Hello,

My intention is to configure the network settings of my UCS installation to correspond this article. I have the latest stable UCS and an additional subnet on the server.

At the beginning in the article, there is requirement to have pointopoint xx.yy.99.129 variable in the /etc/network/interfaces configuration file, but I am not able to get UCS to generate such a variable to the file. I already tried to create an UCR variable pointopoint with the correct value, but it didn’t appear in the /etc/network/interfaces file. As it is not supposed to edit the file directly in the case of UCS, how I can add the variable into the configuration file?

What about the other custom configurations mentioned in the article, e.g.

[quote]auto br64
iface br64 inet static
address 172.30.64.1
netmask 255.255.255.0
pre-up brctl addbr $IFACE
post-up route add -host xx.yy.240.64 $IFACE
post-down brctl delbr $IFACE[/quote]

How I can add the bolded custom configurations the UCS way?

Hey,

there are no UCR variables for the things you want to include in the interface configuration. However, you can create your own snippet of interface configuration and register it with the Univention template mechanism. That way the snippet will be copied verbatim into /etc/network/interfaces.

Here’s a terse guide how to do that:

Create a file in /etc/univention/templates/files/etc/network/interfaces.d, called e.g. 99-mybridge. Its content is the interface code you want copied into the resulting interfaces file.

Next create a file in /etc/univention/templates/info called something like my-custom-files. Its content should look like this:

Type: subfile Multifile: etc/network/interfaces Subfile: etc/network/interfaces.d/99-mybridge

Last execute “ucr commit /etc/network/interfaces”.

The first step creates a template snippet for Univention’s templating system. The second step registers that snippet so that it’ll get copied into the output file. The last step re-creates the interfaces file from the templates.

Now you can use that interface (well, you may need “ifup br64”, too).

Superb, it works just as it should. Danke schön, Moritz!

Gern geschehen

Hello again,

I faced (mostly) DHCP related problems while trying to finish up the setup.

[ol][li]The bridges created via the snippet are not available in UMC (System -> Network settings). Should I add the bridges to there, too?[/li]
[li]In UMC I have created a shared network object and attached policies to implement the parameters mentioned in the section “DHCP Server for Virtual Machines” of the article, and under the shared network object I have created as many shared subnet objects as I have IP addresses in the subnet received from the hosting company, each shared subnet object having a dedicated router policy. Is this the correct way of doing this?[/li]
[li]If I look at the file */etc/dhcp/dhcpd.conf I can’t find the parameters I have created via UMC in the shared network and shared subnet objects and their policies. To be sure I have restarted DHCP service, ran ucr commit and even rebooted the server. Also in CLI I have ran as root locate -i “dhcp” and locate -i “dhcpd” to try to find the files where the settings created in UMC are saved, without success.[/li]
[li]What is the equivalent file for the file /etc/default/dhcp3-server in UCS? To which file and/or how I can add the required parameter INTERFACES=“br64 br65 br66 br67 br68 br69 br70 br71 br72 br73 br74 br75 br76 br77 br78 br79”?[/li][/ol]

*) The content of the file /etc/dhcp/dhcpd.conf is following:

[code]# Warning: This file is auto-generated and might be overwritten by

univention-config-registry.

Please edit the following file(s) instead:

Warnung: Diese Datei wurde automatisch generiert und kann durch

univention-config-registry überschrieben werden.

Bitte bearbeiten Sie an Stelle dessen die folgende(n) Datei(en):

/etc/univention/templates/files/etc/dhcp/dhcpd.conf

include “/etc/dhcp/univention.conf”;
include “/etc/dhcp/local.conf”;

option ldap-servers code 128 = array of ip-address;
option ldap-base code 129 = string;

authoritative;

ldap-server “master.example.com”;
ldap-dhcp-server-cn “master”;
ldap-username “cn=master,cn=dc,cn=computers,dc=example,dc=com”;
ldap-password-file “/etc/machine.secret”;
ldap-port 7389;
ldap-base-dn “cn=dhcp,dc=example,dc=com”;
ldap-method dynamic;

ldap-debug-file “/var/log/dhcp-ldap-startup.log”;

dynamic DNS: with external name server only![/code]

and content of local.conf:

# This can be used to modify local DHCP configuration options

The file univention.conf has no content.

Hey,

as far as I understood how Univention’s dhcp server works there should be no configuration in univention.conf for the networks you’ve configured in the UMC. Instead the DHCP server queries the LDAP server directly and uses the information stored within. That’s why there’re all those “ldap*” settings in dhcpd.conf.

How this works: each server running the Univention DHCP server queries the ldap server’s “cn=dhcp,$base_dn” sub-tree looking for a “server”-type object with the same name as the server the DHCP process is running on. If none is found no DHCP is served.

If one is found then another LDAP request is sent retrieving all the declared subnets. For each subnet found the DHCP server compares the subnet from the LDAP with its own interfaces. If the server has an interface within the subnet the server serves DHCP on that subnet and interface.

The problem is likely that you’ve configured your interface by providing your own template snippet. Therefore the DHCP server knows nothing about it – I guess it only considers the interfaces defined via the config registry. I know I advocated using those template snippets, and I still think it’s the only way to achieve what you want without major headaches at the moment, but this means that you’ll have to configure DHCP for those subnets manually.

You can insert any manual configuration in /etc/dhcp/local.conf. That file isn’t managed by Univention and you’re free to insert your own subnet statements there.

I don’t know how to make the server listen on your interfaces, though…

Forgot to add the following:

The best way to have situations such as yours supported in the future would be to open a feature request for the missing settings so that they can be added to the config registry.