...
Copy the team members SSH public keys and disable SSH password auth:
Code Block language bash theme RDark cat > authorized_keys << __EOF ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjD/+BIg4c28lHlHw464vbfUYjfDJ1sSKgrEYcMkL+qO6LagkDAWkWdelmAmpcUJlOPYjxDwmKj8Bu6/fd+WfVzk6y33YVmAFN4jAmv/87dYCNuAMr4gDWc3cU5lsNdpsPzQqGUCFfJCvldyUZeu21YZ2rkYB1+Q9VObUSaa5Z74sKNYQJi0AgnZh63cYOyqVDCwIloWd2FzC+4o04cVL3P1R+COGRq1EUUmy5LSI9rsCO59mLCt8Wm4h5OiY84nEbQVZUH3QyYw/ihmGm2qtklkbNMPOPZ7+8ZN5+of4u/7bpEiZk3FcMh7lYwi6dMyUzwv47Il633JP6GDgOxuCH Daniel Balsiger SSH ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDH8lM+qleGIvXI3wgqIp73pKZwwxKfr9BDCdoVP3/zWRQ/7zpw98nvx7gqfVLlt+P2TjxHbSJqGrSECSmKFCHsYzuA+khmg/aca/IQa2FYFpUR1sT4czWQC14PiGGIoSbMukeUZvddZwZlalNZmOKjzY1Flz3w7+W+XHyFuwy6qfaIt1hIBKkqTUxECYq0O6OkdK6gzouKuAY/4AM+VvcIkdHMm9x3LCXWBAH24QzCG/IzydqXfi4FkVtmGJv2AgEMyR0seSoU3drCXvpY91WjXT8i6m7EMB739hw0V32UaqslY3qHtuNTGake5JFWJn9zYF6lZwGXpU94Bw7YjQL1 Michail Salichos SSH ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCRxCsboa1ERMgiJCP2iA8Zcm2LuAOALQHIZIQEvbcwMifdeXMTawC0tDnU6qy35q+cr5W3+4HJDyBLSAKmDosZepm1a/27cRlgXK/vtkxM5UlDk+lZsF/YGXBzZvWepM4XhozzCMNfvWWxkz5SnEl/ZYfdN2H5psXReNTgBX33ax2cI+aOBZxsX2Y0FYBuqlJFT7htgblGjHLq43nL/cF9w9cXkMv+mPUQJN4wNf1HU5JBjX6sKl6Y3IIPxEVGFohu8c9tDHa8JoWxIzKZz3z9Zd8KkfTTsRtXh3MH7mMRZkVTgHHVU3NA4/psEVMJHFtXI6R/laOv8Lpytdky7tkv taapeda0@UM01183 __EOF mkdir .ssh chmod 0700 .ssh cp authorized_keys .ssh # copy not move (selinux) chmod 0600 .ssh/authorized_keys rm -f authorized_keys sed -e 's|^PasswordAuthentication yes|PasswordAuthentication no|' -i /etc/ssh/sshd_config systemctl restart sshd
Disable NetworkManager, Firewalld and Postfix services, enable legacy networking:
Code Block language bash theme RDark systemctl disable NetworkManager systemctl stop NetworkManager systemctl disable firewalld systemctl stop firewalld systemctl disable postfix systemctl stop postfix systemctl enable network systemctl start network
Create Network Interface Configuration Files in /etc/sysconfig/network-scripts/ :
ifcfg-bridge:
Code Block language bash theme RDark DEVICE=bride TYPE=Bridge MTU=1400 ONBOOT=yes BOOTPROTO=none IPV6INIT=no IPV6_AUTOCONF=no
ifcfg-nic1 (facing OLT):
Code Block language bash theme RDark DEVICE=nic1 TYPE=Ethernet MTU=1400 ONBOOT=yes BOOTPROTO=none IPV6INIT=no IPV6_AUTOCONF=no BRIDGE=bridge
ifcfg-nic2 (in external network, facing vBNG):
Code Block language bash theme RDark DEVICE=nic2 TYPE=Ethernet MTU=1450 ONBOOT=yes BOOTPROTO=none IPV6INIT=no IPV6_AUTOCONF=no IPADDR=172.30.0.252 PREFIX=24 DEFROUTE=yes GATEWAY=172.30.0.1 DNS1=8.8.8.8 DNS2=8.8.4.4
Create VxLAN Tunnel Interface on bridge creation:
Code Block language bash theme RDark cat > /sbin/ifup-local << __EOF #!/bin/sh if [[ "\$1" == "bridge" ]] then ip link add vxlan0 type vxlan id 88888 local 172.30.0.252 remote 172.30.0.121 dstport 4789 dev nic2 ip li set up dev vxlan0 ip link set master bridge dev vxlan0 fi __EOF chmod 755 /sbin/ifup-local restorecon -Fv /sbin/ifup-local
Once those files are in place the configuration is reboot persistent. To have a sane state, please reboot the box once, after having created those files.