Summary

This procedure will guide you to perform the network conversion from Legacy Rack to Leaseweb’s Next-Generation Network (NGN) rack architecture in order to re-establish the server's network connectivity.

Work instructions

Please, follow these instructions to proceed with the network conversion from Legacy Rack to NGN rack architecture.

Linux

Tech Refresh Preparation
Post-Tech Refresh (Server already moved to the NGN Rack)

Cloud-Init

WAN Only
WAN & LAN
LAN Only

Manual

Legacy (Ifupdown)

RHEL Base Distribution (sysconfig)
Debian Base Distribution (interfaces)

NetworkManager
Systemd-Networkd
Netplan

1) Tech Refresh Preparation.

This section explains how to save the basic network information before the server is moved to the new NGN rack, to facilitate the reconfiguration of the network on the server once the server is in the new rack.

Save the minimal network information.

It is important to keep the minimal network's information because you will reconfigure the same IPs once the server is placed in the new Leaseweb NGN rack.

Below you can find the commands to execute.

Command:
ip address > base_network.txt && route -n >> base_network.txt

Now your IPs and Route are saved in file base_network.txt.

⚠This result is only an example, you will probably have more information.

Result: cat base_network.txt

1: lo: <LOOPBACK,UP,LOWER_UP> mtu   65536  qdisc noqueue state UNKNOWN group default qlen 1000

link/loopback 00 :00: 00 :00: 00 :00 brd 00: 00 :00: 00 :00: 00

inet 127.0 .0.1/ 8 scope host lo

valid_lft forever preferred_lft forever

inet6 ::1 / 128 scope host

valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu   1500  qdisc fq_codel state UP group default qlen 1000

link/ether 02 :00: 30 :8f:00:3d brd ff:ff:ff:ff:ff:ff

altname enp0s3

altname ens3

inet 10.20 .20.236/ 24 brd 10.20. 20.255 scope global noprefixroute eth0

valid_lft forever preferred_lft forever

inet6 fe80::30ff:fe8f:3d/ 64 scope link noprefixroute

valid_lft forever preferred_lft forever

3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu   1500  qdisc fq_codel state UP group default qlen 1000

link/ether 02 :00: 25 :47: 00 :05 brd ff:ff:ff:ff:ff:ff

altname enp0s4

altname ens4

Kernel IP routing table

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface

0.0.0.0                   10.20  .  20.1              0.0.0.0                   UG      100          0            0      eth0

10.20.20.0            0.0.0.0                    255.255.255.0       U       100           0            0       eth0

2) Post-Tech Refresh (Server already moved to the NGN Rack)

Convert Network Configuration

⚠You will first need to access the remote console of your server.

To access a server without a network, you need to connect to the VPN and once connected access the IPMI.

Once the server is moved the IPMI connection information will be changed.

You can read the following knowledge base to retrieve the updated credentials.

Two network configuration methods can be used for Linux distribution.

Manual Network Configuration
Cloud-Init Configuration

⚠This process is only available for the Linux distribution. Windows and VMware networks must be configured manually.

To verify what configuration method to use follow these steps:

Validate if cloud-init is installed.
RHEL Distribution Base (RHEL/CentOS/Almalinux)
rpm -qa cloud-init
Ubuntu/Debian
apt -qq list cloud-init
Validate cloud-init services status.
systemctl status cloud-init-local.service
systemctl status cloud-init.service
systemctl status cloud-config.service
systemctl status cloud-final.service
If Cloud-Init is installed and the services are running Select the "Cloud-Init" Section, otherwise select the "Manual" section.

Cloud-Init

Manual

Cloud-Init

Back to top >

Back up the old configuration

Before you start modifying the network, we advise you to make a backup of the current configuration.

Do the backup of the old configuration.

Backup old configuration.

# Create a backup folder in you user directory.

sudo mkdir -p ~/net_backup/

# Go to the folder

cd /etc/cloud/

# Save the file(s)

sudo cp ./cloud.cfg ~ /net_backup/

sudo cp ./cloud.cfg.d/* ~ /net_backup/

If cloud-init is installed & executed, execute :
Clean actual cloud-init configuration.
rm -f /etc/cloud/cloud.cfg
rm -rf /etc/cloud/cloud.cfg.d/
cloud-init clean
Write new file: /etc/cloud/cloud.cfg (format will change depending on config PUB, PUB+INT, INT)

WAN Only
WAN & LAN
LAN Only

WAN Only

Back to top >

If you were using the legacy "DNS Servers", you will need to modify them.

# Legacy DNS servers

209.172.41.202

209.172.41.200

# New DNS servers

23.19.53.53

23.19.52.52

/etc/cloud/cloud.cfg

network:

version: 1

config:

- type : physical

id: eth0

mac_address: <MAC_ADDRESS_ETH0>

name: eth0

subnets:

- address: <PUBLIC_IP>

dns_nameservers: [23.19.53.53, 23.19.52.52]

gateway: <PUBLIC_GATEWAY>

netmask: <PUBLIC_NETMASK>

type: static

- type : physical

id: eth1

mac_address: <MAC_ADDRESS_ETH1>

name: eth1

subnets:

- type : dhcp

system_info:

network:

renderers: [netplan, eni, sysconfig]

4) Execute this command to reconfigure the network.

cloud-init init --local

5) Restart the network to take the new config

systemctl restart networking

systemctl restart NetworkManager

systemctl restart NetworkManager.service

systemctl restart network.service

nmcli networking off && nmcli networking on

6) If necessary you can restart the server.

init 6

WAN & LAN

Back to top >

LAN Static :

If you were using the legacy "DNS Servers", you will need to modify them.

# Legacy DNS servers

209.172.41.202

209.172.41.200

# New DNS servers

23.19.53.53

23.19.52.52

/etc/cloud/cloud.cfg

network:

version: 1

config:

- type : physical

id: eth0

mac_address: <MAC_ADDRESS_ETH0>

name: eth0

subnets:

- address: <PUBLIC_IP>

dns_nameservers: [23.19.53.53, 23.19.52.52]

gateway: <PUBLIC_GATEWAY>

netmask: <PUBLIC_NETMASK>

type: static

- type : physical

id: eth1

mac_address: <MAC_ADDRESS_ETH1>

name: eth1

subnets:

- address: <INTERNAL_IP>

netmask: <INTERNAL_NETMASK>

type: static

system_info:

network:

renderers: [netplan, eni, sysconfig]

4) Execute this command to reconfigure the network.

cloud-init init --local

5) Restart the network to take the new config

systemctl restart networking

systemctl restart NetworkManager

systemctl restart NetworkManager.service

systemctl restart network.service

nmcli networking off && nmcli networking on

6) If necessary you can restart the server.

init 6

LAN : DHCP

If you were using the legacy "DNS Servers", you will need to modify them.

# Legacy DNS servers

209.172.41.202

209.172.41.200

# New DNS servers

23.19.53.53

23.19.52.52

/etc/cloud/cloud.cfg

network:

version: 1

config:

- type : physical

id: eth0

mac_address: <MAC_ADDRESS_ETH0>

name: eth0

subnets:

- address: <PUBLIC_IP>

dns_nameservers: [23.19.53.53, 23.19.52.52]

gateway: <PUBLIC_GATEWAY>

netmask: <PUBLIC_NETMASK>

type: static

- type : physical

id: eth1

mac_address: <MAC_ADDRESS_ETH1>

name: eth1

subnets:

- type : dhcp

system_info:

network:

renderers: [netplan, eni, sysconfig]

4) Execute this command to reconfigure the network.

cloud-init init --local

5) Restart the network to take the new config

systemctl restart networking

systemctl restart NetworkManager

systemctl restart NetworkManager.service

systemctl restart network.service

nmcli networking off && nmcli networking on

6) If necessary you can restart the server.

init 6

LAN Only

Back to top >

If you were using the legacy "DNS Servers", you will need to modify them.

# Legacy DNS servers

209.172.41.202

209.172.41.200

# New DNS servers

23.19.53.53

23.19.52.52

/etc/cloud/cloud.cfg

network:

version: 1

config:

- type : physical

id: eth0

mac_address: <MAC_ADDRESS_ETH0>

name: eth0

- type : physical

id: eth1

mac_address: <MAC_ADDRESS_ETH1>

name: eth1

subnets:

- address: <INTERNAL_IP>

dns_nameservers: [23.19.53.53, 23.19.52.52]

gateway: <INTERNAL_GATEWAY>

netmask: <INTERNAL_NETMASK>

type: static

system_info:

network:

renderers: [netplan, eni, sysconfig]

4) Execute this command to reconfigure the network.

cloud-init init --local

5) Restart the network to take the new config

systemctl restart networking

systemctl restart NetworkManager

systemctl restart NetworkManager.service

systemctl restart network.service

nmcli networking off && nmcli networking on

6) If necessary you can restart the server.

init 6

Manual

Back to top >

Convert Network Configuration : Manual Process

Summary

This page explains how to convert the network configuration manually in the operating system to support the Leaseweb NGN.

Select the configuration used to manage your network.

Legacy (Ifupdown)
NetworkManager
Systemd-Networkd
Netplan

Legacy (Ifupdown)

Back to top >

RHEL Base Distribution (sysconfig)
Debian Base Distribution (interfaces)

RHEL Base Distribution (sysconfig)

Sysconfig (IFUPDOWN)

⚠Distribution Supported

RedHate, CentOS, Almalinux, Rocky linux

⚠You need to be root or sudoer to do the modification.

You could use nano or vi to do the modification

How validate if ifupdown (sysconfig) is used on server.

# With SysVinit [Legacy]

service network status

# With SystemD

systemctl is-enabled network.service

If you have this result after running the command, it is because the ifupdown (sysconfig) is enabled and it manages the network part.

ifupdwon (sysconfig) = Enabled

network.service is not a native service, redirecting to /sbin/chkconfig .

Executing /sbin/chkconfig network --level=5

enabled

If you have this result after running the command, it is because the ifupdown (sysconfig) is disabled and it does not manage the network part.

ifupdwon (sysconfig) = Disabled

network.service is not a native service, redirecting to /sbin/chkconfig .

Executing /sbin/chkconfig network --level=5

disabled

System file structure.

The folder structure for the RedHat-based distribution for legacy network ifupdown is :

Folder Structure

/

└── etc

├── sysconfig

│ ├── network

│ └── network-scripts

│ ├── ifcfg-eth0

│ └── ifcfg-eth1

└── udev

└── rules.d

└── 70-persistent-net.rules

Back up the old configuration.

Before beginning the network modification, we suggest you do a backup of the actual configuration.

Backup Network Configuration

# Create a backup folder in you user directory.

sudo mkdir -p ~/net_backup/

# Go to the folder

cd /etc/sysconfig/network-scripts/

# Copy the file(s) ifcfg-eth*, ifcfg-bond, ifcfg-vlan in folder ~/net_backup/.

sudo cp ifcfg-eth* ~/net_backup/

sudo cp ifcfg-bond* ~/net_backup/

sudo cp ifcfg-vlan* ~/net_backup/

Remove the actual configuration.

After the backup is done you can remove the actual network configuration.

Remove old Network Configuration

# Go to the folder

cd /etc/sysconfig/network-scripts/

# Copy the file(s) ifcfg-eth* in folder ~/net_backup/, this include all ethernet interfaces "eth*, eth*.* or eth*:*".

sudo rm -f ifcfg-eth*

sudo rm -f ifcfg-bond*

sudo rm -f ifcfg-vlan*

Information needed before starting

Name	Value need change	Comment
Public IP	<PUB_IP>
Public Netmask	<PUB_NETMASK>
Public Gateway	<PUB_GATEWAY>
ETH0 Mac address	<ETH0_MAC>
DNS Servers	<DNS1> & <DNS2>
Private IP OPTIONAL	<PRIV_IP>
Private Netmask OPTIONAL	<PRIV_NETMASK>
Private Gateway OPTIONAL	<PRIV_GATEWAY_FW_LB>
ETH1 Mac address	<ETH1_MAC>

If you were using the legacy "DNS Servers", you will need to modify them.

# Legacy DNS servers

209.172.41.202

209.172.41.200

# New DNS servers

23.19.53.53

23.19.52.52

Configuration Files

Public Interface

⚠This configuration is for the Public port.

/etc/sysconfig/network-scripts/ifcfg-eth0

BOOTPROTO=none

DEFROUTE=yes

DEVICE=eth0

DNS1=<DNS1>

DNS2=<DNS2>

GATEWAY=<PUB_GATEWAY>

HWADDR=<ETH0_MAC>

IPADDR=<PUB_IP>

NETMASK=<PUB_NETMASK>

NM_CONTROLLED=no

ONBOOT=yes

TYPE=Ethernet

USERCTL=no

PEERDNS=yes

⚠Disable Public Interface on OS.

If you want to disable the public interface because you use only the private network, you can use this configuration.

/etc/sysconfig/network-scripts/ifcfg-eth0

BOOTPROTO=none

DEVICE=eth1

HWADDR=<ETH1_MAC>

NM_CONTROLLED=no

ONBOOT=no

TYPE=Ethernet

USERCTL=no

See too: https://kb.leaseweb.com/products/dedicated-server/managing-dedicated-server-network-settings#ManagingDedicatedServernetworksettings-Network

Private Interface

LAN (Static)

LAN (DHCP)

LAN Only (Static)

LAN (Static)

⚠You can use this configuration if you use the public network at the same time as the private network.

/etc/sysconfig/network-scripts/ifcfg-eth1

BOOTPROTO=none

DEFROUTE=yes

DEVICE=eth1

HWADDR=<ETH1_MAC>

IPADDR=<PRIV_IP>

NETMASK=<PRIV_NETMASK>

NM_CONTROLLED=no

ONBOOT=yes

TYPE=Ethernet

USERCTL=no

Reboot network service.

When the configuration is done, you will need to reboot the network service to apply the change.

Reboot network service

systemctl restart network.service

service network restart

If necessary you could restart the server.

Reboot server

shutdown-r now

Predictable Naming.

If you have an issue in the NIC order with the name of NIC, you can create the file 70-persistent-net.rules.

/etc/udev/rules.d/70-persistent-net.rules

SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="<ETH0_MAC>", NAME="eth0"

SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="<ETH1_MAC>", NAME="eth1"

Configure Q-in-Q VLAN Tagging in the private network.

See documentation :

https://kb.leaseweb.com/network/private-network/how-to-configure-multiple-vlans-qinq-in-private-network

LAN (DHCP)

⚠You can use this configuration if you use the public network at the same time as the private network with DHCP enabled.

/etc/sysconfig/network-scripts/ifcfg-eth1

BOOTPROTO=dhcp

DEFROUTE=yes

DEVICE=eth1

NM_CONTROLLED=no

ONBOOT=yes

TYPE=Ethernet

USERCTL=no

Reboot network service.

When the configuration is done, you will need to reboot the network service to apply the change.

Reboot network service

systemctl restart network.service

service network restart

If necessary you could restart the server.

Reboot server

shutdown-r now

Predictable Naming.

If you have an issue in the NIC order with the name of NIC, you can create the file 70-persistent-net.rules.

/etc/udev/rules.d/70-persistent-net.rules

SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="<ETH0_MAC>", NAME="eth0"

SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="<ETH1_MAC>", NAME="eth1"

Configure Q-in-Q VLAN Tagging in the private network.

See documentation :

https://kb.leaseweb.com/network/private-network/how-to-configure-multiple-vlans-qinq-in-private-network

LAN Only (Static)

⚠You can use this configuration if you use the private network only.

Examples: you have a Firewall (Nat-to-Nat), Load balancing (Nat-to-Nat) or your server is running a service that should only be accessible on the private network.

/etc/sysconfig/network-scripts/ifcfg-eth1

BOOTPROTO=none

DEFROUTE=yes

DEVICE=eth1

DNS1=<DNS1>

DNS2=<DNS2>

GATEWAY=<PRIV_GATEWAY_FW_LB>

HWADDR=<ETH1_MAC>

IPADDR=<PRIV_IP>

NETMASK=<PRIV_NETMASK>

NM_CONTROLLED=no

ONBOOT=yes

TYPE=Ethernet

USERCTL=no

PEERDNS=yes

Reboot network service.

When the configuration is done, you will need to reboot the network service to apply the change.

Reboot network service

systemctl restart network.service

service network restart

If necessary you could restart the server.

Reboot server

shutdown-r now

Predictable Naming.

If you have an issue in the NIC order with the name of NIC, you can create the file 70-persistent-net.rules.

/etc/udev/rules.d/70-persistent-net.rules

SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="<ETH0_MAC>", NAME="eth0"

SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="<ETH1_MAC>", NAME="eth1"

Configure Q-in-Q VLAN Tagging in the private network.

See documentation :

https://kb.leaseweb.com/network/private-network/how-to-configure-multiple-vlans-qinq-in-private-network

Debian Base Distribution (interfaces)

Interfaces (IFUPDOWN)

⚠Distribution Supported

Debian: https://wiki.debian.org/NetworkConfiguration

Ubuntu: https://ubuntu.com/server/docs/network-configuration

⚠You need to be root or sudoer to do the modification.

You could use nano or vi to do the modification

How validate interfaces are used on the server.

To know if your system uses the old method "ifupdown" (interfaces) to manage the network part you can validate if these files exist.

/

└── etc

├── network

│ └── interfaces

│ └── interfaces.d

│ └── *.cfg

└── udev

└── rules.d

└── 70-persistent-net.rules

After, validate if the service "networking" runs on the server.

service networking status

# or with systemd

systemctl status networking.service

Back up the old configuration.

Before beginning the network modification, we suggest you do a backup of the actual config.

Backup Network Configuration

# Create a backup folder in your user directory.

sudomkdir-p ~/net_backup/

# Save the default interfaces file.

sudocp/etc/network/interfaces~/net_backup/

# Save the additional configuration file.

sudocp/etc/network/interfaces.d/* ~/net_backup/

Network Configuration

Base configuration

⚠You need to be sure the configuration starts with this part, this is necessary for the loopback interface.

/etc/network/interfaces

# Loopback interface.

auto lo

iface lo inet loopback

Public Configuration

✓Add this configuration if you want to configure the Public Network.

/etc/network/interfaces

# Exemple Public configuration

auto eth0

iface eth0 inet static

address <PUB_IP>/<PUB/PREFIX>

dns-nameservers <DNS1> <DNS2>

gateway <PUB_GATEWAY>

Private Configuration

Private (DHCP)

Private (static IP) without gateway

Private (static IP) with gateway.

Private (static IP) Q-in-Q

Private (DHCP)

ⓘ Use this configuration by default.

/etc/network/interfaces

# Exemple Private Network with static IP with gateway (without PUBLIC via Firewall ou Load-Balancing Nat-to-Nat).

auto eth1

iface eth1 inet dhcp

Apply the configuration.

When the configuration is done, you need to restart the service "networking".

Command

# Debian 7 or older and Ubuntu 14 or older:

/etc/init.d/networkingstop

/etc/init.d/networkingstart

# Debian 8 or newer and Ubuntu 16 or newer :

systemctl restart networking.service

Private (static IP) without gateway

ⓘ Use this configuration by default.

Use this configuration if you have a Public network and a Private network at the same time and you want static IP on a Private Network.

/etc/network/interfaces

# Exemple Private Network with static IP without gateway.

auto eth1

iface eth1 inet static

address <PRIVATE_IP>/<PRIVATE_PREFIX>

Apply the configuration.

When the configuration is done, you need to restart the service "networking".

Command

# Debian 7 or older and Ubuntu 14 or older:

/etc/init.d/networkingstop

/etc/init.d/networkingstart

# Debian 8 or newer and Ubuntu 16 or newer :

systemctl restart networking.service

Private (static IP) with gateway.

⚠You need to use this configuration if you have not configured the Public network or if you have a Nat-to-Nat configuration with Firewall or load-balancing.

/etc/network/interfaces

# Exemple Private Network with static IP with gateway (without PUBLIC via Firewall ou Load-Balancing Nat-to-Nat).

auto eth1

iface eth1 inet static

address <PRIVATE_IP>/<PRIVATE_PREFIX>

dns-nameservers <DNS1> <DNS2>

gateway <PUB_GATEWAY>

Apply the configuration.

When the configuration is done, you need to restart the service "networking".

Command

# Debian 7 or older and Ubuntu 14 or older:

/etc/init.d/networkingstop

/etc/init.d/networkingstart

# Debian 8 or newer and Ubuntu 16 or newer :

systemctl restart networking.service

Private (static IP) Q-in-Q.

⚠On a Debian/Ubuntu distribution, the Q-in-Q support is dependent on a package named "VLAN".

Determine whether the 802.1q VLAN module is loaded:

Command:

lsmod |grep8021q

# 8021q 40960 0

# garp 16384 1 8021q

# mrp 20480 1 8021q

Make sure the VLAN package is installed:

Command:

dpkg-query -l |grepvlan

# ii vlan 2.0.5 all ifupdown integration for vlan configuration

If the package is not installed run the command:

Command:

apt-getinstallvlan

Load the kernel module "8021q".

Command:

modprobe 8021q &&echo"8021q">>/etc/modules

/etc/network/interfaces

# Exemple Private Network with static IP in VLAN via the Q-in-Q

auto eth1.<VLAN_ID>

iface eth1.<VLAN_ID> inet static

address <PRIVATE_IP>/<PRIVATE_PREFIX>

dns-nameservers <DNS1> <DNS2> # Optional

gateway <PUB_GATEWAY> # Optional

vlan-raw-device eth1

Apply the configuration.

When the configuration is done, you need to restart the service "networking".

Command

# Debian 7 or older and Ubuntu 14 or older:

/etc/init.d/networkingstop

/etc/init.d/networkingstart

# Debian 8 or newer and Ubuntu 16 or newer :

systemctl restart networking.service

Network Manager

Back to top >

Linux Distribution Support Matrix

Distribution	Version
CentOS	7, 8
Debian	10, 11, 12
Ubuntu	16, 18, 20, 22
Almalinux	8, 9
Rocky Linux	8, 9

How validate if NetworkManager is used on server.

Command :

systemctl is-enabled NetworkManager.service

If you have this result after running the command is because the NetworkManager is enabled and it manages the network part.

Result :

enabled

If you have this result after running the command is because the NetworkManager is disabled and it does not manage the network part.

Result :

disabled

Verify NetworkManager is running and nmcli can communicate with it.

Command

nmcli general

Result :

STATE CONNECTIVITY WIFI-HW WIFI WWAN-HW WWAN

connected full enabled enabled enabled enabled

System file structure.

⚠Please select your distribution, the folder location changes after version 8 of a RHEL/Centos-based distribution.

CentOS <= 8 | AlmaLinux 8 | Rocky Linux 8
Almalinux 9 | Rocky Linux 9 | Debian 10,11,12 |

CentOS <= 8 | AlmaLinux 8 | Rocky Linux 8

The folder structure for the RedHat-based distribution for a legacy network with NetworkManager is as:

⚠CentOS

In the RHEL distribution, the NetworkManager saves the ethernet config in folder "/etc/sysconfig/network-scripts/" in the file(s) ifcfg-<connection_name>.

Folder tree :

/

└── etc

└── sysconfig

├── network

└── network-scripts

└── ifcfg-*

Back up the old configuration.

Before beginning the network modification, we suggest you do a backup of the actual config.

⚠CentOS

In the RHEL distribution, the NetworkManager saves the "ethernet", "bond" and "vlan" connection type config in folder "/etc/sysconfig/network-scripts/" in the file(s) ifcfg-<connection_name>.

Show a list of the connections.

Command :

nmcli connection show

The result with be a table with 4 columns :

Colum Name	Description
NAME	Name of the connection profile.
UUID	UUID of the connection profile.
TYPE	Type of the connection.
DEVICE	Interface used for this connection.

Result :

NAME UUID TYPE DEVICE

bond0 <masked> bond bond0

bond0.123 <masked> vlan bond0.123

vlan123 <masked> vlan vlan123

eth0 <masked> ethernet eth0

eth1 <masked> ethernet eth1

Almalinux 9 | Rocky Linux 9 | Debian 10,11,12 |

Folder tree :

/

└── etc

└── NetworkManager

└── system-connections

└── *.nmconnection

Back up the old configuration.

Before beginning the network modification, we suggest you do a backup of the actual config.

⚠CentOS

Show a list of the connections.

Command :

nmcli connection show

The result with be a table with 4 columns :

Colum Name	Description
NAME	Name of the connection profile.
UUID	UUID of the connection profile.
TYPE	Type of the connection.
DEVICE	Interface used for this connection.

Result :

NAME UUID TYPE DEVICE

bond0 <masked> bond bond0

bond0.123 <masked> vlan bond0.123

vlan123 <masked> vlan vlan123

eth0 <masked> ethernet eth0

eth1 <masked> ethernet eth1

Save the configuration.

⚠Please select your distribution, the folder location changes after version 8 of a RHEL/Centos-based distribution.

CentOS <=8 | Almalinux 8 | Rocky Linux 8
CentOS 9 | Almalinux 9 | Rocky Linux 9 | Debian 10,11,12 |

CentOS <=8 | Almalinux 8 | Rocky Linux 8

Backup Network Configuration

# Create the backup folder on you user directory.

sudo mkdir -p ~/net_backup/

# Go on folder

cd /etc/sysconfig/network-scripts/

# Copy file(s) ifcfg-eth*, ifcfg-bond, ifcfg-vlan in folder ~/net_backup/.

sudo cp ifcfg-eth* ~/net_backup/

sudo cp ifcfg-bond* ~/net_backup/

sudo cp ifcfg-vlan* ~/net_backup/

Delete the configuration.

⚠You need to be sure to have done the backup of the old configuration.

⚠View section Show list of the connection to know what is the connection profile name.

Delete Network Configuration

# Exemple : nmcli connection delete <NAME>

nmcli connection delete eth0

nmcli connection delete eth1

nmcli connection delete bond0.<VLANID>

nmcli connection delete vlan<VLANID>

nmcli connection delete bond0

After all commands are successful you will receive this confirmation.

Result :

Connection 'CONNECTION_NAME' (UUID) successfully deleted.

Configuration of the Public Network.

Information is needed before starting the configuration.

Name

Value need change

Comment

Public IP <PUB_IP> See the old configuration you have a backup in the folder: "~/net_backup/"

Public Netmask <PUB_PREFIX> See: https://en.wikipedia.org/wiki/Subnet#Subnet_host_count

Public Gateway <PUB_GATEWAY> See the old configuration you have a backup in the folder: "~/net_backup/"

DNS Servers <DNS1> & <DNS2> See the old configuration you have a backup in the folder: "~/net_backup/"

ETH0 Mac address OPTIONAL

<ETH0_MAC>

Use the command "ip lnk show" or See the old configuration you have a backup in the folder: "~/net_backup/"

ETH0 UUID Interface OPTIONAL

<ETH0_UUID_INTERFACE>

> nmcli connection show

Private IP OPTIONAL

<PRIV_IP>

See the old configuration you have a backup in the folder: "~/net_backup/"

Private Netmask OPTIONAL

<PRIV_PREFIX>

See: https://en.wikipedia.org/wiki/Subnet#Subnet_host_count

Private Gateway OPTIONAL

<PRIV_GATEWAY>

See the old configuration you have backup in folder: "~/net_backup/"

ETH1 Mac address OPTIONAL

<ETH1_MAC>

Use the command "ip lnk show" or See the old configuration you have a backup in the folder: "~/net_backup/"

ETH1 UUID Interface OPTIONAL

<ETH0_UUID_INTERFACE>

> nmcli connection show

If you were using the legacy "DNS Servers", you will need to modify them.

# Legacy DNS servers

209.172.41.202

209.172.41.200

# New DNS servers

23.19.53.53

23.19.52.52

List all network connection profiles:

Command :

nmcli connection show

Now, you can see you have by default two (or more) network connection profiles (column: NAME) linked with the physical NIC(s) (column: DEVICE).

Name	Device	LSW Connection
Wired connection 1	eth0	Public Switch
Wired connection 2	eth1	Internal Switch

Result :

NAME UUID TYPE DEVICE

Wired connection 1 <masked> ethernet eth0

Wired connection 2 <masked> ethernet eth1

Create the network profile connection for the Public network.

Execute this command to create the profile connection named eth0 bound with interface eth0.

⚠You need remplace the value : <PUB_IP>, <PUB_PREFIX>, <PUB_GATEWAY> with information saved in folder : ~/net_backup/

Command :

nmcli connection add type ethernet con-name eth0 ifname eth0 ip4 <PUB_IP>/<PUB_PREFIX> gw4 <PUB_GATEWAY>

Result :

Connection 'eth0' (UUID) successfully added.

Now you have created a new profile of connection named "eth0" and linked with the physical interface eth0.

If you show the profiles, you will view the old profile connection named "Wired connection 1" but it not linked with the physical nic.

Command

nmcli connection show

Result :

NAME UUID TYPE DEVICE

eth0 <masked> ethernet eth0

Wired connection 1 <masked> ethernet --

Wired connection 2 <masked> ethernet eth1

We can delete the network profile connection "Wired connection 1".

Command :

nmcli connection delete "Wired connection 1"

Result :

Connection 'Wired connection 1' (UUID) successfully deleted.

Assign the DNS on the new network profile connection of the Public Network.

Do the modification on the profile connection named eth0 to add the DNS servers.

Leaseweb DNS Server
IPv4	DNS1	23.19.53.53
IPv4	DNS2	23.19.52.52
IPv6	DNS1	2607:f5b5:3::3
IPv6	DNS2	2607:f5b5:2::2

⚠You need remplace the value : <DNS1> & <DNS2>

⚠DNS Change :

If you see in the backup of configuration the DNS used are legacy iWeb DNS: 209.172.41.200 & 209.172.41.202, you need to change the DNSs by the Leaseweb DNSs displayed in the table on the left.
If you see the DNS used in the backup configuration are not the Legacy iWeb DNS's but the other public DNS, you need to reuse the same DNS's.

Command :

nmcli connection modify eth0 ipv4.dns "<DNS1> <DNS1>"

Activate the network profile connection of the Public Network.

To active one network profile connection you need to run the command below :

Command :

# nmcli connection up <profile_name>

nmcli connection up eth0

Result :

Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/5)

CentOS 9 | Almalinux 9 | Rocky Linux 9 | Debian 10,11,12 |

Backup Network Configuration

# Create the backup folder on you user directory.

sudo mkdir -p ~/net_backup/

# Go on folder

cd /etc/NetworkManager/system-connections

# Copy file(s) in folder ~/net_backup/.

sudo cp *.nmconnection ~/net_backup/

# Save the general network configuration information.

sudo nmcli -p device show > ~/net_backup/network.config

# Save the profile connection variables.

nmcli -t device show | grep GENERAL.CONNECTION > ~/net_backup/nmcli.profile.list

while read i; do nmcli -p connection show "$(echo $i | awk -F':' '{print $2}')" > ~/net_backup/profile.$(echo $i | awk -F':' '{print $2}' | tr ' ' '_').variables ; done < ~/net_backup/nmcli.profile.list

Delete the configuration.

⚠You need to be sure to have done the backup of the old configuration.

⚠View section Show list of the connection to know what is the connection profile name.

Delete Network Configuration

# Exemple : nmcli connection delete <NAME>

nmcli connection delete eth0

nmcli connection delete eth1

nmcli connection delete bond0.<VLANID>

nmcli connection delete vlan<VLANID>

nmcli connection delete bond0

After all commands are successful you will receive this confirmation.

Result :

Connection 'CONNECTION_NAME' (UUID) successfully deleted.

Configuration of the Public Network.

Information is needed before starting the configuration.

Name

Value need change

Comment

Public IP <PUB_IP> See the old configuration you have a backup in the folder: "~/net_backup/"

Public Netmask <PUB_PREFIX> See: https://en.wikipedia.org/wiki/Subnet#Subnet_host_count

Public Gateway <PUB_GATEWAY> See the old configuration you have a backup in the folder: "~/net_backup/"

DNS Servers <DNS1> & <DNS2> See the old configuration you have a backup in the folder: "~/net_backup/"

ETH0 Mac address OPTIONAL

<ETH0_MAC>

Use the command "ip lnk show" or See the old configuration you have a backup in the folder: "~/net_backup/"

ETH0 UUID Interface OPTIONAL

<ETH0_UUID_INTERFACE>

> nmcli connection show

Private IP OPTIONAL

<PRIV_IP>

See the old configuration you have a backup in the folder: "~/net_backup/"

Private Netmask OPTIONAL

<PRIV_PREFIX>

See: https://en.wikipedia.org/wiki/Subnet#Subnet_host_count

Private Gateway OPTIONAL

<PRIV_GATEWAY>

See the old configuration you have backup in folder: "~/net_backup/"

ETH1 Mac address OPTIONAL

<ETH1_MAC>

Use the command "ip lnk show" or See the old configuration you have a backup in the folder: "~/net_backup/"

ETH1 UUID Interface OPTIONAL

<ETH0_UUID_INTERFACE>

> nmcli connection show

If you were using the legacy "DNS Servers", you will need to modify them.

# Legacy DNS servers

209.172.41.202

209.172.41.200

# New DNS servers

23.19.53.53

23.19.52.52

List all network connection profiles:

Command :

nmcli connection show

Now, you can see you have by default two (or more) network connection profiles (column: NAME) linked with the physical NIC(s) (column: DEVICE).

Name	Device	LSW Connection
Wired connection 1	eth0	Public Switch
Wired connection 2	eth1	Internal Switch

Result :

NAME UUID TYPE DEVICE

Wired connection 1 <masked> ethernet eth0

Wired connection 2 <masked> ethernet eth1

Create the network profile connection for the Public network.

Execute this command to create the profile connection named eth0 bound with interface eth0.

⚠You need remplace the value : <PUB_IP>, <PUB_PREFIX>, <PUB_GATEWAY> with information saved in folder : ~/net_backup/

Command :

nmcli connection add type ethernet con-name eth0 ifname eth0 ip4 <PUB_IP>/<PUB_PREFIX> gw4 <PUB_GATEWAY>

Result :

Connection 'eth0' (UUID) successfully added.

Now you have created a new profile of connection named "eth0" and linked with the physical interface eth0.

If you show the profiles, you will view the old profile connection named "Wired connection 1" but it not linked with the physical nic.

Command

nmcli connection show

Result :

NAME UUID TYPE DEVICE

eth0 <masked> ethernet eth0

Wired connection 1 <masked> ethernet --

Wired connection 2 <masked> ethernet eth1

We can delete the network profile connection "Wired connection 1".

Command :

nmcli connection delete "Wired connection 1"

Result :

Connection 'Wired connection 1' (UUID) successfully deleted.

Assign the DNS on the new network profile connection of the Public Network.

Do the modification on the profile connection named eth0 to add the DNS servers.

Leaseweb DNS Server
IPv4	DNS1	23.19.53.53
IPv4	DNS2	23.19.52.52
IPv6	DNS1	2607:f5b5:3::3
IPv6	DNS2	2607:f5b5:2::2

⚠You need remplace the value : <DNS1> & <DNS2>

⚠DNS Change :

If you see in the backup of configuration the DNS used are legacy iWeb DNS: 209.172.41.200 & 209.172.41.202, you need to change the DNSs by the Leaseweb DNSs displayed in the table on the left.
If you see the DNS used in the backup configuration are not the Legacy iWeb DNS's but the other public DNS, you need to reuse the same DNS's.

Command :

nmcli connection modify eth0 ipv4.dns "<DNS1> <DNS1>"

Activate the network profile connection of the Public Network.

To active one network profile connection you need to run the command below :

Command :

# nmcli connection up <profile_name>

nmcli connection up eth0

Result :

Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/5)

Configuration of the Private Network.

Select the type of configuration you want to set-up:

DHCP (Default)

Adding a Dynamic Ethernet Connection.

To add an Ethernet configuration profile with dynamic DHCP configuration, allowing DHCP to assign the network configuration:

Command :

# nmcli connection add type ethernet con-name <connection-name> ifname <interface-name>

nmcli connection add type ethernet con-name eth1 ifname eth1

Result :

Connection 'eth1' (UUID) successfully added.

Activate the Ethernet connection.

Now we will activate the Ethernet connection with the profile created.

Command :

# nmcli connection up <connection-name>

nmcli connection up eth1

Result :

Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/5)

Confirm the ethernet connection is activated.

Now we will validate if the Ethernet connection is activated.

Command :

nmcli device status

We can see in column "STATE" that the value is "connected".

Result :

DEVICE TYPE STATE CONNECTION

eth0 ethernet connected eth0

eth1 ethernet connected eth1

lo loopback unmanaged --

Validate the network configuration.

Now we will validate the complete Network configuration.

Command :

nmcli device show

In the result, you can see the general configuration of the all network interfaces.

Result :

GENERAL.DEVICE: eth0

GENERAL.TYPE: ethernet

GENERAL.HWADDR: 02:00:30:8F:00:3D

GENERAL.MTU: 1500

GENERAL.STATE: 100 (connected)

GENERAL.CONNECTION: eth0

GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1

WIRED-PROPERTIES.CARRIER: on

IP4.ADDRESS[1]: 10.20.20.236/24

IP4.GATEWAY: 10.20.20.1

IP4.ROUTE[1]: dst = 10.20.20.0/24, nh = 0.0.0.0, mt = 100

IP4.ROUTE[2]: dst = 0.0.0.0/0, nh = 10.20.20.1, mt = 100

IP4.DNS[1]: 1.1.1.1

IP4.DNS[2]: 8.8.4.4

IP6.ADDRESS[1]: fe80::f9cd:8221:c601:a889/64

IP6.GATEWAY: --

IP6.ROUTE[1]: dst = fe80::/64, nh = ::, mt = 100

IP6.ROUTE[2]: dst = ff00::/8, nh = ::, mt = 256, table=255

GENERAL.DEVICE: eth1

GENERAL.TYPE: ethernet

GENERAL.HWADDR: 02:00:25:47:00:05

GENERAL.MTU: 1500

GENERAL.STATE: 100 (connected)

GENERAL.CONNECTION: eth1

GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/5

WIRED-PROPERTIES.CARRIER: on

IP4.ADDRESS[1]: 10.10.10.68/24

IP4.GATEWAY: --

IP4.ROUTE[1]: dst = 10.10.10.0/24, nh = 0.0.0.0, mt = 101

IP6.ADDRESS[1]: fe80::50b5:257a:1310:fd0d/64

IP6.GATEWAY: --

IP6.ROUTE[1]: dst = fe80::/64, nh = ::, mt = 101

IP6.ROUTE[2]: dst = ff00::/8, nh = ::, mt = 256, table=255

GENERAL.DEVICE: lo

GENERAL.TYPE: loopback

GENERAL.HWADDR: 00:00:00:00:00:00

GENERAL.MTU: 65536

GENERAL.STATE: 10 (unmanaged)

GENERAL.CONNECTION: --

GENERAL.CON-PATH: --

IP4.ADDRESS[1]: 127.0.0.1/8

IP4.GATEWAY: --

IP6.ADDRESS[1]: ::1/128

IP6.GATEWAY: --

Static IP

ⓘIn the NGN Private Network, we can use the static IP configuration with or without DHCP enabled.

If the DHCP is disabled, you can use the private subnet you want in class: A, B, or C.

Class	Subnet	Usable IP
A	10.0.0.0/8	10.0.0.0 to 10.255.255.255
B	172.16.0.0/12	172.16.0.0 to 172.31.255.255
C	192.168.0.0/16	192.168.0.0 to 192.168.255.255

Adding a Static Ethernet Connection.

To add an Ethernet configuration profile with static IP:

Command:

nmcli connection add type ethernet con-name eth1 ifname eth1 ip4 <PRIV_IP>/<PRIV_PREFIX>

⚠If you need to add the Gateway or DNS on the Private Network in case your server is behind a firewall or the load-balancer, you need to apply this configuration.

Add the gateway:

Command

nmcli connection modify eth1 ipv4.gateway "<PRIV_GATEWAY>"

Add the DNS:

Command

nmcli connection modify eth1 +ipv4.dns "<DNS1>"

nmcli connection modify eth1 +ipv4.dns "<DNS2>"

⚠If you need multiple IPs, you can repeat the command multiple time.

Add multiple IPs:

Command

nmcli connection modify eth1 +ipv4.addresses <PRIV_IP_ADD>/<PRIV_PREFIX>

Remove a multiple IPs:

Command

nmcli connection modify eth1 -ipv4.addresses <PRIV_IP_ADD>/<PRIV_PREFIX>

⚠To apply the change, you need down and up the profile connection.

Commands:

nmcli connection down <profile-name>

nmcli connection up <profile-name>

Activate the Ethernet connection.

Now we will activate the Ethernet connection with the profile created.

Command :

# nmcli connection up <connection-name>

nmcli connection up eth1

Result :

Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/5)

Confirm the ethernet connection is activated.

Now we will validate if the Ethernet connection is activated.

Command :

nmcli device status

We can see on column "STATE" the value is "connected".

Result :

DEVICE TYPE STATE CONNECTION

eth0 ethernet connected eth0

eth1 ethernet connected eth1

lo loopback unmanaged --

Validate the network configuration.

Now we will validate the complete Network configuration.

Command :

nmcli device show

In the result, you can see the general configuration of the all network interfaces.

Result :

GENERAL.DEVICE: eth0

GENERAL.TYPE: ethernet

GENERAL.HWADDR: 02:00:30:8F:00:3D

GENERAL.MTU: 1500

GENERAL.STATE: 100 (connected)

GENERAL.CONNECTION: eth0

GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1

WIRED-PROPERTIES.CARRIER: on

IP4.ADDRESS[1]: 10.20.20.236/24

IP4.GATEWAY: 10.20.20.1

IP4.ROUTE[1]: dst = 10.20.20.0/24, nh = 0.0.0.0, mt = 100

IP4.ROUTE[2]: dst = 0.0.0.0/0, nh = 10.20.20.1, mt = 100

IP4.DNS[1]: 1.1.1.1

IP4.DNS[2]: 8.8.4.4

IP6.ADDRESS[1]: fe80::f9cd:8221:c601:a889/64

IP6.GATEWAY: --

IP6.ROUTE[1]: dst = fe80::/64, nh = ::, mt = 100

IP6.ROUTE[2]: dst = ff00::/8, nh = ::, mt = 256, table=255

GENERAL.DEVICE: eth1

GENERAL.TYPE: ethernet

GENERAL.HWADDR: 02:00:25:47:00:05

GENERAL.MTU: 1500

GENERAL.STATE: 100 (connected)

GENERAL.CONNECTION: eth1

GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/5

WIRED-PROPERTIES.CARRIER: on

IP4.ADDRESS[1]: 10.10.10.68/24

IP4.GATEWAY: --

IP4.ROUTE[1]: dst = 10.10.10.0/24, nh = 0.0.0.0, mt = 101

IP6.ADDRESS[1]: fe80::50b5:257a:1310:fd0d/64

IP6.GATEWAY: --

IP6.ROUTE[1]: dst = fe80::/64, nh = ::, mt = 101

IP6.ROUTE[2]: dst = ff00::/8, nh = ::, mt = 256, table=255

GENERAL.DEVICE: lo

GENERAL.TYPE: loopback

GENERAL.HWADDR: 00:00:00:00:00:00

GENERAL.MTU: 65536

GENERAL.STATE: 10 (unmanaged)

GENERAL.CONNECTION: --

GENERAL.CON-PATH: --

IP4.ADDRESS[1]: 127.0.0.1/8

IP4.GATEWAY: --

IP6.ADDRESS[1]: ::1/128

IP6.GATEWAY: --

Q-in-Q

Adding a Vlan Connection.

🛈If you do not specify the IP and gateway, the DHCP will be used.

Command:

# nmcli connection add type vlan con-name <VLAN_PROFILE_NAME> dev <PRIV_INTERFACE> id <VLAN_ID> [ ip4 <PRIV_IP>/<PRIV_PREFIX> gw4 <PRIV_GATEWAY> ]

nmcli connection add type vlan con-name VLAN12 dev eth1 id 12

Convert the Vlan connection with static IP.

Command:

# nmcli connection modify <VLAN_PROFILE_NAME> ipv4.method manual

nmcli connection modify VLAN12 ipv4.method manual

How adding the static IP.

Command:

# nmcli connection modify <VLAN_PROFILE_NAME> ipv4.addresses <PRIV_IP>/<PRIV_PREFIX>

nmcli connection modify VLAN12 ipv4.addresses 10.12.0.100/24

How adding the additional static IP.

Command:

# nmcli connection modify <VLAN_PROFILE_NAME> +ipv4.addresses <PRIV_IP>/<PRIV_PREFIX>

nmcli connection modify VLAN12 +ipv4.addresses 10.12.0.200/24

How adding the Gateway.

Command:

# nmcli connection modify <VLAN_PROFILE_NAME> ipv4.gateway <PRIV_GATEWAY>

nmcli connection modify VLAN12 ipv4.gateway 10.12.0.1

How adding the DNS.

Command:

# nmcli connection modify <VLAN_PROFILE_NAME> ipv4.dns "<DNS1> <DNS2>"

nmcli connection modify VLAN12 ipv4.dns "23.19.53.53 23.19.52.52"

⚠To apply the change, you need down and up the profile connection or reboot the server.

Commands:

nmcli connection down VLAN12

nmcli connection up VLAN12

Validate the network configuration.

Now we will validate the complete Network configuration.

Command :

nmcli device show

In the result, you can see the general configuration of the all network interfaces.

Result :

GENERAL.DEVICE: eth0

GENERAL.TYPE: ethernet

GENERAL.HWADDR: 02:00:30:8F:00:3D

GENERAL.MTU: 1500

GENERAL.STATE: 100 (connected)

GENERAL.CONNECTION: eth0

GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1

WIRED-PROPERTIES.CARRIER: on

IP4.ADDRESS[1]: 10.20.20.236/24

IP4.GATEWAY: 10.20.20.1

IP4.ROUTE[1]: dst = 10.20.20.0/24, nh = 0.0.0.0, mt = 100

IP4.ROUTE[2]: dst = 0.0.0.0/0, nh = 10.20.20.1, mt = 100

IP4.DNS[1]: 1.1.1.1

IP4.DNS[2]: 8.8.4.4

IP6.ADDRESS[1]: fe80::f9cd:8221:c601:a889/64

IP6.GATEWAY: --

IP6.ROUTE[1]: dst = fe80::/64, nh = ::, mt = 100

IP6.ROUTE[2]: dst = ff00::/8, nh = ::, mt = 256, table=255

GENERAL.DEVICE: eth1

GENERAL.TYPE: ethernet

GENERAL.HWADDR: 02:00:25:47:00:05

GENERAL.MTU: 1500

GENERAL.STATE: 100 (connected)

GENERAL.CONNECTION: eth1

GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/5

WIRED-PROPERTIES.CARRIER: on

IP4.ADDRESS[1]: 10.10.10.68/24

IP4.GATEWAY: --

IP4.ROUTE[1]: dst = 10.10.10.0/24, nh = 0.0.0.0, mt = 101

IP6.ADDRESS[1]: fe80::50b5:257a:1310:fd0d/64

IP6.GATEWAY: --

IP6.ROUTE[1]: dst = fe80::/64, nh = ::, mt = 101

IP6.ROUTE[2]: dst = ff00::/8, nh = ::, mt = 256, table=255

GENERAL.DEVICE: lo

GENERAL.TYPE: loopback

GENERAL.HWADDR: 00:00:00:00:00:00

GENERAL.MTU: 65536

GENERAL.STATE: 10 (unmanaged)

GENERAL.CONNECTION: --

GENERAL.CON-PATH: --

IP4.ADDRESS[1]: 127.0.0.1/8

IP4.GATEWAY: --

IP6.ADDRESS[1]: ::1/128

IP6.GATEWAY: --

Systemd-Networkd

Back to top >

⚠The network management systemd-networkd is not present by default on RHEL distribution.

⚠If your system use systemd-networkd, it probably use Netplan to do the configuration.

🛈Sources(s)

https://wiki.archlinux.org/title/systemd-networkd

Information needed before starting

Name	Value need change	Comment
Public IP	<PUB_IP>
Public Netmask	<PUB_PREFIX>	See: https://en.wikipedia.org/wiki/Subnet#Subnet_host_count
Public Gateway	<PUB_GATEWAY>
ETH0 Mac address	<ETH0_MAC>
DNS Servers	<DNS1> & <DNS2>
Private IP OPTIONAL	<PRIV_IP>
Private Netmask OPTIONAL	<PRIV_PREFIX>	See: https://en.wikipedia.org/wiki/Subnet#Subnet_host_count
Private Gateway OPTIONAL	<PRIV_GATEWAY>
ETH1 Mac address	<ETH1_MAC>

If you were using the legacy "DNS Servers", you will need to modify them.

# Legacy DNS servers

209.172.41.202

209.172.41.200

# New DNS servers

23.19.53.53

23.19.52.52

System file structure.

The folder structure for the RedHat-based distribution for legacy network ifupdown is :

/

└── etc

└── systemd

└── network

├── *.network

└── *.link

Backup old configuration.

Command(s):

# Create the backup folder on you user directory.

sudo mkdir -p ~/net_backup/

# Save the general network configuration information.

sudo cp /etc/systemd/network/* ~/net_backup/

# Delete content of legacy configuration.

rm -rf /etc/systemd/network/*

Configuration Files

Public Interface

🛈This configuration is for the Public port.

/etc/systemd/networkd/eth0.network

[Address]

Address=<PUB_IP>/<PUB_PREFIX>

[Match]

MACAddress=<ETH0_MAC>

Name=eth0

[Network]

DHCP=no

DNS=<DNS1> <DNS2>

[Route]

Gateway=<PUB_GATEWAY>

Private Interface

🛈You can use this configuration if you use the public network at the same time as the private network.

DHCP

/etc/systemd/network/eth1.network

[Match]

MACAddress=<ETH1_MAC>

Name=eth1

[Network]

DHCP=yes

Private network only with static IP

/etc/systemd/network/eth1.network

[Address]

Address=<PRIV_IP>/<PRIV_PREFIX>

[Match]

MACAddress=<ETH1_MAC>

Name=eth1

[Network]

DHCP=no

Private network only

/etc/systemd/network/eth1.network

[Address]

Address=<PRIV_IP>/<PRIV_PREFIX>

[Match]

MACAddress=<ETH1_MAC>

Name=eth1

[Network]

DHCP=no

DNS=<DNS1> <DNS2>

[Route]

Gateway=<PRIV_GATEWAY>

Netplan

Back to top >

🛈What is netplan?

Netplan is a utility for easily configuring networking on a Linux system.

You simply create a YAML description of the required network interfaces and what each should be configured to do.

From this description, Netplan will generate all the necessary configurations for your chosen renderer tool.

⚠Debian

Netplan is not installed by default on Debian and RHEL distributions.

⚠Ubuntu

Netplan was introduced in Ubuntu since version 18.04.

🛈Rederer

Netplan support two renderer : "networkd" and "NetworkManager".

The default renderer is "networkd" if the information is not included in the YAML configuration file.

System file structure.

Folder Structure

/

└── etc

└── netplan

└── *.yaml

YAML configuration.

How define what is the renderer used by Netplan.

First, we need to find what is the render user by netplan, so we will run this command :

Command:

cat /etc/netplan/netplan.yaml | grep "renderer"

If your result is "networkd" is because the system uses the "systemd-networkd" to manage the network with Netplan.

Result:

renderer: networkd

If your result is "NetworkManager" is because the system uses the "NetworkManager" to manage the network with Netplan.

Result:

renderer: NetworkManager

Back up the old configuration.

Before beginning the network modification, we suggest you do a backup of the actual config.

Backup Network Configuration

# Create the backup folder on you user directory.

sudo mkdir -p ~/net_backup/

# Save the general network configuration information.

sudo netplan get > ~/net_backup/network.general.yaml

# Go on the Netplan folder.

cd /etc/netplan/

# Save all configuration file(s).

sudo cp ./*.yaml ~/net_backup/

Delete the configuration.

⚠You need to be sure to have done the backup of the old configuration.

Delete Network Configuration

sudo rm -rf /etc/netplan/*

Configuration of the Network.

Information is needed before starting the configuration.

Name

Value need change

Comment

Netplan Config Version

Renderer

See the old configuration you have a backup in the folder: "~/net_backup/"

Value	Description
networkd	Use systemd-networkd service.
NetworkManager	Use NetworkManager service

Public IP

<PUB_IP>

See the old configuration you have a backup of in the folder: "~/net_backup/"

Public Netmask

<PUB_PREFIX>

See: https://en.wikipedia.org/wiki/Subnet#Subnet_host_count

Public Gateway

<PUB_GATEWAY>

See the old configuration you have a backup in the folder: "~/net_backup/"

DNS Servers

See the old configuration you have a backup in the folder: "~/net_backup/"

ETH0 Mac address OPTIONAL

<ETH0_MAC>

Use the command "ip lnk show" or See the old configuration you have a backup in the folder: "~/net_backup/"

Private IP OPTIONAL

<PRIV_IP>

See the old configuration you have a backup in the folder: "~/net_backup/"

Private Netmask OPTIONAL

<PRIV_PREFIX>

See: https://en.wikipedia.org/wiki/Subnet#Subnet_host_count

Private Gateway OPTIONAL

<PRIV_GATEWAY>

See the old configuration you have a backup in the folder: "~/net_backup/"

ETH1 Mac address OPTIONAL

<ETH1_MAC>

Use the command "ip lnk show" or See the old configuration you have a backup in the folder: "~/net_backup/"

If you were using the legacy "DNS Servers", you will need to modify them.

# Legacy DNS servers

209.172.41.202

209.172.41.200

# New DNS servers

23.19.53.53

23.19.52.52

Create the loopback configuration file.

(V2) sudo vi /etc/netplan/00-loopback.yaml

network:

version: <VERSION>

renderer: <RENDERER>

ethernets:

lo:

addresses: [ "127.0.0.1/8", "::1/128" ]

Create a public configuration file.

(V2) sudo vi /etc/netplan/01-public.yaml

network:

version: <VERSION>

renderer: <RENDERER>

ethernets:

eth0:

dhcp4: no

dhcp6: no

addresses:

- <PUB_IP>/<PUB_PREFIX>

nameservers:

search:

- "<DOMAIN>"

addresses:

- <DNS1>

- <DNS2>

routes:

- to: default

via: <PUB_GATEWAY>

Create a private configuration file.

DHCP

(V2) sudo vi /etc/netplan/01-private.yaml

network:

version: <VERSION>

renderer: <RENDERER>

ethernets:

eth1:

dhcp4: yes

dhcp6: yes

Static IP

(V2) sudo vi /etc/netplan/01-private.yaml

network:

version: <VERSION>

renderer: <RENDERER>

ethernets:

eth1:

dhcp4: no

dhcp6: no

addresses:

- <PRIV_IP>/<PRIV_PREFIX>

nameservers:

search:

- "<DOMAIN>"

addresses:

- <DNS1>

- <DNS2>

routes:

- to: default

via: <PRIV_GATEWAY>

Q-in-Q

(V2) sudo vi /etc/netplan/01-private.yaml

network:

version: <VERSION>

renderer: <RENDERER>

ethernets:

eth1: { ... } # See section "DHCP or Static IP" in private network part.

vlans:

vlan<VLAN_ID>:

id: <VLAN_ID>

link: eth1

dhcp4: no

dhcp6: no

addresses:

- <PRV_IP>/<PRIV_PRIFIX>

nameservers:

addresses:

- <DNS1>

- <DNS2>

search:

- "<DOMAIN>"

routes:

- to: <PRIVATE_SUBNET>/<PRIVATE_SUBNET_PREFIX>

via: <PRIVATE_SUBNET_GATEWAY>

Apply the network configuration.

⚠It is possible you need to reboot the server to apply change.

Command(s):

# Apply the change and revert after 120 secondes if you not confirm the change.

netplan try

# Apply the change permanently.

netplan apply

Validate network configuration.

Display the network configuration.

Command:

ip address && route -n && resolvectl

Result:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 02:00:30:8f:00:3d brd ff:ff:ff:ff:ff:ff
altname enp0s3
altname ens3
inet 10.20.20.236/24 brd 10.20.20.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::30ff:fe8f:3d/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 02:00:25:47:00:05 brd ff:ff:ff:ff:ff:ff
altname enp0s4
altname ens4
inet 10.10.10.68/24 brd 10.10.10.255 scope global eth1
valid_lft forever preferred_lft forever
inet6 fe80::25ff:fe47:5/64 scope link
valid_lft forever preferred_lft forever
4: vlan10@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 02:00:25:47:00:05 brd ff:ff:ff:ff:ff:ff
inet 10.10.250.10/24 brd 10.10.250.255 scope global vlan10
valid_lft forever preferred_lft forever
inet6 fe80::25ff:fe47:5/64 scope link
valid_lft forever preferred_lft forever

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.20.20.1 0.0.0.0 UG 0 0 0 eth0
10.10.10.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
10.10.10.0 10.10.10.1 255.255.255.0 UG 0 0 0 eth1
10.10.250.0 0.0.0.0 255.255.255.0 U 0 0 0 vlan10
10.20.20.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0

Global
Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: uplink

Link 2 (eth0)
Current Scopes: DNS
Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
DNS Servers: 10.20.20.1 23.19.52.52 23.19.53.53
DNS Domain: mycompany.local

Link 3 (eth1)
Current Scopes: DNS
Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
DNS Servers: 1.1.1.1 8.8.8.8

Link 4 (vlan10)
Current Scopes: none
Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported

Display the Netplan configuration

Command:

netplan get

Result:

network:

version: 2

renderer: networkd

ethernets:

lo:

addresses:

- "127.0.0.1/8"

- "::1/128"

eth0:

match:

name: "eth0"

macaddress: "02:00:30:8f:00:3d"

addresses:

- "10.20.20.236/24"

nameservers:

addresses:

- 10.20.20.1

- 23.19.52.52

- 23.19.53.53

search:

- mycompany.local

routes:

- to: "0.0.0.0/0"

via: "10.20.20.1"

eth1:

addresses:

- "10.10.10.68/24"

nameservers:

addresses:

- 1.1.1.1

- 8.8.8.8

routes:

- to: "10.10.10.0/24"

via: "10.10.10.1"

vlans:

vlan10:

addresses:

- "10.10.250.10/24"

id: 10

link: "eth1"

<~-- -->