8.10. Procedure to manage the network parameters of `Tunnel` and `Management` interfaces
A - Introduction
This procedure describes:
Viewing the network settings
Modifying these parameters
For...
Use the command
carry out the procedures successively
obtain an overview of the information on all network interfaces
display for each interface: MAC address, carrier presence, speed, and type of connection
display or change the domain name
display or change the system name
display or modify the interface used in SSH for administering the GCap and the GCap GCenter link
display or modify the MTU value of the interfaces show
display or modify the TCP/IP settings of the Management / Tunnel interfaces
B - Prerequisites
User: setup
Commands used in this procedure:
C - Preliminary operations
Connect to the GCap (refer to Procedure to remote connection to GCap via an SSH tunnel)
Stop the Sigflow detection engine (refer to monitoring-engine)
D - Procedure to display the network configuration
The command prompt is displayed.
(gcap-cli)
- Enter the command
show network-config configuration
- ValidateThe system displays the information of all network interfacesIn this procedure, only the information on the management and tunnel network interfaces is detailedFor information on capture interfaces
`monx`, refer to Procedure to manage the `monx` capture interface settingsThe system displays the following information:System name (hostname)
Domain name (domain_name)
Details of the TCP/IP settings for each network interface (
`management`and`tunnel`)Whether or not the interface is enabled
{ "hostname": "GCap", "domain_name": "domain.local", "tunnel": { "ip_address": "192.168.1.1", "mask": "255.255.255.0", "default_gateway": "192.168.1.254", }, "management": { "ip_address": "192.168.2.1", "mask": "255.255.255.0", "default_gateway": "192.168.1.254", },
Note
The configuration in the above example is dual interface.
E - Procedure to display the status of the GCap network interfaces
The command prompt is displayed.
(gcap-cli)
Enter the command
show interfaces
- Validate.The system displays the status of the GCap network interfaces.
For each interface, the following information is displayed:`Label`: the label name of the interface`Name`: the system name of the interface`Role`: the role assigned to the interface`Capture capability`: if the interface can capture traffic`MTU`: the MTU of the interface`Physical Address`: the MAC address of the interface`Speed`: the interface speed`Type`: the type of cable/sfp connected to the physical port`Vendor ID`: the Vendor ID of the network card`Device ID`: the ID of the network card`PCI bus`: PCI bus number used by the network card
F - Procedure to display/change the GCap domain name
The command prompt is displayed.
(gcap-cli)
To display the current name:
Enter the command
show network-config domain
- ValidateThe system displays the domain name
Current domain name: gatewatcher.com
To change the current name:
Enter the command
set network-config domain-name gatewatcher.com
Validate
Setting hostname/domain name to: - Hostname: gcap-int-129-dag - Domain name: gatewatcher.com Do you want to appl.. _proc9E:y this new configuration? (y/N)
Press the <y> button
Validate
Applying configuration... Procedure completed with success
To check the value modification:
Enter the following command
show network-config domain
- ValidateThe system displays the domain name
Current domain name: gatewatcher.com
G - Procedure to display or change the GCap name
The command prompt is displayed.
(gcap-cli)
To display the current name:
Enter the command
show network-config hostname
- ValidateThe system displays the interface the host name of the GCap
Current hostname: GCap-name
To change the current name:
Enter the command
set network-config hostname gcap-name
Validate
Setting hostname/domain name to: - Hostname: gcap-name - Domain name: gatewatcher.com Do you want to apply this new configuration? (y/N)
Press the <y> button
Validate
Applying configuration... Procedure completed with success
To check the value modification:
Enter the following command
show network-config hostname
The system displays the host name of the GCap.
Current hostname: GCap-name
H - Procedure to display or modify the interface used to manage the GCap in SSH
The command prompt is displayed.
(gcap-cli)
To display the current configuration:
Enter the command
show interfaces
- ValidateThe system displays the role of the different interface of GCap (
`management`for SSH connection management,`tunnel`for IPSec tunnel,`management-tunnel`for both )In the case of the single-interface configuration, the system displays:
In the case of the dual-interface configuration, the system displays:
To configure the
`enpXXXX`interface for SSH and the`enpYYYY`interface for IPSec :Enter the command
set interfaces assign-role enpXXXX management
Validate
Enter the command
set interfaces assign-role enpYYYY tunnel
Validate
Enter the command
Note
Replace in the following commands:
IP by its value
GATEWAY by its value
MASK by its value
set network-config management ip-address IP gateway GATEWAY mask MASK
Validate
Enter the command
set network-config tunnel ip-address IP gateway GATEWAY mask MASK
Validate
To configure the
`enpXXXX`interface for SSH and IPSec:Note
No other interface is not used.
- Enter the command
set interfaces assign-role enpXXXX management-tunnel
Validate
Enter the command
set network-config management ip-address IP gateway GATEWAY mask MASK
Validate
I - Procedure to display or change the MTU value
The command prompt is displayed.
(gcap-cli)
To display the current configuration of enabled interfaces:
Enter the command
show interfaces
- ValidateThe system displays the resultThe values are displayed for all enabled network interfaces.
To change the current configuration of enabled interfaces: e.g. to change the MTU value of the
`management`interface:Enter the command
set advanced-configuration mtu enp19s0 2000
- ValidateThe system displays the result
Updating Network MTU configuration to: - enp19s0: 2000
J - Procedure to display or modify the TCP/IP settings of a `management` and/or `tunnel` interface
The command prompt is displayed.
(gcap-cli)
To display the
`management`and`tunnel`interface configuration :Enter the command
show network-config management
Validate
{ "hostname": "GCap", "domain_name": "domain.local", "tunnel": { "ip_address": "192.168.1.1", "mask": "255.255.255.0", "default_gateway": "192.168.1.254", }, "management": { "ip_address": "192.168.1.1", "mask": "255.255.255.0", "default_gateway": "192.168.1.254", },
To change the configuration of the
`management`interface address :Enter the command
set network-config management ip-address IP gateway GATEWAY mask MASK conf
- ValidateThe system displays the
`management`interface configuration.Setting interface management to configuration : - IP Address: - Mask: - Gateway: Do you want to apply this new configuration? (y/N)
Press the <y> button
Validate