Hostname and IP setup
| Server setup | |
| ← Previous | Next → |
| OS installation | Firewall |
The default setup for allocating IP numbers is dynamically, via DCHP from the router. That's fine for most machines, but server machines need fixed IP numbers. As both Linux machines act as servers, they both need fixed IP numbers.
The first thing to do is to adjust the settings on the router so that some of the IP numbers on the LAN are not in the DHCP pool. While you're there, adjust the settings on the router to open various ports and pass the packets to the server.
Hostname
To give the Linux boxes their hostname, adjust the following files:
- Change
/etc/hostnameto
server
- Change
/etc/hoststo include
127.0.0.1 localhost 127.0.1.1 server.domain.tld server
Find the hostname with hostname, the domain name with dnsdomainname and the FQDN with hostname -f.
IPv6 addressing plan
I couldn't find good guides to how to best use the huge space of IPv6 addresses. In the end I decided to use application-specific IP numbers, and when several applications are on the same machine, that machine has multiple addresses. My machines host multiple services for several domains so each combination gets its own IP number.
Update interfaces file
If the network is configured with /etc/network/interfaces, define the static IP numbers like this
auto eno1
iface eno1 inet static
address 192.168.1.252
netmask 255.255.255.0
network 192.168.1.0
broadcast 10.191.106.255
gateway 192.168.1.1
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 191.168.1.252 192.168.1.251
dns-search domain.tld
iface env6 inet6 static
netmask 64
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers aaaa:bbbb:cccc:dddd::8000:53 aaaa:bbbb:cccc:dddd::1000:54
dns-search domain.tld
# domain server
iface eno1 inet6 static inherits env6
address aaaa:bbbb:cccc:dddd::1000:2
gateway aaaa:bbbb:cccc:dddd::1
# domain dns
iface eno1 inet6 static inherits env6
address aaaa:bbbb:cccc:dddd::1000:53
# domain web
iface eno1 inet6 static inherits env6
address aaaa:bbbb:cccc:dddd::1000:443
This uses the inherits feature to avoid repeating the DNS entries for each IPv6 address. Note that there should only be one gateway entry for both the IPv4 and IPv6 sides.
Apply the changes
root@desktop:~# systemctl restart networking.service
If you get an error, shown in systemctl status networking.service as RTNETLINK answers: File exists, it could be because you have more than one gateway statement for the IPv6 addresses. In that case, flush the interface and restart the network (you have to do this as on conjoined command):
root@desktop:~# ip addr flush eno1 && systemctl restart networking.service
Update netplan
Modify the file /etc/netplan/01-network-manager-all.yaml to include the stanza:
network:
version: 2
renderer: NetworkManager
ethernets:
eno1:
dhcp4: no
dhcp6: no
addresses: [192.168.1.251/24,aaaa:bbbb:cccc:dddd::1000:1/64,aaaa:bbbb:cccc:dddd::1000:53/64]
routes:
- to: default
via: 192.168.1.1
- to: default
via: aaaa:bbbb:cccc:dddd::1
nameservers:
search: [domain.tld]
addresses: [192.168.1.252,192.168.1.251,aaaa:bbbb:cccc:dddd::1000:53,aaaa:bbbb:cccc:dddd::1000:54]
Apply the changes
root@desktop:~# netplan apply
Disable NetworkManager
Change /etc/NetworkManager/NetworkManager.conf so that managed=true and there's no dns=dnsmasq line active:
[main] plugins=ifupdown,keyfile #dns=dnsmasq [ifupdown] managed=true
Multiple network cards
One of my machines has two network cards. udev assigns interface names to the cards. The trouble is, it seems to do it randomly. To fix how the interface names are assigned to the NICs, modify the file /etc/udev/rules.d/70-persistent-net.rules to include the naming you want:
# PCI device 0x11ab:0x4320 (skge)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="xx:xx:xx:xx:xx:xx", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0"
# PCI device 0x10b7:0x9200 (3c59x)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="xx:xx:xx:xx:xx:xx", ATTR{type}=="1", KERNEL=="eth*", NAME="eth1"
- Remember to remove any existing naming rules. Note that you should replace the xx:xx:xx:xx:xx:xx with your cards' MAC addresses.
Changing hostnames
If you change the hostname after setting up the machine, you'll need to change a couple of things that encode the hostname.
First is the OpenSSH server. The server keys will still be labelled with the old hostname. To regenerate the keys, delete them then reconfigure the openssh-server package:
root@server:~# rm /etc/ssh/ssh_host_* root@server:~# rm dpkg-reconfigure -plow openssh-server
You will then need to remove the key fingerprints from all machines that connect to this server, otherwise the SSH client will complain that the host it's connecting to has changed identity. For each user, remove the line for the given host in ~/.ssh/known-hosts. When you next connect to the host, you'll be asked to confirm the key fingerprint again. (Taken from Vivek Gite's instrutions.)
The other thing is the user table in MySQL. MySQL creates users for the particular hostname. They're easily changed using the MySQL tool:
root@desktop:~# mysql -u 'root' -p mysql> update mysql.user set host='newhost.domain.tld' where host='oldhost.domain.tld'; mysql> quit;
External DNS records
I use DomainDiscount24 as a registrar for my domains. Their nameservers provide the canonical source for external DNS lookups for the njae.me.uk domain, among others. The domain settings there are fairly straightforward. I use their standard nameservers (ns1.domaindiscount24.net, ns2.domaindiscount24.net, and ns3.domaindiscount24.net).
The DNS settings are:
| IN A | 212.69.55.62 |
| MX | 10 mail.njae.me.uk |
| 20 mail.microwavesushi.com |
Ensure the 'Make wildcard entry' box at the bottom of the page is checked, so that domains such as www.njae.me.uk and mail.njae.me.uk can be resolved.