Show the Table of Contents

You are here: Configuration Manual (Set up Luna Appliance after Installing) > [Step 1] Configuring Luna Appliance for your Network > Configure IP and Network Parameters

Configure IP and Network Parameters

The HSM appliance is pre-configured with network settings left over from our manufacturing process and not recommended for your production network. The following procedure assumes that your network uses DNS. If you are configuring without a DNS server available, some of the commands on this and subsequent pages might be affected. Such commands are highlighted with this “No DNS” icon.

  
 

 

Use a locally connected serial terminal when changing the appliance IP address, to avoid SSH admin console disconnection due to the change.

  1. Use the network show command to display the current settings, to see how they need to be modified for your network.
    [local_host] lunash:>net show 
        Hostname:         local_host 
        Domain:           <not set> 
        IP Address (eth0): HW Address (eth0): 00:15:B2:A2:43:60 
        Mask (eth0):       Gateway (eth0):   <not set> 

        Name Servers: <not set> 
        Search Domain(s): <not set> 

    Kernel IP routing table 
    Destination Gateway Genmask Flags Metric Ref Use Iface 
    Link status 
      eth0: Configured 
            Link detected: yes 
      eth1: Not configured 

    Command Result : 0 (Success) 
    [local_host] lunash:>
     
  2. Use network hostname to set the hostname of the HSM appliance (use lowercase characters).
    lunash:> network hostname myluna3      



To access the HSM appliance, the hostname must be resolvable to an IP address on your network. See your Network Administrator for assistance with completing this step.

 

The net hostname command expects a single-word text string. If you supply a name that includes a space, all text after the space is ignored.
For example, if you typed:
net hostname host name
the system would assign a hostname of “host”.  Therefore, if you want "host name", use "host_name" or "host-name" or "hostname" or similar.

Enter a meaningful hostname to allow you to identify and manage multiple Luna appliances in your network.

 

  1. Use network domain to set the name of the network domain in which the HSM Server (appliance) is to operate.
    lunash:> net domain safenet-inc.com

     
  2. Use ‘network dns add nameserver’ to set the Nameserver IP Address (address for the local name server).
    lunash:> net dns add nameserver 192.168.1.3      
    (substitute an appropriate address for the example; ask your Network Administrator).



Your network may have multiple DNS name servers. Repeat this step for any additional name servers.

 



This command manually sets a DNS parameter for the HSM appliance. If you elect to use a DHCP server (see the net -interface command later in this section) rather than static IP, then this parameter is overwritten for the HSM appliance.  In general, we strongly recommend against using DHCP for HSM appliances.

 

  1. Use net dns add searchdomain to set the DNS Search Domain (the search list to be used for hostname lookups).
    lunash:> net dns add searchdomain safenet-inc.com      
     



Setting the Search Domain is important so that you can use short names for your client machines.

 



Your network may have multiple DNS search domains. Repeat this step to add all search domains.

 



This command manually sets a DNS parameter for the HSM appliance. If you elect to use a DHCP server (see the net -interface command later in this section) rather than static IP, then this parameter is overwritten for the Luna SA.  

 

  1. Use network interface to change network configuration settings.  

    All of the network interface parameters are required for the IP setup of the ethernet device, and must be set at the same time for the HSM appliance to connect with your network.  
     lunash:>net interface -device eth0 -ip 192.168.11.82 -netmask 255.255.0.0 -gateway 192.168.1.1

    Use addresses and mask values as provided by your network administrator.



The first [top] ethernet port (eth0) and the [bottom] ethernet port (eth1) on the HSM appliance's back panel, are labeled 1/2

 

If you choose to configure the second ethernet port (eth1), repeat the network interface command, above, substituting ‘eth1’ and the appropriate address for that device. Even if you do not have a need for the second ethernet port, you should configure it, specifically to a test network (e.g., network interface –device eth1 –ip 192.168.1.254 –netmask 255.255.255.0) so that it does not affect the behavior of other Luna features (e.g., remote PED).

If either interface is configured to use DHCP, then the DNS parameters are overwritten for the entire HSM appliance. It is not possible to have manual settings preserved for one interface, while DHCP-derived settings are used for the other. In general, we recommend against using DHCP for HSM appliances.
 



If you have chosen to perform setup via ssh, rather than via the direct (serial) administrative connection, then you will likely lose your network connection at this point, as you confirm the change of IP address from the default setting.

 

View the new network settings with network show.
 lunash:> network show

The network show command (described earlier) displays the current settings, so you can verify that they are now correct for your environment before attempting to use them.

(Next, go to "Make Your Network Connection")

 

 

 

Show the Table of Contents