05 - Configure the first VM network

Owned by Arjen Visser
Last updated: Jun 07, 2015 by Miroslav Sivon (Deactivated)
12 min read

Log onto the VM through the VirtualBox console which will be shown when the VM has started. 

The username is root and the password is oracle

1. When logged onto the desktop, right click and click on "Open Terminal" to bring up the terminal.

2. In the terminal edit  /etc/sysconfig/network

vi /etc/sysconfig/network

and change to:

NETWORKING=yes
HOSTNAME=source

3. Edit /etc/hosts and add the following two hosts entries

# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1		localhost
::1				localhost
10.0.2.4       source-int source dbv01
10.0.2.5       target-int target dbv02

4. Network settings  - this step is divided between sub points "a" and "b". "a" i for Linux 7 onward and "b" is prior to LInux 7. It's based on new features which comes with Linux 7 version - the NetworkManager interface. Settings was changed a little bit.

a) Linux 7 onward

Right click on Network Manager icon on the top right hand corner, and click on "Wired ON", then Network Settings.

 

Click on icon marked by red circle:

 

Check your current gateway:

[root@localhost ~]# route -ne
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         10.0.2.2        0.0.0.0         UG        0 0          0 enp0s3
10.0.2.0        0.0.0.0         255.255.255.0   U         0 0          0 enp0s3

 

Select the IPV4 tab, change method from automatic (DHCP) to manual and set below values:

Address: 10.0.2.4

Netmask: 24

Gateway: 10.0.2.1

DNS Servers: 8.8.8.8

 

Check new ip settings by command ip ad (Changes will take effect after the VM restarts):

[root@localhost ~]# ip ad
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 08:00:27:eb:3b:9c brd ff:ff:ff:ff:ff:ff
    inet 10.0.2.4/24 brd 10.0.2.255 scope global enp0s3
    inet6 fe80::a00:27ff:feeb:3b9c/64 scope link 
       valid_lft forever preferred_lft forever

 

b) prior to Linux 7

Right click on the Network Manager icon on the top right hand corner, and click on "Edit Connections..."

Click on Auto eth1 and click on "Edit..."

Select the "IPv4 Settings" tab. Set the Method to "Manual" and add following details (click on "Add" to add the details):

Address: 10.0.2.4

Netmask: 24

Gateway: 10.0.2.1

DNS Servers: 8.8.8.8

Then click on Apply

View the network interface

ifconfig
eth1      Link encap:Ethernet  HWaddr 08:00:27:5B:82:6E  
          inet addr:10.0.2.4  Bcast:10.0.2.255  Mask:255.255.255.0
          inet6 addr: fe80::a00:27ff:fe5b:826e/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:12 errors:0 dropped:0 overruns:0 frame:0
          TX packets:24 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:9201 (8.9 KiB)  TX bytes:1775 (1.7 KiB)
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:282 errors:0 dropped:0 overruns:0 frame:0
          TX packets:282 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:17588 (17.1 KiB)  TX bytes:17588 (17.1 KiB)

There is only one network interface:

  • eth1 which is a fixed IP address. This is used to connect between the source and target servers and also to the Internet. This IP is 10.0.2.4.

5. Test if the network connection is working. Use Control-C to stop the ping.

ping www.dbvisit.com
PING dbvisit.com (67.222.54.241) 56(84) bytes of data.
64 bytes from 67-222-54-241.unifiedlayer.com (67.222.54.241): icmp_seq=1 ttl=47 time=190 ms
64 bytes from 67-222-54-241.unifiedlayer.com (67.222.54.241): icmp_seq=2 ttl=47 time=189 ms
64 bytes from 67-222-54-241.unifiedlayer.com (67.222.54.241): icmp_seq=3 ttl=47 time=192 ms
64 bytes from 67-222-54-241.unifiedlayer.com (67.222.54.241): icmp_seq=4 ttl=47 time=193 ms
^C
 

6. scp (secure copy) does not work because there is display output in ~oracle/.bashrc file. To fix this:

a. Edit .bashrc in the home directory of oracle

cd ~oracle
vi .bashrc

Put a # in front of the following line:

#cat /u01/oracle/Desktop/readme.txt

Save the .bashrc file and exit (:wq) 

7. Firewall exception  - this step is divided between sub points "a" and "b". "a" i for Linux 7 onward and "b" is prior to LInux 7. It's based on new features which comes with Linux 7 version - the Dynamic firewall. 

a) Linux 7 onward:

IPtables and Firewalld are disabled by default in downloaded VM, therefore this step could be skipped. However if you'd like to setup:

Download latest binaries: 

yum install -y firewalld firewall-config

Check the IPtables are inactive, enable and start the firewalld feature:

[root@localhost ~]# systemctl status iptables
iptables.service - IPv4 firewall with iptables
   Loaded: loaded (/usr/lib/systemd/system/iptables.service; disabled)
   Active: inactive (dead)
[root@localhost ~]# systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled)
   Active: inactive (dead)
[root@localhost ~]# systemctl start firewalld
[root@localhost ~]# systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled)
   Active: active (running) since Sun 2015-06-07 22:38:07 CEST; 3s ago
 Main PID: 3700 (firewalld)
   CGroup: /system.slice/firewalld.service
           └─3700 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid
[root@localhost ~]# systemctl enable firewalld
ln -s '/usr/lib/systemd/system/firewalld.service' '/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service'
ln -s '/usr/lib/systemd/system/firewalld.service' '/etc/systemd/system/basic.target.wants/firewalld.service'

 

add new ports' exceptions to firewalld and reload:

[root@localhost ~]# firewall-cmd --zone=public --add-port=1521/tcp --permanent
success
[root@localhost ~]# firewall-cmd --zone=public --add-port=7901/tcp --permanent
success
[root@localhost ~]# firewall-cmd --zone=public --add-port=7902/tcp --permanent
success
[root@localhost ~]# firewall-cmd --reload
success

 

b) prior to LInux 7:

Setup the firewall rules (iptables) and open up the ports for SQL*Net (1521) and for Dbvisit Replicate (7901, 7902).

vi /etc/sysconfig/iptables

a. Add the following entries.

-A INPUT -m state --state NEW -m tcp -p tcp --dport 1521 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 7901 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 7902 -j ACCEPT

The whole file should look like.

# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 1521 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 7901 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 7902 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

b. Save and quit the file (:wq!).

8. Restart the firewall (iptables).

service iptables restart

9. The output is.

iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Unloading modules:                               [  OK  ]
iptables: Applying firewall rules:                         [  OK  ]

10. Restart the whole VM.

shutdown -r now

8Log onto the VM through the VirtualBox console which will be shown when the VM has started. 

The username is root and the password is oracle

1. When logged onto the desktop, right click and click on "Open Terminal" to bring up the terminal.

2. In the terminal edit  /etc/sysconfig/network

vi /etc/sysconfig/network

and change to:

NETWORKING=yes
HOSTNAME=source

3. Edit /etc/hosts and add the following two hosts entries

# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1		localhost
::1				localhost
10.0.2.4       source-int source dbv01
10.0.2.5       target-int target dbv02

4. Network settings  - this step is divided between sub points "a" and "b". "a" i for Linux 7 onward and "b" is prior to LInux 7. It's based on new features which comes with Linux 7 version - the NetworkManager interface. Settings was changed a little bit.

a) Linux 7 onward

Right click on Network Manager icon on the top right hand corner, and click on "Wired ON", then Network Settings.

 

Click on icon marked by red circle:

 

Check your current gateway:

[root@localhost ~]# route -ne
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         10.0.2.2        0.0.0.0         UG        0 0          0 enp0s3
10.0.2.0        0.0.0.0         255.255.255.0   U         0 0          0 enp0s3

 

Select the IPV4 tab, change method from automatic (DHCP) to manual and set below values:

Address: 10.0.2.4

Netmask: 24

Gateway: 10.0.2.1

DNS Servers: 8.8.8.8

 

Check new ip settings by command ip ad:

[root@localhost ~]# ip ad
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 08:00:27:eb:3b:9c brd ff:ff:ff:ff:ff:ff
    inet 10.0.2.4/24 brd 10.0.2.255 scope global enp0s3
    inet6 fe80::a00:27ff:feeb:3b9c/64 scope link 
       valid_lft forever preferred_lft forever

 

b) prior to Linux 7

Right click on the Network Manager icon on the top right hand corner, and click on "Edit Connections..."

Click on Auto eth1 and click on "Edit..."

Select the "IPv4 Settings" tab. Set the Method to "Manual" and add following details (click on "Add" to add the details):

Address: 10.0.2.4

Netmask: 24

Gateway: 10.0.2.1

DNS Servers: 8.8.8.8

Then click on Apply

View the network interface

ifconfig
eth1      Link encap:Ethernet  HWaddr 08:00:27:5B:82:6E  
          inet addr:10.0.2.4  Bcast:10.0.2.255  Mask:255.255.255.0
          inet6 addr: fe80::a00:27ff:fe5b:826e/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:12 errors:0 dropped:0 overruns:0 frame:0
          TX packets:24 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:9201 (8.9 KiB)  TX bytes:1775 (1.7 KiB)
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:282 errors:0 dropped:0 overruns:0 frame:0
          TX packets:282 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:17588 (17.1 KiB)  TX bytes:17588 (17.1 KiB)

There is only one network interface:

  • eth1 which is a fixed IP address. This is used to connect between the source and target servers and also to the Internet. This IP is 10.0.2.4.

5. Test if the network connection is working. Use Control-C to stop the ping.

ping www.dbvisit.com
PING dbvisit.com (67.222.54.241) 56(84) bytes of data.
64 bytes from 67-222-54-241.unifiedlayer.com (67.222.54.241): icmp_seq=1 ttl=47 time=190 ms
64 bytes from 67-222-54-241.unifiedlayer.com (67.222.54.241): icmp_seq=2 ttl=47 time=189 ms
64 bytes from 67-222-54-241.unifiedlayer.com (67.222.54.241): icmp_seq=3 ttl=47 time=192 ms
64 bytes from 67-222-54-241.unifiedlayer.com (67.222.54.241): icmp_seq=4 ttl=47 time=193 ms
^C
 

6. scp (secure copy) does not work because there is display output in ~oracle/.bashrc file. To fix this:

a. Edit .bashrc in the home directory of oracle

cd ~oracle
vi .bashrc

Put a # in front of the following line:

#cat /u01/oracle/Desktop/readme.txt

Save the .bashrc file and exit (:wq) 

7. Firewall exception  - this step is divided between sub points "a" and "b". "a" i for Linux 7 onward and "b" is prior to LInux 7. It's based on new features which comes with Linux 7 version - the Dynamic firewall. 

a) Linux 7 onward:

IPtables and Firewalld are disabled by default in downloaded VM, therefore this step could be skipped. However if you'd like to setup firewalld:

yum install -y 

[root@localhost ~]# systemctl enable firewalld
ln -s '/usr/lib/systemd/system/firewalld.service' '/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service'
ln -s '/usr/lib/systemd/system/firewalld.service' '/etc/systemd/system/basic.target.wants/firewalld.service'

[root@localhost ~]# systemctl status iptables
iptables.service - IPv4 firewall with iptables
   Loaded: loaded (/usr/lib/systemd/system/iptables.service; disabled)
   Active: inactive (dead)
[root@localhost ~]# systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled)
   Active: inactive (dead)
[root@localhost ~]# systemctl start firewalld
[root@localhost ~]# systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled)
   Active: active (running) since Sun 2015-06-07 22:38:07 CEST; 3s ago
 Main PID: 3700 (firewalld)
   CGroup: /system.slice/firewalld.service
           └─3700 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid
[root@localhost ~]# systemctl enable firewalld
ln -s '/usr/lib/systemd/system/firewalld.service' '/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service'
ln -s '/usr/lib/systemd/system/firewalld.service' '/etc/systemd/system/basic.target.wants/firewalld.service'

 

b) prior to LInux 7:

Setup the firewall rules (iptables) and open up the ports for SQL*Net (1521) and for Dbvisit Replicate (7901, 7902).

vi /etc/sysconfig/iptables

a. Add the following entries.

-A INPUT -m state --state NEW -m tcp -p tcp --dport 1521 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 7901 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 7902 -j ACCEPT

The whole file should look like.

# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 1521 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 7901 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 7902 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

b. Save and quit the file (:wq!).

8. Restart the firewall (iptables).

service iptables restart

9. The output is.

iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Unloading modules:                               [  OK  ]
iptables: Applying firewall rules:                         [  OK  ]

10. Restart the whole VM.

shutdown -r now