View previous topic :: View next topic |
Author |
Message |
huuan Apprentice
Joined: 19 Feb 2007 Posts: 265 Location: California
|
Posted: Mon Sep 23, 2013 9:56 pm Post subject: [solved] ip aliasing syntax with base layout-2 |
|
|
I am running an apache web server with several virtual hosts. Current;y it is using NameVirtualHost with a shared SSL cert.
I'd like to break out a couple of the vhosts to use a couple of extra IP addresses so that I can give those separate SSL certs.
The apache config seems straight-foward but I am baffled with the syntax of /etc/conf.d/net with base layout-2
I looked at the guide
http://www.gentoo.org/doc/en/openrc-migration.xml
but it has no clue as to the syntax for ip aliasing.
there is only one nic currently with a single ipaddress configured in /etc/conf.d/net as
Code: |
config_enp5s0="x.x.x.59 broadcast x.x.x.63 netmask 255.255.255.192"
routes_enp5s0="default via x.x.x.1"
modules_enp5s0="!dhcp"
|
I tried adding an ip alias like so:
Code: |
config_enp5s0="x.x.x.59 broadcast x.x.x.63 netmask 255.255.255.192"
routes_enp5s0="default via x.x.x.1"
config_enp5s0:1="x.x.x.121 broadcast x.x.x.127 netmask 255.255.255.192"
routes_enp5s0:1="default via x.x.x.65"
modules_enp5s0="!dhcp"
|
but checking status, before net restart) gives this error:
Code: |
config_enp5s0:1=x.x.x.121 broadcast x.x.x.127 netmask 255.255.255.192: command not found
|
and similarly for the second routes line.
I also tried concatenating the two lines (ignoring the default route) like so:
Code: |
config_enp5s0="x.x.x.59 broadcast x.x.x.63 netmask 255.255.255.192 x.x.x.121 broadcast x.x.x.127 netmask 255.255.255.192 "
|
but after restart only the second ip address was active
There's many other permutations and combinations I could try but I thought I'd ask here first.
If you can point me to a guide to the new syntax for base layout-2 network or suggest a different approach I'd appreciate it, thanks.
Last edited by huuan on Tue Sep 24, 2013 1:34 am; edited 1 time in total |
|
Back to top |
|
|
Hu Moderator
Joined: 06 Mar 2007 Posts: 21490
|
Posted: Mon Sep 23, 2013 10:33 pm Post subject: |
|
|
From openrc net.example.bz2: net.example.bz2: | # If you need more than one address, you can use something like this
# NOTE: ifconfig creates an aliased device for each extra IPv4 address
# (eth0:1, eth0:2, etc)
# iproute2 does not do this as there is no need to
# WARNING: You cannot mix multiple addresses on a line with other parameters!
#config_eth0="192.168.0.2/24 192.168.0.3/24 192.168.0.4/24"
# However, that only works with CIDR addresses, so you can't use netmask.
# If you need to pass parameters to go with an address, you can do so on the
# same line as the address. You should split multiple addresses with newlines.
# WARNING: You cannot mix multiple addresses on a line with other parameters!
#config_eth0="192.168.0.2/24 scope host
#4321:0:1:2:3:4:567:89ab/64 nodad home preferred_lft 0" |
|
|
Back to top |
|
|
huuan Apprentice
Joined: 19 Feb 2007 Posts: 265 Location: California
|
Posted: Mon Sep 23, 2013 11:44 pm Post subject: |
|
|
Thanks Hu.
I had read that several times but failed to understand what it was saying. I get it now.
looks like the broadcast address is no longer specified but is instead automatically allocated based on masks etc.
I managed to get a couple of ip addresses up at the same time but for some reason you can't set the order they come up as.
No matter if i say
config_enp0s9="x.x.x.121/26 x.x.x.55/26"
or
config_enp0s9="x.x.x.55/26 x.x.x.121/26"
ifconfig always shows .121 as the main one. But perhaps I am misreading the significance of the order in the output:
Code: |
# ifconfig
enp0s9: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet x.x.x.121 netmask 255.255.255.192 broadcast x.x.x.127
ether 00:1b:21:5f:6d:e0 txqueuelen 1000 (Ethernet)
RX packets 9522410 bytes 1812746741 (1.6 GiB)
RX errors 0 dropped 136661 overruns 0 frame 0
TX packets 1159228 bytes 886786967 (845.7 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
enp0s9:1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet x.x.x.55 netmask 255.255.255.192 broadcast x.x.x.63
ether 00:1b:21:5f:6d:e0 txqueuelen 1000 (Ethernet)
enp0s9:2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet x.x.x.127 netmask 255.255.255.192 broadcast x.x.x.127
ether 00:1b:21:5f:6d:e0 txqueuelen 1000 (Ethernet)
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 0 (Local Loopback)
RX packets 51894 bytes 8455146 (8.0 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 51894 bytes 8455146 (8.0 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
|
Notice also that a 3rd alias, set to one of the broadcast addresses, has appeared (enp0s9:2: ) which never showed when I used
a single ip. No clue if that matters.
I'm also not sure of the significance of which ip shows first. |
|
Back to top |
|
|
Hu Moderator
Joined: 06 Mar 2007 Posts: 21490
|
Posted: Mon Sep 23, 2013 11:57 pm Post subject: |
|
|
The presence of interface aliases suggests you are using ifconfig to configure them. You should use ip instead. As the comment in the example file notes, there is no need for alias interfaces, so iproute2 configures multiple addresses on a single interface. This may also address your issue with the broadcast alias. |
|
Back to top |
|
|
huuan Apprentice
Joined: 19 Feb 2007 Posts: 265 Location: California
|
Posted: Tue Sep 24, 2013 12:21 am Post subject: |
|
|
Thanks. ifconfig is what seemed to be installed by default.
I'll try emerging iproute2 soon as I can find why there is no longer any nameserver lucky I'm testing this on a backup system not production |
|
Back to top |
|
|
huuan Apprentice
Joined: 19 Feb 2007 Posts: 265 Location: California
|
Posted: Tue Sep 24, 2013 1:34 am Post subject: |
|
|
There seems to be a security network block on my IP/ethernet address at the local router so I can't get outside my local subnet on the backup server. Better to find this out now rather than right after a catastrophic failure of the production server when the backup would really be needed...
Not to worry. I took the bull by the horns and emerged iproute2 on the production server did a few tests then added the extra IP, restarted the network and the web server still works plus ip route shows both ip addresses.
Tomorrow I will try the extra SSL cert for the added IP
Thanks for your help. |
|
Back to top |
|
|
|