All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Added an entire /28 IPv4 block but only first IP is usable...
I have a VMWare ESXI 6.0 server and created a Debian installation which I upgraded to Debian 10, I was recently assigned a /29 and I would like to add this block to this VM, so here is what I did:
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
allow-hotplug eth0
iface eth0 inet static
address 74.first.ip.addr
netmask 255.255.255.240
gateway 74.first.ip.gateway
up ip addr add 198.second.ip.addr/28 dev $IFACE label $IFACE:0
down ip addr del 198.second.ip.addr/28 dev $IFACE label $IFACE:0
Obviously the first.ip.addr and second.ip.addr are all numbers.
I restarted networking and rebooted the server as well.
And now this is my ifconfig:
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 74.first.ip.addr netmask 255.255.255.240 broadcast 74.first.ip.broadcast
inet6 fe80::blah blah prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:f5:bd:45 txqueuelen 1000 (Ethernet)
RX packets 86169 bytes 5560187 (5.3 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 6631 bytes 745565 (728.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth0:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 198.second.ip.addr netmask 255.255.255.240 broadcast 0.0.0.0
ether 00:0c:29:f5:bd:45 txqueuelen 1000 (Ethernet)
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 56431 bytes 4541182 (4.3 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 56431 bytes 4541182 (4.3 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
So...all good....
Interestingly I am now able to ping to the 74.first.ip.addr as well as 198.second.ip.addr and hostname -I also only shows the two IP address.
And pinging any other address within the /28 range returns "destination unreacheable" error, for example:
ping 198.second.ip.addr+1
PING 198.second.ip.addr+1(198.second.ip.addr+1) 56(84) bytes of data.
From 198.second.ip.addr icmp_seq=1 Destination Host Unreachable
From 198.second.ip.addr icmp_seq=2 Destination Host Unreachable
From 198.second.ip.addr icmp_seq=3 Destination Host Unreachable
From 198.second.ip.addr icmp_seq=4 Destination Host Unreachable
From 198.second.ip.addr icmp_seq=5 Destination Host Unreachable
From 198.second.ip.addr icmp_seq=6 Destination Host Unreachable
^C
--- 198.second.ip.addr+1 ping statistics ---
8 packets transmitted, 0 received, +6 errors, 100% packet loss, time 161ms
pipe 4
Note that even though I was pinging 198.second.ip.addr+1, the response is still from 198.second.ip.addr.
I tried to create the auto eth0:0 block and specify everything like eth0 minus gateway...and had no luck as well.
Not sure how I can troubleshoot this further, any suggestions?
Comments
you added the single ip
you have to individually add each ip the /28 is just to denote what the block size is .
^ What @hzr said, they have to be added as /32 individual host addresses to work.
Each additional "sub" interface address would be as follows, and just make as many as you need to use all the IPs in the /28 (16). And of course only the primary address needs the gateway:
No, you add them as /28s. The netmask is autodetermined from the /28 portion.
Alternatively, you can use the AnyIP trick to bind a whole subnet to your machine with a single command.
https://blog.widodh.nl/2016/04/anyip-bind-a-whole-subnet-to-your-linux-machine/
Thanks, so if I understand you correctly, this means setting a netmask value in the first.ip.addr and setting /28 to the second.ip.addr doesn't really matter (i.e., I can put 255.255.255.0 or /24 just for fun and it will still work) and I will have to add each IP individually to eth0:1-eth0:x blocks?
Is that correct?
This seems only allow local bindings?
If you are trying to add the whole subnet to a single VM then yes you can try to add individual IPs to eth0:1 to eth0:x
It should work
Which is what you're trying to achieve.
Usually people use post-up and post-down ip -4 add.
Please familiarise yourself what does netmask do in networks.
And no - it won’t work correctly.
also, this is why i like netplan's format a lot better than /etc/network/interfaces.
it depends horribly on what kind of weird routing (I think OVH wants a /32, with gateway set to your public IP? for failover IPs), but in 99% of use cases, you need the correct netmask.
if you have 10.0.0.0 + 255.255.255.0 in the old-style, modern OS just ask you to put in 10.0.0.1/24 and it will extract the netmask out of your cidr - 10.0.0.35/24 can't physically have .1 be the start of a sane /24 for example.
Op needs to confirm /28 or /29. One should be. 240 and one .248, but both show 255.255.255.240. So not sure if /29 is typo or not. My guess is typo in like the worst f'n way.
it is a /28, /29 was a typo, tried to correct it but I think I have passed the time that I can make corrections.