Changing subnet in Debian Edu / Skolelinux
Note that for Debian Edu Squeeze, a script /usr/share/debian-edu-config/tools/subnet-change is provided to do this change automatically just after installation.
Some times it is necessary to make a Skolelinux installation in a network with a fixed ip-structure. The default installation does a lot of preset choices for the network. So you have to make changes in quite a few files to get the installation to work as you would like, and at the same time get the machines to behave as wanted.
NB: The simplest solution is often to set up a router/firewall in front of the Skolelinux network. Set the firewall to NAT to the IP on the outside and let your fine Skolelinux network be left peacefully behind the firewall.
Most services and setup in Debian Edu is done using dynamically allocated IP information provided by DHCP or DNS. This is done to make it as easy as possible to change the hard coded IP subnet used. The IP subnet is hard coded to make it possible to get everything working out of the box when set up as intended, because some services do not support dynamically assigned IP information. To change the subnet, these services need to be reconfigured. This document contain instructions on how to locate them and how to change them.
NB! This is intended as help and a useful tool. If you follow the document and something breaks, I will not take any responsibility. Everything you do is at your own responsibility, but you can keep all the broken parts if anything breaks.
All configuration files with hard coded IP addresses are located in /etc/ on the individual machines. Only main-server and thin-client-server profiles contain services with hard coded IP information out of the box. To locate all files needing change, a search in /etc/ and /opt/ltsp/ is a good start:
grep -r "10\.0\." /etc/ grep -r "10\.0\." /opt/ltsp
In the etch version of Debian Edu, these files need to be modified:
If you do this on lenny, please check this list and remove this comment. Thank you!
/etc/network/interfaces /etc/powerdns/pdns.d/pdns-debian-edu-if.conf /etc/hostname /etc/hosts /etc/exports /etc/cups/cupd.conf LDAP must be changed -> ldapvi
Use a dummy interface for testing thin-clients
Another approach is use eth0 with your LANs network settings and use (in the case of the mainserver) 10.0.2.2 on a dummy interface:
To set up a dummy network dummy0 with an IP-address of 10.0.2.2 run this command as root:
ifconfig eth0 dummy0 netmask 255.255.255.255
To make it permanent add the following lines to /etc/network/interfaces
auto dummy0 address 10.0.2.2 netmask 255.255.255.255
If you need to use the dns-server given by the dhcp-server on your network (inaddition to the locally on the main-server), you need to edit /etc/bind/debian-edu/named-bind9.conf, to include /var/run/bind/named.options instead of the default /etc/bin/debian-edu/named.conf.options.
This setup is mostly used for setting up a test-server for using thin clients. If you want to include workstations into your testnet, you really should set up a full Debian Edu test-network with a dedicated firewall etc. Or you need to change your DNS-server, so that the needed hostnames resolves to your mains-server.
Change IP on Lenny
If you are using subnet 10.100.32/23
Files to change in /etc /etc/ldap/dns_ranges.ldif Use the vim editor vi /etc/ldap/dns_range.ldif then:
:%s/2.0.10/32.100.10/g :%s/3.0.10/33.100.10/g :%s/dc=3,dc=0,dc=10/dc=33,dc=100,dc=10/g :%s/dc=2,dc=0,dc=10/dc=32,dc=100,dc=10/g
:%s/10.0.2/10.100.32/g :%s/10.0.3/10.100.33/g if you are using 24 bit network you have to change dhcpNetMask to 24
:%s/dc=2,dc=0,dc=10/dc=32,dc=100,dc=10/g :%s/dc=0,dc=10/dc=100,dc=10/g :%s/0.10.in-addr.arpa/100.10.in-addr.arpa/g :%s/2.100.10.in-addr.arpa/32.100.10.in-addr.arpa/g :%s/dc=3,dc=100,dc=10/dc=33,dc=100,dc=10/g :%s/3.100.10.in-addr.arpa/33.100.10.in-addr.arpa/g Remember to change line 5 from 2 to 32 dn: dc=32,dc=100,dc=10,dc=in-addr,dc=arpa,ou=hosts,dc=skole,dc=skolelinux,dc=no objectclass: top objectclass: dnsdomain2 objectclass: domainrelatedobject ""dc: 32"" associateddomain: 32.100.10.in-addr.arpa
address 10.0.2.2 to address 10.100.32.2 broadcast 10.0.2.255 to broadcast 10.100.33.255 gateway 10.0.32.1 to gateway 10.100.32.1
10.0.2.2 to 10.100.32.2
syslog: 10.0.2. to 10.100.32. syslog: 10.0.3. to 10.100.33. in.tftpd: 10.0.2. to 10.100.32. in.tftpd: 10.0.3. to 10.100.33. portmap: 10.0.2. to 10.100.32. portmap: 10.0.3. to 10.100.33.
/opt/ltsp/i386 10.0.2.0/255.255.254.0 to /opt/ltsp/i386 10.100.32.0/255.255.254.0
vi /etc/powerdns/pdns.d/pdns-debian-edu.conf and /etc/powerdns/pdns.d/pdns-debian-edu-if.conf
allow-recursion=10.0.2.0/23 to allow-recursion=10.100.32.0/23 and 10.0.2.2 to 10.100.32.2 in pdns-debian-edu-if.conf
Then, take a backup of ldap datbase, genereate a new LDAP database, and make a new ssl certificate
cd /root/ mkdir ldap-backup /etc/init.d/nscd stop /etc/init.d/slapd stop slapcat > ldap-backup.ldif mv /var/lib/ldap/* ldap-backup/ /usr/bin/ldap-debian-edu-install chown openldap:openldap /var/lib/ldap/* # Really needed? If so, there is a bug in ldap-debian-edu-install /etc/init.d/slapd start /etc/init.d/nscd start for a in hosts passwd group services; do nscd -i $a; done /etc/init.d/fetch-ldap-cert start
Remember to run samba-debian-edu-admin to get samba to work.
Changes needed to get diskless clients to work. Edit /opt/ltsp/i386/etc/resolvconf/run/resolv.conf Edit /opt/ltsp/i386/etc/resolvconf/resolv.conf.d/original edit /opt/ltsp/i386/etc/resolv.conf change this ip from 10.0.2.2 to 10.100.32.2 Known problem: After changing to new ip addres, the nameserver under resolv.conf in chroot change back to nameserver 127.0.0.1 everytime you reboote server, and diskless stop working untill you manually change it back to the ip it should be. To fix this problem you have to add $SERVER to trunk/src/debian-edu-config/share/debian-edu-config/default-ltsp-client-setup Go to: https://init.linpro.no/pipermail/skolelinux.no/commits/2010-June/105499.html to read more about this problem