multiple IP's on a single NIC

[torchZ06]

an EE friend of mine was telling me about how the formal spec for ethernet states that you can have multiple IP addresses per a single MAC (ethernet) address. i took this to mean that you could have a network card in your computer set-up to respond to different IP addresses.... which seems counter intuitive to me as i always thought the world was flat and each MAC corresponded to a single (albeit changeable) IP address.

i did a search and saw you can say stuff like:

[br0mGreV]

OK , here is a handmade example on how to use this feature :

imagine a that your gentoo-box (192.168.0.1) is supposed to analyse somehow what is sent from one particular machine (suspected of having viruses). But for some reasons, you have only one NIC on your server. By emulating a new ip to this gentoo-box (suppose 192.168.2.1), you can get your "infected computer" virtualy appart the network by configuring it 192.168.2.10, and your gentoo-box can be configured as a router to the normal network.

With this feature, you can make lots of virtual networks on a unique physical network. The protection scheme is realy weak (you can easily change on client IP to set from one network (192.168.0.0/24) to another one (192.168.2.0/24) but when clients and servers are secured enough, it helps n etwork designer to understand better which computer each which company, and easily reaffect one computer, without taking care of the geographical location of this computer.

(Not sur it's really understandable .... lol )
_________________
Rien n'est éternel, pas même les problèmes...

[MadOtis]

It's called 'multi-homing' the interface. I have 4 ip addresses set up on one of my servers. What I use it for is to segregate web sites (and a few other services). Using a 'web' example, I can tell apache to listen on a specific IP address and give a set content (i.e., www.fredco.com) and have a second IP to handle other addresses, like www.uselesswebsite.info. I use them for segregation of content, so I don't have to do something like 'www.mydomain.com/~fredco' or 'www.mydomain.com/~uselesswebsite.

You can also set up a virtual network router using it as well... one IP address is open to the internet while the other is only available to the private network. Of course, there should be some routing and/or firewall software between the two.

HTH,
Randy

[Ox-]

At home I use this because I have an old netgear gateway router. When my gentoo box starts up I have to use DHCP because I need to get dns info etc., but I also want a static IP so that other machines on the LAN can ssh in, etc.

At work we use it for load-balancing and high availability. We have say 4 boxes facing the public internet with static ip addresses. Then we have 8 "virtual ips" that get assigned to those 4 boxes. Our dns resolves "service.domain.com" to one of those 8 virtual ips using round-robin. That way if one of the 4 boxes goes down, the other 3 can pick up the virtual ips from the crashed box and continue servicing requests.

In other words, DNS round-robin is a nice cheap way of doing load balancing, but it suffers a problem if one of the machines crashes. People who resolved to the address of the crashed machine won't get any response. By resolving to virtual ips and reassigning them on a crash people will still get a response (without having to wait hours for a DNS change to filter through the net).

This process can be automated. The O'Reilly book "Linux Server Hacks" has a nice recipe "#63. Cheap IP Takeover" that uses a bash script to ping all your hosts and reassign ip's if one of them crashes.

An even better solution though is to use a project called Wackamole which works by each host sending a multicast UDP packet to the network. If a machine crashes and no longer broadcasts then the rest of the machines in the cluster negotiate to see who will take over the orphaned ip's. This solution uses less network bandwidth than constant pinging and results in very fast takeover after a crash (usually less than one second in my experience).