- Learn Linux
- Learn Electronics
- Raspberry Pi
- LPI certification
- News & Reviews
This tutorial works through an example of how IP aliasing can be used to provide multiple network addresses on a single physical interface. This demonstrates using IP version 4 addresses only.
Most distributions include IP aliasing compiled into the kernel. If that is not the case for your particular distro then you can load the module using the insmod command.
One reason for using this could be to make a computer look as though it is multiple computers, so for example you could have one server that is acting as both a gateway (router) and a DHCP server and DNS using 3 different IP addresses, perhaps with a future plan to use a hardware router and to move the functionality to seperate DNS and DHCP servers. Or indeed the opposite you could decide to replace the 3 different hardware devices with a single server to reduce the administration overhead.
In this case you can have 3 different addresses which are all on the same computer without having to install lots of physical network interfaces.
Another reason, which is the one I will use in this tutorial, is that you want to have the computer on two different logical network subnets whilst using a single physical interface. The reason I originally needed to do this is that I purchased a network device that comes pre-configured with an IP address on the 192.168.0.0/24 address range, but my linux machine is on the 192.168.1.0/24 address range. I therefore configured an alias so that I can connect to the new device to configure it onto my 192.168.1.0/24 network address.
The first step is to identify the port number of the current interface. This is done using the ifconfig file.
The relevant output in this case is:
eth1 Link encap:Ethernet HWaddr 00:0d:61:0b:d9:a0 inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::20d:61ff:fe0b:d9a0/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:213915 errors:0 dropped:0 overruns:0 frame:0 TX packets:211302 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:140569143 (134.0 MB) TX bytes:188664521 (179.9 MB) Interrupt:21 Base address:0xa000
We are using eth1 at the moment, so we will add an alias as eth1:1.
To add an alias IP address run
sudo ifconfig eth1:0 192.168.0.1
This creates an alias on eth1 with ip address 192.168.0.1. This will take the default network mask unless it is specified using the netmask option.
Thew new alias can be viewed using the ifconfig command.
eth1:0 Link encap:Ethernet HWaddr 00:0d:61:0b:d9:a0 inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 Interrupt:21 Base address:0xa000
Note that the hardware address (MAC address) HWaddr is the same as this is still the same physical interface showing that this is the same interface.
There are no interface statistics for the alias interface as these are included in the physical interface. To get per address statistics then accounting rules would need to be used through the iptables command.
A network route is automatically added to the routing table for the subnet with the interface included, but any additional routes will need to be added manually.
Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 ...
It should then be possible to access devices on the 192.168.0.0 network.
You may need to make changes to any firewall rules to allow access to the new network range. In my case I am running shorewall, which by default just uses the physical interface for it's rules. So a restart of shorewall and it worked. If a separate security policy is required for the new network then that needs to be configured explicitly in the firewall rules.
The commands run above will make the changes to a live system, but these will all be lost when the system reboots. The commands could be added to a script that is called during startup, but the correct solution is to add these to the appropriate network configuration files.
The following is for Ubuntu Linux. This may differ on different distros. If the /etc/network/interfaces file does not exist on your distro then you can just add the earlier commands into /etc/rc.d/rc.local or a similar startup file.
The port definition needs to go into the interfaces file as shown below:
iface eth1 inet static address 192.168.1.1 netmask 255.255.255.0 auto eth1 iface eth1:0 inet static address 192.168.0.1 netmask 255.255.255.0 auto eth1:0
The last 4 lines have been added for this interface. The other interfaces have been excluded from the screen-capture above.