Creating a virtual Network Interface in CentOS 6

Sometimes you need to assign more than one IP to a server, even if it only has one NIC. To do so, you create a virtual (or aliased) interface, attached to the physical NIC.

This documentation details how to do this in CentOS5 / CentOS 6 (this also applies to CentOS7 if you're not using Network Manager).

 We'll assume that your NIC is eth0, if not simply substitute for the name of your NIC

cd /etc/sysconfig/network-scripts

# Use the real NIC's details as a template cp ifcfg-eth0 ifcfg-eth0:0

# Now we need to make a few small changes nano ifcfg-eth0:0

# Change the file to contain the following (substitute your desired IP!)
BOOTPROTO=static
BROADCAST=192.168.1.255
IPADDR=192.168.1.99
NETMASK=255.255.255.0
NETWORK=192.168.1.0
ONBOOT=yes
TYPE=Ethernet

In essence, we're removing HWADDRESS and changing the IP to suit our needs. The next step is to restart the networking subsystem on the server. If our physical NIC uses DHCP we'll need to change BOOTPROTO from dhcp to static.

/etc/init.d/network restart

 

Different Subnet

There may be occasions when you want the virtual interface to use an IP on a different subnet to that hosting the physical NIC (it's rare, but does happen!). If it's an issue of user access, keep in mind that packets will still be visible to anyone sniffing the network, and it's a simple command (which we'll run shortly) to grant users access, so there's no good security reason to do this!

So, using our example above (an existing network on 192.168.1.0/24) we'd create ifcfg-eth0:0 as follows to create a virtual IP on 192.168.28.0/24

DEVICE="eth0:0"
ONBOOT="yes"
TYPE="Ethernet"
BOOTPROTO=static
BROADCAST=192.168.2.255
IPADDR=192.168.28.2
NETMASK=255.255.255.0
NETWORK=192.168.2.0
ONBOOT=yes
TYPE=Ethernet

As you can see, there's no real change except to change the Device, IP, Broadcast and Network values. The additional step comes in telling systems on the 'real' subnet how to route packets destined for the new one. You can add a static route to the router (see your manual) or if it's just a couple of systems that need access run the following commands.

 

Linux

From the shell;

route add -net 192.168.28.0 netmask 255.255.255.0 gw {physical IP of server} 
# e.g. route add -net 192.168.28.0 netmask 255.255.255.0 gw 192.168.1.65

 

Windows

Open a Command Prompt, and run

route ADD 192.168.28.0 MASK 255.255.255.0 {Physical IP of server}
# e.g. route ADD 192.168.28.0 MASK 255.255.255.0 192.168.1.65