Date: Tue, 16 Sep 2008 21:34:55 +1000 From: Edwin Groothuis <edwin@mavetju.org> To: Jordi Espasa Clofent <jespasac@minibofh.org> Cc: freebsd-net@freebsd.org Subject: Re: Change netmask with /etc/rc.d/network restart or reboot the machine? Message-ID: <20080916113455.GA83338@k7.mavetju> In-Reply-To: <48CF930B.4020704@minibofh.org> References: <48CF930B.4020704@minibofh.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Sep 16, 2008 at 01:05:47PM +0200, Jordi Espasa Clofent wrote: > I've a lot of boxes in production with a lot of associated services > (http, ftp, ssh, smtp, mysql...). > Because of internal administration reasons I need to ampliate my > internal IPs range from /24 to /16; so I need to change my internal NIC > settings. The last goal is make the change with _security_. I prefer a > reboot with thier 2/4 minutes downtime than a odd miss-function in > several production services. > > I tend to think that the use of ifconfig(8) will be enough; of course, > I'll also modify /etc/rc.conf 'ifconfig_<nic_id>' record for posterior > reboots. Or maybe I has more sense to modify directly the /etc/rc.conf > record and next use the '/etc/rc.d/netif restart'; or maybe make the > change in /etc/rc.conf and reboot the machines. > > ?What do you tink about? Like you said, ifconfig is the simplest way to do it. Just make sure your default gateway doesn't need a change neither. Foolproof should be: - Modify /etc/rc.conf - "shutdown -r +3" - "ifconfig nic0 1.2.3.4 netmask 255.255.0.0" - "killall -TERM shutdown" That way even if the ifconfig goes wrong for some reason (it will happen if you do 700 machines) the machine will come back after the reboot. Don't forget about possible ipfw rule changes! Edwin -- Edwin Groothuis | Personal website: http://www.mavetju.org edwin@mavetju.org | Weblog: http://www.mavetju.org/weblog/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080916113455.GA83338>