Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    [Solved] More than one private ip subnet on LAN interface?

    Scheduled Pinned Locked Moved Virtualization
    23 Posts 4 Posters 3.0k Views 4 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • johnpozJ Offline
      johnpoz LAYER 8 Global Moderator @JKnott
      last edited by johnpoz

      @JKnott said in More than one private ip subnet on LAN interface?:

      There's nothing to stop someone from having both a pubic and RFC 1918 address on an interface, for example.

      Other than just plain common sense... There would be ZERO freaking reason to do such thing... Its not actually isolating anything and no point to it..

      You can put as many IPs you want on the same L2 - doesn't mean it makes any sense, or you should do it, etc.

      The reason for the link-local on IPv6 is to get information on its neighbors, its sends the RS from its link-local address, etc. etc.. There is all kinds of things that happen with the link-local in IPv6 that don't really need to get into here, and you if anyone should know anyway.

      This is in no way the same as putting a public IPv4 and a rfc1918 IPv4 address on an interface - what does that accomplish other than complications and nonsense? If a device needs to have a rfc1918 and a public IPv4 then they should be on different L2s

      Lets not mix in how things are done with IPv6 with the IPv4 talking about here.. Derelict has given the correct solution to the OP question, which is vlans!

      An intelligent man is sometimes forced to be drunk to spend time with his fools
      If you get confused: Listen to the Music Play
      Please don't Chat/PM me for help, unless mod related
      SG-4860 25.07.1 | Lab VMs 2.8.1, 25.07.1

      1 Reply Last reply Reply Quote 0
      • lifeboyL Offline
        lifeboy @lifeboy
        last edited by

        The use of VLAN's is the better way to achieve this (as answered by @Derelict), but I wanted to add this to my own question as far as it pertains to creating virtual bridges:

        It seems that one cannot add a virtual device to a NIC that is already part of a bridge.

        :~# ip link add link ens7f0 virt1 address 00:11:22:33:44:55 type macvlan
        RTNETLINK answers: Device or resource busy

        However, if I create the Virtual NIC and then add it to a bridge, it works.

        :~# ip link add link ens7f1 virt1 address 00:11:22:33:44:55 type macvlan
:~# brctl addbr virtb1
:~# brctl addif virtb1 virt1
:~# brctl show
bridge name   bridge id             STP enabled        interfaces
virtb1        8000.001122334455        no              virt1
vmbr0         8000.ac1f6bcae3e2        no              ens7f0
                                                       tap101i0
vmbr1         8000.ac1f6bc59544        no              ens6f0
                                                       tap101i1

        Although Proxmox's GUI doesn't "see" the new bridge, if I edit the qemu conf file for the VM, the port is added and the VM starts.

        1 Reply Last reply Reply Quote 0
        • DerelictD Offline
          Derelict LAYER 8 Netgate
          last edited by

          Sounds like you should probably move to a proxmox forum.

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.