New IP Not Working

[LPro]

Hi,

I've Added a new ip to my directadmin
I can ping new ip from inside the server but i can't ping ip from outside
also i can't access DA panel with new ip.

IP is exist to this path /usr/local/directadmin/data/admin/ips
But when i check ifconfig i can't find new ip there

Thank you for helping me

 

[factor]

ifconfig i can't find new ip there

It must be added to the physical server first.
if the ip is not added to the server by the server company then you must contact them to attach the IP to your server.

If it has been you might need to reboot or restart networking on the server.

IP is exist to this path /usr/local/directadmin/data/admin/ips

This is just you adding it to DA. If it not added as above it won't matter

once they add the ip use this.

DirectAdmin

DirectAdmin Web Control Panel Site-Helper. Helping you get the most out of DirectAdmin and your web site!

www.site-helper.com

Does this help.

 

[Richard G]

Did you use this procedure to change your ip?

https://help.directadmin.com/item.php?id=250

Sorry, my mistake, this is for changing ip.

 

[factor]

I assumed he was adding another IP to the server not changing IPs? eg to have multiple ips on the same server.

 

[Richard G]

Oeps, sorry, you are correct.

 

[Richard G]

But when i check ifconfig i can't find new ip there

What is your OS? Because newest OS (like Centos 8) don't show both ip's anymore with ifconfig.

Have a look at the output from this command:

ip a

 

[LPro]

What is your OS? Because newest OS (like Centos 8) don't show both ip's anymore with ifconfig.

Have a look at the output from this command:

ip a

Centos 7

IP a:

[root@server ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:50:56:00:cd:4e brd ff:ff:ff:ff:ff:ff
    inet 95.216.58.46/28 brd 95.216.58.47 scope global noprefixroute ens192
       valid_lft forever preferred_lft forever
    inet 95.216.58.40/28 brd 95.216.58.47 scope global secondary noprefixroute ens192:1
       valid_lft forever preferred_lft forever
    inet6 fe80::e00d:690d:73a:fcc8/64 scope link noprefixroute
       valid_lft forever preferred_lft forever

New ip is listed here

 

[factor]

ok great
what is outcome of

cat /usr/local/directadmin/conf/directadmin.conf |grep ethernet_dev

 

[Richard G]

So that looks good.

I can't ping it either. So it's either a firewall question or Hetzner did not activate the ip yet.
Do you see the second ip in your client section alraedy of your server?
What firewall is running?
And ofcourse answer question of Brent.

 

[factor]

I can't ping it either.

I cant ping the second one either. something is not online about that ip.

So USA and the Netherlands cant see it...

 

[LPro]

I assumed he was adding another IP to the server not changing IPs? eg to have multiple ips on the same server.

I don't want to change server IP, i want just add new ip and assign it to a reseller

ok great
what is outcome of

cat /usr/local/directadmin/conf/directadmin.conf |grep ethernet_dev

[root@server ~]# cat /usr/local/directadmin/conf/directadmin.conf |grep ethernet_dev
ethernet_dev=ens192

So that looks good.

I can't ping it either. So it's either a firewall question or Hetzner did not activate the ip yet.
Do you see the second ip in your client section alraedy of your server?
What firewall is running?
And ofcourse answer question of Brent.

That is the problem inside server i can ping new ip but from outside there is no ping
The Second ip is listed to my client section

 

[LPro]

Also i try disable Firewall but the same result
Port 53 is open

 

[factor]

[root@server ~]# cat /usr/local/directadmin/conf/directadmin.conf |grep ethernet_dev ethernet_dev=ens192

all good here.

removed as not needed

 

[Richard G]

Nooo.... not needed!!!
Please do NOT follow that guide.

Directadmin will add the ip itself when adding it to directadmin. It's present, the only issue is that it's not reachable from outside yet.
This has nothing to do with the Hetzner helpfile.

@LPro remove your screenshot again, a confirmation would have been enough, but thank you. It's better not to public present ip's so you can mask them if you want.

Port 53 is for DNS. Not for icmp traffic. Which firewall do you have running on your machine?
Is it possible to fully disable it and then see if you second ip is reachable from outside?

 

[Richard G]

By the way... in the screenshot I see 3 ip's. The rDNS of all 3 is pointing to your main ip, that's very odd. Should not be the case by default as far as I remember.

 

[Richard G]

If you disable your firewall as you stated, do you see everything accepted?
So with firewall disabled, the output of:

iptables -L

 

[LPro]

If you disable your firewall as you stated, do you see everything accepted?
So with firewall disabled, the output of:

iptables -L

I use CSF firewall
With firewall disabled:

[root@server ~]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

 

[factor]

Nooo.... not needed!!!
Please do NOT follow that guide.

ok i fixed it as not to confuse the subject.

 

[Richard G]

With firewall disabled:

Oke, I suggest you contact Hetzner support via your Hetzner robot system.
Point them out, the ip is not reachable from outside your system, not pingable or otherwise, with firewall disabled.
Also tell them all rDNS settings are pointing automatically to your main ip for all ip's, and ask if that is not odd.
I've got a strong impression they made a mistake somewhere.

@bdacus01 Thank you. Those docs is mainly for vps or servers without panel. You can add an ip like that, but it's better not, because DA is handling the second ip (and others). It can give confusion or strange situations when DA is not supporting the ip (due to some error or something) and one can see the ip's present, because they are created in those files.
When you don't create them manually like that, if DA stops supporting an ip, you won't see it in ip a and it's clear you have to search in DA.
Next to that, you can't make mistakes, because in this case it should not be in ifcfg-eth0. Best let DA (or other panel if used) handle it.
Least way for strange issues.

We got multiple servers with Hetzner, I never add ip's like that manually. Don't let Hetzner tell you otherwise.

 

[factor]

I suggest you contact Hetzner support via your Hetzner robot system.

I agree too.

Please report back on this thread as well with resolution.

Least way for strange issues.

But Strange issues is our Strong suite...