Correct setup of IPv4 addresses under CentOS/Fedora/RHEL
A Five Star Hosting server can only reach its gateway (and its locally configured) IP addresses directly. All other packets need to be routed via the default gateway. Consequently, a /32 network needs to be set up (for reasons of network security).
A wrong configuration (no /32 network) often goes undetected, because one rarely needs to be in direct contact with IPs in the same subnet. Without the configuration below, however, several hosts cannot be reached!
Important: Configuration via DHCP is also "wrong" or misleading in this respect, as only a "normal" and no point-to-point setup is possible (a 255.255.255.255 network mask does not work and no routes are set up, which makes it impossible to connect to the network).
Configuring a point-to-point connection
/etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
HWADDR=<MAC address>
ONBOOT=yes
BOOTPROTO=static
IPADDR=<IP address>
NETMASK=255.255.255.255
# potential additional IPv6 entries are harmless
|
Configuring routes
Set up /etc/sysconfig/network-scripts/route-eth0
ADDRESS0=0.0.0.0
NETMASK0=0.0.0.0
GATEWAY0=<Gateway IP>
|
After a network restart (eg. "/sbin/service network restart") all routes should be correctly set up.
Possible sources of error
If it is not possible to reach the server after configuring the abovementioned network settings, it is necessary to check whether the variable "GATEWAYDEV" has been set in /etc/sysconfig/network. This may be one reason for non-availability and is indicated by the error message "RTNETLINK answers: file exists" which appears after reloading the network settings.
Additional IP addresses (Host)
Setting up additional single IPv4 addresses
It is currently possible to obtain up to 3 additional single IPv4 addresses. Should further addresses be required, you may apply for a subnet.
The IP addresses can be temporarily used in two different ways:
1. ifconfig eth0:1 10.4.2.1 netmask 255.255.255.255
or
2. ip addr add 10.4.2.1/32 dev eth0
CentOS
A permanent configuration is only possible by default via alias interfaces (eth0:1, eth0:2 etc.). A file needs to be created for each IP address:
/etc/sysconfig/network-scripts/ifcfg-eth0:1
/etc/sysconfig/network-scripts/ifcfg-eth0:2
|
These files must include the following information:
DEVICE=eth0:1
BOOTPROTO=none
ONBOOT=yes
IPADDR=<IP Address>
NETMASK=255.255.255.255
|
Finally, a "service network restart" needs to be initiated or the server needs to be restarted ("client area").
Please note: A different configuration is needed for the use of IP addresses in virtual machines!
Fedora
For a permanent configuration the IP addresses can be added to the configuration file:
# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE="eth0"
...
IPADDR=192.0.2.1
NETMASK=255.255.255.240
IPADDR0=192.0.2.10 # Additional IP
PREFIX0=28
IPADDR1=192.0.2.11
PREFIX1=28
IPADDR2=...
|
Setting up additional IP subnets
Subnets are routed on a server's main IP. In general the first (Network IP) and the last (Broadcast IP) cannot be used. This leaves six usable addresses for a /29 subnet.
A /29 subnet consisting of 8 IP addresses will look like this:
aaa.aaa.aaa.aaa (Network IP)
bbb.bbb.bbb.bbb
ccc.ccc.ccc.ccc
ddd.ddd.ddd.ddd
eee.eee.eee.eee
fff.fff.fff.fff
ggg.ggg.ggg.ggg
hhh.hhh.hhh.hhh (Broadcast IP)
|
The IPs "b" to "g" can be used as single IPs. Alternatively, a file can be set up:
/etc/sysconfig/network-scripts/ifcfg-eth0-range0
IPADDR_START=<your first usable subnet IP>
IPADDR_END=<your last usable subnet IP>
BROADCAST=<broadcast address of your subnet>
CLONENUM_START=0
NETMASK=255.255.255.248 # the netmask for larger subnets is different
|
Restart the service network using "service network restart".
Setting up an additional IP subnet for virtualization
A different configuration is needed for the use of IP addresses in virtual machines. There are many possible configurations. One of the more straightforward ones is to setup a bridge device using one IP address of the subnet which serves as default gateway for all machines connected to the subnet.
Install bridge-utils
yum install bridge-utils
|
/etc/sysconfig/network-scripts/ifcfg-br0
DEVICE=br0
ONBOOT=yes
TYPE=Bridge
BOOTPROTO=none
IPADDR=bbb.bbb.bbb.bbb
NETMASK=255.255.255.248 # adjust this accordingly. This is for a /29 subnet
STP=off
DELAY=0
|
Setting up an IPv6 subnet
To add an IPv6 address to your interface, append the following lines to the /etc/sysconfig/network-scripts/ifcfg-eth0 file:
IPV6INIT=yes
IPV6ADDR=<your IPv6 address>/<prefix>
IPV6_DEFAULTGW=fe80::1
IPV6_DEFAULTDEV=eth0
|
The prefix assigned by Five Star Hosting is normally /64.
Optional: To add further IPv6 addresses to the interface, please append the file /etc/sysconfig/network-scripts/ifcfg-eth0 with the following line:
IPV6ADDR_SECONDARIES=<your additional IPv6 address>/<prefix>
|
Please note that it is possible for you to enter as many IPv6 addresses, separated by a space, as you wish.
Additional IP addresses (virtualization)
With virtualization the additional IP addresses are used through the guest system. So that these can be reached via the Internet, configuration in the host system needs to be adjusted accordingly in order to forward the packets. There are two ways of doing this for additional single IPs: Routed and Bridged.
Routed (brouter)
In a routed configuration the packets are routed. In addition to eth0 a bridge needs to be set up with almost the same configuration (without gateway) as eth0.
Host:
# /etc/sysconfig/network-scripts/ifcfg-eth0 (Five Star Hosting Standard Installation)
DEVICE=eth0
ONBOOT=yes
BOOTPROTO=none
IPADDR=<Main IP>
IPV6INIT=yes
IPV6ADDR=2a01:4f8:XXX:YYYY::2/128
IPV6_DEFAULTGW=fe80::1
IPV6_DEFAULTDEV=eth0
NETMASK=255.255.255.255
SCOPE="peer <Default GW>"
|
|
The configuration of eth0 for IPv4 remains unchanged if it is a standard installation via client area (the default gateway is entered in the file "route-eth0". See Configuring routes). For IPv6 the prefix is reduced from /64 to /128. The setting of the host routes for the additional IPv4 addresses is done via an additional configuration file:
# /etc/sysconfig/network-scripts/route-br0
ADDRESS0=<Additional IP>
NETMASK0=255.255.255.255
|
Further routes can be added in the same way via ADDRESS1, NETMASK1, ADDRESS2, NETMASK2, etc. For IPv6 no further configuration is required.
Guest:
# /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
ONBOOT=yes
BOOTPROTO=none
IPADDR=<Addon IP>
NETMASK=255.255.255.255
SCOPE="peer <Main IP>"
IPV6INIT=yes
IPV6ADDR=2a01:4f8:XXX:YYYY::4/64
IPV6_DEFAULTGW=2a01:4f8:XXX:YYYY::2
|
Bridged
In a bridged configuration, packets are sent directly. The guest system behaves as if independent. As this makes the MAC addresses of the guest system visible from the outside, a virtual MAC address needs to be requested for each single IP address via Five Star Hosting and assigned to the guest NIC.
# /etc/sysconfig/network-scripts/ifcfg-eth0
# device: eth0
DEVICE=eth0
BOOTPROTO=static
HWADDR=<MAC of the physical NIC>
ONBOOT=yes
BRIDGE=br0
|
|
The default route is set up via the additional route-eth0 configuration file. Simply rename it route-br0.
NOTICE: In this configuration the use of IPv6 is limited. The IPv6 subnet can be routed via Five Star Hosting to either the main IP address or ONE of the additional IP addresses. (or more precisely: to the IPv6 link local address, that is generated from the MAC address)
