Secondary IP in its own netns namespace

The Linux macvlan device is a workable solution here.

It instantiates a layer 2 subinterface which is a bona fide logical device, unlike the eth0:1 administrative fiction to manage secondary IPs, which I may then move into a network namespace and address. Example:

#  netns: test        netns: default
# ==============     ================
# test0:10.0.0.2 <->  eth0:10.0.0.1

# Create "test" network namespace
ip netns add test
ip netns exec test ip link set lo up

# Create subinterface and move to "test"
ip link add link eth0 name test0 type macvlan
ip link set test0 netns test

# Configure the subinterface
ip netns exec test ip addr add 10.0.0.2/24 brd + dev test0

This preserves the "primary" IP on eth0 and thus keeps the existing system more-or-less unaware of my hidden "secondary" IP.

Addendum for wifi interfaces

User pts points out that macvlan devices won't work if eth0 is a wifi interface. Instead, use interface type ipvlan mode 12.

Secondary IP in its own netns namespace

Tags:

Linux

Iproute2

Network Namespace

Related

Recent Posts