> Hello, > > I'm trying to set up IP aliases within a QEMU/KVM guest on CentOS 5.5 > x86_64, going through a bridged virtualized interface. > > The virtualized interface in the guest is configured as follow: > > # ifcfg-eth1 > > DEVICE=eth1 > BOOTPROTO=none > PEERDNS=yes > GATEWAY=IP.OF.HOST.GATEWAY > HWADDR=11:11:11:11:11:11 > IPADDR=IP.OF.GUEST.ETH1 > NETMASK=255.255.255.255 > ONBOOT=yes > ARP=yes > USERCTL=no > IPV6INIT=no > > # route-eth1 > > IP.OF.HOST.GATEWAY dev eth1 > default via IP.OF.HOST.GATEWAY dev eth1 > > This is the configuration recommended by the provider (OVH) after a > virtual MAC address has been allocated for IP.OF.GUEST.ETH1: > http://help.ovh.com/BridgeClient > > It works fine for virtual interfaces added via libvirt/QEMU. On first reading I thought eth1 would have been your second interface within the guest, besides eth0. Meanwhile I think you just skipped eth0. That is because you can have just 1 default route. The OVH document does not describe a setup for a 2nd interface. Well, even for the 1st interface some settings are strange / unnecessary. Especially when dealing with more than 1 interface, do NOT set the GATEWAY in ifcfg-ethX. By principle always set GATEWAY (in your case GATEWAY=x.y.z.254) in /etc/sysconfig/network. Thus you do not need the route-ethX configuration file, defining a network and a default route. All that is done automatically. If you would have more than 1 interface (the OVH doc does not indicate to be written for such a case, neither notes explicitly to give problems in that case), then following the OVH doc gives you trouble. > But when I try to configure an IP alias on another IP address aliasing > a virtualized interface, as per the instructions from > http://help.ovh.co.uk/IpAlias (and after assigning it a virtual mac > just like for eth1) : > > # ifcfg-eth1:1 > > DEVICE=eth1:1 > BOOTPROTO=none > PEERDNS=yes > GATEWAY=IP.OF.HOST.GATEWAY > HWADDR=22:22:22:22:22:22 An aliases interface does not have an own MAC, it is physically the same MAC as the primary interface. > IPADDR=IP.OF.GUEST.ETH1:1 > NETMASK=255.255.255.255 > ONBOOT=yes > ARP=yes > USERCTL=no > IPV6INIT=no > > I get the following error when restarting the network: > > SIOCADDRT: Network is unreachable You created a route-eth1:1 file? > and IP.OF.GUEST.ETH1:1 is: > - pingable from the same guest > - not pingable from other guests by the same provider > - not pingable from outside The network infrastructure of the hoster must permit the IP address used to come from MAC of your system. > Setting > BOOTPROTO=static > or commenting out > #GATEWAY=IP.OF.HOST.GATEWAY > or setting: > NETMASK=255.255.255.252 > (the IP block was a /30, but I don't think that has something to do here) > > did not change the behavior. The netmask of 255.255.255.255 is given by intention because of the network layout of your hoster. > I'll be interested to hear from experiences with setting IP alias from > within a guest. > Maybe my problem is due to the configuration of the provider network > and it is actually impossible to use IP aliases on virtualized > interfaces. Yes, as said, the security design of the hoster must permit the use of defined IPs bound with a dedicated MAC. Ask you hoster. You can add additional IPs to virtualized interfaces - either by definining aliased devices or by adding IPs with the help of "ip addr add" - but that does not mean they are usable automatically. It is a matter of security in a hosting / virtualized hosting environment. > Any opinion/idea welcome! > > Mathieu Alexander