[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RE: Configuring multiple IP addresses on VLAN interface using ifupdown

Hi Chris,

> Bob Proulx <bob@proulx.com> wrote:
>> Tom H wrote:
>>> I'm pretty sure that the last time (six months ago?) Bob linked to a 
>>> Debian wiki page [...] that used multiple iface declarations for the 
>>> same nic (I've also used multiple declarations).
>
>>  
>> https://wiki.debian.org/NetworkConfiguration#Multiple_IP_addresses_on_One_Interface
>
>
> Thank you both
> Chris

Chris, that way is the "old and hard way" to declare them in my opinion. It is very inflexible.
The ip addr add ... is very flexible and can be handled independent of the physical status of the interface but still react with the interface when it comes up or goes down. See my other mail with this subject.

I routinely add or remove ip addresses from an interface without having to bring the physical interface up or down.

Here an example of one of my gateway machines
/etc/network/interfaces
=======================
[....]
auto eth0
iface eth0 inet static
        address 217.114.99.195
        netmask 255.255.255.224
        broadcast 217.114.99.223
        gateway 217.114.99.193
        pre-up /usr/local/bin/firewall.sh
        # portal16
        up ip addr add 217.114.99.206/27 broadcast 217.114.99.223 dev eth0
        # www, wwww2, etc.
        up ip addr add 217.114.99.208/27 broadcast 217.114.99.223 dev eth0
#       up ip addr add 217.114.99.209/27 broadcast 217.114.99.223 dev eth0
        up ip addr add 217.114.99.212/27 broadcast 217.114.99.223 dev eth0
        down ip addr del 217.114.99.206/27 broadcast 217.114.99.223 dev eth0
        down ip addr del 217.114.99.208/27 broadcast 217.114.99.223 dev eth0
#       down ip addr del 217.114.99.209/27 broadcast 217.114.99.223 dev eth0
        down ip addr del 217.114.99.212/27 broadcast 217.114.99.223 dev eth0
	

ip addr show eth0
=================
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
    link/ether 00:50:56:b7:00:18 brd ff:ff:ff:ff:ff:ff
    inet 217.114.99.195/27 brd 217.114.99.223 scope global eth0
    inet 217.114.99.206/27 brd 217.114.99.223 scope global secondary eth0
    inet 217.114.99.208/27 brd 217.114.99.223 scope global secondary eth0
    inet 217.114.99.212/27 brd 217.114.99.223 scope global secondary eth0
    inet6 fe80::250:56ff:feb7:18/64 scope link
       valid_lft forever preferred_lft forever

If I need to take an ip address down all I have to do is enter the ip addr del line and it is gone. If I want it back I just need to enter the ip addr add line.
When one uses the way you quote above then one needs to add (sub)interfaces for each address which is more work and when using interface based firewalls can get a lot more complex.

Bonno Bloksma
Reply to: