Overview
StackPath offers the ability for you to create Virtual Machines and Containers with up to five public-facing network interfaces. This guide will help you to configure your VMs or Containers to properly respond to requests made to its public IPs.
For more information on how to create a Virtual Machine or a Container, please see Create and Manage Virtual Machines, Containers and Workloads.
Getting Started for VMs
In our example, we are using multiple routing tables to configure our VM so that it can respond to its interfaces' public IPs properly.
We created a CentOS VM with the following interfaces:
-
eth0: 10.128.80.0
-
net1: 250.0.0.0
-
net2: 240.0.0.0
Make sure you connect to your VM first before running any of the commands listed below. Please see Add Users to a Virtual Machine to learn how to connect to your VM and set up additional users.
Runtime Configuration
This example describes how to setup the tables at runtime. These settings will not persist after a reboot.
Initial State
[root@x-x-x-x-x-0 ~]# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: net2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc pfifo_fast state UP group default qlen 1000
link/ether 0a:58:f0:00:00:02 brd ff:ff:ff:ff:ff:ff
inet 240.0.0.2/20 brd 240.0.15.255 scope global net2
valid_lft forever preferred_lft forever
inet6 fe80::858:f0ff:fe00:2/64 scope link
valid_lft forever preferred_lft forever
3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc pfifo_fast state UP group default qlen 1000
link/ether 0a:58:0a:80:50:02 brd ff:ff:ff:ff:ff:ff
inet 10.128.80.2/20 brd 10.128.95.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::858:aff:fe80:5002/64 scope link
valid_lft forever preferred_lft forever
4: net1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc pfifo_fast state UP group default qlen 1000
link/ether 0a:58:fa:00:00:02 brd ff:ff:ff:ff:ff:ff
inet 250.0.0.2/20 brd 250.0.15.255 scope global net1
valid_lft forever preferred_lft forever
inet6 fe80::858:faff:fe00:2/64 scope link
valid_lft forever preferred_lft forever
[root@x-x-x-x-x-0 ~]# ip route
default via 10.128.80.1 dev eth0
10.128.80.0/20 dev eth0 proto kernel scope link src 10.128.80.2
240.0.0.0 via 240.0.0.1 dev net2
240.0.0.0/20 dev net2 proto kernel scope link src 240.0.0.2
250.0.0.0 via 250.0.0.1 dev net1
250.0.0.0/20 dev net1 proto kernel scope link src 250.0.0.2
Add Routes
Adding routes will create the routing tables as well. These routes must be added to the virtual gateway of the VPC subnet, which should be the first IP in all cases.
[root@x-x-x-x-x-0 ~]# ip route add default via 250.0.0.1 dev net1 table 1
[root@x-x-x-x-x-0 ~]# ip route add default via 240.0.0.1 dev net2 table 2
Add Rules
These rules will be used to match inbound traffic to a routing table. Please note that the IP in the rule must be the IP assigned to the interfaces.
[root@x-x-x-x-x-0 ~]# ip rule add from 250.0.0.2 table 1
[root@x-x-x-x-x-0 ~]# ip rule add from 240.0.0.2 table 2
New State
[root@x-x-x-x-x-0 ~]# ip route show table all | grep default
default via 250.0.0.1 dev net1 table 1
default via 240.0.0.1 dev net2 table 2
default via 10.128.80.1 dev eth0
unreachable default dev lo proto kernel metric 4294967295 error -101 pref medium
unreachable default dev lo proto kernel metric 4294967295 error -101 pref medium
[root@x-x-x-x-x-0 ~]# ip rule list
0: from all lookup local
32764: from 240.0.0.2 lookup 2
32765: from 250.0.0.2 lookup 1
32766: from all lookup main
32767: from all lookup default
Permanent Configuration
These configurations will ensure the configuration survives reboots.
Routing Table Configuration
The following configuration adds two tables for our interfaces and names them accordingly.
[root@x-x-x-x-x-0 ~]# cat /etc/iproute2/rt_tables
#
# reserved values
#
255 local
254 main
253 default
0 unspec
#
# local
#
#1 inr.ruhep
## Added for multi-interface public IPs
1 net1
2 net2
Route Configuration
The route configurations for these secondary interfaces must reference the table. They can reference the table by name (net1) or number (net2).
[root@x-x-x-x-x-0 ~]# cat /etc/sysconfig/network-scripts/route-net1
default via 250.0.0.1 table net1
[root@x-x-x-x-x-0 ~]# cat /etc/sysconfig/network-scripts/route-net2
default via 240.0.0.1 table 2
Rule Configuration
Like the route configurations, rules must reference the table by name or number.
[root@x-x-x-x-x-0 ~]# cat /etc/sysconfig/network-scripts/rule-net1
from 250.0.0.2 table net1
[root@x-x-x-x-x-0 ~]# cat /etc/sysconfig/network-scripts/rule-net2
from 240.0.0.2 table 2
Multiple Public IP addresses can be added when creating a new workload or when editing an existing workload. If you do edit an existing workload, the old workload will be destroyed and recreated using the new settings.
Getting Started for Containers
Containers are simpler to manage, as all of the configuration required is done behind the scenes. Once a Container workload is created, enabling a public IP address for each interface can be enabled via checkbox on the Portal. Once checked, the Container's interfaces will automatically be configured to respond to requests made to their public IPs.