Open main menu

Linux and Unix Users Group at Virginia Teck Wiki β

Changes

Infrastructure:Sysadmin Handbook

3,220 bytes added, 02:27, 2 January 2018
no edit summary
#REDIRECT This page describes how to build the infrastructure from scratch, as well manage it in general.  == Networking ==* Set up physical boxes based on the [[Infrastructure:Diagram|Diagram]]* Determine the ip addresses based on [[Sysadmin HandbookInfrastructure:Network|Network]]=== Router ===Configure /etc/network/interfaces:  <nowiki># v6iface $EXTERNAL_IF inet6 autoiface $INTERNAL_IF inet6 static address $INTERNAL_IPv6 netmask 128 # Enable internal network to access router's external v6 address pre-up ip route add $EXTERNAL_IPv6 via $INTERNAL_IPv6 # Enable NDP Proxying so internal boxes get SLAAC pre-up echo 1 > /proc/sys/net/ipv6/conf/all/forwarding pre-up echo 2 > /proc/sys/net/ipv6/conf/all/accept_ra # VTLUUG Private Network v4iface $INTERNAL_IF inet static address $INTERNAL_IPv4 netmask 255.255.255.0 # Additional IPsiface $EXTERNAL_IF inet static address $EXTERNAL_IPv4 gateway 128.173.88.1 broadcast 128.173.91.255 netmask 255.255.252.0 # Nat Settings # TODO this probably doesn't work pre-up tc action nat egress 10.99.0.0/24 $EXTERNAL_IP # Enable ARP Proxying so internal v4 address are accessible pre-up echo 1 > /proc/sys/net/ipv4/conf/all/proxy_arp pre-up echo 1 > /proc/sys/net/ipv4/ip_forward # Route internal v4 addresses ip route add $JOEY_EXTERNAL_IPv4/24 dev $INTERNAL_IF ip route add $CRASHANDBURN_EXTERNAL_IPv4/24 dev $INTERNAL_IF ip route add $SCZI_EXTERNAL_IPv4/24 dev $INTERNAL_IF ip route add $ACIDBURN_EXTERNAL_IPv4/24 dev $INTERNAL_IF ip route add $ZEROCOOL_EXTERNAL_IPv4/24 dev $INTERNAL_IF ip route add $MIRROR_EXTERNAL_IPv4/24 dev $INTERNAL_IF</nowiki> Next, set up NDP proxyingConfigure /etc/ndppd.conf: (May not already exist)   <nowiki># Rather than only listenting on each individual IPv6 address, we # simply forward all soliciations. The main advantage is that we# don't have to add any additional routing rules if a new internal# device is added.route-ttl 30000address-ttl 30000 # External interface to listen onproxy $EXTERNAL_IF { router yes timeout 500 autowire no keepalive yes retries 3 promiscuous no ttl 30000  # Prefix to listen on rule ::0/ { # TODO might change prefix # Internal interface to forward everything to iface $INTERNAL_IF autovia no }}</nowiki> Now start '''and''' enable ndppd.service. === Everything Else not run under oVirt ======= Debian ====Configure /etc/network/interfaces:  <nowiki># v6iface $INTERFACE inet6 autoauto $INTERFACEiface $INTERFACE inet static address $INTERNAL_IPv4 gateway 10.99.0.1 netmask 255.255.255.0 # Additional IPs - Only do this if this box has an external IPiface $INTERFACE inet static address $EXTERNAL_IPv4 gateway 128.173.88.1 netmask 255.255.252.0</nowiki> ==== Centos ====Configure /etc/sysconfig/network-scripts/ifcfg-$INTERFACE:  <nowiki>ONBOOT="yes"NM_CONTROLLED="no"BOOTPROTO="static"IPADDR0="$INTERNAL_IPv4"GATEWAY0="10.99.0.1"NETMASK0="255.255.255.0"# Addition IPs - Only do this if this box has an external IPIPADDR1="$EXTERNAL_IPv4"GATEWAY1="128.173.88.1"NETMASK1="255.255.252.0"</nowiki> == Other stuff ==
Anonymous user