how to add virtual network interface in linux
Before we discuss further on how to add virtual network interface in linux first we need to know what is virtual IP.Virtual IP is also pronounced as VIP by technical professionals.So lets understand it.
What is VIP ?
VIP stands for Virtual IP means Virtual IP Address.So it virtual in nature not any physical interface but associated with some other physical interface.So we can say “VIP is an IP address that does not corresponds to an actual physical network interface.”
Uses for VIPs are Network Address Translation [ NAT] one-to-many used in case of fault-tolerance and mobility.Best Example you might have seen in configuration of VCS Clusters. Only pre-condition of available and active interface.It looks like below.You can see in below example available cards has been an bonded interface.Bonding is another topic which can be discussed separately why we need bonding as bonding also separately provides network redundancy other words fault tolerance. It can be configured in various modes.Mostly used mode is active passive mode.One interface should be active at a time and in case if it goes down due to any reason another interface take care of network availability to maintain network redundancy so bonding serves fault tolerance.
Even though it is very simple in configuration but just trying to elaborate how it can help you in troubleshooting relevant issues in your production environment.Will share my experience related to same in the last.Lets focus topic on hand.
How to create VIP
In below example treat bond0 as eth0 interface.Our whole objective is to setup VIP.I am using bond interface to stimulate my experience as stated above.VIP can be represented in form of interface:X.In below example bond0:0 and bond0:1 are the virtual IP.Most of the server admins will be aware about ifconfig command in RHEL. Below output is truncated part of ifconfig -a.You need to have super user privilege to do this config.
Syntax of command will be like below
# ifconfig <interface> <IP Add> netmask <netmask> up # ifconfig bond0:2 192.168.25.5 netmask 255.255.255.0 up
That,s it. Above command will create new virtual interface with bond0:2 .Once done if you run ifconfig -a command it will show one more interface in output and immediately it can be used.You need to register this IP in your DNS with any application preferred name .
You can validate that with nslookup command in your network. # nslookup <server-name> You can verify functionality using ping command. # ping <server-name>
How to Disable VIP
Once VIP is configured it can be treated like physical interface.You can use ifconfig command to make it down as below.
# ifconfig bond0:2 down
Now question comes that do you want it to be persistent across reboots.If yes you need to create device entry in interface configuration file to make it persistent.
1.Change to network config directory.
# cd /etc/sysconfig/network-scripts
2.Create new file with ifcfg-bond0:2 name using your preferred editor and add entry like below, save the file .
# vi ifcfg-bond0:2
Once done,if you are doing this under maintenance window you can restart network service or you can leave as it is.It will get addressed on next reboot automatically as immediately after main config command you can use VIP.Decision is yours.If you want to restart network service you can use below.
# service network restart
Above command will work till RHEL 5,6 but since RHEL7 have previous compatibility it will translate related systemctl command while executing.That,s it.This facility is incorporated in most recent distros as it is standard for operating system needs to have this ability.Let me share my experience with VIP which i have used many times to resolve production down incidents in past.It is still relevant.Before i share my experience i would like to advise all system administrator community to follow standard procedure of system administrators “Never forget to take backup of configuration file before making any modification to make your life easier”.
Related to this topic before making any change please save ifconfig -a output to /var/tmp. Never take backup of network configuration file in it,s directory.Always take backup of network config file in separate directory to avoid any network related misbehavior of server.
# ifconfig -a > /var/tmp/ifconfig-a.$date
OK, so let me share my experience how this helped me in resolving production down incidents in past.Same technology being used many times in many situation like Patching of VCS Servers.Will share one which i mentioned earlier.
I have got production server down alert.This was crucial infrastructure netback up server.Crucial because it performs backup of entire environment that,s why critical production server down.
In general most of the monitoring server run ping to all the servers in environment and it through alert in case no response from server on that behalf ticket gets generated and normally list of hardware taken from CMDB of organization.
- First thing I did ping and found it was not responding.
- Second I did nslookup for server in alert i got IP as it was registered in our DNS.
- Our backup servers are veritas clustered PROD/DR pair and we have configured bonding that is the reason I took that example above.As per veritas cluster configuration some VIP needed to setup cluster.
- I looked into our CMDB and found the actual server names for prod/dr.
- I logged in server and take a look at ifconfig output.One of the VIP was missing as ealier due to failover server was rebooted. It was washed out because it was not configured to be available across reboots as mentioned above.
- I configured it and make it permanent..
1. Ping works perfectly fine.
2.Was able to login using name in CMDB/Incident as i already said it was there in our DNS.
So such a small things some times makes you realize their importance. Keeping that in mind always take backup of configuration files before change and utilize all the services offered by operating system.