H.1 Enabling A Secondary Network Interface For Audit Vault Server

Use this procedure to enable and configure a secondary network interface as an auxiliary access point to the appliance.

See Also:

Changing The IP Address On A Secondary Network Interface Card For Audit Vault Server to change the IP address of a secondary network interface card that has already been configured.

Note:

There can be multiple Secondary Network Interface cards on the Audit Vault.

Note:

Here is a description of the names, examples, and other terminology used in this document:

Terminology	Description
SECONDARY_NIC_N_AGENT	Agent ID or the IP.
SECONDARY_NIC_N_DB_PORT	Port ID.
SECONDARY_NIC_N_	A numerical value matching the ethN number of an existing NIC defined in the configuration.
agent_id	Agent name that is manually generated without the use of the UI.
Primary	AVS1 or Audit Vault Server 1
Secondary	AVS2 or Audit Vault Server 2

Follow this procedure:

1. Log in to the Audit Vault Server as root user.
2. Find a network interface that can be used. Execute the following command:
   grep NIC_MAPPING /usr/local/dbfw/etc/dbfw.conf

   The following output is displayed:

   # The NIC_MAPPING variable maps the ethernet (MAC) addresses to device names
   NIC_MAPPING="eth0/08:00:27:3a:b7:17,eth1/08:00:27:9e:f6:55,eth2/08:00:27:70:11:c8"

   Note:

   eth0 is always used for the default management interface. However, in the above example both eth1 and eth2 are available.

3. It is important at this point to check that the interface intended to be used has not been configured previously. Execute the following command by taking eth1 as an example:
   ifconfig eth1

   The following is the example output:

   eth1 Link encap:Ethernet HWaddr 08:00:27:9E:F6:55
   UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
   RX packets:928 errors:0 dropped:0 overruns:0 frame:0
   TX packets:571 errors:0 dropped:0 overruns:0 carrier:0
   collisions:0 txqueuelen:1000
   RX bytes:84409 (82.4 KiB) TX bytes:130699 (127.6 KiB)

4. Execute the following command to take a backup of the configuration file:
   cp /usr/local/dbfw/etc/dbfw.conf /usr/local/dbfw/etc/dbfw.conf.backup
5. Open the configuration file of the appliance using vi:
   vi /usr/local/dbfw/etc/dbfw.conf
6. Scroll down to the end of the file and add the following lines with the IP address and network mask for the new interface:

   # Enable an auxiliary network interface on eth1.
   SECONDARY_NIC_1_ADDRESS="<ip-address>"
   SECONDARY_NIC_1_NETMASK="<network-mask>"

7. Save the file and exit vi:

   :w [return]
   :q [return]

8. Alternately execute the following command:

   cat <<EOF >> /usr/local/dbfw/etc/dbfw.conf

   # Enable an auxiliary network interface on eth1.

   SECONDARY_NIC_1_ADDRESS=”<IP address>”

   SECONDARY_NIC_1_NETMASK=”<Network mask>”

   EOF

9. Execute the following command to apply the configuration changes by the network configuration application:
   /usr/local/dbfw/bin/priv/configure-networking

   The following output is displayed:

   Shutting down system logger: [ OK ]
   Starting system logger:
   Determining if ip address xxx.yyy.xy.zz is already in use for device eth1...

10. Execute the following command to check the status of the interface:

    ifconfig eth1

    NIC is online. The following output now confirms the correct IP address and network mask:

    eth1 Link encap:Ethernet HWaddr 08:00:27:9E:F6:55
    inet addr:xxx.yyy.xy.zz Bcast:xxx.yyy.xy.zz Mask:xxx.yyy.zzz.0
    UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
    RX packets:120 errors:0 dropped:0 overruns:0 frame:0
    TX packets:53 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:1000
    RX bytes:22890 (22.3 KiB) TX bytes:13892 (13.5 KiB)