[SOLVED] Two IP addresses using one NIC. Possible?

catkin · 02-10-2010, 12:44 PM

Hello

Is it possible to configure two IP addresses using one NIC?

I'm implementing a VPN server on network 192.168.1.0, ultimately to be accessed over the Internet and through an ADSL router with port-forwarding to the server. Right now I'd like to test it on the LAN, but with the VPN client and server both on the 192.168.1.0 network, that test would not be be valid.

If I had a spare NIC I could put the server on both the 192.168.1.0 network and, say, a 10.0.0.0 network, configure the client on 10.0.0.0 and test. Not having a spare NIC, I'm wondering if it is possible to configure the server with two IP addresses using one NIC.

Virtualising hosts are able to do something similar when running guests with NICs in bridged mode. Log files show they switch eth0 into promiscuous mode.

In case it matters the server OS is Slackware 13.0.

Best

Charles

irmin · 02-10-2010, 12:51 PM

Yes you can: ifconfig <interface> add <address>

see ifconfig(8) for details.

catkin · 02-10-2010, 12:52 PM

Thanks irmin

That's helpful

EDIT: is it possible to make the change permanent?

jefro · 02-10-2010, 04:02 PM

Not all nic's support multiple ip addresses. I would guess that most modern one would.

http://www.slackware.com/config/network.php

I think if I were to run a test with VM's I'd setup the vm with local access. VM's tend to have a few options. Bridged, host, local and not connected are normal choices.

catkin · 02-10-2010, 11:51 PM

Quote:

Originally Posted by jefro

Not all nic's support multiple ip addresses. I would guess that most modern one would.

http://www.slackware.com/config/network.php

I think if I were to run a test with VM's I'd setup the vm with local access. VM's tend to have a few options. Bridged, host, local and not connected are normal choices.

Thanks jefro

For completeness ...

ifconfig eth0 add <address> worked to add another IP address, creating eth0:0. If a different broadcast and/or netmask is required for the new address it cannot be added at the same time (or it changes eth0, rather than eth0:0). The solution is to use two commands:

Code:

ifconfig eth0 add <address>
ifconfig eth0:0 netmask <netmask> broadcast <broadcast>

Regards configuring eth0:0 at boot time, Slackware's network initialisation script (/etc/rc.d/rc.inetd1) is not coded to do it. The purest way to configure eth0:0 at boot time would be to add the commands to /etc/rc.d/rc.local. Alternatively, to configure all the network at the same time, the commands could be added to /etc/rc.d/rc.M after calling rc.inetd1. An alternative is necessary if a network application dependent on eth0:0 is started before rc.local is run.

Whichever solution is chosen, it would be helpful to log to /var/log/messages or to console (maybe using /etc/rc.d/rc.inetd1's technique).

All of which was no help for my local VPN testing! The server started OK according to /var/log/openvpn:

Code:

Thu Feb 11 11:04:55 2010 OpenVPN 2.0.9 i486-slackware-linux [SSL] [LZO] [EPOLL] built on Jun 11 2007
Thu Feb 11 11:04:55 2010 TUN/TAP device tun0 opened
Thu Feb 11 11:04:55 2010 /sbin/ifconfig tun0 10.100.6.1 pointopoint 10.100.6.2 mtu 1500
Thu Feb 11 11:04:55 2010 UDPv4 link local (bound): 10.0.0.41:1194
Thu Feb 11 11:04:55 2010 UDPv4 link remote: [undef]
Thu Feb 11 11:04:55 2010 Initialization Sequence Completed

The client started trying to connect to the server but failed:

Code:

Thu Feb 11 11:05:15 2010 OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO] built on Oct  1 2006
Thu Feb 11 11:05:15 2010 MANAGEMENT: TCP Socket listening on 127.0.0.1:7505
Thu Feb 11 11:05:15 2010 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA.  OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Thu Feb 11 11:05:15 2010 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Thu Feb 11 11:05:15 2010 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Thu Feb 11 11:05:15 2010 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Thu Feb 11 11:05:15 2010 Local Options hash (VER=V4): '3514370b'
Thu Feb 11 11:05:15 2010 Expected Remote Options hash (VER=V4): '239669a8'
Thu Feb 11 11:05:15 2010 UDPv4 link local: [undef]
Thu Feb 11 11:05:15 2010 UDPv4 link remote: 10.0.0.41:1194
Thu Feb 11 11:05:16 2010 write UDPv4: Socket is not connected (WSAENOTCONN) (code=10057)
[above repeated many times until manually terminated]

The client's network configuration looks OK to me ("Ethernet adapter Local Area Connection 2" is waiting for the VPN connection):

Code:

Windows IP Configuration

        Host Name . . . . . . . . . . . . : cw8xp
        Primary Dns Suffix  . . . . . . . :
        Node Type . . . . . . . . . . . . : Unknown
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 2:

        Media State . . . . . . . . . . . : Media disconnected
        Description . . . . . . . . . . . : TAP-Win32 Adapter V8
        Physical Address. . . . . . . . . : 00-FF-EC-E8-A8-D1

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : AMD PCNET Family PCI Ethernet Adapter
        Physical Address. . . . . . . . . : 08-00-27-76-49-76
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 10.0.0.48
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 10.0.0.1
        DNS Servers . . . . . . . . . . . : 10.0.0.1
                                            85.10.213.4

Never mind, eh? It would have been nice to prove the VPN system worked locally before introducing the extra complexity of an independent Internet connection and ADSL router port-forwarding.