Page Comparison

...

• Create a cloud instance in which the Charon host system runs.
• Add two NICs to the Charon host system. One for the Charon host and one for the guest system.
• Configure the appropriate access rules for instance and NICs.
• One NIC is dedicated to the Charon host, one to the guest system. Configure a private and public IP address for the NIC used by the Charon host. Configure a private IP address for the NIC used by the guest system (and optionally a public IP address - not recommended).
• On the Charon host (Linux level), remove the private IP address from the NIC dedicated to the guest system if it was automatically configured and ensure that the interface will be enabled when the system starts.
• Assign the appropriate NIC to the guest system.
• Configure the guest system MAC address to be the same as the one of the NIC selected for the guest.
• After booting the guest system, configure the private IP originally assigned assigned by the cloud provider to the guest NIC by dedicated to the cloud provider guest as the IP address of the guest Ethernet interface.
• Set the default route of the guest system to the default gateway or VPN gateway of the LAN.

...

• The example assumes that the host operating system is a RHEL version 7 or 8 compatible Linux system. If you use a different host operating system version, you must adapt the example accordingly.
• As explained for For AWS, remember that any automatically assigned public IP addresses will be removed by the cloud provider once the instance is restarted with a second NIC. Hence, on AWS Elastic IP addresses must be used as public IP addresses.
• For Google cloud, note the following:
  
  • The default is that all interfaces are configured with IP addresses automatically by GCP services on the Linux host. Please refer to the Network Management section in the respective Getting Started guide for information on how to disable this automatic configuration.
  • Some base images used to create a Charon host instance may be configured to use /32 netmasks for additional interfaces, and only ARP requests for the default gateway are answered by Google. This can cause communication problems between the legacy guest system (e.g., Solaris) and other instances on the same subnet (ARP requests are not answered). The workaround is to use static ARP entries on the legacy guest system. Please refer to the Getting Started guide for more information. Current images provided by Stromasys use /24 netmasks, so this point does not apply to them.
• The interface names used in this example (eth0 and eth1) may be different on your system. Please verify the names on your system and refer your cloud provider's documentation for more detail. Make sure you use the correct names!
• The example uses only a private address for the dedicated interface. If a public address is required, the basic steps for making the interface available to the guest system are the same.

...

• The sample configuration assumes a CentOS 7 system and that the interface is configured outside the control of the NetworkManager.
• Should the NetworkManager be active, the plugin ifcfg-rh must be enabled in section main of the NetworkManager configuration file /etc/NetworkManager/NetworkManager.conf. It enables the NetworkManager to read and write ifcfg-files.
• After the initial creation of the ifcfg-file, the interface can be managed by the Charon-SSP Manager.
• For the full feature-set of the file-based network configuration, the network-scripts package is required.

To make the second interface usable for the Charon guest system, perform the following steps:

1. Add a second interface to your instance as described in the cloud-specific Getting Started guide and your cloud provider's documentation.
   
   
2. Log into the instance and become the root user (use: sudo -i)
   
   
3. Identify the names of the two Ethernet interfaces:
   # ip link show
   
   
4. Create an interface configuration file for the second interface.
   1. A file for the first interface may exist depending on the default of the cloud environment. In this case, you can copy  Example (use correct interface name for your configuration):
      # cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-eth1


   2. If there is no file that can be copied, you must create the ifcfg-file for the new interface manually.
      
      
5. Edit this file to match the characteristics of eth1 (use correct interface name for your configuration). The private IP address used for this interface will be assigned to the guest system. Therefore, configure the Linux Interface without IP address, similar to the example below.
   
   BOOTPROTO=none
DEVICE=eth1
NAME=eth1
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
NM_CONTROLLED=no 
   
   Please note:
   On some cloud platforms, the automatic cloud-specific configuration prevents the entries in the ifcfg-file to take effect (for example on GCP). Please refer to your cloud-provider's documentation and the Network Management section in the Getting Started Guide of your version for additional information.       


6. Restart the network:
   # systemctl restart network
Please note: Should there be an error when executing this command, kill the DHCP client process and retry the command.

NetworkManager-based Configuration Examples

...

Step 2: Add the Dedicated NIC to the Emulator Configuration

Please refer to the documentation of your Charon emulator product for information on how to adapt the emulator configuration. The basic steps to be performed are the following:

• For Charon-SSP: start the Charon Manager and open the configuration window for the emulated system.
• For other emulator products: open the configuration file with a text editor.
• Configure the emulated system with the dedicated Ethernet interface as its interface.
• Set the MAC address to the same value as used by the host interface (the value assigned by your cloud provider).
• Save your configuration.

Step 3: Configure the Guest system to Use the Private Cloud IP Address

Please refer to the documentation of your guest operating system for detailed information on how to configure networking on your guest system. Below is a basic example for Solaris.

Solaris Example

Using the steps below, the Solaris guest system is configured to use the second NIC configured on the host system (please refer to your Solaris documentation for configuration details).

...