Ubuntu Networking :: Multiple External IP Addresses With Single Physical Ethernet Card And Virtualization
Feb 16, 2010
I recently installed Ubuntu Server 9.10 with the intent of using it as a platform for running a couple of Windows XP virtual machines along with Linux/Ubuntu.
I had no problems getting the server installed. Had no problems getting the network up and running so that I had access to both my internal network as well as external connectivity to the internet. Had no problems getting a VM installed and putting Windows XP inside of it. Had no problems setting up a bridge between the WinXP virtual machine and the physical ethernet card (eth0).
What Im having trouble with is figuring out how to bridge from multiple VMs AND Ubuntu natively through one physical ethernet card.
When I set up the bridge, it knocks out the static IP address of the ethernet card that was set up initially with Ubuntu when first installed before the VM was created and installed. Therefore, connectivity within Ubuntu natively is lost.
Similarly, am having trouble figuring out how the second VM (also going to be running WinXP) is going to get its connectivity since it doesnt seem to like me setting up 2 bridges to the same physical ethernet interface card.
I need all 3 machines to have static IP addresses and be visible/accessible from the external network for either web/mail/dns/etc servers on the Ubuntu side and for remote PC control functionality on the VM side.
I have tried setting up alias ethernet interfaces (eth0:1, eth0:2, eth0:3) with static addresses which work fine from native Ubuntu in presenting multiple IP addressees, but it seems that Im not permitted to bridge to these alias interfaces.
Our system uses email to send fairly time-sensitive status messages between programs running on various servers on a WAN. Each email message is sent to two addresses (different servers). The problem occurs when one of the destination mail servers is off the network. I think because it's trying to send one email to two addresses, sendmail attempts delivery to the first address, then to the second address (i.e., serially). When this happens, it hangs for two connect timeout (CONNECT_TO) periods trying to connect to the offline destination, then after the timeout, it then delivers to the other destination. I'm trying to figure out how to work around that connection delay so it doesn't delay delivery to the other destination.
I'm working with the network guys to enable the right ICMP messages that signal when a network is unavailable, but I would also like to try having sendmail split the emails into two envelopes, then use parallel, independent connections for delivery.
After days of reading through the docs (O'Rielly Sendmail book + sendmail docs) I think one way to do this is to use multiple mail queues, but I can't decipher exactly how to do that from the docs.
There might be other, more elegant ways to do the same thing, but again, trying to decipher the docs has my head swimming. (This is my first experience with sendmail.)
I want to configure multiple virtual ethernet interfaces over a single physical ethernet interface (eth0) and for each virtual interface the MAC address must be unique and the IP address must be Static.Finally all the virtual interfaces must be able to communicate both internally and externally and the traffic should be captured using wireshark.
I need to have such kind of setup to communicate devices individually using one physical ethernet device.
Because I was fiddling with few kernel modules like MACVLAN and MACVTAP and successfully enabled those modules and rebuild kernel. Using macvlan and macvtap I can configure virtual interfaces with unique mac address and static IPs but while capturing packets using wireshark interfaces behave weirdly.
For example say on HOST machine I have 1 physical interface and created 3 virtual interfaces as shown below.
First from above interfaces I started pinging eth0 internally from host machine in which it worked as usually.
Second I did same externally from other machine which is connected to the same network of Host machine, and this did work as usually.
Third I pinged first virtual interface veth0 both internally and externally and this also works and after that I did check source and destination MAC address using wireshark tool-where both showed up there respective MAC address.
Now triggers the issue, where I pinged second virtual interface same like I did for first one, but this time ping was success and where as in wireshark tool the MAC address for veth0 is picked by veth1. This is where I got stuck and this issue happened for all the remaining virtual interfaces.
I couldn't see any virtual interface showing their respective MAC address, as of the remaining except the first virtual interface has been picking the first veth0 mac address.
My machine has ONE ethernet card and is on a LAN.IP address is assigned to hosts using DHCP.I can have more than one MAC address on LAN by running Virtual Machine and setting network to bridged. This way, my virtual machine simply acts like there is one more machine in the network.Running VMWare for this job is a a bit heavy on resources. Is there a way so that I can I can have 2 or more ip addresses with different MAC address on the same machine without having to run VirtualBox.
By googling, I think its related to bridging and tap. And, I am sure thatts NOT IP-ALIASING because in ip-aliasing both the ip addresses have the same MAC address.Basically, I want my system to have interfaces like:-eth0 - which was originally presentlo- thats always present :|newint0 - New interface with new MAC address and IP addresses which can access my LAN directly. Its like if I bind, let us suppose curl to this interface, its like a different connection
I've just arrived at uni and to set up my wifi apparently I need my "media access control which is listed as the phsyical address for ethernet adaptor local area connection." on windows you can find it by using the command ipconfig /all but that didn't work when i put it into terminal.
Does anyone know if there is any way to configure 50K "virtual" IPv6 addresses on loopback device in Linux? The aim is not to add all 50K IPv6 addresses one by one on the loopback/ETH device which will probably mess up the ip table on the system. In IPv4, I am able to achieve that by specifying the IP address subnet on loopback device (e.g: "ip addr add 10.1.0.0/16 dev lo"). The same command does not seem to work the same way for IPv6. It only adds a single IPv6 address on loopback device and it automatically adds an "unreachable route" entry on the ipv6 route table for that IPv6 network prefix.
The reason I need this is because I am working on an application which tries to simulate 50K IPv6 addresses on a single Linux box. The kernel version I am currently using is RHEL 2.6.9.55.
I have run into a problem that I've tracked down to being a conflict between the "Upstart" init system, and how it handles multiple (alias) IP addresses per physical interface. The summary of the problem is that the interfaces are being configured in the background in parallel with the starting of daemons. One "feature" of this (apparently intended for pluggable devices that would add or remove an interface) is that the network daemons are restarted each time an interface is added (and presumably deleted). But this is a disaster when applied to alias IP addresses.
I first saw the effects of this when during booting Ubuntu Server, the screen showed a message about OpenSSH daemon being restarted ... several times a few seconds apart each. At the time I didn't know what was causing that, but didn't worry because it ultimately was running when I needed it.
But now that I am deploying these servers for specific duty with many IP addresses per system (per network interface), the symptoms are becoming serious, and I need a solution.
1. The IP addresses are coming online too slowly. Apparently the time it takes to restart each daemon is being added to each address being configured.
2. It appears to be disrupting some daemons sometimes. Occaisionally, some daemon just ends up being hung somewhere, or dies. Too many restarts.
3. Sometimes few or even no alias addresses get configured. This might be due to a daemon getting hung, and the whole sequence just not finishing.
4. The "nsd" name server as packaged by Ubuntu doesn't deal well with this at all. It needs all its IP addresses to be up when it starts, or else it won't start. The Ubuntu package of it doesn't including any if-up script at all, although I'm not sure that would do any good.
What I need is a way to configure all these alias IP addresses so they are all configured immediately when the point in time is reached to bring up network interfaces for the first time. These are all static, and all are aliases on ethernet NIC cards plugged into PCIe cards, or integrated in the mainboard. None of them are pluggables. I did run a manual test of "ifconfig" in a loop configuring 2540 alias IP address on eth0 and it only took 2 seconds (no if-up triggers or daemon restarts here). So I know it's fast if nothing else is done between these steps.
Even for pluggable physical interfaces, I see no reason to even try to step through every alias (if it has aliases) with a daemon restart. If an alias IP address is added on later, then I can understand doing it. But if you have a list of 100 aliases for a physical interface, they really should all be done ... or at least attempted ... at once, and do any triggers needed after that.
So, how can I configure or modify Ubuntu Server 9.10 to do that?
I have each alias listed in the "/etc/network/interfaces" file with a separate "auto" and "iface" section for each one, with sequential sub-interface numbers appended to the interface name. I tried it without those sections (e.g. just "address" and other items in sequence) and that prevents the system from even coming up (bootable CD to the rescue to undo that). At least cntrl-alt-del did reboot it.
I tried to attach the /etc/network/interfaces file, but I don't know if it worked because I see no confirmations about it. if it didn't attach and you need to see it, say so, and I'll just paste it in a followup.
My Linux gateway has multiple address to internet: eth0 = 76.148.200.3 eth0:0 = 76.148.200.4 eth0:1 = 76.148.200.5 and it's own gateway which is 76.148.200.2 (probably not relevant) and I also have which is not internet, but local: eth0:2 = 192.168.0.1 netmask 255.255.255.0
They all work fine and tested. Now I am sharing the internet through eth0 (76.148.200.3) to 192.168.0.1/24 and that's working fine. The script I use to do that is here...
Code: #!/bin/sh echo 1 >/proc/sys/net/ipv4/ip_forward echo 1 >/proc/sys/net/ipv4/ip_dynaddr iptables -t nat --flush iptables -A FORWARD -i eth0 -d 192.168.0.1/24 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -s 192.168.0.1/24 -o eth0 -j ACCEPT iptables -A FORWARD -j LOG iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Now all I want to change in the script is to share it through 76.148.200.4 (eth0:1) instead of what is already sharing through 76.148.200.3 (eth0). I am sure this is easy but can't work it out and iptables doesn't accept 'aliases'. How I can do this by modifying this script?
For some simulation, I am trying to configure a setup of 3 ubuntu desktops (one of them with multiple network cards) to behave in the following way:
Each one of them should be a separate network not seeing the others (including multicast addresses) They need to have internet access through the machine with multiple network cards. So from the point of view of each machine they define a LAN in which it is the only device and have internet access through the gateway machine.
What do I need to do to configure these machines for the above setup?
I am new to Linux kernel/user space programming having been an assembly programmer in my previous life. I am now using 2.6.x kernel on an embedded CPU that has a few dedicated hardware blocks (including more CPU running just C-code, i.e., no operating system). There is a single DRAM connected to this chip with one Linux CPU + multiple h/w blocks. No swapping.Question(s):
1. The Linux CPU needs to talk to hardware blocks that obviously physical DRAM addresses while Linux processes/threads use virtual addresses. 2. How do I translate these addresses back-n-forth? For example, a Linux process may want to allocate memory and then hand it off to a hardware block to write into it. Then after a while the process will read it. 3. Sometimes, the hardware block may write a physical address into the shared memory. The Linux CPU will read the shared memory and then convert the physical address to virtual memory and go read that location.
How does one achieve all of this? If this is being extremely stupid, then please let me know. Hopefully, you can give me some pointers.
This works perfectly, however when I try to add a second client this way it doesnt. I tried to add the above code multiple times as a whole (2 times the above code) but that doesnt work. I also tried to just add more lines under host apex but this also doesnt work.
So my question is: How do I add more of this mac related IP adress assignments in the dhcp.conf?
iptables and multiple public-facing IP addresses. With the current setup I have a public-facing firewall with iptables which will then forward traffic to a LAN IP. I will hopefully be allotted 1 private IP per public IP, which I hope will make this much more simple. For example, I have server A with the LAN IP of 10.0.0.1 which I would like to have traffic forwarded from 5.0.0.1, the public IP. I also have server B with LAN IP of 10.0.0.2 which I would like to have forwarded from 5.0.0.2, the second public IP. From what I have read and understood, this should be a simple task, however I would just like to double check to make sure that it is in fact possible, and if so, how would it be recommended that I go about doing so. Essentially, I need to forward each public IP to a corresponding LAN IP with all ports.
Fedora 12 running under VirtualBox 3.2.8 w/ Bridged networking Host OS Windows 7
I have 3 IP addresses set up in on my Fedora 12 installation: Directory: /etc/sysconfig/network-scripts/ ifcfg-eth0 -> 192.168.0.170 ifcfg-eth0:0 -> 192.168.0.171 ifcfg-eth0:1 -> 192.168.0.172
Hostname is configured to host associated with 192.168.0.170 in /etc/hosts
When I reboot and execute # ifconfig
eth0 is associated with the 172 address and the other addresses are not active. After I run # service network restart
All of the addresses are active and associated with the correct interfaces. Content of my ifcfg files below:
I have a CentOS5 server with dual ethernet adapters + Webmin installed as my Router / Firewall / DHCP server working successfully with 1 static IP from my ISP. I also have 7 additional static IP addresses from my ISP needing to configure to individual servers inside my network. I have configured the additional virtual interfaces, but am lost on how to route data specifically from additional ISP address to specific internal network address.
Below is my desired configuration. 98.173.159.xx1 = eth0 physical interface ==> eth1 192.168.1.1 98.173.159.xx2 = eth0:1 virtual interface ==> 192.168.1.10 ==> CentOS Server 2 98.173.159.xx3 = eth0:2 virtual interface ==> 192.168.1.20 ==> CentOS Server 3 98.173.159.xx4 = eth0:3 virtual interface ==> 192.168.1.30 ==> CentOS Server 4 98.173.159.xx5 = eth0:4 virtual interface ==> 192.168.1.40 ==> Mac OS X Server 1 98.173.159.xx6 = eth0:5 virtual interface ==> 192.168.1.50 ==> Mac OS X Server 1 98.173.159.xx7 = eth0:6 virtual interface ==> 192.168.1.60 ==> Network Attached Storage Server 1 98.173.159.xx8 = eth0:7 virtual interface ==> 192.168.1.70 ==> Windows 2008 Server 1
I have a strange problem regarding networking on the Alix 2d13 running Ubuntu 10.04. The Alix has 3 physical network interfaces, lspci says:
Code: 00:09.0 Ethernet controller [0200]: VIA Technologies, Inc. VT6105M [Rhine-III] [1106:3053] (rev 96) Kernel driver in use: via-rhine Kernel modules: via-rhine 00:0a.0 Ethernet controller [0200]: VIA Technologies, Inc. VT6105M [Rhine-III] [1106:3053] (rev 96) Kernel driver in use: via-rhine Kernel modules: via-rhine
[Code]...
It seems, if more than one cable is connected, a random hardware port is chosen as eth0-eth2. If only one cable is connected the port that is connected is chosen as eth0-eth2. Any idea what's going wrong here?
Just installed Fedora 14 from the Live CD i686 on my Dell Inspiron 1521. I can't connect to the SpeedTouch 585 on either wireless broadcom card or the wired Ethernet card.
I can connect to it from the same Laptop on the Vista which is on dual boot on the same laptop.
Further confusing is that I ran Fedora 14 and connected to another SpeedTouch today.
Already checked the Channel on the wireless nic and it's on the same one as the SpeedTouch.
I've been trying to set multiple IP my Fedora 14 but nothing seems to work. Upon browsing the net, I found there are two ways for it. One is eth0:0~eth0:n nd another is eth0-range0. All are configs under network-scripts. But neither of them worked for me. Even grabbing a working example from my live server doesn't do the trick (though the server is a CentOS 5.5).
Currently using eth0-range0 ONBOOT=yes IPADDR_START=192.168.1.127
I've got a co-worker who is trying to connect multiple devices to his wireless router - Xbox, Wii, TV, Dishnetwork box, etc. Not all of the devices are wireless however. He's had several thoughts on how to get this done and I know very little about this kind of thing so I thought I'd ask some of you.
His first thought was to buy a multi port bridge, but he doesn't like any of the ones he's seen so far.The other thought was to connect all of the devices to a switch and then use a single bridge, but he isn't sure if this would work.
I have question about the UNIX sockets. my goal is to connect multiple sockets from a single client to a single server and keep them open...I'm not sure if that is possible to create or not. Do you have any suggestion or an example of code?
I have searched for this quite a bit but my lack of knowledge of IPTables makes me doubt whether I have found a solution or not. I have very light experience with IPTables as well.So I thought I'd ask here.Basically, what I am trying to do is use an external transparent proxy for only one of the hosts on my internal network. For example, for an internal host of 192.168.1.8, I want to send all internet requests for ANY port to a proxy server out in the internet at 238.34.232.7 / port: 8080. All other hosts would use the internet without using any proxy server.
what I am trying to do is use an external transparent proxy for only one of the hosts on my internal network. For example, for an internal host of 192.168.1.8, I want to send all internet requests for ANY port to a proxy server out in the internet at 238.34.232.7 / port: 8080. All other hosts would use the internet without using any proxy server. Is IPTables the way to set this up or is there an easier option?
I know a fair amount about setting up a simple network but I'm curious about setting up a more complex topology...For example...A "box" has two NIC's acting as a bridge, normally this would involve two distinct networks (ie. 192.213... and 192.214...) is it possible that this physical set up can create a single network (192.213... 192.213...) resolving IP's from either a DCHP on the "box" or a DCHP server somewhere else on "one side of the box"likewise with differing physical network types, a "box" with a NIC and a TCP/IP over usb setup connected to another device with TCP/IP over usb (OTG/Gadget) so that all the IP's are on one logical network.
I'm installing Ubuntu to be used as an NFS storage server for my VMWare ESX servers. I've got a server that has two 2TB drives in it. The hardware raid controller isn't an option because it only sees up to 1TB of each drive. So, I'm trying to figure out to do this using either LVM or Parted. I don't know much about doing this, and LVM was the first thing I tried but it didn't seem to do much. It looks like it just created a smaller partition to install Ubuntu on. It didn't ask me what I wanted to do with the rest of the drive space. I've messed around with Parted and am not sure what to do, to be honest. I found a few blog posts but most started off assuming that I knew how to get to where they were starting from.
I have been working with Linux for about 10 years and I have a good understanding of IPv4 networking and routing but not so much detailed knowledge of implementation or specific networking packages.
I have a Linux system running a custom-built (Linux from Scratch) distribution and using 2.6.15 kernel. My system has 4 Ethernet controllers (eth0, eth1, eth2, and eth3). I have intentionally left out support for forwarding/routing of packets as this machine is not intended to be a router and I specifically do not want it to be able to so. My intent for the machine is to function as a server to 4 different and separate networks without allowing traffic or hosts on one LAN to access or adversely affect those on the other LANs.
My main question: is there a way to completely isolate the connections to these LANs and if so, how might I achieve it, and through what packages?
I have been having some issues:
1) Default gateway. With only a single default gateway, network requests from a LAN that is not directly connected to one of the 4 NICs and for which there may not be a static route defined, may send a response to the default gateway which is on one of the LANs connected to a different NIC than the one that I received the initial request on. Is there anyway to isolate outgoing messages to only go out on the NIC that the corresponding request was received through?
2) Default gateways. I have a requirement to allow DHCP on these interfaces. It is possible that the DCHP servers on each of the 4 LANs may provide a default gateway, but I don't see how I can make use of that. I know that there is a way to configure multiple default gateways via the iproute2 package (which is what I am using) but I don't know how to make sure that the correct default gateway is used for requests that were received on a specific interface.
I'm trying to set up a shared Internet connection that had been broken by a previous update, I believe. Eth0 is connected to the Internet, whereas eth2 should be the connection going to my Roku set-top box. Under the nm-applet icon, an entry exists for "Auto eth0" for the first card, but there is nothing under the second card except "disconnected". How do I make a connection entry under my eth2 card so that I can share my Internet connection with my Roku box?
