The Networking menu in the Application Servers menu enables you to manage network interfaces, allocate IP addresses, and set firewall rules for application servers. In this document you can find information on how to manage Application Server networks.  

  • To run the application server, at least one network interface with an assigned IP address (or addresses) is required! 
  • To allocate another physical network, add a new network interface.
  • In case of network interface replacement for Windows application servers running on Xen compute resources, the user has to add new network interface, rebuild network, then remove the old network interface, and perform network rebuild again.

Configure Application Server Network Interface

The Networking > Network Interfaces menu shows the virtual network interfaces allocated to this application server. Network interfaces join the physical network to the application server. 

When you create an application server, a network interface is added automatically. This network interface will be assigned to the existing physical network using a spare IP (IPv4) and will be set primary by default.
OnApp supports IPv4 and IPv6. Since not every application supports IPv6, at least one IPv4 address must be allocated to an application server's primary network interface. 
To see the list of all network interfaces allocated to the application server:

  1. Go to your Control Panel > Cloud > Application Servers menu.
  2. Click the label of the application server you're interested in.
  3. Click the Networking tab, then click Network Interfaces.
  4. On the page that follows you will see the following fields:
    • Interface – optional label of the network interface
    • Network join – name of the network and a compute resource or compute zone this network is joined to
    • Port speed – the speed set to the interface
    • Primary interface – indication whether the interface is primary or not

Here you can also view Interface Usage, Edit and Delete network interface (using icon controls), and Add a new network interface (using the button at the bottom of the screen).


To add a network interface:

  1. Go to your Control Panel > Cloud > Application Servers menu.
  2. Click the label of the application server you're interested in.
  3. Click the Networking tab, then click Network Interfaces.
  4. Click the Add New Network Interface button at the bottom of the screen.
  5. On the screen that appears, input values for the following parameters:

    • Label – a name for the new interface
    • Physical Network – choose a network join from the drop-down menu, which lists network joins assigned to the compute resource/compute zone on which the application server runs)
    • Port speed – set port speed in Mbps, or make it unlimited

  6. Click the Submit button.

To edit the network interface label and port speed or set it as primary (if none is marked as primary), click Edit icon next to the appropriate network interface. After editing the port speed, the application server should be power cycled for the change to take effect.
To delete a network interface, click the Delete icon next to the interface you want to delete.

Rebuild Application Server Network

To rebuild a network join, added to the application server (required after allocating new IP addresses):

  1. Go to your Control Panel > Cloud > Application Servers menu.
  2. Click the label of a required application server.
  3. On the screen that appears, click the Tools button, then click Rebuild Network.

  4. In the pop-up window, move the Force Reboot slider to the right, then select the application server shutdown type.

    During rebuild of a network, the system tries to reach application server's network interface without rebooting application server. Then, if it is not possible, transactionwill quit. Force reboot action allows to rebuild application server network with reboot action if live rebuild is impossible. In case the force reboot option is disabled and system can not enter the application server, the network rebuild operation will fail.

  5. Move the Required Startup slider to the right to start up an application server when you're rebuilding network of a powered off application server.
  6. Click the Rebuild Network button.

In case of network interface replacement for Windows application servers running on Xen compute resources, the user has to add new network interface, rebuild network, then remove the old network interface, and perform network rebuild again.

Set Application Server Firewall Rules

With OnApp you can set firewall rules for the network interfaces of application servers. There are two types of firewall rule:

  • ACCEPT – defines the packets that will be accepted by the firewall
  • DROP – defines the packets that will be rejected by the firewall

You cannot apply firewall rules to application servers which are parts of a blueprint.

You can set the following:

Add a specific firewall rule

To configure a firewall rule:

  1. Go to your Control Panel > Cloud > Application Servers menu.
  2. Click the label of the application server for which you want to configure a firewall rule.
  3. On the screen that appears, click the Tools button, then click Edit Firewall Rules.
  4. On the page that appears, set the following:
    1. Choose the network interface.
    2. Specify if the rule defines requests that should be accepted or dropped.
    3. Set the IP address for which this rule is active.
      • Leave the empty field to apply this rule to all IPs
      • Enter hyphen-separated IPs to apply the rule to an IP range (e.g. 192.168.1.1-192.168.1.10)
      • Enter the IPs with slash to apply the rule to CIDR (e.g. 192.168.1.1/24)
    4. Set the port for which this rule is effective.
      • Leave the empty field to apply the rule to all ports
      • Enter colon-separated ports to apply the rule to a port range (e.g. 1024:1028)
      • Enter comma-separated ports to apply the rule to the list of ports (e.g. 80,443,21)
    5. Choose the protocol (TCP, UDP or ICMP).
    6. Enter a comment to the firewall rule.
  5. Save the rule by clicking the Add Rule button. The rule will be saved in the UI, but the transaction won't be started until you click the Apply Firewall Rules button.
  6. To start the transaction that runs firewall rules for an application server, click Apply Firewall Rules button.
  7. Use Up and Down arrow buttons in the left column to change firewall rule position.

Default firewall rules

To set default firewall rules for a network interface:

  1. Go to your Control Panel > Cloud > Application Servers menu.
  2. Click the label of the application server for which you want to configure a firewall rule.
  3. Click the Networking tab, then click Firewall.
  4. On the page that appears, go to Default firewall rules section.
  5. Choose ACCEPT or DROP command next to the network interface and click Save Default Firewall Rules. The rule will be saved in the UI, but the transaction won't be started until you click the Apply Firewall Rules button.

Example:

The Int1 ACCEPT 122.158.111.21 22 TCP firewall rule means that the Int1 network interface will accept all requests and packets addressed from 122.158.111.21 using the TCP protocol on port 22.
The Int2 DROP 122.158.111.21 22 UDP firewall rule means that the Int2 network interface will reject all requests and packets from 122.158.111.21 using the UDP protocol on port 22.

Application Server IP Addresses

In the Networking > IP Addresses tab you can find the list of assigned IP addresses, allocate new IP addresses and rebuild a network.
To allocate a new IP Address to the application server:

  1. Go to your Control Panel > Cloud > Application Servers menu.
  2. Click the label of the application server you're interested in.
  3. Click the Networking tab, then click IP Addresses.
  4. Click the Allocate New IP Address button.
  5. Select a network interface from the drop-down menu (only the network interfaces you added to the application server will be available)
  6. Select an IP address from the IP Pool associated with the network interface. You may select an IP address that's already assigned to an application server, but only one application server should be online at a time.
    Use Please show me used IP PoolShow only my IPs and Show only IPv6 checkboxes to narrow the list of IP in the drop-down list.
  7. Click the Add IP Address button.
  8. Click the Rebuild Network button to rebuild the network.
You must rebuild the network after making changes to IP address allocations.

To remove an IP address from an application server:

  1. Go to your Control Panel > Cloud > Application Servers menu.
  2. Click the label of the application server you're interested in.
  3. Click the Networking > IP Addresses tab.
  4. Click the Delete icon next to the IP address you want to delete.
  5. In the pop up window that appears:
    • Choose Delete with Reboot option if you want to reboot an application server and rebuild the network immediately after deleting the IP address. After choosing the Delete with Reboot option you will be redirected to the application server's Overview page.
    • Choose Delete without Reboot option if you don't want to reboot an application server. In this case to apply the changes, you will have to the reboot the application server additionally.
You can't delete an IP address that is in use.

Display Network Speed for Network Interfaces on Application Server Page

The main Application Servers screen displays the network speed of each application server's primary network interface. To see the speed of all interfaces assigned to an application server:

  1. Go to your Control Panel > Cloud > Application Servers menu.
  2. Click the label of the application server you are interested in.
  3. Click the Networking > Network Interfaces tab.
  4. On the screen that appears, the Port Speed column shows the network speed of the network interface.

Edit Application Server Network Speed

To edit an application server's network speed:

  1. Go to your Control Panel > Cloud > Application Servers menu.
  2. Click the label of the application server you want to change.
  3. Go to the Networking tab > Network Interfaces.
  4. In the last column, click the Edit button.
  5. Change the port speed.
  6. Click the Submit button to save changes.

See also:

Leave feedback