0

My servers has 10.20.10.100 ip address on eno1 interface.

I can successfully add temporarily ip address 10.20.50.60 (or any else).

When I try to add permanently using netplan I cannot connect to server anymore using it original ip address.

Content of my original /etc/netplan/00-installer-config.yaml:

network:
  ethernets:
    eno1:
      dhcp4: true
    eno2:
      dhcp4: true
    enx7e8ae1d2cba7:
      dhcp4: true
  version: 2

My changed version is:

network:
  version: 2
  renderer: networkd
  ethernets:
    eno1:
      dhcp4: false
      addresses:
        - 10.20.10.100/24
        - 10.20.50.60/24
        - 10.20.50.61/24
      gateway4: 10.20.0.1
      nameservers:
          addresses: [10.20.0.1,1.1.1.1,8.8.8.8]
    eno2:
      dhcp4: true
    enx7e8ae1d2cba7:
      dhcp4: true

ip address show dev eno1

2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 7c:8a:e1:d2:cb:a2 brd ff:ff:ff:ff:ff:ff
    inet 10.20.10.100/16 brd 10.20.255.255 scope global dynamic eno1
       valid_lft 438sec preferred_lft 438sec

route -n

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.20.0.1       0.0.0.0         UG    100    0        0 eno1
10.20.0.0       0.0.0.0         255.255.0.0     U     0      0        0 eno1
10.20.0.1       0.0.0.0         255.255.255.255 UH    100    0        0 eno1
169.254.95.0    0.0.0.0         255.255.255.0   U     0      0        0 enx7e8ae1d2cba7
172.17.0.0      0.0.0.0         255.255.0.0     U     0      0        0 docker0
172.18.0.0      0.0.0.0         255.255.0.0     U     0      0        0 docker_gwbridge

My changed version is (version2):

network:
version: 2
ethernets:
    eno1: {}
    eno2:
        dhcp4: true
    enx7e8ae1d2cba7:
        dhcp4: true
vlans:
    vlan.101:
        id: 101
        link: eno1
        addresses: [10.20.10.100/16]
        gateway4: 10.20.0.1
        nameservers:
            addresses: [10.20.0.1, 1.1.1.1]
    vlan.102:
        id: 102
        link: eno1
        addresses: [10.20.50.60/16]
        gateway4: 10.20.0.1
        nameservers:
            addresses: [10.20.0.1, 1.1.1.1]
    vlan.103:
        id: 103
        link: eno1
        addresses: [10.20.50.61/16]
        gateway4: 10.20.0.1
        nameservers:
            addresses: [10.20.0.1, 1.1.1.1]
iWizard
  • 418
  • 3
  • 12
  • 27
  • `valid_lft 438sec preferred_lft 438sec` hints that you are still configured using DHCP. – A.B Aug 12 '21 at 17:25
  • @A.B tried to add dhcp4: false bur did not help – iWizard Aug 12 '21 at 17:26
  • I don't know netplan. So maybe you edited a configuration but the system doesn't consider it has changed, or maybe that's because it rejects an incorrect configuration (eg: gateway is wrong because in none of the LANs defined with the addresses). You could even try a reboot and see what happens (you might get 0 address though). – A.B Aug 12 '21 at 17:29
  • @A.B I will try tomorrow couple of changes more and post here – iWizard Aug 12 '21 at 17:32

2 Answers2

2

There appears to be nothing wrong with the configuration you specified so it makes me think about how you applied the change.

Secondly, the output of ip address show dev eno1 showed an address of 10.20.10.100/16 instead of the /24 in your netplan config. Feels like the previous interface details were cached or new ones not applied.

To help determine your address details when using DHCP, run the following commands and make note of the output:

# All IP addresses
ip a

# Routes and default gateway
ip r

Now change netplan config and disable DHCP by setting it to false. Having changed the netplan config, apply with debug flag to help determine any issues:

sudo netplan --debug apply

Then repeat the commands above and note the differences. Sometimes a reboot is necessary to remove existing interfaces or you can use the ip del command to remove existing IP addresses before applying new netplan config.

One way to convince yourself the new config was applied is to change the /16 to something different e.g. /22. If the output of ip a is the same as before then it hasn't applied properly.

fswings
  • 231
  • 1
  • 4
  • All changes I have tried with netplan apply and also with reboot. Talking about ip add and other similar tmp stuff. – iWizard Aug 17 '21 at 12:34
1

I would configure you addresses as virtual lans (As an aside, I think you may need set gateways for the vlans on different network segments):

network:
    version: 2
    ethernets:
        eno1: {}
        eno2:
            dhcp4: true
        enx7e8ae1d2cba7:
            dhcp4: true

    vlans:
        vlan.101:
            id: 101
            link: eno1
            addresses: [10.20.10.100/16]
            routes:
            - to: default
              via: 10.20.0.1
        vlan.102:
            id: 102
            link: eno1
            routes:
            addresses: [10.20.50.60/16]
            routes:
            - to: default
              via: 10.20.0.1
        vlan.103:
            id: 103
            link: eno1
            addresses: [10.20.50.61/16]
            routes:
            - to: default
              via: 10.20.0.1
Falstone
  • 179
  • 6
  • Applied your config and when i check status over ifconfig I see ip addresses there but cannot ping them from pc or ping even google. Any ideas? – iWizard Aug 16 '21 at 06:52
  • 1
    Have you set up any routes? As I said in my answer each vlan will need a route to its gateway. Each vlan block should have its own gateway4 entry. Your /24 notation is the same as a 255.255.255.0 net mask, so you probably need gateways in the ranges 10.20.50.1-10.20.50.254 and 10.20.10.1-10.20.10.254. Your current gateway 10.20.0.1 is in neither range and masked off from the nics. What does the command: route -n show? – Falstone Aug 16 '21 at 08:12
  • Added added route -n in my primary question (I have not set any routes) – iWizard Aug 16 '21 at 13:35
  • after your changed everything is same except there are no destinations "0.0.0.0" and "10.20.0.1" anymore – iWizard Aug 16 '21 at 13:59
  • You need to get all of the hosts onto the same subnet. The best way would be to use different ip addresses on the same subnet. But if you HAVE to keep the existing IP addresses, add 'gateway4: 10.20.0.1' to each vlan and change the /24 to /18. You may also need to change the gateway's subnet mask to 255.255.192.0 so it is on the same subnet as the hosts. This is not very efficient as you have a huge subnet of 16,382 potential hosts. – Falstone Aug 16 '21 at 14:22
  • Just noticed that when you used DHCP and received an address from the pool it was a /16 network. So I have changed the config to reflect what is coming from the router. – Falstone Aug 17 '21 at 08:38
  • As a further aside you will need to add nameserver values to get DNS to work. But with the current config numeric addresses should work – Falstone Aug 17 '21 at 10:39
  • tried but still does not works (cannot ping it), please take a look at my updated "My changed version is (version2):" – iWizard Aug 17 '21 at 12:32
  • The indentation doesn't look correct. Everything below network: should be indented one level. When you run 'netplan --debug generate' does it show any errors? – Falstone Aug 17 '21 at 15:35
  • everything looks ok https://drive.google.com/file/d/1VquJ0FOhv08NLdy5E70VI4yj9ajHpYtO/view – iWizard Aug 18 '21 at 07:59
  • OK - trying a slightly different approach - I have changed the example to use specific routes – Falstone Aug 18 '21 at 13:58
  • getting error: The overwriting error message was: /etc/netplan/00-installer-config.yaml:16:13: Error in network definition: unicast route must include both a 'to' and 'via' IP – iWizard Aug 18 '21 at 15:13
  • any ideas what could be a problem? – iWizard Aug 19 '21 at 10:53
  • Hi, I am coming to the conclusion it is a routing problem - I am just getting together some policy routing configuration which I think may be the solution – Falstone Aug 19 '21 at 11:29
  • I will paste all config upper in my question from Mikrotik router – iWizard Aug 19 '21 at 11:35
  • I see now that there is to much of that, is there any specific stuff might help you? – iWizard Aug 19 '21 at 11:36
  • Hi - Sorry - family emergency means I am delayed in responding – Falstone Aug 20 '21 at 17:56
  • No problem, I will award you anwser but when you have time please help me to setup this. tnx – iWizard Aug 22 '21 at 07:22
  • Hi, Sorry I am still dealing with the issues at home - thanks for the bounty - If you are still having difficulty can I at least direct you to 'policy based routing' which I think is the next step is solving you issue. – Falstone Oct 12 '21 at 08:58
  • I'm still resolving this issue tmp with bash script on server boot. – iWizard Oct 12 '21 at 12:03