We needed to be able to mount the delusion:/nfs/home file system on the GLADE 2 nodes we were installing here at the ML. Since the internal IP addresses being configured on the interfaces are the same as those that are in production, we needed to create an IP tunnel between blizzard and delusion to carry the traffic, and two additional private subnets for the glade-int and picnic-int VLANs in the lab.
delusion mods ------------- On the fly ---------- ip tun add iolabtun mode gre local 128.117.183.101 remote 128.117.222.10 key 12.43.56.87 ip a a dev iolabtun 10.0.61.2 peer 10.0.61.1/32 ip link set dev iolabtun up ip r a 10.0.59.0/24 via 10.0.61.1 ip r a 10.0.60.0/24 via 10.0.61.1 Permanent --------- [root@delusion network-scripts]# cat ifcfg-iolabtun TYPE=GRE DEVICE=iolabtun NAME=iolabtun BOOTPROTO=none DEFROUTE=no PEERROUTES=no IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=no IPV6_PEERDNS=no IPV6_PEERROUTES=no IPV6_FAILURE_FATAL=no ONBOOT=yes MY_OUTER_IPADDR=128.117.183.101 PEER_OUTER_IPADDR=128.117.222.10 MY_INNER_IPADDR=10.0.61.2 PEER_INNER_IPADDR=10.0.61.1 KEY=12.43.56.87 MTU=8972 [root@delusion network-scripts]# cat route-iolabtun ADDRESS0=10.0.59.0 NETMASK0=255.255.255.0 GATEWAY0=10.0.61.1 ADDRESS1=10.0.60.0 NETMASK1=255.255.255.0 GATEWAY1=10.0.61.1 [root@delusion network-scripts]# grep '10\.0\.' /etc/exports /nfs/home 10.0.59.0/24(rw,no_root_squash) /nfs/home 10.0.60.0/24(rw,no_root_squash) blizzard mods ------------- On the fly ---------- ip tun add iolabtun mode gre remote 128.117.183.101 local 128.117.222.10 key 12.43.56.87 ip a a dev iolabtun 10.0.61.1 peer 10.0.61.2/32 ip link set dev iolabtun up ip a a 10.0.59.254/24 dev enp2s0f0.143 ip a a 10.0.60.254/24 dev enp2s0f0.146 firewall-cmd --zone=trusted --add-source=128.117.183.101/32 firewall-cmd --zone=trusted --add-source 10.0.59.0/24 firewall-cmd --zone=trusted --add-source 10.0.60.0/24 firewall-cmd --zone=trusted --add-source 10.0.61.0/30 Permanent --------- firewall-cmd --permanent --zone=trusted --add-source=128.117.183.101/32 firewall-cmd --permanent --zone=trusted --add-source 10.0.59.0/24 firewall-cmd --permanent --zone=trusted --add-source 10.0.60.0/24 firewall-cmd --permanent --zone=trusted --add-source 10.0.61.0/30 [root@blizzard network-scripts]# cat ifcfg-iolabtun TYPE=GRE DEVICE=iolabtun NAME=iolabtun BOOTPROTO=none DEFROUTE=no PEERROUTES=no IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=no IPV6_PEERDNS=no IPV6_PEERROUTES=no IPV6_FAILURE_FATAL=no ONBOOT=yes MY_OUTER_IPADDR=128.117.222.10 PEER_OUTER_IPADDR=128.117.183.101 MY_INNER_IPADDR=10.0.61.1 PEER_INNER_IPADDR=10.0.61.2 KEY=12.43.56.87 MTU=8972 ZONE=trusted [root@blizzard network-scripts]# cat ifcfg-vlan-enp2s0f0.143 VLAN=yes TYPE=Vlan DEVICE=enp2s0f0.143 PHYSDEV=enp2s0f0 VLAN_ID=143 REORDER_HDR=0 BOOTPROTO=none DEFROUTE=no PEERROUTES=no IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=no IPV6_PEERDNS=no IPV6_PEERROUTES=no IPV6_FAILURE_FATAL=no NAME=vlan-enp2s0f0.143 UUID=56f2ba5a-71c1-4e81-add5-cbd761c488dd ONBOOT=yes IPADDR0="10.11.143.254" PREFIX0="24" NM_CONTROLLED=no PEERDNS=no IPADDR1="10.0.59.254" PREFIX1="24" [root@blizzard network-scripts]# cat ifcfg-vlan-enp2s0f0.146 VLAN=yes TYPE=Vlan DEVICE=enp2s0f0.146 PHYSDEV=enp2s0f0 VLAN_ID=146 REORDER_HDR=0 BOOTPROTO=none DEFROUTE=no PEERROUTES=no IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=no IPV6_PEERDNS=no IPV6_PEERROUTES=no IPV6_FAILURE_FATAL=no NAME=vlan-enp2s0f0.146 UUID=40a59468-3afc-4a11-b73e-58999047db41 ONBOOT=yes IPADDR0="10.11.146.15" PREFIX0="27" NM_CONTROLLED=no PEERDNS=no IPADDR1="10.0.60.254" PREFIX1="24" glade-int NFS client -------------------- On the fly ---------- ip a a 10.0.59.x/24 dev enp3s0.143 ip r a 10.0.61.0/30 via 10.11.59.254 mtu mount from 10.0.61.2 Permanent --------- [root@dasgmgt1 network-scripts]# cat ifcfg-enp3s0.143 TYPE=Ethernet BOOTPROTO=static DEFROUTE=yes PEERDNS=no PEERROUTES=no IPV4_FAILURE_FATAL=yes IPV6INIT=no IPV6_AUTOCONF=no IPV6_DEFROUTE=no IPV6_PEERDNS=no IPV6_PEERROUTES=no IPV6_FAILURE_FATAL=no NAME=enp3s0.143 DEVICE=enp3s0.143 ONBOOT=yes IPADDR0=10.11.143.250 NETMASK0=255.255.255.0 GATEWAY=10.11.143.254 NM_CONTROLLED=no VLAN=yes TYPE=Vlan VLAN_ID=143 IPADDR1=10.0.59.1 NETMASK1=255.255.255.0 [root@dasgmgt1 network-scripts]# cat route-enp3s0.143 10.0.61.0/30 via 10.0.59.254 src 10.0.59.x picnic-int NFS client -------------------- On the fly ---------- ip a a 10.0.60.x/24 dev eno1 ip r a 10.0.61.0/30 via 10.0.60.254 src 10.0.60.x mount from 10.0.61.2 Permanent --------- [root@picnicmgt1 network-scripts]# cat ifcfg-eno1 # Generated by dracut initrd NAME="eno1" DEVICE="eno1" ONBOOT=yes NETBOOT=no UUID="965b5987-7d26-4f38-aa92-b48e811b4121" IPV6INIT=yes BOOTPROTO=static TYPE=Ethernet IPADDR0=10.11.146.11 NETMASK=255.255.255.224 GATEWAY=10.11.146.15 NM_CONTROLLED=no IPADDR1=10.0.60.1 NETMASK1=255.255.255.0 [root@picnicmgt1 network-scripts]# cat route-eno1 10.0.61.0/30 via 10.0.60.254 src 10.0.60.x