MikeL's FreeBSD howto - Change IP address
(Page last updated 23-Feb-2007)
This is basically a checklist of how to change your machine's IP
address. The intent is not to cover everything in detail, merely to
point you to each of the tasks that must be performed.
This list was created when I physically moved my FreeBSD server from a
lower-speed connection to a high-speed data center co-location
service. The assumption is that the box will be locked in a closet
once configured, accessible only via the Intenet/ssh.
Don't forget to to have your upstream provider update the reverse
DNS name of your IP address! If you're on a DSL or some such, by
default this name probably indicates that you are a dialup, which will
be blocked by many mail servers.
A few days before making the move:
Once the box has been moved:
/etc/namedb/<your-machine-hosts-file> and lower
TTL, expire, and refresh values to a few hours.
Obviously if you have multiple domains, you'll have to do them
all. (If you don't already, this is sure to get you to convert to
using common files which do
Now that the box has been moved, and is up, you can lock up the box in
the closet, and go somewhere more comfortable to do the remaining
If you're running your own DNS/BIND server, you should have
yourself listed first:
/etc/resolv.conf with new DNS server(s).
(Of course the first line in the file will still be:
Followed by the DNS server supplied by your upstream provider:
/etc/rc.conf with new gateway:
Your upstream provider will supply you with the ip address of
their gateway (amy also be called router) for your system:
You'll already have turned on your gateway with:
- You'll change the new IP address in the ifconfig:
(I'm omitting other possible options in the ifconfig --
that's your problem.)
- Hopefully your ISP is forwarding the old IP address to the new for
you, in which case you'll enter the old as an alias:
(Again, I'm omitting other options in the ifconfig line.)
/etc/rc.firewall with new
- You may need to get things working using manual
- Keep at it until if you can
ping somebody in the
outside world (or in some way prove that the network is
- From some external machine, make sure you can do an
- Make sure to update
/etc/rc.conf with the final
Once done, reboot machine so as to make sure you can still get out
and in if you were to have to do a remote reboot.
A few days later, after the dust has settled:
(Obviously this must be done for all domains on the box) and
/etc/mail/<your-systems.mc>. Also check
access file, regenerate cf file and restart
sendmail if changed.
/usr/local/etc/apache/httpd.conf and restart
apache. (All virtual domains.)
/usr/local/etc/smb.conf and restart
cd /usr/local/etc and
grep <old-addr> *
/* layers until you've checked all files6.
- Go to your domain name registrar(s) and update them.
- Go to dnsreport.com to
check your work.
- Don't forget to go to your DNS and mail
secondarying machines and go through the same list of files on
- Don't forget to go to inform anyone else who
depends on your IP of the change; for example are you subscribed
to RBL+ at mail-abuse.org?. Do you have anyone doing secondarying
Please note! restarting 'named' appears to rewite your /etc/resolv.conf file.
- Go back to dnsreport to ensure that all is still as you think it
- Set time values in dns settings back to more reasonable values,
like those recommended by dnsreport.
Copyright © 1995-2017