[CentOS] Network configuration issue with second public ip on CentOS 6

Gordon Messmer gordon.messmer at gmail.com
Thu Dec 24 06:42:12 UTC 2015 

On 12/23/2015 06:06 AM, Meikel wrote:
> I want to add a second public ip (failover ip) to the server and did 
> follow the instructions in the CentOS-section of 
> http://hilfe.ovh.de/AdministrationIpAliasHinzufuegen

What you're attempting to do is called "multi-homed routing" and isn't 
covered very well by that document.  Try this one, or use Google to find 
another guide:
https://blogs.oracle.com/networking/entry/advance_routing_for_multi_homed

> After executing the required steps I'm not able to reach the host via 
> the second ip from an external host. I tried it with ping and with ssh 
> commands.

I expect that your host is receiving the ICMP request packets and 
responding.  The problem is the response.  The reply packet has the 
correct source and destination addresses, and the kernel must consult 
its routing table to determine how and where to send it. There is only 
one route back to the destination address (the address from which you 
pinged the system), and that is the default route. Your system sends the 
packet out that link, where it is probably dropped by an upstream router 
since it came from an address that they don't handle.

Your system needs both an additional default route, and rules to 
determine which route to use for which packets.  The above link will 
help you set up both.

> Here the content of the config files (I anonymized the server ip with 
> xx.xx.xx.xx and the failover ip with yy.yy.yy.yy):
>
> $ cat /etc/sysconfig/network
> NETWORKING=yes
> HOSTNAME=<name-of-my-host>
> NOZEROCONF=true
> GATEWAY=xx.xx.xx.254

Don't set GATEWAY here.

> $ cat /etc/sysconfig/network-scripts/ifcfg-eth0:0
> DEVICE=eth0:0
> BOOTPROTO=static
> IPADDR=yy.yy.yy.yy
> NETMASK=255.255.255.255
> ONBOOT=yes

As discussed, that's not a usable NETMASK.  You should ignore pretty 
much everything in the document you linked to.

> When I restart the network I get a message (two times) saying 
> "RTNETLINK answers: Operation not supported".

I'm pretty sure that those are the result of the bad NETMASK.

> IPv6 is disabled by kernel parameter "ipv6.disable=1" in /etc/grub.conf

I would discourage everyone from doing that.

> The two mac addresses I see for eth0 and eth0:0 with the "ifconfig" 
> command are the same. In the OVH/Soyoustart.com GUI I created a 
> virtual mac for the failover ip, I'm not sure if that virtual mac 
> should come into play somewhere?

I don't think there's any reason to have a virtual MAC.

More information about the CentOS mailing list