Child pages
  • Delusion IP Tunnel for GLADE 2 Server Bring Up Testing
Skip to end of metadata
Go to start of metadata

We needed to be able to mount the delusion:/nfs/home file system on the GLADE 2 nodes we were installing here at the ML.  Since the internal IP addresses being configured on the interfaces are the same as those that are in production, we needed to create an IP tunnel between blizzard and delusion to carry the traffic, and two additional private subnets for the glade-int and picnic-int VLANs in the lab.

 

delusion mods
-------------
On the fly
----------
ip tun add iolabtun mode gre local 128.117.183.101 remote 128.117.222.10 key 12.43.56.87
ip a a dev iolabtun 10.0.61.2 peer 10.0.61.1/32
ip link set dev iolabtun up
ip r a 10.0.59.0/24 via 10.0.61.1
ip r a 10.0.60.0/24 via 10.0.61.1

Permanent
---------
[root@delusion network-scripts]# cat ifcfg-iolabtun
TYPE=GRE
DEVICE=iolabtun
NAME=iolabtun
BOOTPROTO=none
DEFROUTE=no
PEERROUTES=no
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=no
IPV6_PEERDNS=no
IPV6_PEERROUTES=no
IPV6_FAILURE_FATAL=no
ONBOOT=yes
MY_OUTER_IPADDR=128.117.183.101
PEER_OUTER_IPADDR=128.117.222.10
MY_INNER_IPADDR=10.0.61.2
PEER_INNER_IPADDR=10.0.61.1
KEY=12.43.56.87
MTU=8972

[root@delusion network-scripts]# cat route-iolabtun
ADDRESS0=10.0.59.0
NETMASK0=255.255.255.0
GATEWAY0=10.0.61.1
ADDRESS1=10.0.60.0
NETMASK1=255.255.255.0
GATEWAY1=10.0.61.1

[root@delusion network-scripts]# grep '10\.0\.' /etc/exports
/nfs/home       10.0.59.0/24(rw,no_root_squash)
/nfs/home       10.0.60.0/24(rw,no_root_squash)

blizzard mods
-------------
On the fly
----------
ip tun add iolabtun mode gre remote 128.117.183.101 local 128.117.222.10 key 12.43.56.87
ip a a dev iolabtun 10.0.61.1 peer 10.0.61.2/32
ip link set dev iolabtun up
ip a a 10.0.59.254/24 dev enp2s0f0.143
ip a a 10.0.60.254/24 dev enp2s0f0.146
firewall-cmd --zone=trusted --add-source=128.117.183.101/32
firewall-cmd --zone=trusted --add-source 10.0.59.0/24
firewall-cmd --zone=trusted --add-source 10.0.60.0/24
firewall-cmd --zone=trusted --add-source 10.0.61.0/30

 Permanent
---------
firewall-cmd --permanent --zone=trusted --add-source=128.117.183.101/32
firewall-cmd --permanent --zone=trusted --add-source 10.0.59.0/24
firewall-cmd --permanent --zone=trusted --add-source 10.0.60.0/24
firewall-cmd --permanent --zone=trusted --add-source 10.0.61.0/30

[root@blizzard network-scripts]# cat ifcfg-iolabtun
TYPE=GRE
DEVICE=iolabtun
NAME=iolabtun
BOOTPROTO=none
DEFROUTE=no
PEERROUTES=no
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=no
IPV6_PEERDNS=no
IPV6_PEERROUTES=no
IPV6_FAILURE_FATAL=no
ONBOOT=yes
MY_OUTER_IPADDR=128.117.222.10
PEER_OUTER_IPADDR=128.117.183.101
MY_INNER_IPADDR=10.0.61.1
PEER_INNER_IPADDR=10.0.61.2
KEY=12.43.56.87
MTU=8972
ZONE=trusted

[root@blizzard network-scripts]# cat ifcfg-vlan-enp2s0f0.143
VLAN=yes
TYPE=Vlan
DEVICE=enp2s0f0.143
PHYSDEV=enp2s0f0
VLAN_ID=143
REORDER_HDR=0
BOOTPROTO=none
DEFROUTE=no
PEERROUTES=no
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=no
IPV6_PEERDNS=no
IPV6_PEERROUTES=no
IPV6_FAILURE_FATAL=no
NAME=vlan-enp2s0f0.143
UUID=56f2ba5a-71c1-4e81-add5-cbd761c488dd
ONBOOT=yes
IPADDR0="10.11.143.254"
PREFIX0="24"
NM_CONTROLLED=no
PEERDNS=no
IPADDR1="10.0.59.254"
PREFIX1="24"

[root@blizzard network-scripts]# cat ifcfg-vlan-enp2s0f0.146
VLAN=yes
TYPE=Vlan
DEVICE=enp2s0f0.146
PHYSDEV=enp2s0f0
VLAN_ID=146
REORDER_HDR=0
BOOTPROTO=none
DEFROUTE=no
PEERROUTES=no
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=no
IPV6_PEERDNS=no
IPV6_PEERROUTES=no
IPV6_FAILURE_FATAL=no
NAME=vlan-enp2s0f0.146
UUID=40a59468-3afc-4a11-b73e-58999047db41
ONBOOT=yes
IPADDR0="10.11.146.15"
PREFIX0="27"
NM_CONTROLLED=no
PEERDNS=no
IPADDR1="10.0.60.254"
PREFIX1="24"

glade-int NFS client
--------------------
On the fly
----------
ip a a 10.0.59.x/24 dev enp3s0.143
ip r a 10.0.61.0/30 via 10.11.59.254 mtu
mount from 10.0.61.2

Permanent
---------
[root@dasgmgt1 network-scripts]# cat ifcfg-enp3s0.143
TYPE=Ethernet
BOOTPROTO=static
DEFROUTE=yes
PEERDNS=no
PEERROUTES=no
IPV4_FAILURE_FATAL=yes
IPV6INIT=no
IPV6_AUTOCONF=no
IPV6_DEFROUTE=no
IPV6_PEERDNS=no
IPV6_PEERROUTES=no
IPV6_FAILURE_FATAL=no
NAME=enp3s0.143
DEVICE=enp3s0.143
ONBOOT=yes
IPADDR0=10.11.143.250
NETMASK0=255.255.255.0
GATEWAY=10.11.143.254
NM_CONTROLLED=no
VLAN=yes
TYPE=Vlan
VLAN_ID=143
IPADDR1=10.0.59.1
NETMASK1=255.255.255.0

[root@dasgmgt1 network-scripts]# cat route-enp3s0.143 
10.0.61.0/30 via 10.0.59.254 src 10.0.59.x

picnic-int NFS client
--------------------
On the fly
----------
ip a a 10.0.60.x/24 dev eno1
ip r a 10.0.61.0/30 via 10.0.60.254 src 10.0.60.x
mount from 10.0.61.2

Permanent
---------
[root@picnicmgt1 network-scripts]# cat ifcfg-eno1
# Generated by dracut initrd
NAME="eno1"
DEVICE="eno1"
ONBOOT=yes
NETBOOT=no
UUID="965b5987-7d26-4f38-aa92-b48e811b4121"
IPV6INIT=yes
BOOTPROTO=static
TYPE=Ethernet
IPADDR0=10.11.146.11
NETMASK=255.255.255.224
GATEWAY=10.11.146.15
NM_CONTROLLED=no
IPADDR1=10.0.60.1
NETMASK1=255.255.255.0

[root@picnicmgt1 network-scripts]# cat route-eno1
10.0.61.0/30 via 10.0.60.254 src 10.0.60.x
  • No labels