Linux에서 Secondary VNIC와 Secondary Private IP 추가 방법

Junchol Park
Principal Internet Sales Consultant
Oracle Digital Prime Tech Presales
2020.09
Secondary VNIC & Secondary Private IP
for Linux
Confidential – © 2019 Oracle Internal/Restricted/Highly Restricted
1

Secondary Private IP 및 Secondary VNIC
2
• Secondary Private IP Address
 이용 중인 VNIC의 VCN 및 Subnet 내 IP만 할당 가능
 이용 목적
 Reserved Public IP(고정 IP) 이용
 인스턴스 장애 조치 : 새로운 인스턴스에 이전 Private IP/Reserved Public IP 설정
 단일 인스턴스에 여러 서비스 또는 엔드 포인트 실행
• Secondary VNIC
 다른 VCN 또는 다른 Subnet내 IP도 할당 가능
 이용 목적
 인스턴스를 여러 VCN의 Subnet에 연결하는게 목적

Secondary Private IP Address
3

Secondary Private IP Address 할당
4
동일 VCN 내의 IP만 등록 가능

5
참고
https://docs.cloud.oracle.com/en-us/iaas/Content/Network/Tasks/managingIPaddresses.htm#Linux
스크립트를 사용하여 OS 구성
• 추가 명령어
ip addr add <address>/<subnet_prefix_len> dev <phys_dev> label <phys_dev>:<addr_seq_num>
<address>: The secondary private IP address.
<subnet_prefix_len>: The subnet's prefix length. For example, if the subnet is 192.168.20.0/24, the subnet prefix length is 24.
<phys_dev>: The interface to add the address to (for example, ens2f0).
<addr_seq_num>: The sequential number in the stack of addresses on the device (for example, 0).
예) sudo ip addr add 10.0.0.3/24 dev ens3
• 삭제 명령어
sudo ip addr del 10.0.0.3/24 dev ens3
• 인스턴스 재부팅시 초기화됨
재부팅에도 유지하기 위해서는 /etc/sysconfig/network-scripts/ifcfg-<phys_dev>:<addr_seq_num> 에 설정을 하여야 함

6
Linux OS에서 할당한 IP를 OS명령어로 추가
현재 등록된 IP 조회
[opc@proxy ~]$ ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc pfifo_fast state UP group default qlen 1000
link/ether 02:00:17:00:e0:80 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.15/24 brd 10.0.0.255 scope global dynamic ens3
valid_lft 85924sec preferred_lft 85924sec
[opc@proxy ~]$ ip route
default via 10.0.0.1 dev ens3
10.0.0.0/24 dev ens3 proto kernel scope link src 10.0.0.15
169.254.0.0/16 dev ens3 proto static scope link
169.254.0.0/16 dev ens3 scope link metric 1002
[opc@proxy ~]$ netstat -r
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
default gateway 0.0.0.0 UG 0 0 0 ens3
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 ens3
link-local 0.0.0.0 255.255.0.0 U 0 0 0 ens3
link-local 0.0.0.0 255.255.0.0 U 0 0 0 ens3

7
ens3 Interface에 보조 Private IP 추가
[opc@proxy ~]$ sudo ip addr add 10.0.0.3/24 dev ens3
inet 10.0.0.3/24 scope global secondary ens3

Secondary Private IP Address 제거
8
[opc@proxy ~]$ sudo ip addr del 10.0.0.3/24 dev ens3
다음 명령어 실행 후, Console에서 삭제

서버 재부팅에도 Secondary Private IP Address 할당 유지
9
다음 파일에 설정 추가
/etc/sysconfig/network-scripts/ifcfg-<phys_dev>:<addr_seq_num>
[opc@proxy ~]$ sudo touch /etc/sysconfig/network-scripts/ifcfg-ens3:0
[opc@proxy ~]$ sudo vi /etc/sysconfig/network-scripts/ifcfg-ens3:0
DEVICE="ens3:0"
BOOTPROTO=static
IPADDR=10.0.0.3
NETMASK=255.255.255.0
ONBOOT=yes
inet 10.0.0.3/24 brd 10.0.0.255 scope global secondary ens3:0
재부팅 후 결과 확인

Secondary VNIC
10

Secondary VNIC 추가
11
다른 VCN 또는 다른 subnet 선택 가능

12
참고
https://docs.cloud.oracle.com/en-us/iaas/Content/Network/Tasks/managingVNICs.htm#Linux
스크립트를 사용하여 OS 구성
• 스크립트 다운로드
$ wget http://docs.cloud.oracle.com/en-us/iaas/Content/Resources/Assets/secondary_vnic_all_configure.sh
• 실행 가능하도록 설정
$ chmod +x secondary_vnic_all_configure.sh
• 스크립트 실행 방법
$ secondary_vnic_all_configure.sh -c : Configure (adds or deletes) secondary VNIC host IP configuration
$ secondary_vnic_all_configure.sh -c -n : Same but uses separate namespaces
$ secondary_vnic_all_configure.sh -d : Force removes all secondary VNIC host IP configuration
• 인스턴스 재부팅시 초기화됨

13
3: ens5: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 ens3
link-local 0.0.0.0 255.255.0.0 U 0 0 0 ens3
link-local 0.0.0.0 255.255.0.0 U 0 0 0 ens3
현재 현황

14
[opc@proxy ~]$ sudo ./secondary_vnic_all_configure.sh
CONFIG ADDR SPREFIX SBITS VIRTRT NS IND IFACE VLTAG VLAN STATE MAC VNIC
- 10.0.0.15 10.0.0.0 24 10.0.0.1 - 0 ens3 - - UP 02:00:17:00:e0:80 ocid1.vnic.oc1.ap-
seoul-1.abuwgljr6kumxxfo6khot4pmtm4mm4bjmosscmh6h7wgli6bqrx7ajsoe3ra
ADD 20.0.0.2 20.0.0.0 24 20.0.0.1 - 1 ens5 - - DOWN 02:00:17:00:fb:84 ocid1.vnic.oc1.ap-
seoul-1.abuwgljrgupat4lxyyvhy6y66q4a5zeeblihlhqr53yoxptoabavfh6mtuka
[opc@proxy ~]$ sudo ./secondary_vnic_all_configure.sh -c
Info: adding IP config for VNIC MAC 02:00:17:00:fb:84 with id ocid1.vnic.oc1.ap-seoul-1.abuwgljrgupat4lxyyvhy6y66q4a5zeeblihlhqr53yoxptoabavfh6mtuka
Info: added IP address 20.0.0.2 on interface ens5 with MTU 9000
Info: added rule for routing from 20.0.0.2 lookup ort1 with default via 20.0.0.1
VNIC 추가

15
link/ether 02:00:17:00:fb:84 brd ff:ff:ff:ff:ff:ff
inet 20.0.0.2/24 scope global ens5
추가된 상황

16
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 ens3
20.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 ens5
link-local 0.0.0.0 255.255.0.0 U 0 0 0 ens3
link-local 0.0.0.0 255.255.0.0 U 0 0 0 ens3
[opc@proxy ~]$ sudo ./secondary_vnic_all_configure.sh
CONFIG ADDR SPREFIX SBITS VIRTRT NS IND IFACE VLTAG VLAN STATE MAC VNIC
- 10.0.0.15 10.0.0.0 24 10.0.0.1 - 0 ens3 - - UP 02:00:17:00:e0:80 ocid1.vnic.oc1.ap-
seoul-1.abuwgljr6kumxxfo6khot4pmtm4mm4bjmosscmh6h7wgli6bqrx7ajsoe3ra
- 20.0.0.2 20.0.0.0 24 20.0.0.1 - 1 ens5 - - UP 02:00:17:00:fb:84 ocid1.vnic.oc1.ap-
seoul-1.abuwgljrgupat4lxyyvhy6y66q4a5zeeblihlhqr53yoxptoabavfh6mtuka
추가된 상황

Secondary VNIC 제거
17
스크립트 실행 후, OCI Console에서 제거
[opc@proxy ~]$ sudo ./secondary_vnic_all_configure.sh -d
Info: removing IP config of address 20.0.0.2 for VNIC MAC 02:00:17:00:fb:84 with id ocid1.vnic.oc1.ap-seoul-
1.abuwgljrgupat4lxyyvhy6y66q4a5zeeblihlhqr53yoxptoabavfh6mtuka
Info: removed routing on interface ens5
Info: removed IP address 20.0.0.2 from interface ens5

Linux에서 Secondary VNIC와 Secondary Private IP 추가 방법

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Linux에서 Secondary VNIC와 Secondary Private IP 추가 방법

Similar to Linux에서 Secondary VNIC와 Secondary Private IP 추가 방법 (20)

Linux에서 Secondary VNIC와 Secondary Private IP 추가 방법