Additional loopback addresses

[iolson]

Hello,

I am currently working on a CentOS server that will be using a routing daemon to advertise services that are bound to loopback addresses. An example of this would be an AS112 node where the AS112 ip addresses are set up as loopbacks and routes for the loopback IPs are advertised over BGP.

In C7, I was able to accomplish this by adding ifcfg-lo:1, ifcfg-lo:2, ifcfg-lo:3, etc to the /etc/sysconfig/network-scripts directory. This has no effect now in C8 and the ifcfg-lo file is also missing from this directory. I am assuming this has something to do with the network-scripts package being deprecated in C8. What is the best way to do this? Performance is a consideration here, the server will be a recursive DNS resolver for a large number of clients.

Any help is appreciated!

[BShT]

i don´t think the method you use will impact in performance, once you put these loopbacks up

you can use rc.local as a really dirty method...

[aks]

I'm very confused given the title and content.
You do know that loopback is 127.0.0.1/8 right? You can have every process listening on a different loopback addresss.
But as I say, very confused.

[iolson]

Here's an example to clear up the question:

Code: Select all

[root@xxxxx ~]# cat /etc/sysconfig/network-scripts/ifcfg-lo:0
# Loopback for AS112
DEVICE=lo:0
BOOTPROTO=none
BROADCAST=192.175.48.255
IPADDR=192.175.48.1
IPV6ADDR=2620:4f:8000::1/48
NETMASK=255.255.255.0
NETWORK=192.175.48.0
ONBOOT=yes

How do I accomplish exactly this in CentOS 8? The above works well in CentOS 7 for this purpose.

@BShT I think something along the lines of "ip addr add 192.175.48.1/24 dev lo" in rc.local would work. Since rc.local is deprecated as well though in C7 & C8, I wondered if any developer here knew the "correct" way of doing this for C8. For performance impacts, I was mainly wondering if adding a "dummy" type interface with these addresses had any difference in performance when compared to assigning an additional IP address to the existing "lo" device.

[jlehtone]

Why are they on the loopback interface? Can't they be on any other interface?

NetworkManager lets you add multiple addresses, aliases, to a connection:

Code: Select all

nmcli c mod eth0 ipv4.addresses "10.20.30.123/24, 10.20.30.127/32"

(One is obviously "the default".)

The same is possible with iproute2 and the network.service config did support that.

The "eth0, eth0:0, eth0:1" style aliasing is ancient compared to those.


The 'lo' is "unmanaged", i.e. not configured by NM, yet there without network.service.
My guess is that systemd sets it up before any other "network services".

[iolson]

Systemd would make sense, I am guessing you are correct that it is responsible for the lo interface. I'll dig into their documentation a bit more. As far as the rationale, I think the primary reason for assigning it to the loopback is because we don't want the server to respond to ARP for this IP or anything else like that. The routing protocol should be solely responsible for announcing a route for the "fake" anycasted IP and withdrawing it so that the traffic can flow to a working node with minimal downtime.

[iolson]

So, apparently the best answer is to use network-scripts and do it the same way as CentOS 7.
https://access.redhat.com/solutions/4538371