F19 - How to use alias network interface? how to add static routes?

Cristian Sava csava at central.ucv.ro
Tue May 21 09:20:57 UTC 2013 

On Tue, 2013-05-21 at 09:21 +0300, Cristian Sava wrote:
> Hi all,
> I need to have alias network interfaces.
> What is the desired way to do this in F19?
> 
> My actual setup (without alias):
> [root at physics sysconfig]# ls network-scripts/ifcfg-*
> network-scripts/ifcfg-enp4s0  network-scripts/ifcfg-enp5s0
> network-scripts/ifcfg-lo
> [root at physics sysconfig]# cat network-scripts/ifcfg-enp4s0
> TYPE=Ethernet
> #BOOTPROTO=dhcp
> BOOTPROTO=none
> DEFROUTE=yes
> IPV4_FAILURE_FATAL=no
> IPV6INIT=yes
> IPV6_AUTOCONF=yes
> IPV6_DEFROUTE=yes
> IPV6_PEERDNS=yes
> IPV6_PEERROUTES=yes
> IPV6_FAILURE_FATAL=no
> NAME=enp4s0
> UUID=4fd3476d-2423-4c26-99f9-28b5f6d18b05
> ONBOOT=yes
> HWADDR=00:08:54:41:46:01
> PEERDNS=yes
> PEERROUTES=yes
> IPADDR=172.16.0.1
> PREFIX=16
> [root at physics sysconfig]# cat network-scripts/ifcfg-enp5s0
> DOMAIN="central.ucv.ro"
> IPV6_PEERDNS="yes"
> IPV6INIT="yes"
> UUID="df0a5629-9f3f-4c85-a5c0-ad72e8bbbbf6"
> IPADDR0="193.x.y.130"
> DNS1="193.x.y.254"
> PREFIX0="26"
> DEFROUTE="yes"
> IPV4_FAILURE_FATAL="yes"
> HWADDR="00:25:22:F9:71:3D"
> BOOTPROTO="none"
> IPV6_DEFROUTE="yes"
> GATEWAY0="193.x.y.129"
> IPV6_AUTOCONF="yes"
> IPV6_FAILURE_FATAL="no"
> IPV6_PEERROUTES="yes"
> TYPE="Ethernet"
> ONBOOT="yes"
> NAME="enp5s0"
> [root at physics sysconfig]# cat iptables
> # Custom file edited on 15-May-2013
> *filter
> :INPUT ACCEPT [0:0]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [0:0]
> -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
> -A INPUT -p icmp -j ACCEPT
> -A INPUT -i lo -j ACCEPT
> -A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 22 -j ACCEPT
> -A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 25 -j ACCEPT
> -A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 80 -j ACCEPT
> -A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 110 -j ACCEPT
> -A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 143 -j ACCEPT
> -A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 443 -j ACCEPT
> #-A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 465 -j ACCEPT
> #-A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 587 -j ACCEPT
> #-A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 993 -j ACCEPT
> #-A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 995 -j ACCEPT
> -A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 2307 -j ACCEPT
> -A INPUT -p udp --dport 6277 -j ACCEPT
> -A INPUT -p udp --dport 24441 -j ACCEPT
> -A INPUT -j REJECT --reject-with icmp-host-prohibited
> -A FORWARD -j ACCEPT
> -A FORWARD -j REJECT --reject-with icmp-host-prohibited
> COMMIT
> # Completed on 2013-05-20 15:23
> *nat
> :PREROUTING ACCEPT [0:0]
> :POSTROUTING ACCEPT [0:0]
> :OUTPUT ACCEPT [0:0]
> -A POSTROUTING -s 172.16.0.0/16 -o p5p1 -j SNAT --to-source
> 193.231.40.130
> COMMIT
> [root at physics sysconfig]# route
> Kernel IP routing table
> Destination     Gateway         Genmask    Flags Metric  Ref  Use Iface
> default      g129.xxx.yyy    0.0.0.0         UG    0      0    0  p5p1
> 193.x.y.128  *               255.255.255.192 U     0      0    0  p5p1
> 172.16.0.0   *               255.255.0.0     U     0      0    0  p4p1
> [root at physics sysconfig]# 
> 
> I need some addresses from local to be accessible from outside, so alias
> interface is needed. Not any local device knows other than basic
> routing. That is why I need another subnet, so alias.
> Let's say 193.x.y.162 from (placed) local visible from outside. 
> (I can do it with F18/Centos, etc.)
> What is the desired/proposed way in F19?
> Using network instead NM failed (no name resolution) in my testing. Do I
> miss something? May I hope/wait for a fix in F19?
> Why the interface name is p5p1 and p4p1, different from ifcfg-enp5s0
> etc.? Is anywhere explained this?
> In F18 docs there was a promise to have to choose between firewalld and
> iptables, not implemented until now (can be manually done but it is not
> trivial for anyone).
> 
> C. Sava

Using this working setup, without graphical environment:
How do I add routes (without alias)? 

[root at physics network-scripts]# cat route-enp4s0
193.x.y.142/32 dev p4p1
193.x.y.143/32 dev p4p1

It is not working , nor renaming to route-p4p1
I want these addresses just behind p4p1 interface, no gateway between.
Equivalent to:

route add -host 193.x.y.142 dev p4p1

that is working ok on F19.
Back to rc.local?
What if I want bridging (but do not expect me to setup a kvm-qemu
virtual machine with F18/Centos to workaround this alias problem)?
Is this how F19-beta will be?

C. Sava

More information about the test mailing list