Proper way to add more IP's and network settings

Hi,
What is the right way to add more IP,s to the server in Webmin/Virtualmin. The new ip-range is not in the same series as the allready installed IP’s, so none of the info below is same. They should be added to the same NIC eth0.
I’m on a FC4 box with Virtualmin Pro.

I have the following info that should be added somewhere:
IP-range: x.x.x.x/x
Netmask: x.x.x.x
Network: x.x.x.x
Broadcast: x.x.x.x
Gateway: x.x.x.x

Would be nice to put everything in the right place the first time. Our server have several customer accounts and I don’t want to do it wrong and maybee have the server inaccessible.

Regards,

Hey Leif,

How very complex!

I’m not sure how Virtualmin will handle this one…It’s possible to use several different ranges of IP addresses by creating a new Server Template for each range. The only question is what Virtualmin is going to do about the mask and broadcast values, since it doesn’t provide any mechanism to set them (the gateway is system-wide, and won’t matter to Virtualmin). I’m not sure how it’ll handle that bit, but I suspect it’ll pull the details from the default interface (probably eth0) which won’t be right for your new range.

But, if you pre-create all of the addresses with the correct configuration, you can avoid that question–the Webmin Network Configuration module can auto-create ranges of addresses for you, so it’s not too tedious. You’ll need to set the Module Config option labeled “Bring up virtual interfaces?” to “No”, but otherwise, it’ll be about the same as what you’re used to.

Not sure, off-hand, if there’s any other way to approach the problem. Might be something we ought to make a bit more flexible in Virtualmin–but no one has ever asked for it to date.

Hi Joe,

Hmmm… so far i’m only using a single ip for our server, maybee it’s better to drop that one and swap over to the new ip-range and all the new network settings. But i’m not shure which files(through ssh) to edit, or how to do that in webmin without beeing disconected from either ssh or webmin.

We need the new ip’s becauce several customers needs SSL to their e-commerce online credit card payments.

Regards,
Leif

Hi Joe,

To add the new IP’s to the system should i add files to “/etc/sysconfig/network-scripts/” whith following info:

DEVICE=eth0
BOOTPROTO=static
BROADCAST=xxx.xxx.xxx.xxx
HWADDR=xx:xx:xx:xx:xx:xx
IPADDR=xxx.xxx.xxx.xxx
NETMASK=xxx.xxx.xxx.xxx
NETWORK=xxx.xxx.xxx.xxx
ONBOOT=yes
TYPE=Ethernet

and call them:
ifcfg-eth0:0
ifcfg-eth0:1
ifcfg-eth0:2
and so on…for each new ip, or can I add a ip-range in one single file.

Or can I add the info in Webmin-Networking-Network Configuration? I don’t know where all settings should go!

Regards,
Leif

Hmmm… so far i’m only using a single ip for our server, maybee it’s better to drop that one and swap over to the new ip-range and all the new network settings. But i’m not shure which files(through ssh) to edit, or how to do that in webmin without beeing disconected from either ssh or webmin.

Ah, the old “I don’t wanna break it” conundrum. Valid concern.

If I were in such a situation, I’d probably leave the old address running until I’d tested the configuration of one of the new addresses. The best bet is to bring it up on a virtual device (e.g. eth0:1) using the Interfaces Active Now section of the Webmin Network Configuration module. And then after you’re pretty confident you’ve got it right, you can swap the configuration between eth0 and eth0:1, on the Interfaces Active Now. At this point, if you lose connectivity, a reboot will bring eth0 back to life with the old IP (because we didn’t modify any of the on-boot configuration files). Or, if you don’t lose connectivity, you’ll know you’ve got good configurations, and you can copy them over to the Interfaces Activated on Boot (double-checking them before actually applying the network configuration changes).

The files that you’re interested in on Red Hat based systems are /etc/sysconfig/network-scripts/ifcfg-eth*, as you’ve surmised. You can use ranges, in fact, that’s how our addresses are configured on Virtualmin.com. Here’s our eth0 range definition (there is also a ifcfg-eth0 def for the primary IP address):

[[virtualmin@www documentation]]$ cat /etc/sysconfig/network-scripts/ifcfg-eth0-range0
IPADDR_END=70.86.4.238
GATEWAY=70.86.4.225
CLONENUM_START=0
DHCP_HOSTNAME=www.virtualmin.com
BOOTPROTO=static
IPADDR_START=70.86.4.227
TYPE=Ethernet
HWADDR=00:12:3F:D2:94:70
NO_ALIASROUTING=yes
DEVICE=eth0
NETMASK=255.255.255.240
ONBOOT=yes

The magic is in the IPADDR_START= and the IPADDR_END fields.

I don’t actually know what some of those values mean, but they seem to work for our system (and we do have several IPs in use for SSL and other services). Webmin does support this type of network definition–and you can also create ranges of addresses using the Webmin network configuration module by clicking the “Add a new address range.” link at the bottom of the Interfaces Activated at Boot Time section.

So, in short:

Get the eth0 interface running right with Interfaces Active Now (so you can reboot to the old config if you break something).

Copy it to the Interfaces Activated at Boot Time, if you know you’ve got it right.

Add the new range using the Add a new address range feature.

Configure Virtualmin not to bring up interfaces.

All done! And with minimal risk of disconnecting yourself in ways that would require (much) humand intervention. I’m assuming your web host provides unlimited remote reboot service for free, of course…

Hi Joe,

Thank you for the “guide-line”. I have now added the new IP-range. I did as you suggested and added the Network Interface settings to the “Active Now” and the Routing and Gateway info likewise and did a test on everything first, moved everyting to be activeated at boot. Then I did a “shutdown -r now” to really see that everything is ok and… YES! everything started up nice and fast!!! Added a domain to one of the new IP’s just to test, and allso tried to move a domain from the old IP to a new IP and everyting worked like a charm.

Thank you for all your help!

BTW, Is the "CPU load averages" info accurate on the System Information page? Becauce none of the values (allmost) never gets bigger than 1-4%, I think the average is about 2%. if I look at the Running Processes I see the same thing, sometimes some processes jumps up to 10-15%. At the moment we only have 15 domains/19 databases(MySQL)/70 Mail-FTP users on the server, some of them have online stores with thousands of php-files and rather heavy MySQL databases. The CPU load looks rather low in my opinion.

Regards,
Leif Blafors

Hi Joe,

Thank you for the “guide-line”. I have now added the new IP-range. I did as you suggested and added the Network Interface settings to the “Active Now” and the Routing and Gateway info likewise and did a test on everything first, moved everyting to be activeated at boot. Then I did a “shutdown -r now” to really see that everything is ok and… YES! everything started up nice and fast!!! Added a domain to one of the new IP’s just to test, and allso tried to move a domain from the old IP to a new IP and everyting worked like a charm.

Thank you for all your help!

BTW, Is the "CPU load averages" info accurate on the System Information page? Becauce none of the values (allmost) never gets bigger than 1-4%, I think the average is about 2%. if I look at the Running Processes I see the same thing, sometimes some processes jumps up to 10-15%. At the moment we only have 15 domains/19 databases(MySQL)/70 Mail-FTP users on the server, some of them have online stores with thousands of php-files and rather heavy MySQL databases. The CPU load looks rather low in my opinion.

Regards,
Leif Blafors

Hey Leif,

Glad to hear it worked out well.

BTW, Is the "CPU load averages" info accurate on the System Information page? Becauce none of the values (allmost) never gets bigger than 1-4%, I think the average is about 2%. if I look at the Running Processes I see the same thing, sometimes some processes jumps up to 10-15%. At the moment we only have 15 domains/19 databases(MySQL)/70 Mail-FTP users on the server, some of them have online stores with thousands of php-files and rather heavy MySQL databases. The CPU load looks rather low in my opinion.

They are as accurate as the uptime command reports on your OS (i.e., not very). But, you’d be surprised at just how hard it is to gather accurate CPU usage stats on modern processors. The processor is executing millions of instructions per second, many of which are never actually used for work, and the kernel doesn’t actually know a whole lot about what’s going on inside–in modern processors each of the assembly instructions could break up into many RISC-y instructions.

To further complicate things, uptime reports something a bit different than actual processor usage. For example, on a heavily loaded server, with many processes competing for CPU load, the load average numbers can go above 1.0. Well above 1.0 in some case–a heavily loaded Squid proxy server can hit 5 or 6 for hours at a time. This doesn’t mean that the machine is using 500% of the CPU, it just means that there are five processes that want 100% of the available CPU…poll() loops, in particular, can swell this number.

In short, the load averages reported are definitely wrong, but probably no more wrong than any other reasonable source of load average data. And some programs that gather load add quite a bit of load themselves; top for example, causes CPU spikes every few seconds as it refreshes.

vmstat is a pretty good way to get a running tally, that is likely more accurate and less likely to manipulate results…when I cared a lot about CPU usage (when I was building Squid-based proxy servers for serving hundreds or thousands of hits per second), that was the tool I used to study CPU usage. Just start up "vmstat 1" on the command line, and watch it go by. It reports on user and system usage, as well as idle time. But, even this data is not perfect.

Hi,

Thanks, I’ll take a look at vmstat, actually I dont’t care so much for the numbers as long as the server don’t feel slow and overloaded. I was just curious.

BTW I think I forgott some decimal points in my last post, the readings in System Information it should have been .1 - .4 and .2 as average, like this when I just checked:
CPU load averages 0.13 (1 min) 0.12 (5 mins) 0.05 (15 mins)

Regards,
Leif

Hi Joe,

Thank you for the “guide-line”. I have now added the new IP-range. I did as you suggested and added the Network Interface settings to the “Active Now” and the Routing and Gateway info likewise and did a test on everything first, moved everyting to be activeated at boot. Then I did a “shutdown -r now” to really see that everything is ok and… YES! everything started up nice and fast!!! Added a domain to one of the new IP’s just to test, and allso tried to move a domain from the old IP to a new IP and everyting worked like a charm.

Thank you for all your help!

BTW, Is the "CPU load averages" info accurate on the System Information page? Becauce none of the values (allmost) never gets bigger than 1-4%, I think the average is about 2%. if I look at the Running Processes I see the same thing, sometimes some processes jumps up to 10-15%. At the moment we only have 15 domains/19 databases(MySQL)/70 Mail-FTP users on the server, some of them have online stores with thousands of php-files and rather heavy MySQL databases. The CPU load looks rather low in my opinion.

Regards,
Leif Blafors

Hey Leif,

Glad to hear it worked out well.

BTW, Is the "CPU load averages" info accurate on the System Information page? Becauce none of the values (allmost) never gets bigger than 1-4%, I think the average is about 2%. if I look at the Running Processes I see the same thing, sometimes some processes jumps up to 10-15%. At the moment we only have 15 domains/19 databases(MySQL)/70 Mail-FTP users on the server, some of them have online stores with thousands of php-files and rather heavy MySQL databases. The CPU load looks rather low in my opinion.

They are as accurate as the uptime command reports on your OS (i.e., not very). But, you’d be surprised at just how hard it is to gather accurate CPU usage stats on modern processors. The processor is executing millions of instructions per second, many of which are never actually used for work, and the kernel doesn’t actually know a whole lot about what’s going on inside–in modern processors each of the assembly instructions could break up into many RISC-y instructions.

To further complicate things, uptime reports something a bit different than actual processor usage. For example, on a heavily loaded server, with many processes competing for CPU load, the load average numbers can go above 1.0. Well above 1.0 in some case–a heavily loaded Squid proxy server can hit 5 or 6 for hours at a time. This doesn’t mean that the machine is using 500% of the CPU, it just means that there are five processes that want 100% of the available CPU…poll() loops, in particular, can swell this number.

In short, the load averages reported are definitely wrong, but probably no more wrong than any other reasonable source of load average data. And some programs that gather load add quite a bit of load themselves; top for example, causes CPU spikes every few seconds as it refreshes.

vmstat is a pretty good way to get a running tally, that is likely more accurate and less likely to manipulate results…when I cared a lot about CPU usage (when I was building Squid-based proxy servers for serving hundreds or thousands of hits per second), that was the tool I used to study CPU usage. Just start up "vmstat 1" on the command line, and watch it go by. It reports on user and system usage, as well as idle time. But, even this data is not perfect.