Script for Changing IP remotely

From Admin-SIG

All system and network administrators have had the palm sweating experience of changing the IP address of a device while being logged into it from a remote location. In theory it should usually not be a problem. In practice typos, overlooked details, unforseen consequences and plain stupid mistakes have caused all those same admins to at some time have left a device in a broken state and no longer able to login into it. If the device is across the state, country or the world, or just at a location that is difficult to get access to, it is just not fun. Especially if customers are without service as a result.

This week at work I was working on one of the first Linux routers we’ve deployed at a customer site. I needed to change the WAN IP by ssh’ing to the router. This is a task that I’m going to need to do repeatedly. I decided to work on a way to take some of the aprehension out of the task.

This being a Linux router, my solution was to write a shell script that changes the necessary IP information and then waits for 5 minutes. That 5 minutes gives me enough time to log back into the router on the new IP and kill the script. After 5 minutes, the router reboots, resetting the IP information to what it was before the script was run. That way if I made a mistake, like picking a subnet that really isn’t routable to that location, etc., I am hopefully saved from disaster by the reboot.

There is no complete safety, I’m afraid. If you introduce a typo into the script that causes it to execute far enough to change the IP, but then error out before completing its tasks, such as changing the default route, then the very strategy that is supposed to save you may doom you. Isn’t that like life? Yes, I managed to do this the first time I used the script, yesterday. In this case, happily, I could just call the customer and have them power cycle the router. I then logged back in, fixed the script, and used it successfully. It was a good test, too, because I forgot a detail that would have left the router unreachable again, but the reboot saved me.

At the end of the day I had successfully changed the IP info for the router, and had a debugged script that I am confident will save me some grief in the future. It is included below. If you were to use it, you would, of course, change the IP values to reflect the network in question. You should also check that the paths to commands match the paths on the system you were working on. 


   #!/bin/sh
   #change-wan-ip.sh
   #to change IP remotely and recover if it fails by rebooting
   #Josh Gentry 11/23/04
   #
   #define variables
   wan_int=eth0
   new_ip=192.168.1.170
   new_netmask=255.255.255.252
   new_gateway=192.168.1.169
   #
   #Change IP and netmask
   ifconfig $wan_int $new_ip netmask $new_netmask
   #
   #Add new default route
   /bin/ip route add 0.0.0.0/0 via $new_gateway
   #
   #Allow 5 minutes for admin to log back in on new IP and kill script
   /bin/sleep 300
   #
   #If admin fails to login on new IP and kill script, reboot to reset IP
   /sbin/reboot

That’s how I do it. Anybody like to share how they approach the same problem?

Retrieved from "http://www.nmosug.org/admin-wiki/index.php/Script_for_Changing_IP_remotely"