I have a need to host multiple IPs on the same host on the same subnet due to SSL certificate reasons. My initial attempt at setting this up ended in routing errors. After a bit of digging I found out why.
Because the server in question was a VMware guest, I initially just added a second network interface to the VMware guest and assigned the second IP address to it. At first glance this seems to work, as I can ping both of the IPs from within my subnet. However, if I try to access both of the IPs from outside of the subnet, only one of the IPs works!
Why is it doing this? The answer lies in the routing table.
ajz@server:~$ route -vn Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 160.94.224.0 0.0.0.0 255.255.255.128 U 0 0 0 eth0 160.94.224.0 0.0.0.0 255.255.255.128 U 0 0 0 eth1 0.0.0.0 160.94.224.126 0.0.0.0 UG 100 0 0 eth0 0.0.0.0 160.94.224.126 0.0.0.0 UG 100 0 0 eth1 ajz@server:~$You see when a packet comes in from outside of the local network to eth1, it may get routed back on eth0, or eth1. One of those is going to get lost. This means the routing table will choose one of the interfaces for routing traffic back to the internet outside your subnet, and the other interfaces get lost in the process. So how do we set it up right? We don't use a different ethernet interface for each adapter. We setup an eth0:1 interface! The working configuration file is below. If you're using a debian based system, the
/etc/network/interfacesfile looks like the following.
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
address 160.94.345.101
netmask 255.255.255.128
network 160.94.345.0
broadcast 160.94.345.127
gateway 160.94.345.126
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 128.101.101.101 134.84.84.84
# Alternate secondary network interface
auto eth0:1
iface eth0:1 inet static
address 160.94.345.96
netmask 255.255.255.128
network 160.94.345.0
Good luck!
Leave a comment