Configuring static ip interfaces
If I only have one main/public IP and one private IP, can I remove the #eth0:0 section? (Also should I put the private IP info on # eth0:0 and remove # eth0:1?)
# The loopback interface
auto lo
iface lo inet loopback
# Configuration for eth0 and aliases
# This line ensures that the interface will be brought up during boot.
auto eth0 eth0:0 eth0:1
# eth0 - This is the main IP address that will be used for most outbound connections.
# The address, netmask and gateway are all necessary.
iface eth0 inet static
address 12.34.56.78
netmask 255.255.255.0
gateway 12.34.56.1
# eth0:0
# This is a second public IP address.
iface eth0:0 inet static
address 34.56.78.90
netmask 255.255.255.0
# eth0:1 - Private IPs have no gateway (they are not publicly routable) so all you need to
# specify is the address and netmask.
iface eth0:1 inet static
address 192.168.133.234
netmask 255.255.128.0
6 Replies
@retrograde inversion:
In your scenario you would have one IP on eth0 and one IP on a network alias (either eth0:0 or eth0:1, pick one and use it, you don't need the other).
Thanks!
1 - With one mysql linode and one web server linode, do I need to add the private IP of both of them, as mentioned below, in the host files on both linodes?
2 - If I added another web server linode to the mix, would I then need to go back into all 3 hosts files and update them? Confused about why web server A would need to know about web server B. Or maybe I would just have to add the additional webserver private IP to the mysql server's host file and add, then add the mysql private ip to the dditional webserver's host file. This makes more sense.
3 - In the example below, does "mysql.example.com" and "app.example.com" need to have a DNS entry, or can they be ignored if I plan on just using "mysql"?
Edit /etc/hosts
You will want to create hostnames for each machine so you can keep track of them later. This also saves work, should you find yourself in a situation where you need to change the IP address of the server. Edit the /etc/hosts file to include the private IP addresses of each Linode. Use the following excerpt from an example /etc/hosts file as an example:
File:/etc/hosts
127.0.0.1 localhost
192.168.192.168 mysql.example.com mysql
192.168.192.169 app.example.com app
Example:
-A INPUT -p tcp -m tcp --dport 3306 -j ACCEPT
# Allow established connections for both public and private connections
-A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
You should be aware that the iptables rule you gave:
-A INPUT -p tcp -m tcp --dport 3306 -j ACCEPT
would cause connections to be accepted to dst port 3306 on all IPs, public or private. You can specify a destination IP by using the -d switch, something like this:
-A INPUT -d 192.168.xxx.xxx -p tcp -m tcp --dport 3306 -j ACCEPT
That would cause that rule to only allow incoming connections to tcp port 3306 on that particular IP address to be accepted. This assumes that you have a rule afterward somewhere in the INPUT chain, or a policy set on the INPUT chain, to drop everything else that you don't specify…