Debian 12 VM install with two nics and two ips

[koolandrew]

Most of the posts related to this deal with the VE setup. I am installing an application on debian which requires two nics and two separate ip addresses. i have two ips on the same subnet and vlan from the proxmox ve but i have tried several times without success. I am not an expert, and some may say it is a debian issue, but the difference would be obviously that debian on bare metal would have two nic cards and two cables. Hopefully someone can post a solution. thanks!

 

[news]

Please read the proxmox network manual and show us your result. And why 2 ips on the same subnet? What about the default route for that subnet?

 

[koolandrew]

P0

Most of the posts related to this deal with the VE setup. I am installing an application on debian which requires two nics and two separate ip addresses. i have two ips on the same subnet and vlan from the proxmox ve but i have tried several times without success. I am not an expert, and some may say it is a debian issue, but the difference would be obviously that debian on bare metal would have two nic cards and two cables. Hopefully someone can post a solution. thanks!

Please read the proxmox network manual and show us yor result. And why 2 ips on the same subnet? What about the default route for that subnet?

Please read the proxmox network manual and show us yor result.----------------not sure what you mean here. Here is the setup for the vm.

o

00:00:00:00:00:00

127.0.0.1/8 ::1/128​

ens18

bc:24:11:21:88:4a

98.xxx.xxx.121/27 fe80::be24:11ff:fe21:884a/64​

ens19

bc:24:11:db:50:68

98.xxx.xxx.122/32 fe80::be24:11ff:fedb:5068/64​

ip route show
default via 98.xxx.xxxx.126 dev ens18 onlink
98.xxx.xxx.96/27 dev ens18 proto kernel scope link src 98.xxx.xxx.121

The gw 98.xxx.xxx.126 is pingable from both ips, but 8.8.8.8 is only pingable from .121.

i dont want to do this, the application requires two public ips for port 5060, one for its clients, and one for its proxy. I didnt design it.

I know you are annoyed by this request, so i am doing my best.

 

[SteveITS]

Two NICs not two IPs? A second IP just gets its own section with the same interface:

iface ens18 inet static
address 1.2.3.4/27

The mask on your .122 is probably meant to be /27 so it can talk to its subnet...?

Only one should have a gateway though.

 

[koolandrew]

There are two nics and two ips, i am not sure what you mean. i just changed the mask on .122 to /27 , restarted networking, and no change

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug ens18
iface ens18 inet static
address 98.158.xxx.xxx/27
gateway 98.xxx.xxx.126
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 1.1.1.1 8.8.8.8
dns-search xxxx.com
# Second NIC (no gateway!)
auto ens19
iface ens19 inet static
address 98.xxx.xxx.122/27
# broadcast 98.xxx.xxx.127

 

[SteveITS]

I just think it would be a lot simpler if you could use one NIC and two IPs. A packet from the Internet incoming on .122 would need to reply out the gateway which is the other NIC, right? I don't think that would normally be allowed... Seems like the app support would need to explain the usage if they are being that specific. Or maybe they assume the two NICs are on two different subnets.

 

[koolandrew]

Thanks SteveITS...you are probably right, and they dont specify two different subnets, only two public ips......I could use a different subnet, i guess and try that...but i have seen many examples of two ips one nic...so i am not sure if we specific parc of the application to the ip, that it would care if it was one nic or two?

 

[SteveITS]

I would expect two NICs is WAN and LAN but ¯\_(ツ)_/¯

 

[BobhWasatch]

Two IP's on the same subnet is usually a recipe for trouble. It does odd things you might not expect.

What kind of software is this? Some kind of proxy? If so, it is likely expecting two different subnets so that packets can be sent between them.

ETA: Depending on why you are doing this there might be a better way. For example, if you are just testing some things and don't necessarily need Internet access, you can connect up multiple VM's in the required configuration. Since you are using vlan's already you can create a couple for this project and assign different subnets to each.

 

[guruevi]

The subnet specifications you should get from your IP provider, you can’t just willy nilly change them. If the IP are both in the same subnet, you can receive traffic on both interfaces, but traffic will always be sent out the interface with the default route if it is not for a subnet intended for the network it is attached to. Thus, Internet traffic or network traffic for a particular IP will always go out the same interface, if a packet came in the other interface, and then responses get sent over the other with another IP, these days a lot of routers and servers will not accept (because they sent traffic from one IP, they do not expect it back from any other one, NAT breaks etc).

You can have multiple IPs and even multiple NIC, but software doesn’t care about whether the OS is having multiple NIC, none at all or how the traffic flows. If you need 2 different IP to attach the same port to different applications, then that is possible but for simplicity they should go out the same NIC if the two networks are the same (otherwise you basically have to set up a multi homed router)

Therefore I think there is a misunderstanding in what your application needs and how to accomplish that.