OVH Community, your new community space.

Disable public IP in Infrastructure servers

marks

07-04-2015, 11:06

yes, as alvaroag says, it doesn't sound like a good idea to disable the primary interface with the public IP. even if you don't use it, you can secure it and lock it up with a firewall to make it super secure, and obviously, not running essential services on that IP.

apart from that, I suppose it is possible to disable the eth0 under Linux. From OVH's point of view, You'll be required to disable the monitoring system too, as our systems rely on the main IP to see if the server. If you disable that and the server goes down, our engineers won't be able to tell nor intervene, so in this case, you would need to let them know. That's the downside of disabling the monitoring system, but if you're aware of that, it's prefectly alright to do so.

Let us know if you need more help.

cjonash

07-04-2015, 02:08

Thanks for the reply!

It is some kind of Linux version (it is FreeNAS I am using).
I do not want to use the IP on another server, and I also dont need any alternative access since I have the KVM access if that is needed.

One reason I wanted to disable the NIC is that I have had some issues with FreeNAS when there has been dual NIC's installed. I would prefer to disable it in such a way that the OS does not see it at all, if that is possible?

alvaroag

07-04-2015, 01:18

On Windows, you may just disable the interface. On "Network adapters", right click your interface, and click "Disable".

On Linux, the exact configuration may depend on what distro you are using. Another way is to use iptables or some iptables based firewall to drop all traffic on that interface.

Note that, even without using the interface, you will not be able to use that IP on another server. Also, I recommend not to disable the interface completely, but leaving only some kind of remote administration as an alternative access. Such as an RDP or SSH, but running on a port different than the default one.

cjonash

07-04-2015, 00:23

Is it possible to disable the public network interface for servers where I only need the vRack connetction (the second NIC)?
And if so, how do I do it?

Background:
I have four servers, where three of them is running VMWare and the last one is a NAS on which the virtual machines are stored.
It would be nice if the file server only had the vRack NIC enabled, since that is the only one used.