Changing the MAC address on a Guardium Appliance When the InfoSphere Guardium appliance is installed as a physical appliance, the Ethernet adapters are configured and saved on the appliance. An Ethernet adapter is uniquely identified by a MAC address, and this MAC address is included in the configuration. As the installer detects each Ethernet adapter, it assigns it a number starting from zero, and internally the Guardium appliance labels them as eth0, eth1, until all Ethernet adapters are labeled. By default, the Guardium appliance uses eth0 for S-TAP traffic, the Guardium GUI, communication with other Guardium appliances and other normal communication. In most cases, only eth0 needs to be connected to your network. There are some circumstances where you will need to reconfigure the Guardium appliance to use a different Ethernet adapter. This means you need to redefine the Ethernet adapter that is eth0. You may need to do this when: An Ethernet adapter has failed, and a new Ethernet adapter has been installed. You wish to use a faster Ethernet adapter than the one that was shipped with your Guardium appliance (for example, your Guardium appliance may have a 1 GB/s Ethernet adapter and you wish to use a 10 GB/s Ethernet adapter). to Change the MAC Address You will need pen and paper or equivalent to record existing values. 1. Login to the Guardium appliance using the CLI account. 2. Run the CLI command, show network macs. See example below. CLI>show network macs 08:00:27:30:48:F9 3. Record these values. You will need them later to see what was changed. You will have different values than the ones provided in this example. 1
If you are installing a new Ethernet adapter in a physical Guardium appliance, you will need: The password to the CLI account. The Ethernet adapter you wish to install. 1. Consult with your Guardium Administrator and Guardium System Administrator to ensure the Guardium appliance can be safely removed without interrupting critical business activities. You may need to ensure there is capacity for failover. If you are installing a new Ethernet adapter on a Central Manager, make sure a backup Central Manager is designated and configuration transferred so that all Guardium functionality is maintained during installation. 2. At the physical appliance's console or remotely, use the CLI account to run the CLI command, stop system. The Guardium appliance will ask you to confirm the shutdown, and indicate that you do wish to shut down the system with Y, then press the enter key. 3. Wait until the Guardium appliance has safely powered down. 4. Disconnect power cable, network cable and other attached peripherals and move the physical Guardium appliance to a reasonable workspace. Note which physical Ethernet adapter the cable was connected to. 5. Remove the system covers. 6. Identify the expansion slot where the Ethernet adapter fits. You will have to do this by inspection of the Guardium appliance's internals. 7. Install the card and secure it if needed. 8. Replace the system covers. 9. Install the server back where it originated. 10. Attach the network cable to the OLD Ethernet adapter that the network cable was just attached to. This allows for remote configuration if needed as the Ethernet configuration has still not been changed. 11. Install power cable and peripherals back to how they were. 12. Turn Guardium appliance back on. 13. Proceed with configuration through local console. 2
Guardium Appliance MAC address change procedure You will need: The Guardium appliance CLI account password. Pen and paper or equivalent to record existing values. The results of the CLI command, show network macs, that was run before you began. 1. Login to the Guardium appliance using the CLI account using your password. 2. Run the CLI command, show network macs, and record the MAC address for eth0 and the new Ethernet adapter. You can identify the new Ethernet adapter by comparing the results of this command to the list of MAC address recorded earlier. You will need to record the new MAC address. CLI> show network macs 08:00:27:22:4B:9C 3. The MAC addresses are mapped to each Ethernet adapter that was labeled eth0, eth1, and so on. You use the CLI command, store network interface map, to indicate that you want to change this mapping, and CLI command, store network interface remap, to commit these changes. The new Ethernet adapter is currently mapped to ethx, where X is a number shown by CLI command, show network macs. Using the ethx and the associated MAC address use the CLI command, store network interface map. An example follows. CLI> store network interface map eth2 Mapping eth2 -> Mapping changed. When done, commit the remap to complete the process. 3
NOTE: You cannot have two Ethernet adapters labeled as eth0. Use CLI command, store network interface map, to change the current eth0 to ethx: CLI> store network interface map eth0 Mapping eth0 -> Mapping changed. When done, commit the remap to complete the process. 4. These changes have not taken effect yet, and must be committed to the Guardium appliance. Run the CLI command, store network interface remap, to commit the change. When prompted, type Yes and then enter to complete the commit. Your numbers will be different than the example. CLI> store network interface remap About to remap the network cards to the following configuration: eth0 eth1 08:00:27:22:4b:9c eth2 eth3 08:00:27:45:fe:85 Do you want to remap the network cards to the new order.(yes/no) Yes 5. Now use the CLI command, show network macs, to see if the change has been committed successfully. You do not need to use the CLI command, restart network. Your numbers will be different. CLI> show network macs 08:00:27:22:4B:9C 4
Move the Network Cable Now that we have confirmed with the CLI command, show network macs, that the MAC address has been changed you may now move the network cable from the old Ethernet adapter to the newly installed Ethernet adapter. You have now changed the MAC address on a Guardium appliance. Summary After adding the network card: 1. Run the CLI command, show network macs, to list the Ethernet adapters and mapped MAC addresses. 2. Run the CLI command, store network interface map, twice for each Ethernet adapter: Map ethx to eth0 Map eth0 to ethx 3. Run the CLI command, store network interface remap. 4. Run the CLI command, show network macs, to see if the Ethernet adapters have been remapped. 5. Once you have confirmed the Ethernet adapters have been remapped, switch the network cable to the new Ethernet adapter. = = = = = 5