Problem with primary and secondary IP address on RHEL7
Linux - EnterpriseThis forum is for all items relating to using Linux in the Enterprise.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Problem with primary and secondary IP address on RHEL7
I'm using NetworkManager service (network service is stopped)
I'm trying to add a secondary IP address to RHEL7 connection.
First I create connection like this:
nmcli con add con-name enp0s4 ifname enp0 autoconnect no type ethernet ip4 10.1.212.122/24 gw4 10.1.212.1
after that i start connection like this:
nmcli con up enp0s4
Then I add new IP on connection 'enp0s4' like this:
nmcli con mod enp0s4 +ipv4.addresses 10.1.212.120/24 and restart with 'nmcli con up enp0s4'
After I list with 'ip a' it shows that my secondary IP address is 10.1.212.122 and 10.1.212.120 is primary!
How I can force RHEL7 to set my 10.1.212.122 as primary IP address ?
Thinking of it I have never heard of primary and secondary IP addresses. What is it? Granted, you can have more than one IP address, and you can configure your daemons (or shall I say services in systemd language?) to listen on certain addresses, but primary and secondary?
asmoljo, intriguing problem. I've been playing with this for a while now, and haven't found a solution yet, sorry...
One approach I've been trying is to specify all the addresses when creating the connection, in one step:
Code:
sudo nmcli con add con-name test1 ifname br0 autoconnect no type bridge ip4 "10.1.212.122/24,10.1.212.120/24"
The order in which I specify the addresses seems to make no difference, though - looks like NM sorts them first, and the lowest number IP becomes primary.
Emerson, as far as I know, the first IP on an interface is referred to as the "primary", while others are secondary. The "ip a" output actually says "secondary" where appropriate:
Code:
12: br0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
link/ether 4a:ae:94:73:59:5d brd ff:ff:ff:ff:ff:ff
inet 10.1.212.118/24 brd 10.1.212.255 scope global br0
valid_lft forever preferred_lft forever
inet 10.1.212.120/24 brd 10.1.212.255 scope global secondary br0
valid_lft forever preferred_lft forever
inet 10.1.212.122/24 brd 10.1.212.255 scope global secondary br0
valid_lft forever preferred_lft forever
One key area where this is relevant, is that the primary address is the default "source" address for outgoing connections:
Code:
$ ip route
10.1.212.0/24 dev br0 proto kernel scope link src 10.1.212.118 metric 425 linkdown
This might be important for routing and firewall purposes, depending on your network layout.
RHEL admin is not allowed to set route? If you have more than one IP address shouldn't you configure them as needed instead of relying something called "default"?
RHEL admin is not allowed to set route? If you have more than one IP address shouldn't you configure them as needed instead of relying something called "default"?
I'm not sure I understand what you're asking. Of course you can set the routes the way you want ;-)
I assume you're referring to my comment on the default source address for a connection, though. It is possible for a client-side connection to bind() to a specific address, which means that address will be used as source for the connection. This is not often done, though, so for most outgoing connections (think your browser's request for a web page for example), the kernel picks the source based on the routing table or IP config. So the "default" source for a route is the address specified as "src" in the route, or if not present, the first address on that interface. See http://linux-ip.net/html/routing-saddr-selection.html for details.
It is possible (with manual "ip" commands) to configure the interface addresses in the correct order, and to configure the routes appropriately. The OP's question was about doing this with NetworkDamager, though, which seems to be harder to do (if possible at all).
Hope this makes sense ;-)
Last edited by cliffordw; 11-19-2016 at 01:15 AM.
Reason: Added reference link
RHEL admin is not allowed to set route? If you have more than one IP address shouldn't you configure them as needed instead of relying something called "default"?
Emerson, I do not want to configure some routes. I want a clean configuration with NetworkManager. I can workoround this problem using the old 'network' service, but I do not want to use the 'network', because
NM is default in RHEL7,and I use NM on all other RHEL7 servers. This is the first time that I ran into this problem. cliffordw also noticed that NM sorts IP's from lowest IP number to highest IP number, with the lowest being the primary. My server is web server in DMZ and it must forward request through the firewall
to the application server. Web must do forward request with specific source IP address(primary) and specifici port because of the firewall configuration.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.