RE: Configuring multiple IP addresses on VLAN interface using ifupdown

Tue, 22 Oct 2013 05:48:06 -0700 

Hi Chris,

> Bob Proulx <[email protected]> wrote:
>> Tom H wrote:
>>> I'm pretty sure that the last time (six months ago?) Bob linked to a 
>>> Debian wiki page [...] that used multiple iface declarations for the 
>>> same nic (I've also used multiple declarations).
>
>>  
>> https://wiki.debian.org/NetworkConfiguration#Multiple_IP_addresses_on_One_Interface
>
>
> Thank you both
> Chris

Chris, that way is the "old and hard way" to declare them in my opinion. It is 
very inflexible.
The ip addr add ... is very flexible and can be handled independent of the 
physical status of the interface but still react with the interface when it 
comes up or goes down. See my other mail with this subject.

I routinely add or remove ip addresses from an interface without having to 
bring the physical interface up or down.

Here an example of one of my gateway machines
/etc/network/interfaces
=======================
[....]
auto eth0
iface eth0 inet static
        address 217.114.99.195
        netmask 255.255.255.224
        broadcast 217.114.99.223
        gateway 217.114.99.193
        pre-up /usr/local/bin/firewall.sh
        # portal16
        up ip addr add 217.114.99.206/27 broadcast 217.114.99.223 dev eth0
        # www, wwww2, etc.
        up ip addr add 217.114.99.208/27 broadcast 217.114.99.223 dev eth0
#       up ip addr add 217.114.99.209/27 broadcast 217.114.99.223 dev eth0
        up ip addr add 217.114.99.212/27 broadcast 217.114.99.223 dev eth0
        down ip addr del 217.114.99.206/27 broadcast 217.114.99.223 dev eth0
        down ip addr del 217.114.99.208/27 broadcast 217.114.99.223 dev eth0
#       down ip addr del 217.114.99.209/27 broadcast 217.114.99.223 dev eth0
        down ip addr del 217.114.99.212/27 broadcast 217.114.99.223 dev eth0
        

ip addr show eth0
=================
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state 
UNKNOWN qlen 1000
    link/ether 00:50:56:b7:00:18 brd ff:ff:ff:ff:ff:ff
    inet 217.114.99.195/27 brd 217.114.99.223 scope global eth0
    inet 217.114.99.206/27 brd 217.114.99.223 scope global secondary eth0
    inet 217.114.99.208/27 brd 217.114.99.223 scope global secondary eth0
    inet 217.114.99.212/27 brd 217.114.99.223 scope global secondary eth0
    inet6 fe80::250:56ff:feb7:18/64 scope link
       valid_lft forever preferred_lft forever

If I need to take an ip address down all I have to do is enter the ip addr del 
line and it is gone. If I want it back I just need to enter the ip addr add 
line.
When one uses the way you quote above then one needs to add (sub)interfaces for 
each address which is more work and when using interface based firewalls can 
get a lot more complex.

Bonno Bloksma


--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
Archive: 
http://lists.debian.org/[email protected]

Reply via email to