Which Network Type for multiple public IP on 1 NIC

K

karlos

Renowned Member
Apr 11, 2010
52
0
71
Hi all,
The default network config works fine with a Vultr VPS and NAT:

Code: 
iface ens3 inet manual

auto vmbr0
iface vmbr0 inet static
    address 202.111.81.143/23
    gateway 202.111.80.1
    bridge-ports ens3
    bridge-stp off
    bridge-fd 0

auto vmbr1
iface vmbr1 inet static
    address 10.0.0.1/24
    bridge-ports none
    bridge-stp off
    bridge-fd 0
    post-up echo 1 > /proc/sys/net/ipv4/ip_forward
    post-up iptables -t nat -A POSTROUTING -s '10.0.0.0/24' -o vmbr0 -j MASQUERADE
    post-down iptables -t nat -D POSTROUTING -s '10.0.0.0/24' -o vmbr0 -j MASQUERADE
#port forwards
    post-up iptables -t nat -A PREROUTING -i vmbr0 -p udp --dport 53 -j DNAT --to 10.0.0.20:53
    post-down iptables -t nat -D PREROUTING -i vmbr0 -p udp --dport 53 -j DNAT --to 10.0.0.20:53

But how do I add a second public IP too this config or must I use the routed method like this(with the vmbr0 being the second public IP)?

Code: 
auto ens3
iface ens3 inet static
        address  198.51.100.5
        netmask  255.255.255.0
        gateway  198.51.100.1
        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up echo 1 > /proc/sys/net/ipv4/conf/ens3/proxy_arp


auto vmbr0
iface vmbr0 inet static
        address  203.0.113.17
        netmask  255.255.255.248
        bridge_ports none
        bridge_stp off
        bridge_fd 0
 
Last edited:
you can add it like this

Code: 
auto vmbr0
iface vmbr0 inet static
    address 202.111.81.143/23
    gateway 202.111.80.1
    bridge-ports ens3
    bridge-stp off
    bridge-fd 0
up ip addr add 4.4.4.4/32 dev vmbr0
down ip addr del 4.4.4.4/32 dev vmbr0
 
Thanks for that,

I need an interface for the second IP so I can point containers too it though
 
answer is:

auto vmbr10
iface vmbr10 inet static
address 10.0.1.1
netmask 255.255.255.0
bridge-ports none
bridge-stp off
bridge-fd 0

# Enable ip forwarding on the Host OS
post-up echo 1 > /proc/sys/net/ipv4/ip_forward

# Create POST/PREROUTING rules on interface up
post-up iptables -t nat -A PREROUTING -s 10.0.1.0/24 -i vmbr0 -j DNAT --to 139.180.163.21
post-up iptables -t nat -A POSTROUTING -s 10.0.1.0/24 -o vmbr0 -j SNAT --to-source 139.180.163.21
post-up iptables -t nat -A POSTROUTING -s '10.0.1.0/24' -o vmbr0 -j MASQUERADE
# Remove POST/PREROUTING rules on interface down
post-down iptables -t nat -D PREROUTING -s 10.0.1.0/24 -i vmbr0 -j DNAT --to 139.180.163.21
post-down iptables -t nat -D POSTROUTING -s 10.0.1.0/24 -o vmbr0 -j SNAT --to-source 139.180.163.21
post-down iptables -t nat -D POSTROUTING -s '10.0.1.0/24' -o vmbr0 -j MASQUERADE

# Forward port on -d public IP to 10.0.1.2
post-down iptables -t nat -D PREROUTING -d 139.180.163.21 -i vmbr0 -p tcp --dport 53 -j DNAT --to 10.0.1.2:53
post-up iptables -t nat -A PREROUTING -d 139.180.163.21 -i vmbr0 -p tcp --dport 53 -j DNAT --to 10.0.1.2:53
 
You must log in or register to reply here.
Top Bottom