    mac_address: <MAC_ADDRESS_ETH0>
    name: eth0
    subnets:
    - address: <PUBLIC_IP>
      dns_nameservers: [23.19.53.53, 23.19.52.52]
      gateway: <PUBLIC_GATEWAY>
      netmask: <PUBLIC_NETMASK>
      type: static
  type : physical
    id: eth1
    mac_address: <MAC_ADDRESS_ETH1>
    name: eth1
    subnets:
    type : dhcp
system_info:
  network:
    renderers: [netplan, eni, sysconfig]

4) Execute this command to reconfigure the network.

cloud-init init --local

5) Restart the network to take the new config

systemctl restart networking
systemctl restart NetworkManager
systemctl restart NetworkManager.service
systemctl restart network.service
nmcli networking off && nmcli networking on

6) If necessary you can restart the server.

init 6

WAN & LAN

Back to top >

LAN Static :

If you were using the legacy "DNS Servers", you will need to modify them.

# Legacy DNS servers
209.172.41.202
209.172.41.200
 
# New DNS servers
23.19.53.53
23.19.52.52
/etc/cloud/cloud.cfg
network:
  version: 1
  config:
  type : physical
    id: eth0
    mac_address: <MAC_ADDRESS_ETH0>
    name: eth0
    subnets:
    - address: <PUBLIC_IP>
      dns_nameservers: [23.19.53.53, 23.19.52.52]
      gateway: <PUBLIC_GATEWAY>
      netmask: <PUBLIC_NETMASK>
      type: static
  type : physical
    id: eth1
    mac_address: <MAC_ADDRESS_ETH1>
    name: eth1
    subnets:
    - address: <INTERNAL_IP>
      netmask: <INTERNAL_NETMASK>
      type: static
system_info:
  network:
    renderers: [netplan, eni, sysconfig]

4) Execute this command to reconfigure the network.

cloud-init init --local

5) Restart the network to take the new config

systemctl restart networking
systemctl restart NetworkManager
systemctl restart NetworkManager.service
systemctl restart network.service
nmcli networking off && nmcli networking on

6) If necessary you can restart the server.

init 6
LAN : DHCP

If you were using the legacy "DNS Servers", you will need to modify them.

# Legacy DNS servers
209.172.41.202
209.172.41.200
 
# New DNS servers
23.19.53.53
23.19.52.52
/etc/cloud/cloud.cfg
network:
  version: 1
  config:
  type : physical
    id: eth0
    mac_address: <MAC_ADDRESS_ETH0>
    name: eth0
    subnets:
    - address: <PUBLIC_IP>
      dns_nameservers: [23.19.53.53, 23.19.52.52]
      gateway: <PUBLIC_GATEWAY>
      netmask: <PUBLIC_NETMASK>
      type: static
  type : physical
    id: eth1
    mac_address: <MAC_ADDRESS_ETH1>
    name: eth1
    subnets:
    type : dhcp
system_info:
  network:
    renderers: [netplan, eni, sysconfig]

4) Execute this command to reconfigure the network.

cloud-init init --local

5) Restart the network to take the new config

systemctl restart networking
systemctl restart NetworkManager
systemctl restart NetworkManager.service
systemctl restart network.service
nmcli networking off && nmcli networking on

6) If necessary you can restart the server.

init 6

If you were using the legacy "DNS Servers", you will need to modify them.

# Legacy DNS servers
209.172.41.202
209.172.41.200
 
# New DNS servers
23.19.53.53
23.19.52.52
/etc/cloud/cloud.cfg
network:
  version: 1
  config:
  type : physical
    id: eth0
    mac_address: <MAC_ADDRESS_ETH0>
    name: eth0
  type : physical
    id: eth1
    mac_address: <MAC_ADDRESS_ETH1>
    name: eth1
    subnets:
    - address: <INTERNAL_IP>
      dns_nameservers: [23.19.53.53, 23.19.52.52]
      gateway: <INTERNAL_GATEWAY>
      netmask: <INTERNAL_NETMASK>
      type: static
system_info:
  network:
    renderers: [netplan, eni, sysconfig]

4) Execute this command to reconfigure the network.

cloud-init init --local

5) Restart the network to take the new config

systemctl restart networking
systemctl restart NetworkManager
systemctl restart NetworkManager.service
systemctl restart network.service
nmcli networking off && nmcli networking on

6) If necessary you can restart the server.

init 6
Convert Network Configuration : Manual Process
Summary

This page explains how to convert the network configuration manually in the operating system to support the Leaseweb NGN.

Select the configuration used to manage your network.

Legacy (Ifupdown)

Back to top >

RHEL Base Distribution (sysconfig)

Sysconfig (IFUPDOWN)

Distribution Supported

RedHate, CentOS, Almalinux, Rocky linux 

You need to be root or sudoer to do the modification.

   You could use nano or vi to do the modification

How validate if ifupdown (sysconfig) is used on server.

# With SysVinit [Legacy]
service network status
 
# With SystemD
systemctl is-enabled network.service

If you have this result after running the command, it is because the ifupdown (sysconfig) is enabled and it manages the network part.

ifupdwon (sysconfig) = Enabled
network.service is not a native service, redirecting to /sbin/chkconfig .
Executing /sbin/chkconfig network --level=5
enabled

If you have this result after running the command, it is because the ifupdown (sysconfig) is disabled and it does not manage the network part.

ifupdwon (sysconfig) = Disabled
network.service is not a native service, redirecting to /sbin/chkconfig .
Executing /sbin/chkconfig network --level=5
disabled

System file structure.

The folder structure for the RedHat-based distribution for legacy network ifupdown is :

Folder Structure
/
└── etc
    ├── sysconfig
    │   ├── network
    │   └── network-scripts
    │       ├── ifcfg-eth0
    │       └── ifcfg-eth1
    └── udev
        └── rules.d
            └── 70-persistent-net.rules

Back up the old configuration.

Before beginning the network modification, we suggest you do a backup of the actual configuration.

Backup Network Configuration
# Create a backup folder in you user directory.
sudo mkdir -p ~/net_backup/
 
# Go to the folder
cd /etc/sysconfig/network-scripts/  
 
# Copy the file(s) ifcfg-eth*, ifcfg-bond, ifcfg-vlan in folder ~/net_backup/.
sudo cp ifcfg-eth* ~/net_backup/
sudo cp ifcfg-bond* ~/net_backup/
sudo cp ifcfg-vlan* ~/net_backup/

Remove the actual configuration.

After the backup is done you can remove the actual network configuration.

Remove old Network Configuration
# Go to the folder
cd /etc/sysconfig/network-scripts/  
 
# Copy the file(s) ifcfg-eth* in folder ~/net_backup/, this include all ethernet interfaces "eth*,  eth*.* or eth*:*".
sudo rm -f ifcfg-eth*
sudo rm -f ifcfg-bond*
sudo rm -f ifcfg-vlan*

Information needed before starting

Name

Value need change

Comment
Public IP<PUB_IP>
Public Netmask<PUB_NETMASK>
Public Gateway<PUB_GATEWAY>
ETH0 Mac address<ETH0_MAC>

DNS Servers

<DNS1> &  <DNS2>

Private IP OPTIONAL

<PRIV_IP>

Private Netmask OPTIONAL

<PRIV_NETMASK>

Private Gateway OPTIONAL

<PRIV_GATEWAY_FW_LB>

ETH1 Mac address

<ETH1_MAC>

If you were using the legacy "DNS Servers", you will need to modify them.

# Legacy DNS servers
209.172.41.202
209.172.41.200
 
# New DNS servers
23.19.53.53
23.19.52.52

Configuration Files

Public Interface

This configuration is for the Public port. 

/etc/sysconfig/network-scripts/ifcfg-eth0
BOOTPROTO=none
DEFROUTE=yes
DEVICE=eth0
DNS1=<DNS1>
DNS2=<DNS2>
GATEWAY=<PUB_GATEWAY>
HWADDR=<ETH0_MAC>
IPADDR=<PUB_IP>
NETMASK=<PUB_NETMASK>
NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
PEERDNS=yes

Disable Public Interface on OS.

If you want to disable the public interface because you use only the private network, you can use this configuration.

/etc/sysconfig/network-scripts/ifcfg-eth0
BOOTPROTO=none
DEVICE=eth1
HWADDR=<ETH1_MAC>
NM_CONTROLLED=no
ONBOOT=no
TYPE=Ethernet
USERCTL=no

See too: https://kb.leaseweb.com/products/dedicated-server/managing-dedicated-server-network-settings#ManagingDedicatedServernetworksettings-Network

Private Interface

LAN (Static)

You can use this configuration if you use the public network at the same time as the private network.

/etc/sysconfig/network-scripts/ifcfg-eth1
BOOTPROTO=none
DEFROUTE=yes
DEVICE=eth1
HWADDR=<ETH1_MAC>
IPADDR=<PRIV_IP>
NETMASK=<PRIV_NETMASK>
NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no

Reboot network service.

When the configuration is done, you will need to reboot the network service to apply the change.

Reboot network service
systemctl restart network.service
service network restart

If necessary you could restart the server.

Reboot server
shutdown-r now

Predictable Naming.

If you have an issue in the NIC order with the name of NIC, you can create the file 70-persistent-net.rules.

/etc/udev/rules.d/70-persistent-net.rules
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="<ETH0_MAC>", NAME="eth0"
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="<ETH1_MAC>", NAME="eth1"

Configure Q-in-Q VLAN Tagging in the private network.

See documentation : 

LAN (DHCP)

You can use this configuration if you use the public network at the same time as the private network with DHCP enabled.

/etc/sysconfig/network-scripts/ifcfg-eth1
BOOTPROTO=dhcp
DEFROUTE=yes
DEVICE=eth1
NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no

Reboot network service.

When the configuration is done, you will need to reboot the network service to apply the change.

Reboot network service
systemctl restart network.service
service network restart

If necessary you could restart the server.

Reboot server
shutdown-r now

Predictable Naming.

If you have an issue in the NIC order with the name of NIC, you can create the file 70-persistent-net.rules.

/etc/udev/rules.d/70-persistent-net.rules
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="<ETH0_MAC>", NAME="eth0"
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="<ETH1_MAC>", NAME="eth1"

Configure Q-in-Q VLAN Tagging in the private network.

See documentation : 

LAN Only (Static)

You can use this configuration if you use the private network only.

Examples: you have a Firewall (Nat-to-Nat), Load balancing (Nat-to-Nat) or your server is running a service that should only be accessible on the private network.

/etc/sysconfig/network-scripts/ifcfg-eth1
BOOTPROTO=none
DEFROUTE=yes
DEVICE=eth1
DNS1=<DNS1>
DNS2=<DNS2>
GATEWAY=<PRIV_GATEWAY_FW_LB>
HWADDR=<ETH1_MAC>
IPADDR=<PRIV_IP>
NETMASK=<PRIV_NETMASK>
NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
PEERDNS=yes

Reboot network service.

When the configuration is done, you will need to reboot the network service to apply the change.

Reboot network service
systemctl restart network.service
service network restart

If necessary you could restart the server.

Reboot server
shutdown-r now

Predictable Naming.

If you have an issue in the NIC order with the name of NIC, you can create the file 70-persistent-net.rules.

/etc/udev/rules.d/70-persistent-net.rules
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="<ETH0_MAC>", NAME="eth0"
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="<ETH1_MAC>", NAME="eth1"

Configure Q-in-Q VLAN Tagging in the private network.

See documentation : 

Debian Base Distribution (interfaces)

Interfaces (IFUPDOWN)

You need to be root or sudoer to do the modification.

You could use nano or vi to do the modification

How validate interfaces are used on the server.

To know if your system uses the old method "ifupdown" (interfaces) to manage the network part you can validate if these files exist.

/
└── etc
├── network
│ └── interfaces
│ └── interfaces.d
│ └── *.cfg
└── udev
└── rules.d
└── 70-persistent-net.rules

After, validate if the service "networking" runs on the server.

service networking status
# or with systemd
systemctl status networking.service

Back up the old configuration.

Before beginning the network modification, we suggest you do a backup of the actual config.

Backup Network Configuration
# Create a backup folder in your user directory.
sudomkdir-p ~/net_backup/
# Save the default interfaces file.
sudocp/etc/network/interfaces~/net_backup/ 
# Save the additional configuration file.
sudocp/etc/network/interfaces.d/* ~/net_backup/
Network Configuration

Base configuration

You need to be sure the configuration starts with this part, this is necessary for the loopback interface.

/etc/network/interfaces
# Loopback interface.
auto lo
iface lo inet loopback

Public Configuration

Add this configuration if you want to configure the Public Network.

/etc/network/interfaces
# Exemple Public configuration
auto eth0
iface eth0 inet static
address <PUB_IP>/<PUB/PREFIX>
dns-nameservers <DNS1> <DNS2>
gateway <PUB_GATEWAY>
Private Configuration

Private (DHCP)

ⓘ Use this configuration by default.

/etc/network/interfaces
# Exemple Private Network with static IP with gateway (without PUBLIC via Firewall ou Load-Balancing Nat-to-Nat).
auto eth1
iface eth1 inet dhcp

Apply the configuration.

When the configuration is done, you need to restart the service "networking".

Command
# Debian 7 or older and Ubuntu 14 or older:
/etc/init.d/networkingstop
/etc/init.d/networkingstart
 
# Debian 8 or newer and Ubuntu 16 or newer :
systemctl restart networking.service

Private (static IP) without gateway

ⓘ Use this configuration by default.

Use this configuration if you have a Public network and a Private network at the same time and you want static IP on a Private Network.
/etc/network/interfaces
# Exemple Private Network with static IP without gateway.
auto eth1
iface eth1 inet static
address <PRIVATE_IP>/<PRIVATE_PREFIX>

Apply the configuration.

When the configuration is done, you need to restart the service "networking".

Command
# Debian 7 or older and Ubuntu 14 or older:
/etc/init.d/networkingstop
/etc/init.d/networkingstart
 
# Debian 8 or newer and Ubuntu 16 or newer :
systemctl restart networking.service

Private (static IP) with gateway.

You need to use this configuration if you have not configured the Public network or if you have a Nat-to-Nat configuration with Firewall or load-balancing.

/etc/network/interfaces
# Exemple Private Network with static IP with gateway (without PUBLIC via Firewall ou Load-Balancing Nat-to-Nat).
auto eth1
iface eth1 inet static
address <PRIVATE_IP>/<PRIVATE_PREFIX>
dns-nameservers <DNS1> <DNS2>
gateway <PUB_GATEWAY>

Apply the configuration.

When the configuration is done, you need to restart the service "networking".

Command
# Debian 7 or older and Ubuntu 14 or older:
/etc/init.d/networkingstop
/etc/init.d/networkingstart
 
# Debian 8 or newer and Ubuntu 16 or newer :
systemctl restart networking.service

Private (static IP) Q-in-Q.

On a Debian/Ubuntu distribution, the Q-in-Q support is dependent on a package named "VLAN".

Determine whether the 802.1q VLAN module is loaded:

Command:
lsmod |grep8021q
# 8021q 40960 0
# garp 16384 1 8021q
# mrp 20480 1 8021q

Make sure the VLAN package is installed:

Command:
dpkg-query -l |grepvlan
# ii vlan 2.0.5 all ifupdown integration for vlan configuration

If the package is not installed run the command:

Command:
apt-getinstallvlan

Load the kernel module "8021q".

Command:
modprobe 8021q &&echo"8021q">>/etc/modules
/etc/network/interfaces
# Exemple Private Network with static IP in VLAN via the Q-in-Q
auto eth1.<VLAN_ID>
iface eth1.<VLAN_ID> inet static
address <PRIVATE_IP>/<PRIVATE_PREFIX>
dns-nameservers <DNS1> <DNS2> # Optional
gateway <PUB_GATEWAY> # Optional
vlan-raw-device eth1

Apply the configuration.

When the configuration is done, you need to restart the service "networking".

Command
# Debian 7 or older and Ubuntu 14 or older:
/etc/init.d/networkingstop
/etc/init.d/networkingstart
 
# Debian 8 or newer and Ubuntu 16 or newer :
systemctl restart networking.service

Network Manager

Back to top >

Linux Distribution Support Matrix
Distribution
Version
CentOS 7, 8
Debian 10, 11, 12
Ubuntu  16, 18, 20, 22
Almalinux 8, 9
Rocky Linux 8, 9
How validate if NetworkManager is used on server.
Command :
systemctl is-enabled NetworkManager.service

If you have this result after running the command is because the NetworkManager is enabled and it manages the network part.

Result :
enabled

If you have this result after running the command is because the NetworkManager is disabled and it does not manage the network part.

Result :
disabled
Verify NetworkManager is running and nmcli can communicate with it.
Command
nmcli general
Result :
STATE CONNECTIVITY WIFI-HW WIFI WWAN-HW WWAN
connected full enabled enabled enabled enabled
System file structure.

Please select your distribution, the folder location changes after version 8 of a RHEL/Centos-based distribution.

CentOS <= 8 | AlmaLinux 8 | Rocky Linux 8

The folder structure for the RedHat-based distribution for a legacy network with NetworkManager is as:

CentOS

In the RHEL distribution, the NetworkManager saves the ethernet config in folder "/etc/sysconfig/network-scripts/" in the file(s) ifcfg-<connection_name>.

Folder tree :
/
└── etc
    └── sysconfig
        ├── network
        └── network-scripts
            └── ifcfg-*

Back up the old configuration.

Before beginning the network modification, we suggest you do a backup of the actual config.

CentOS

In the RHEL distribution, the NetworkManager saves the "ethernet", "bond" and "vlan" connection type config in folder "/etc/sysconfig/network-scripts/" in the file(s) ifcfg-<connection_name>.


Show a list of the connections. 

Command :
nmcli connection show

The result with be a table with 4 columns :

Colum Name
Description
NAME Name of the connection profile.
UUID UUID of the connection profile.
TYPE Type of the connection.
DEVICE  Interface used for this connection.
Result :
NAME         UUID      TYPE      DEVICE
bond0        <masked>  bond      bond0
bond0.123    <masked>  vlan      bond0.123
vlan123      <masked>  vlan      vlan123
eth0         <masked>  ethernet  eth0
eth1         <masked>  ethernet  eth1
Almalinux 9 | Rocky Linux 9 | Debian 10,11,12 |
Folder tree :
/
└── etc
    └── NetworkManager
        └── system-connections
            └── *.nmconnection

Back up the old configuration.

Before beginning the network modification, we suggest you do a backup of the actual config.

CentOS

In the RHEL distribution, the NetworkManager saves the "ethernet", "bond" and "vlan" connection type config in folder "/etc/sysconfig/network-scripts/" in the file(s) ifcfg-<connection_name>.


Show a list of the connections. 

Command :
nmcli connection show

The result with be a table with 4 columns :

Colum Name
Description
NAME Name of the connection profile.
UUID UUID of the connection profile.
TYPE Type of the connection.
DEVICE  Interface used for this connection.
Result :
NAME         UUID      TYPE      DEVICE
bond0        <masked>  bond      bond0
bond0.123    <masked>  vlan      bond0.123
vlan123      <masked>  vlan      vlan123
eth0         <masked>  ethernet  eth0
eth1         <masked>  ethernet  eth1

Save the configuration.

Please select your distribution, the folder location changes after version 8 of a RHEL/Centos-based distribution.

CentOS <=8 | Almalinux 8 | Rocky Linux 8

Backup Network Configuration
# Create the backup folder on you user directory.
sudo mkdir -p ~/net_backup/
 
# Go on folder
cd /etc/sysconfig/network-scripts/  
 
# Copy file(s) ifcfg-eth*, ifcfg-bond, ifcfg-vlan in folder ~/net_backup/.
sudo cp ifcfg-eth* ~/net_backup/
sudo cp ifcfg-bond* ~/net_backup/
sudo cp ifcfg-vlan* ~/net_backup/

Delete the configuration.

You need to be sure to have done the backup of the old configuration.

View section Show list of the connection to know what is the connection profile name.

Delete Network Configuration
# Exemple : nmcli connection delete <NAME>
 
nmcli connection delete eth0
nmcli connection delete eth1
nmcli connection delete bond0.<VLANID>
nmcli connection delete vlan<VLANID>
nmcli connection delete bond0

After all commands are successful you will receive this confirmation.

Result :
Connection 'CONNECTION_NAME' (UUID) successfully deleted.

Configuration of the Public Network.

Information is needed before starting the configuration.

Name
Value need change
Comment
Public IP <PUB_IP> See the old configuration you have a backup in the folder: "~/net_backup/"
Public Netmask <PUB_PREFIX> See: https://en.wikipedia.org/wiki/Subnet#Subnet_host_count
Public Gateway <PUB_GATEWAY> See the old configuration you have a backup in the folder: "~/net_backup/"
DNS Servers <DNS1> &  <DNS2> See the old configuration you have a backup in the folder: "~/net_backup/"

ETH0 Mac address OPTIONAL

<ETH0_MAC> Use the command "ip lnk show" or See the old configuration you have a backup in the folder: "~/net_backup/"

ETH0 UUID Interface OPTIONAL

<ETH0_UUID_INTERFACE>


> nmcli connection show

Private IP OPTIONAL

<PRIV_IP> See the old configuration you have a backup in the folder: "~/net_backup/"

Private Netmask OPTIONAL

<PRIV_PREFIX> See: https://en.wikipedia.org/wiki/Subnet#Subnet_host_count

Private Gateway OPTIONAL

<PRIV_GATEWAY> See the old configuration you have backup in folder: "~/net_backup/"

ETH1 Mac address OPTIONAL

<ETH1_MAC> Use the command "ip lnk show" or See the old configuration you have a backup in the folder: "~/net_backup/"

ETH1 UUID Interface OPTIONAL

<ETH0_UUID_INTERFACE>


> nmcli connection show

If you were using the legacy "DNS Servers", you will need to modify them.

# Legacy DNS servers
209.172.41.202
209.172.41.200
 
# New DNS servers
23.19.53.53
23.19.52.52

List all network connection profiles:

Command :
nmcli connection show

Now, you can see you have by default two (or more) network connection profiles (column: NAME) linked with the physical NIC(s) (column: DEVICE).

Name
Device
LSW Connection
Wired connection 1 eth0 Public Switch
Wired connection 2 eth1 Internal Switch
Result :
NAME                UUID      TYPE      DEVICE
Wired connection 1  <masked>  ethernet  eth0
Wired connection 2  <masked>  ethernet  eth1

Create the network profile connection for the Public network.

Execute this command to create the profile connection named eth0 bound with interface eth0.

You need remplace the value : <PUB_IP>, <PUB_PREFIX>, <PUB_GATEWAY> with information saved in folder : ~/net_backup/

Command :
nmcli connection add type ethernet con-name eth0 ifname eth0 ip4 <PUB_IP>/<PUB_PREFIX> gw4 <PUB_GATEWAY>
Result :
Connection 'eth0' (UUID) successfully added.

Now you have created a new profile of connection named "eth0" and linked with the physical interface eth0.

If you show the profiles, you will view the old profile connection named "Wired connection 1" but it not linked with the physical nic.

Command
nmcli connection show
Result :
NAME                UUID      TYPE      DEVICE
eth0                <masked>  ethernet  eth0  
Wired connection 1  <masked>  ethernet  -- 
Wired connection 2  <masked>  ethernet  eth1  

We can delete the network profile connection "Wired connection 1".

Command :
nmcli connection delete "Wired connection 1"
Result :
Connection 'Wired connection 1' (UUID) successfully deleted.

Assign the DNS on the new network profile connection of the Public Network.

Do the modification on the profile connection named eth0 to add the DNS servers.

Leaseweb DNS Server

IPv4

DNS1 23.19.53.53
DNS2 23.19.52.52
IPv6 DNS1 2607:f5b5:3::3
DNS2 2607:f5b5:2::2

You need remplace the value : <DNS1> & <DNS2>

DNS Change :

  1. If you see in the backup of configuration the DNS used are legacy iWeb DNS: 209.172.41.200 & 209.172.41.202, you need to change the DNSs by the Leaseweb DNSs displayed in the table on the left.
  2. If you see the DNS used in the backup configuration are not the Legacy iWeb DNS's but the other public DNS, you need to reuse the same DNS's.
Command :
nmcli connection modify eth0 ipv4.dns "<DNS1> <DNS1>"

Activate the network profile connection of the Public Network.

To active one network profile connection you need to run the command below :

Command :
# nmcli connection up <profile_name>
 
nmcli connection up eth0
Result :
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/5)

CentOS 9 | Almalinux 9 | Rocky Linux 9 | Debian 10,11,12 |

Backup Network Configuration
# Create the backup folder on you user directory.
sudo mkdir -p ~/net_backup/
 
# Go on folder
cd /etc/NetworkManager/system-connections
 
# Copy file(s) in folder ~/net_backup/.
sudo cp *.nmconnection ~/net_backup/
 
# Save the general network configuration information.
sudo nmcli -p device show > ~/net_backup/network.config
 
# Save the profile connection variables.
nmcli -t device show | grep GENERAL.CONNECTION > ~/net_backup/nmcli.profile.list
while read i; do nmcli -p connection show "$(echo $i | awk -F':' '{print $2}')" > ~/net_backup/profile.$(echo $i | awk -F':' '{print $2}' tr ' ' '_').variables ; done < ~/net_backup/nmcli.profile.list

Delete the configuration.

You need to be sure to have done the backup of the old configuration.

View section Show list of the connection to know what is the connection profile name.

Delete Network Configuration
# Exemple : nmcli connection delete <NAME>
 
nmcli connection delete eth0
nmcli connection delete eth1
nmcli connection delete bond0.<VLANID>
nmcli connection delete vlan<VLANID>
nmcli connection delete bond0

After all commands are successful you will receive this confirmation.

Result :
Connection 'CONNECTION_NAME' (UUID) successfully deleted.

Configuration of the Public Network.

Information is needed before starting the configuration.

Name
Value need change
Comment
Public IP <PUB_IP> See the old configuration you have a backup in the folder: "~/net_backup/"
Public Netmask <PUB_PREFIX> See: https://en.wikipedia.org/wiki/Subnet#Subnet_host_count
Public Gateway <PUB_GATEWAY> See the old configuration you have a backup in the folder: "~/net_backup/"
DNS Servers <DNS1> &  <DNS2> See the old configuration you have a backup in the folder: "~/net_backup/"

ETH0 Mac address OPTIONAL

<ETH0_MAC> Use the command "ip lnk show" or See the old configuration you have a backup in the folder: "~/net_backup/"

ETH0 UUID Interface OPTIONAL

<ETH0_UUID_INTERFACE>


> nmcli connection show

Private IP OPTIONAL

<PRIV_IP> See the old configuration you have a backup in the folder: "~/net_backup/"

Private Netmask OPTIONAL

<PRIV_PREFIX> See: https://en.wikipedia.org/wiki/Subnet#Subnet_host_count

Private Gateway OPTIONAL

<PRIV_GATEWAY> See the old configuration you have backup in folder: "~/net_backup/"

ETH1 Mac address OPTIONAL

<ETH1_MAC> Use the command "ip lnk show" or See the old configuration you have a backup in the folder: "~/net_backup/"

ETH1 UUID Interface OPTIONAL

<ETH0_UUID_INTERFACE>


> nmcli connection show

If you were using the legacy "DNS Servers", you will need to modify them.

# Legacy DNS servers
209.172.41.202
209.172.41.200
 
# New DNS servers
23.19.53.53
23.19.52.52

List all network connection profiles:

Command :
nmcli connection show

Now, you can see you have by default two (or more) network connection profiles (column: NAME) linked with the physical NIC(s) (column: DEVICE).

Name
Device
LSW Connection
Wired connection 1 eth0 Public Switch
Wired connection 2 eth1 Internal Switch
Result :
NAME                UUID      TYPE      DEVICE
Wired connection 1  <masked>  ethernet  eth0
Wired connection 2  <masked>  ethernet  eth1

Create the network profile connection for the Public network.

Execute this command to create the profile connection named eth0 bound with interface eth0.

You need remplace the value : <PUB_IP>, <PUB_PREFIX>, <PUB_GATEWAY> with information saved in folder : ~/net_backup/

Command :
nmcli connection add type ethernet con-name eth0 ifname eth0 ip4 <PUB_IP>/<PUB_PREFIX> gw4 <PUB_GATEWAY>
Result :
Connection 'eth0' (UUID) successfully added.

Now you have created a new profile of connection named "eth0" and linked with the physical interface eth0.

If you show the profiles, you will view the old profile connection named "Wired connection 1" but it not linked with the physical nic.

Command
nmcli connection show
Result :
NAME                UUID      TYPE      DEVICE
eth0                <masked>  ethernet  eth0  
Wired connection 1  <masked>  ethernet  -- 
Wired connection 2  <masked>  ethernet  eth1  

We can delete the network profile connection "Wired connection 1".

Command :
nmcli connection delete "Wired connection 1"
Result :
Connection 'Wired connection 1' (UUID) successfully deleted.

Assign the DNS on the new network profile connection of the Public Network.

Do the modification on the profile connection named eth0 to add the DNS servers.

Leaseweb DNS Server

IPv4

DNS1 23.19.53.53
DNS2 23.19.52.52
IPv6 DNS1 2607:f5b5:3::3
DNS2 2607:f5b5:2::2

You need remplace the value : <DNS1> & <DNS2>

DNS Change :

  1. If you see in the backup of configuration the DNS used are legacy iWeb DNS: 209.172.41.200 & 209.172.41.202, you need to change the DNSs by the Leaseweb DNSs displayed in the table on the left.
  2. If you see the DNS used in the backup configuration are not the Legacy iWeb DNS's but the other public DNS, you need to reuse the same DNS's.
Command :
nmcli connection modify eth0 ipv4.dns "<DNS1> <DNS1>"

Activate the network profile connection of the Public Network.

To active one network profile connection you need to run the command below :

Command :
# nmcli connection up <profile_name>
 
nmcli connection up eth0
Result :
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/5)

Configuration of the Private Network.

Select the type of configuration you want to set-up:

DHCP (Default)

Adding a Dynamic Ethernet Connection.

To add an Ethernet configuration profile with dynamic DHCP configuration, allowing DHCP to assign the network configuration:

Command :
# nmcli connection add type ethernet con-name <connection-name> ifname <interface-name>
 
nmcli connection add type ethernet con-name eth1 ifname eth1
Result :
Connection 'eth1' (UUID) successfully added.

Activate the Ethernet connection.

Now we will activate the Ethernet connection with the profile created.

Command :
# nmcli connection up <connection-name>
 
nmcli connection up eth1
Result :
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/5)

Confirm the ethernet connection is activated.

Now we will validate if the Ethernet connection is activated.

Command :
nmcli device status


We can see in column "STATE" that the value is "connected".

Result :
DEVICE  TYPE      STATE      CONNECTION
eth0    ethernet  connected  eth0
eth1    ethernet  connected  eth1    
lo      loopback  unmanaged  --

Validate the network configuration.

Now we will validate the complete Network configuration.

Command :
nmcli device show

In the result, you can see the general configuration of the all network interfaces.

Result :
GENERAL.DEVICE:                         eth0
GENERAL.TYPE:                           ethernet
GENERAL.HWADDR:                         02:00:30:8F:00:3D
GENERAL.MTU:                            1500
GENERAL.STATE:                          100 (connected)
GENERAL.CONNECTION:                     eth0
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveConnection/1
WIRED-PROPERTIES.CARRIER:               on
IP4.ADDRESS[1]:                         10.20.20.236/24
IP4.GATEWAY:                            10.20.20.1
IP4.ROUTE[1]:                           dst = 10.20.20.0/24, nh = 0.0.0.0, mt = 100
IP4.ROUTE[2]:                           dst = 0.0.0.0/0, nh = 10.20.20.1, mt = 100
IP4.DNS[1]:                             1.1.1.1
IP4.DNS[2]:                             8.8.4.4
IP6.ADDRESS[1]:                         fe80::f9cd:8221:c601:a889/64
IP6.GATEWAY:                            --
IP6.ROUTE[1]:                           dst = fe80::/64, nh = ::, mt = 100
IP6.ROUTE[2]:                           dst = ff00::/8, nh = ::, mt = 256, table=255
 
GENERAL.DEVICE:                         eth1
GENERAL.TYPE:                           ethernet
GENERAL.HWADDR:                         02:00:25:47:00:05
GENERAL.MTU:                            1500
GENERAL.STATE:                          100 (connected)
GENERAL.CONNECTION:                     eth1
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveConnection/5
WIRED-PROPERTIES.CARRIER:               on
IP4.ADDRESS[1]:                         10.10.10.68/24
IP4.GATEWAY:                            --
IP4.ROUTE[1]:                           dst = 10.10.10.0/24, nh = 0.0.0.0, mt = 101
IP6.ADDRESS[1]:                         fe80::50b5:257a:1310:fd0d/64
IP6.GATEWAY:                            --
IP6.ROUTE[1]:                           dst = fe80::/64, nh = ::, mt = 101
IP6.ROUTE[2]:                           dst = ff00::/8, nh = ::, mt = 256, table=255
 
GENERAL.DEVICE:                         lo
GENERAL.TYPE:                           loopback
GENERAL.HWADDR:                         00:00:00:00:00:00
GENERAL.MTU:                            65536
GENERAL.STATE:                          10 (unmanaged)
GENERAL.CONNECTION:                     --
GENERAL.CON-PATH:                       --
IP4.ADDRESS[1]:                         127.0.0.1/8
IP4.GATEWAY:                            --
IP6.ADDRESS[1]:                         ::1/128
IP6.GATEWAY:                            --

Static IP

In the NGN Private Network, we can use the static IP configuration with or without DHCP enabled.

 If the DHCP is disabled, you can use the private subnet you want in class: A, B, or C.

Class
Subnet
Usable IP
A 10.0.0.0/8 10.0.0.0 to 10.255.255.255
B 172.16.0.0/12 172.16.0.0 to 172.31.255.255
C 192.168.0.0/16 192.168.0.0 to 192.168.255.255

Adding a Static Ethernet Connection.

To add an Ethernet configuration profile with static IP:

Command:
nmcli connection add type ethernet con-name eth1 ifname eth1 ip4 <PRIV_IP>/<PRIV_PREFIX>

If you need to add the Gateway or DNS on the Private Network in case your server is behind a firewall or the load-balancer, you need to apply this configuration.

Add the gateway:

Command
nmcli connection  modify eth1 ipv4.gateway "<PRIV_GATEWAY>"

Add the DNS:

Command
nmcli connection  modify eth1 +ipv4.dns "<DNS1>"
nmcli connection  modify eth1 +ipv4.dns "<DNS2>"

If you need multiple IPs, you can repeat the command multiple time.

Add multiple IPs:

Command
nmcli connection modify eth1 +ipv4.addresses <PRIV_IP_ADD>/<PRIV_PREFIX>

Remove a multiple IPs:

Command
nmcli connection modify eth1 -ipv4.addresses <PRIV_IP_ADD>/<PRIV_PREFIX>

To apply the change, you need down and up the profile connection.

Commands:
nmcli connection down <profile-name>
nmcli connection up <profile-name>

Activate the Ethernet connection.

Now we will activate the Ethernet connection with the profile created.

Command :
# nmcli connection up <connection-name>
 
nmcli connection up eth1
Result :
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/5)

Confirm the ethernet connection is activated.

Now we will validate if the Ethernet connection is activated.

Command :
nmcli device status


We can see on column "STATE" the value is "connected".

Result :
DEVICE  TYPE      STATE      CONNECTION
eth0    ethernet  connected  eth0
eth1    ethernet  connected  eth1    
lo      loopback  unmanaged  --

Validate the network configuration.

Now we will validate the complete Network configuration.

Command :
nmcli device show

In the result, you can see the general configuration of the all network interfaces.

Result :
GENERAL.DEVICE:                         eth0
GENERAL.TYPE:                           ethernet
GENERAL.HWADDR:                         02:00:30:8F:00:3D
GENERAL.MTU:                            1500
GENERAL.STATE:                          100 (connected)
GENERAL.CONNECTION:                     eth0
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveConnection/1
WIRED-PROPERTIES.CARRIER:               on
IP4.ADDRESS[1]:                         10.20.20.236/24
IP4.GATEWAY:                            10.20.20.1
IP4.ROUTE[1]:                           dst = 10.20.20.0/24, nh = 0.0.0.0, mt = 100
IP4.ROUTE[2]:                           dst = 0.0.0.0/0, nh = 10.20.20.1, mt = 100
IP4.DNS[1]:                             1.1.1.1
IP4.DNS[2]:                             8.8.4.4
IP6.ADDRESS[1]:                         fe80::f9cd:8221:c601:a889/64
IP6.GATEWAY:                            --
IP6.ROUTE[1]:                           dst = fe80::/64, nh = ::, mt = 100
IP6.ROUTE[2]:                           dst = ff00::/8, nh = ::, mt = 256, table=255
 
GENERAL.DEVICE:                         eth1
GENERAL.TYPE:                           ethernet
GENERAL.HWADDR:                         02:00:25:47:00:05
GENERAL.MTU:                            1500
GENERAL.STATE:                          100 (connected)
GENERAL.CONNECTION:                     eth1
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveConnection/5
WIRED-PROPERTIES.CARRIER:               on
IP4.ADDRESS[1]:                         10.10.10.68/24
IP4.GATEWAY:                            --
IP4.ROUTE[1]:                           dst = 10.10.10.0/24, nh = 0.0.0.0, mt = 101
IP6.ADDRESS[1]:                         fe80::50b5:257a:1310:fd0d/64
IP6.GATEWAY:                            --
IP6.ROUTE[1]:                           dst = fe80::/64, nh = ::, mt = 101
IP6.ROUTE[2]:                           dst = ff00::/8, nh = ::, mt = 256, table=255
 
GENERAL.DEVICE:                         lo
GENERAL.TYPE:                           loopback
GENERAL.HWADDR:                         00:00:00:00:00:00
GENERAL.MTU:                            65536
GENERAL.STATE:                          10 (unmanaged)
GENERAL.CONNECTION:                     --
GENERAL.CON-PATH:                       --
IP4.ADDRESS[1]:                         127.0.0.1/8
IP4.GATEWAY:                            --
IP6.ADDRESS[1]:                         ::1/128
IP6.GATEWAY:                            --

Q-in-Q

Adding a Vlan Connection.

🛈If you do not specify the IP and gateway, the DHCP will be used.

Command:
# nmcli connection add type vlan con-name <VLAN_PROFILE_NAME> dev <PRIV_INTERFACE> id <VLAN_ID> [ ip4 <PRIV_IP>/<PRIV_PREFIX> gw4 <PRIV_GATEWAY> ]
 
nmcli connection add type vlan con-name VLAN12 dev eth1 id 12

Convert the Vlan connection with static IP.

Command:
# nmcli connection modify <VLAN_PROFILE_NAME> ipv4.method manual
 
nmcli connection modify VLAN12 ipv4.method manual

How adding the static IP.

Command:
# nmcli connection modify <VLAN_PROFILE_NAME> ipv4.addresses <PRIV_IP>/<PRIV_PREFIX>
 
nmcli connection modify VLAN12 ipv4.addresses 10.12.0.100/24

How adding the additional static IP.

Command:
# nmcli connection modify <VLAN_PROFILE_NAME> +ipv4.addresses <PRIV_IP>/<PRIV_PREFIX>  
 
nmcli connection modify VLAN12 +ipv4.addresses 10.12.0.200/24

How adding the Gateway.

Command:
# nmcli connection modify <VLAN_PROFILE_NAME> ipv4.gateway <PRIV_GATEWAY>
 
nmcli connection modify VLAN12 ipv4.gateway 10.12.0.1

How adding the DNS.

Command:
# nmcli connection modify <VLAN_PROFILE_NAME> ipv4.dns "<DNS1> <DNS2>"
 
nmcli connection modify VLAN12 ipv4.dns "23.19.53.53 23.19.52.52"

To apply the change, you need down and up the profile connection or reboot the server.

Commands:
nmcli connection down VLAN12
nmcli connection up VLAN12

Validate the network configuration.

Now we will validate the complete Network configuration.

Command :
nmcli device show

In the result, you can see the general configuration of the all network interfaces.

Result :
GENERAL.DEVICE:                         eth0
GENERAL.TYPE:                           ethernet
GENERAL.HWADDR:                         02:00:30:8F:00:3D
GENERAL.MTU:                            1500
GENERAL.STATE:                          100 (connected)
GENERAL.CONNECTION:                     eth0
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveConnection/1
WIRED-PROPERTIES.CARRIER:               on
IP4.ADDRESS[1]:                         10.20.20.236/24
IP4.GATEWAY:                            10.20.20.1
IP4.ROUTE[1]:                           dst = 10.20.20.0/24, nh = 0.0.0.0, mt = 100
IP4.ROUTE[2]:                           dst = 0.0.0.0/0, nh = 10.20.20.1, mt = 100
IP4.DNS[1]:                             1.1.1.1
IP4.DNS[2]:                             8.8.4.4
IP6.ADDRESS[1]:                         fe80::f9cd:8221:c601:a889/64
IP6.GATEWAY:                            --
IP6.ROUTE[1]:                           dst = fe80::/64, nh = ::, mt = 100
IP6.ROUTE[2]:                           dst = ff00::/8, nh = ::, mt = 256, table=255
 
GENERAL.DEVICE:                         eth1
GENERAL.TYPE:                           ethernet
GENERAL.HWADDR:                         02:00:25:47:00:05
GENERAL.MTU:                            1500
GENERAL.STATE:                          100 (connected)
GENERAL.CONNECTION:                     eth1
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveConnection/5
WIRED-PROPERTIES.CARRIER:               on
IP4.ADDRESS[1]:                         10.10.10.68/24
IP4.GATEWAY:                            --
IP4.ROUTE[1]:                           dst = 10.10.10.0/24, nh = 0.0.0.0, mt = 101
IP6.ADDRESS[1]:                         fe80::50b5:257a:1310:fd0d/64
IP6.GATEWAY:                            --
IP6.ROUTE[1]:                           dst = fe80::/64, nh = ::, mt = 101
IP6.ROUTE[2]:                           dst = ff00::/8, nh = ::, mt = 256, table=255
 
GENERAL.DEVICE:                         lo
GENERAL.TYPE:                           loopback
GENERAL.HWADDR:                         00:00:00:00:00:00
GENERAL.MTU:                            65536
GENERAL.STATE:                          10 (unmanaged)
GENERAL.CONNECTION:                     --
GENERAL.CON-PATH:                       --
IP4.ADDRESS[1]:                         127.0.0.1/8
IP4.GATEWAY:                            --
IP6.ADDRESS[1]:                         ::1/128
IP6.GATEWAY:                            --

Systemd-Networkd

Back to top >

The network management systemd-networkd is not present by default on RHEL distribution.

If your system use systemd-networkd, it probably use Netplan to do the configuration.

Information needed before starting

Name

Value need change

Comment
Public IP <PUB_IP>
Public Netmask <PUB_PREFIX> See: https://en.wikipedia.org/wiki/Subnet#Subnet_host_count
Public Gateway <PUB_GATEWAY>
ETH0 Mac address <ETH0_MAC>

DNS Servers

<DNS1> &  <DNS2>

Private IP OPTIONAL

<PRIV_IP>

Private Netmask OPTIONAL

<PRIV_PREFIX> See: https://en.wikipedia.org/wiki/Subnet#Subnet_host_count

Private Gateway OPTIONAL

<PRIV_GATEWAY>

ETH1 Mac address

<ETH1_MAC>

If you were using the legacy "DNS Servers", you will need to modify them.

# Legacy DNS servers
209.172.41.202
209.172.41.200
 
# New DNS servers
23.19.53.53
23.19.52.52

System file structure.

The folder structure for the RedHat-based distribution for legacy network ifupdown is :

/
└── etc
    └── systemd
        └── network
            ├── *.network
            └── *.link

Backup old configuration.

Command(s):
# Create the backup folder on you user directory.
sudo mkdir -p ~/net_backup/
  
# Save the general network configuration information.
sudo cp /etc/systemd/network/* ~/net_backup/
 
# Delete content of legacy configuration.
rm -rf /etc/systemd/network/*

Configuration Files

Public Interface

🛈This configuration is for the Public port. 

/etc/systemd/networkd/eth0.network
[Address]
Address=<PUB_IP>/<PUB_PREFIX>
 
[Match]
MACAddress=<ETH0_MAC>
Name=eth0
 
[Network]
DHCP=no
DNS=<DNS1> <DNS2>
 
[Route]
Gateway=<PUB_GATEWAY>  

Private Interface

🛈You can use this configuration if you use the public network at the same time as the private network.

DHCP

/etc/systemd/network/eth1.network
[Match]
MACAddress=<ETH1_MAC>
Name=eth1
 
[Network]
DHCP=yes

Private network only with static IP

/etc/systemd/network/eth1.network
[Address]
Address=<PRIV_IP>/<PRIV_PREFIX>
 
[Match]
MACAddress=<ETH1_MAC>
Name=eth1
 
[Network]
DHCP=no

Private network only

/etc/systemd/network/eth1.network
[Address]
Address=<PRIV_IP>/<PRIV_PREFIX>
 
[Match]
MACAddress=<ETH1_MAC>
Name=eth1
 
[Network]
DHCP=no
DNS=<DNS1> <DNS2>
 
[Route]
Gateway=<PRIV_GATEWAY>


Netplan

Back to top >

🛈What is netplan?

Netplan is a utility for easily configuring networking on a Linux system.

You simply create a YAML description of the required network interfaces and what each should be configured to do.

From this description, Netplan will generate all the necessary configurations for your chosen renderer tool.

Debian

Netplan is not installed by default on Debian and RHEL distributions.

Ubuntu

Netplan was introduced in Ubuntu since version 18.04.

🛈Rederer

Netplan support two renderer : "networkd" and "NetworkManager".

The default renderer is "networkd" if the information is not included in the YAML configuration file.

System file structure.

Folder Structure
/
└── etc
    └── netplan
        └── *.yaml

YAML configuration.

How define what is the renderer used by Netplan.

First, we need to find what is the render user by netplan, so we will run this command : 

Command:
cat /etc/netplan/netplan.yaml | grep "renderer"

If your result is "networkd" is because the system uses the "systemd-networkd" to manage the network with Netplan.

Result:
renderer: networkd

If your result is "NetworkManager" is because the system uses the "NetworkManager" to manage the network with Netplan.

Result:
renderer: NetworkManager

Back up the old configuration.

Before beginning the network modification, we suggest you do a backup of the actual config.

Backup Network Configuration
# Create the backup folder on you user directory.
sudo mkdir -p ~/net_backup/
 
# Save the general network configuration information.
sudo netplan get > ~/net_backup/network.general.yaml
 
# Go on the Netplan folder.
cd /etc/netplan/
 
# Save all configuration file(s).
sudo cp ./*.yaml ~/net_backup/

Delete the configuration.

You need to be sure to have done the backup of the old configuration.

Delete Network Configuration
sudo rm -rf /etc/netplan/*

Configuration of the Network.

Information is needed before starting the configuration.

Name

Value need change

Comment

Netplan Config Version
<VERSION>


Renderer <RENDERER>

See the old configuration you have a backup in the folder: "~/net_backup/"

Value
Description
networkd Use systemd-networkd service.
NetworkManager Use NetworkManager service
Public IP <PUB_IP> See the old configuration you have a backup of in the folder: "~/net_backup/"
Public Netmask <PUB_PREFIX> See: https://en.wikipedia.org/wiki/Subnet#Subnet_host_count
Public Gateway <PUB_GATEWAY> See the old configuration you have a backup in the folder: "~/net_backup/"
DNS Servers <DNS1> &  <DNS2> See the old configuration you have a backup in the folder: "~/net_backup/"

ETH0 Mac address OPTIONAL

<ETH0_MAC> Use the command "ip lnk show" or See the old configuration you have a backup in the folder: "~/net_backup/"

Private IP OPTIONAL

<PRIV_IP> See the old configuration you have a backup in the folder: "~/net_backup/"

Private Netmask OPTIONAL

<PRIV_PREFIX> See: https://en.wikipedia.org/wiki/Subnet#Subnet_host_count

Private Gateway OPTIONAL

<PRIV_GATEWAY> See the old configuration you have a backup in the folder: "~/net_backup/"

ETH1 Mac address OPTIONAL

<ETH1_MAC> Use the command "ip lnk show" or See the old configuration you have a backup in the folder: "~/net_backup/"

If you were using the legacy "DNS Servers", you will need to modify them.

# Legacy DNS servers
209.172.41.202
209.172.41.200
 
# New DNS servers
23.19.53.53
23.19.52.52

Create the loopback configuration file.

(V2) sudo vi /etc/netplan/00-loopback.yaml
network:
  version: <VERSION>
  renderer: <RENDERER>
  ethernets:
    lo:
      addresses: [ "127.0.0.1/8""::1/128" ]

Create a public configuration file.

(V2) sudo vi /etc/netplan/01-public.yaml
network:
  version: <VERSION>
  renderer: <RENDERER>
  ethernets:
    eth0:
      dhcp4: no
      dhcp6: no
      addresses:
        - <PUB_IP>/<PUB_PREFIX>
      nameservers:
        search:
          "<DOMAIN>"
        addresses:
          - <DNS1>
          - <DNS2>
      routes:
        - to: default
          via: <PUB_GATEWAY>

Create a private configuration file.

DHCP

(V2) sudo vi /etc/netplan/01-private.yaml
network:
  version: <VERSION>
  renderer: <RENDERER>
  ethernets:
    eth1:
      dhcp4: yes
      dhcp6: yes

Static IP

(V2) sudo vi /etc/netplan/01-private.yaml
network:
  version: <VERSION>
  renderer: <RENDERER>
  ethernets:
    eth1:
      dhcp4: no
      dhcp6: no
      addresses:
        - <PRIV_IP>/<PRIV_PREFIX>
      nameservers:
        search:
          "<DOMAIN>"
        addresses:
          - <DNS1>
          - <DNS2>
      routes:
        - to: default
          via: <PRIV_GATEWAY>

Q-in-Q

(V2) sudo vi /etc/netplan/01-private.yaml
network:
  version: <VERSION>
  renderer: <RENDERER>
  ethernets:
    eth1: { ... }               # See section "DHCP or Static IP" in private network part.  
  vlans:
    vlan<VLAN_ID>:
      id: <VLAN_ID>
      link: eth1
      dhcp4: no
      dhcp6: no
      addresses:
        - <PRV_IP>/<PRIV_PRIFIX>
      nameservers:
        addresses:
          - <DNS1>
          - <DNS2>
        search:
          "<DOMAIN>"
      routes:
         - to: <PRIVATE_SUBNET>/<PRIVATE_SUBNET_PREFIX>
          via: <PRIVATE_SUBNET_GATEWAY>

Apply the network configuration.

It is possible you need to reboot the server to apply change.

Command(s):
# Apply the change and revert after 120 secondes if you not confirm the change.
netplan try
 
# Apply the change permanently.
netplan apply

Validate network configuration.

Display the network configuration.

Command:
ip address && route -n && resolvectl
Result:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 02:00:30:8f:00:3d brd ff:ff:ff:ff:ff:ff
    altname enp0s3
    altname ens3
    inet 10.20.20.236/24 brd 10.20.20.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::30ff:fe8f:3d/64 scope link 
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 02:00:25:47:00:05 brd ff:ff:ff:ff:ff:ff
    altname enp0s4
    altname ens4
    inet 10.10.10.68/24 brd 10.10.10.255 scope global eth1
       valid_lft forever preferred_lft forever
    inet6 fe80::25ff:fe47:5/64 scope link 
       valid_lft forever preferred_lft forever
4: vlan10@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 02:00:25:47:00:05 brd ff:ff:ff:ff:ff:ff
    inet 10.10.250.10/24 brd 10.10.250.255 scope global vlan10
       valid_lft forever preferred_lft forever
    inet6 fe80::25ff:fe47:5/64 scope link 
       valid_lft forever preferred_lft forever

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.20.20.1      0.0.0.0         UG    0      0        0 eth0
10.10.10.0      0.0.0.0         255.255.255.0   U     0      0        0 eth1
10.10.10.0      10.10.10.1      255.255.255.0   UG    0      0        0 eth1
10.10.250.0     0.0.0.0         255.255.255.0   U     0      0        0 vlan10
10.20.20.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0

Global
       Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: uplink

Link 2 (eth0)
Current Scopes: DNS
     Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
   DNS Servers: 10.20.20.1 23.19.52.52 23.19.53.53
    DNS Domain: mycompany.local

Link 3 (eth1)
Current Scopes: DNS
     Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
   DNS Servers: 1.1.1.1 8.8.8.8

Link 4 (vlan10)
Current Scopes: none
     Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported

Display the Netplan configuration
Command:
netplan get
Result:
network:
  version: 2
  renderer: networkd
  ethernets:
    lo:
      addresses:
      "127.0.0.1/8"
      "::1/128"
    eth0:
      match:
        name: "eth0"
        macaddress: "02:00:30:8f:00:3d"
      addresses:
      "10.20.20.236/24"
      nameservers:
        addresses:
        - 10.20.20.1
        - 23.19.52.52
        - 23.19.53.53
        search:
        - mycompany.local
      routes:
      - to: "0.0.0.0/0"
        via: "10.20.20.1"
    eth1:
      addresses:
      "10.10.10.68/24"
      nameservers:
        addresses:
        - 1.1.1.1
        - 8.8.8.8
      routes:
      - to: "10.10.10.0/24"
        via: "10.10.10.1"
  vlans:
    vlan10:
      addresses:
      "10.10.250.10/24"
      id: 10
      link: "eth1"


<~-- -->