F19 - How to use alias network interface?

Tue May 21 07:03:46 UTC 2013

Hi all,
I need to have alias network interfaces.
What is the desired way to do this in F19?

My actual setup (without alias):
[root at physics sysconfig]# ls network-scripts/ifcfg-*
network-scripts/ifcfg-enp4s0  network-scripts/ifcfg-enp5s0
network-scripts/ifcfg-lo
[root at physics sysconfig]# cat network-scripts/ifcfg-enp4s0
TYPE=Ethernet
#BOOTPROTO=dhcp
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_FAILURE_FATAL=no
NAME=enp4s0
UUID=4fd3476d-2423-4c26-99f9-28b5f6d18b05
ONBOOT=yes
HWADDR=00:08:54:41:46:01
PEERDNS=yes
PEERROUTES=yes
IPADDR=172.16.0.1
PREFIX=16
[root at physics sysconfig]# cat network-scripts/ifcfg-enp5s0
DOMAIN="central.ucv.ro"
IPV6_PEERDNS="yes"
IPV6INIT="yes"
UUID="df0a5629-9f3f-4c85-a5c0-ad72e8bbbbf6"
IPADDR0="193.x.y.130"
DNS1="193.x.y.254"
PREFIX0="26"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="yes"
HWADDR="00:25:22:F9:71:3D"
BOOTPROTO="none"
IPV6_DEFROUTE="yes"
GATEWAY0="193.x.y.129"
IPV6_AUTOCONF="yes"
IPV6_FAILURE_FATAL="no"
IPV6_PEERROUTES="yes"
TYPE="Ethernet"
ONBOOT="yes"
NAME="enp5s0"
[root at physics sysconfig]# cat iptables
# Custom file edited on 15-May-2013
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 25 -j ACCEPT
-A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 110 -j ACCEPT
-A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 143 -j ACCEPT
-A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 443 -j ACCEPT
#-A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 465 -j ACCEPT
#-A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 587 -j ACCEPT
#-A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 993 -j ACCEPT
#-A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 995 -j ACCEPT
-A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 2307 -j ACCEPT
-A INPUT -p udp --dport 6277 -j ACCEPT
-A INPUT -p udp --dport 24441 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j ACCEPT
#-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on 2013-05-20 15:23
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A POSTROUTING -s 172.16.0.0/16 -o p5p1 -j SNAT --to-source
193.x.y.130
COMMIT
[root at physics sysconfig]# route
Kernel IP routing table
Destination     Gateway         Genmask    Flags Metric  Ref  Use Iface
default      g129.xxx.yyy    0.0.0.0         UG    0      0    0  p5p1
193.x.y.128  *               255.255.255.192 U     0      0    0  p5p1
172.16.0.0   *               255.255.0.0     U     0      0    0  p4p1
[root at physics sysconfig]# 

I need some addresses from local to be accessible from outside, so alias
interface is needed. Not any local device knows other than basic
routing. That is why I need another subnet, so alias.
Let's say 193.x.y.162 from (placed) local visible from outside. 
(I can do it with F18/Centos, etc.)
What is the desired/proposed way in F19?
Using network instead NM failed (no name resolution) in my testing. Do I
miss something? May I hope/wait for a fix in F19?
Why the interface name is p5p1 and p4p1, different from ifcfg-enp5s0
etc.? Is anywhere explained this?
In F18 docs there was a promise to have to choose between firewalld and
iptables, not implemented until now (can be manually done but it is not
trivial for anyone).

C. Sava