My backup neth server, which is acting as a hotsync target, has three network interfaces–one is green (which had been a 10G interface), the other two are unused. I needed to remove the 10G NIC/cable and use a different interface. Powered down, removed cable, plugged in a network cable to one of the other interfaces, and did db networks setprop enp0s25 ipaddr blah gateway blah netmask blah role green followed by signal-event interface-update. That didn’t quite work, so I also did db networks delprop those same properties on the old interface followed by another signal-event interface-update. That seemed to do the trick–I could ping in and out, ssh in, pull up the server manager, etc.
However, I was still getting error messages from hotsync. Figuring that maybe the new interface wasn’t fully configured, I went to the server manager, Networks page, edited the configuration of this interface, changed nothing, and clicked save. Big problems:
Is there Samba4 AD account provider configured? Then the green interface has to be bridged to be able to host the NSDC container. This could get you in trouble when you change the nic… (just a thought)
[root@neth-backup ~]# systemctl status shorewall -l
● shorewall.service - Shorewall IPv4 firewall
Loaded: loaded (/usr/lib/systemd/system/shorewall.service; enabled; vendor preset: disabled)
Drop-In: /usr/lib/systemd/system/shorewall.service.d
└─nethserver-firewall-base.conf
Active: failed (Result: exit-code) since Sat 2018-11-03 19:44:12 EDT; 21h ago
Main PID: 4623 (code=exited, status=25)
Nov 03 19:44:12 neth-backup.familybrown.org shorewall[4623]: Processing /etc/shorewall/shorewall.conf...
Nov 03 19:44:12 neth-backup.familybrown.org shorewall[4623]: Loading Modules...
Nov 03 19:44:12 neth-backup.familybrown.org shorewall[4623]: Compiling /etc/shorewall/zones...
Nov 03 19:44:12 neth-backup.familybrown.org shorewall[4623]: Compiling /etc/shorewall/interfaces...
Nov 03 19:44:12 neth-backup.familybrown.org shorewall[4623]: Compiling /etc/shorewall/hosts...
Nov 03 19:44:12 neth-backup.familybrown.org shorewall[4623]: ERROR: Unknown interface (enp2s0) /etc/shorewall/hosts (line 21)
Nov 03 19:44:12 neth-backup.familybrown.org systemd[1]: shorewall.service: main process exited, code=exited, status=25/n/a
Nov 03 19:44:12 neth-backup.familybrown.org systemd[1]: Failed to start Shorewall IPv4 firewall.
Nov 03 19:44:12 neth-backup.familybrown.org systemd[1]: Unit shorewall.service entered failed state.
Nov 03 19:44:12 neth-backup.familybrown.org systemd[1]: shorewall.service failed.
Doesn’t appear to have. shorewall status doesn’t appear changed.
I wonder if this is the problem: /etc/shorewall/hosts is referring to the old interface, not the new. OTOH, /etc/shorewall/interfaces is referring to the new interface. Making the changes manually to /etc/shorewall/hosts lets shorewall start, but of course that will be overwritten next time the template is expanded. And I’m afraid I can’t parse the Perl in the hosts template fragment to understand what it’s doing. Here’s the output of db networks show:
I compared to my servers and I recognized that all interfaces have a role prop even if it’s empty.
And I think the bootproto for enp2s0 could be deleted.
db networks delprop enp2s0 bootproto db networks setprop enp2s0 role '' signal-event interface-update signal-event firewall-adjust
My networks db to compare:
[root@testserver ~]# db networks show
ens33=ethernet
FwInBandwidth=
FwOutBandwidth=
bootproto=none
gateway=192.168.0.1
ipaddr=192.168.0.2
netmask=255.255.255.0
role=green
ens37=ethernet
role=
ens38=ethernet
role=
