[Firehol-support] Routing between virtual interfaces
Carlos Rodrigues
cefrodrigues at gmail.com
Fri Jan 23 19:18:28 CET 2009
On Fri, Jan 23, 2009 at 5:59 PM, M. O. <mofog at hotmail.com> wrote:
> Are there known issues or some kind of traps to watch out for when
> configuring routing between virtual interfaces? What makes me curious is
> that "route" doesn't seem to be aware of virtual interfaces at all -- it
> calls everything "eth0" instead of "eth0:1" and so on.
That's because, AFAIK, interfaces with multiple IP addresses (either
in the same subnet or not) are the same interface: "eth0:1" is really
just an extra address for "eth0", not an interface.
I think extra addresses for an interface get a virtual interface name
just because the "ifconfig" command requires it. If you add an extra
address with the "ip" command, there is no need for that name and
everything works exactly the same (except it won't be visible with
"ifconfig").
If you really need virtual interfaces over the same physical
interface, you should consider using VLANs. Unlike Windows, having an
host interface in multiple VLANs is supported for all ethernet cards.
How you do this will depend on your particular distribution. For
example, in Debian-based distributions, it is as simple as giving a
particular name to an interface in "/etc/network/interfaces" (eg:
"eth0.2" automatically means the VLAN with ID "2" over the "eth0"
interface). Anyway, whichever the distribution, a virtual interface
for a particular VLAN will only see traffic for that particular VLAN
and will be seen by the rest of the system (including routing) as a
real interface (the physical interface, "ethX", will always see
traffic for _all_ VLANs on the link).
Regards,
--
Carlos Rodrigues
More information about the Firehol-support
mailing list