Web lists-archives.com

Re: How does one create virtual ethernet devices with modern tools on Debian 8 (jessie)?




On Fri, Aug 25, 2017 at 09:26 Sven Hartge <sven@xxxxxxxxxxxxx> wrote:
>
> Tom Browder <tom.browder@xxxxxxxxx> wrote:
>
> Before we start:
>
> "virtual ethernet devices" are something totally different than you are
> doing here. You just want to put multiple IP addresses on one interface.
>
> "virtual ethernet devices" are for example used with virtualization or
> docker, to connect an isolated VM or container through the host to the
> network.
>
> > Although not yet implemented (for fear of messing my remote host up),
> > the following has been recommended:
...
> > # The primary network interface
> > allow-hotplug eth0
> > auto eth
>
> One of "allow-hotplug" or "auto", not both

Any preference for either line?

> And you have a typo there, it should read "auto eth0".

Good catch on the typo!

> > iface eth0 inet6 static
> >         address 2604:4300:a:95::2
> >         netmask ffff:ffff:ffff:ffff::
> >         gateway 2604:4300:a:95::1
> >         dns-nameservers 192.187.107.16 69.30.209.16
>
> No need to duplicate the nameservers. Also this line only gets used if
> you use the package "resolvconf". On servers with static IP
> configuration I usually get rid of this mechanism and set the
> nameservers myself in /etc/resolv.conf

Ah!  That's good advice.

> > iface eth0 inet6 static
> >         address 2604:4300:a:95::6
>
> Yes, everything is fine.
>
> Side note: I'd truly randomize the IPv6 addresses, so the subnet is not
> as easily scannable from the outside.

Also good advice.

Thanks, Sven, very helpful.  Can you recommend a good modern book on networking?

> > So how does one do the same thing with "modern" tools?
>
> I don't understand the question. Do you mean "systemd-networkd"?

I'm indirectly referencing a long-running thread on this list about
using ifconfig versus "modern" tools for viewing the current
interfaces setup.

And just how does one restart the new interfaces with systemctl?

If I mess something up, is there any way to ssh into the remote system?

Thanks very much for all your help!

Best,

-Tom