Setting up a private network for migrated Cloud Servers (AlmaLinux 8, AlmaLinux 9, and Rocky Linux 9)
Please use the “Print” function at the bottom of the page to create a PDF.
For migrated Cloud Servers
This article shows you how to configure the private network settings for migrated Cloud Servers with AlmaLinux 8, AlmaLinux 9, and Rocky Linux 9.
In a private network, the servers communicate via local IPs that are not routed on the Internet. To be able to use a server in a private network, you must first assign the server in the Cloud Panel to the desired private network. As soon as the server has been assigned to the desired private network, an additional, unconfigured network interface is available on it. You must configure this network interface on the server.
Requirements
- You have created a private network.
- You have assigned the desired server to the private network in the Cloud Panel.
- You have logged in to the server as an administrator.
- You have noted the IPv4 and IPv6 addresses of the server.
Note
Instructions on how to establish an encrypted connection to your server are listed in the following articles:
Establishing an SSH connection to your Linux server on a computer with Microsoft Windows
Establishing an SSH connection to your Linux server on a Linux computer
How to configure the network interface to set up a private network:
Determine network interface
Determine the name of the network interface. To do this, enter the following command:
[root@localhost ~]# ip addr
Example:
[root@localhost ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 02:01:17:05:84:c3 brd ff:ff:ff:ff:ff:ff:ff
altname enp0s6
altname ens6
inet 212.227.52.44/32 scope global dynamic noprefixroute eth0
valid_lft 336sec preferred_lft 336sec
inet6 2a02:2479:7:e02::1/128 scope global dynamic noprefixroute
valid_lft 3502sec preferred_lft 2502sec
inet6 2a02:2479:7:e02::/128 scope global dynamic noprefixroute
valid_lft 3502sec preferred_lft 2502sec
inet6 fe80::1:17ff:fe05:84c3/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 02:01:25:89:74:09 brd ff:ff:ff:ff:ff:ff:ff
altname enp0s7
altname ens7
inet 10.7.226.14/24 brd 10.7.226.255 scope global dynamic noprefixroute eth1
valid_lft 336sec preferred_lft 336sec
inet6 fe80::3c93:6082:3160:cb40/64 scope link noprefixroute
valid_lft forever preferred_lft forever
In this example, the name of the unconfigured network interface for the private network is eth1.
Show DNS server
To display the DNS servers used, enter the following command:
[root@localhost ~]# cat /etc/resolv.conf
The DNS servers used are then displayed in the nameserver entry. Example:
[root@localhost ~]# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 212.227.123.16
nameserver 212.227.123.17- Make a note of the DNS servers.
Configuring the network interface
Use the vi editor to create the file /etc/sysconfig/network-scripts/ifcfg-eth1. To do this, enter the following command:
[root@localhost ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth1
Note
The vi editor has an insert mode and a command mode. You can call up insert mode with the [i] key. In this mode, the characters entered are immediately inserted into the text. To call up command mode, press [ESC]. If you use command mode, your keyboard input is interpreted as a command.
To be able to use a server in a private network, it's necessary to manually configure the network interface and assign a unique IP address to it. This IP address will enable communication with the server within the private network. This IP address cannot be routed to public networks. To configure the desired static IP address, add the following information:
TYPE=Ethernet
BOOTPROTO=none
NAME=NETWORK_INTERFACE_OF_THE_PRIVATE_NETWORK
DEVICE=NETWORK_INTERFACE_OF_THE_PRIVATE_NETWORK
ONBOOT=yes
IPADDR=IP-ADDRESS_OF_THE_SERVER_IN_THE_PRIVATE_NETWORK
PREFIX=24
GATEWAY=GATEWAY_OF_THE_PRIVATE_NETWORK
DNS1=IP-ADDRESS_OF_NAMESERVER_1
DNS2=IP-ADDRESS_OF_NAMESERVER_2Example:
TYPE=Ethernet
BOOTPROTO=none
NAME=eth1
DEVICE=eth1
ONBOOT=yes
IPADDR=192.168.1.2
PREFIX=24
GATEWAY=192.168.1.1
DNS1=212.227.123.16
DNS2=212.227.123.17- Press the [ESC] key to exit the input mode.
- To exit vi and save the file, enter the command :wq and then press Enter.
To restart the network interface for the private network, enter the following commands:
[root@localhost ~]# nmcli connection reload
[root@localhost ~]# nmcli connection up eth1
Check network configuration
To check whether the desired IPv4 and IPv6 addresses have been configured correctly, enter the following command:
root@debian:~# ip addr show
To check whether the network interface for the private network has been configured correctly, send a ping to the IP address of another server that is assigned to the private network. Example:
root@localhost:~# ping -c 1 192.168.1.3
PING 192.168.2.1 (192.168.2.2) 56(84) bytes of data.
64 bytes from 192.168.2.2: icmp_seq=1 ttl=64 time=0.176 ms
64 bytes from 192.168.2.2: icmp_seq=2 ttl=64 time=0.151 ms
64 bytes from 192.168.2.2: icmp_seq=3 ttl=64 time=0.170 ms
--- 192.168.1.3 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2050ms
rtt min/avg/max/mdev = 0.151/0.165/0.176/0.018 ms
If the data packets are received by the server, the network interface has been properly configured for the private network.
Note
If the server is no longer accessible due to a configuration error, you can log in to the server using the remote console and correct the configuration. You can find instructions on how to do this in the following article: