I’ve attempted to set up eth0 with several IP addresses via nmtui. It works, but not as I expected. I need to be able to bind 1:1 IP addresses to physical eth0 and eth0:0-1, etc. interfaces. I need help figuring out how to accomplish this via NetworkManager key files. The primary driving factor is binding a VM to an eth0:0 interface. Any pointers or assistance would be greatly appreciated.
The IP aliases (that did have “separate interfaces”, like eth0:0) are an old technique. The current way is to have multiple addresses on one interface. On IPv6 that is practically compulsory.
The ipv4.addresses NM setting is a list.
That is how you assume to achieve something. What do you actually want to achieve?
the host which has (5) IP addresses allocates them as follows:
1 IP address dedicated to the host
3 IP addresses dedicated to 3 separate VMs, with a 1:1 ratio of private class C address to live IP
1 IP is dedicated to docker with a 1:1 ratio of private class C address to live IP addresses
For troubleshooting, each VM would allows passthrough outbound and inbound traffic initially prior to writing any friewall rules.
Thank you for your assistance
Ok, lets call the 10.0.0.1–10.0.0.5 “live IP” that are in subnet 10.0.0.0/X.
You apparently want a second subnet, where first VM has 192.168.0.2,
and routing that from outside to 10.0.0.2 to forward to 192.168.0.2.
Why don’t you simply connect the VM to external subnet with address 10.0.0.2?
The host has interface “eth0”. It could have a bridge interface “br0” and demote the eth0 to be a port of br0.
The live IP of host (10.0.0.1) would be on br0 and the eth0 would have no address at all.
Then attach the VM to br0. Set the 10.0.0.2 on the interface of the VM.
The bridge (br0) acts line unmanaged network switch that extends the external subnet to the VM.
No “1:1” shenanigans to tackle with.
The default on host is to not filter bridged traffic; the host does not act as firewall between outside and the VM.
You obviously (can) have firewall in the VM.
It is possible to enable filtering fo bridged traffic, so the host could be a firewall too.