Configuring Network Interfaces on Debian/Ubuntu
Technical documentation
02/23/2013
Ubuntu ships with a number of graphical utilities to configure your network devices. This document is geared toward server administrators and will focus on managing your network on the command line.
Ethernet Interfaces¶
Ethernet interfaces are identified by the system using the naming convention of eth_X_ , where X represents a numeric value. The first Ethernet interface is typically identified as eth0, the second as eth1, and all others should move up in numerical order.
Identify Ethernet Interfaces¶
To quickly identify all available Ethernet interfaces, you can use the ifconfig
command as shown below.
ifconfig -a | grep eth
eth0 Link encap:Ethernet HWaddr 00:15:c5:4a:16:5a
Another application that can help identify all network interfaces available to your system is the lshw
command. In the example below, lshw
shows a single Ethernet interface with the logical name of eth0 along with bus information, driver details and all supported capabilities.
sudo lshw -class network
*-network
description: Ethernet interface
product: BCM4401-B0 100Base-TX
vendor: Broadcom Corporation
physical id: 0
bus info: pci@0000:03:00.0
logical name: eth0
version: 02
serial: 00:15:c5:4a:16:5a
size: 10MB/s
capacity: 100MB/s
width: 32 bits
clock: 33MHz
capabilities: (...snipped...)
configuration: (...snipped...)
resources: irq:17 memory:ef9fe000-ef9fffff
Ethernet Interface Logical Names¶
Interface logical names are configured in the file /etc/udev/rules.d/70-persistent-net.rules
. If you would like control which interface receives a particular logical name, find the line matching the interfaces physical MAC address and modify the value of NAME=ethX
to the desired logical name. Reboot the system to commit your changes.
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:15:c5:4a:16:5a", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0"
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:15:c5:4a:16:5b", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="eth1"
Ethernet Interface Settings¶
ethtool
is a program that displays and changes Ethernet card settings such as auto-negotiation, port speed, duplex mode, and Wake-on-LAN. It is not installed by default, but is available for installation in the repositories.
sudo apt-get install ethtool
The following is an example of how to view supported features and configured settings of an Ethernet interface.
sudo ethtool eth0
Settings for eth0:
Supported ports: [ TP ]
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Half 1000baseT/Full
Supports auto-negotiation: Yes
Advertised link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Half 1000baseT/Full
Advertised auto-negotiation: Yes
Speed: 1000Mb/s
Duplex: Full
Port: Twisted Pair
PHYAD: 1
Transceiver: internal
Auto-negotiation: on
Supports Wake-on: g
Wake-on: d
Current message level: 0x000000ff (255)
Link detected: yes
Changes made with the ethtool
command are temporary and will be lost after a reboot. If you would like to retain settings, simply add the desired ethtool
command to a pre-up statement in the interface configuration file /etc/network/interfaces
.
The following is an example of how the interface identified as eth0 could be permanently configured with a port speed of 1000Mb/s running in full duplex mode.
auto eth0 iface eth0 inet static pre-up /usr/sbin/ethtool -s eth0 speed 1000 duplex full
Although the example above shows the interface configured to use the static method, it actually works with other methods as well, such as DHCP. The example is meant to demonstrate only proper placement of the pre-up statement in relation to the rest of the interface configuration.
IP Addressing¶
The following section describes the process of configuring your systems IP address and default gateway needed for communicating on a local area network and the Internet.
Temporary IP Address Assignment¶
For temporary network configurations, you can use standard commands such as ip
, ifconfig
and route
, which are also found on most other GNU/Linux operating systems. These commands allow you to configure settings which take effect immediately, however they are not persistent and will be lost after a reboot.
To temporarily configure an IP address, you can use the ifconfig
command in the following manner. Just modify the IP address and subnet mask to match your network requirements.
sudo ifconfig eth0 10.0.0.100 netmask 255.255.255.0
To verify the IP address configuration of eth0, you can use the ifconfig command in the following manner.
ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:15:c5:4a:16:5a
inet addr:10.0.0.100 Bcast:10.0.0.255 Mask:255.255.255.0
inet6 addr: fe80::215:c5ff:fe4a:165a/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:466475604 errors:0 dropped:0 overruns:0 frame:0
TX packets:403172654 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2574778386 (2.5 GB) TX bytes:1618367329 (1.6 GB)
Interrupt:16
To configure a default gateway, you can use the route command in the following manner. Modify the default gateway address to match your network requirements.
sudo route add default gw 10.0.0.1 eth0
To verify your default gateway configuration, you can use the route command in the following manner.
route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0
0.0.0.0 10.0.0.1 0.0.0.0 UG 0 0 0 eth0
If you require DNS for your temporary network configuration, you can add DNS server IP addresses in the file /etc/resolv.conf
. The example below shows how to enter two DNS servers to /etc/resolv.conf
, which should be changed to servers appropriate for your network. A more lengthy description of DNS client configuration is in a following section.
nameserver 8.8.8.8 nameserver 8.8.4.4
If you no longer need this configuration and wish to purge all IP configuration from an interface, you can use the ip command with the flush option as shown below.
ip addr flush eth0
Flushing the IP configuration using the ip
command does not clear the contents of /etc/resolv.conf
. You must remove or modify those entries manually.
Dynamic IP Address Assignment (DHCP Client)¶
To configure your server to use DHCP for dynamic address assignment, add the dhcp method to the inet address family statement for the appropriate interface in the file /etc/network/interfaces
. The example below assumes you are configuring your first Ethernet interface identified as eth0.
auto eth0 iface eth0 inet dhcp
By adding an interface configuration as shown above, you can manually enable the interface through the ifup
command which initiates the DHCP process via dhclient
.
sudo ifup eth0
To manually disable the interface, you can use the ifdown
command, which in turn will initiate the DHCP release process and shut down the interface.
sudo ifdown eth0
Static IP Address Assignment¶
To configure your system to use a static IP address assignment, add the static method to the inet address family statement for the appropriate interface in the file /etc/network/interfaces
. The example below assumes you are configuring your first Ethernet interface identified as eth0. Change the address, netmask, and gateway values to meet the requirements of your network.
auto eth0 iface eth0 inet static address 10.0.0.100 netmask 255.255.255.0 gateway 10.0.0.1
By adding an interface configuration as shown above, you can manually enable the interface through the ifup
command.
sudo ifup eth0
To manually disable the interface, you can use the ifdown
command.
sudo ifdown eth0
Loopback Interface¶
The loopback interface is identified by the system as lo and has a default IP address of 127.0.0.1. It can be viewed using the ifconfig
command.
ifconfig lo
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:2718 errors:0 dropped:0 overruns:0 frame:0
TX packets:2718 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:183308 (183.3 KB) TX bytes:183308 (183.3 KB)
By default, there should be two lines in /etc/network/interfaces
responsible for automatically configuring your loopback interface. It is recommended that you keep the default settings unless you have a specific purpose for changing them. An example of the two default lines are shown below.
auto lo iface lo inet loopback
Name Resolution¶
Name resolution as it relates to IP networking is the process of mapping IP addresses to hostnames, making it easier to identify resources on a network. The following section will explain how to properly configure your system for name resolution using DNS and static hostname records.
DNS Client Configuration¶
To configure your system to use DNS for name resolution, add the IP addresses of the DNS servers that are appropriate for your network in the file /etc/resolv.conf
. You can also add an optional DNS suffix search-lists to match your network domain names.
Below is an example of a typical configuration of /etc/resolv.conf for a server on the domain "example.com" and using two public DNS servers.
search example.com nameserver 8.8.8.8 nameserver 8.8.4.4
The search option can also be used with multiple domain names so that DNS queries will be appended in the order in which they are entered. For example, your network may have multiple sub-domains to search; a parent domain of example.com
, and two sub-domains, sales.example.com
and dev.example.com
.
If you have multiple domains you wish to search, your configuration might look like the following.
search example.com sales.example.com dev.example.com nameserver 8.8.8.8 nameserver 8.8.4.4
If you try to ping a host with the name of server1, your system will automatically query DNS for its Fully Qualified Domain Name (FQDN) in the following order:
- server1*.example.com*
- server1*.sales.example.com*
- server1*.dev.example.com*
If no matches are found, the DNS server will provide a result of notfound and the DNS query will fail.
Static Hostnames¶
Static hostnames are locally defined hostname-to-IP mappings located in the file /etc/hosts
. Entries in the hosts file will have precedence over DNS by default. This means that if your system tries to resolve a hostname and it matches an entry in /etc/hosts
, it will not attempt to look up the record in DNS. In some configurations, especially when Internet access is not required, servers that communicate with a limited number of resources can be conveniently set to use static hostnames instead of DNS.
The following is an example of a hosts
file where a number of local servers have been identified by simple hostnames, aliases and their equivalent Fully Qualified Domain Names (FQDN's).
127.0.0.1 localhost 127.0.1.1 ubuntu-server 10.0.0.11 server1.example.com server1 vpn 10.0.0.12 server2.example.com server2 mail 10.0.0.13 server3.example.com server3 www 10.0.0.14 server4.example.com server4 file
In the above example, notice that each of the servers have been given aliases in addition to their proper names and FQDN's. Server1
has been mapped to the name vpn
, server2
is referred to as mail
, server3
as www
, and server4
as file.
Name Service Switch Configuration¶
The order in which your system selects a method of resolving hostnames to IP addresses is controlled by the Name Service Switch (NSS) configuration file /etc/nsswitch.conf
. As mentioned in the previous section, typically static hostnames defined in the systems /etc/hosts file have precedence over names resolved from DNS. The following is an example of the line responsible for this order of hostname lookups in the file /etc/nsswitch.conf
.
hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4* files first tries to resolve static hostnames located in
/etc/hosts
.
* mdns4_minimal attempts to resolve the name using Multicast DNS.
* [NOTFOUND=return] means that any response of notfound by the preceeding mdns4_minimal process should be treated as authoritative and that the system should not try to continue hunting for an answer.
* dns represents a legacy unicast DNS query.
* mdns4 represents a Multicast DNS query.
To modify the order of the above mentioned name resolution methods, you can simply change the hosts:
string to the value of your choosing. For example, if you prefer to use legacy Unicast DNS versus Multicast DNS, you can change the string in /etc/nsswitch.conf
as shown below.
hosts: files dns [NOTFOUND=return] mdns4_minimal mdns4
Bridging¶
Bridging multiple interfaces is a more advanced configuration, but is very useful in multiple scenarios. One scenario is setting up a bridge with multiple network interfaces, then using a firewall to filter traffic between two network segments. Another scenario is using bridge on a system with one interface to allow virtual machines direct access to the outside network. The following example covers the latter scenario.
Before configuring a bridge you will need to install the bridge-utils package. To install the package, in a terminal enter:
sudo apt-get install bridge-utils
Next, configure the bridge by editing /etc/network/interfaces
:
auto lo iface lo inet loopback auto br0 iface br0 inet static address 192.168.0.10 network 192.168.0.0 netmask 255.255.255.0 broadcast 192.168.0.255 gateway 192.168.0.1 bridge_ports eth0 bridge_fd 9 bridge_hello 2 bridge_maxage 12 bridge_stp off
Enter the appropriate values for your physical interface and network.
Now restart networking to enable the bridge interface:
sudo /etc/init.d/networking restart
The new bridge interface should now be up and running. The brctl
provides useful information about the state of the bridge, controls which interfaces are part of the bridge, etc. See man brctl
for more information.
Subinterfaces¶
A subinterface is a division of one physical interface into multiple logical interfaces. So why would we do that? I use subinterfaces for hosting multiple SSL sites, DSR returns for localhost for my load balancers, and anything else you would need multiple ips on the same physical interface. In Ubuntu it is easy to add subinterfaces I have never had to add a temporary subinterface in Ubuntu but I guess I figure it is easier to just add it to the system and restart networking. Here is how to add a Ubuntu subinterface with ifconfig.
Adding a Ubuntu subinterface without restarting networking.¶
Add the interface and ip
sudo ifconfig eth0:0 192.168.1.253 netmask 255.255.255.0
Bring the interface up
sudo ifconfig eth0:0 up
Check and make sure it is in ifconfig
ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:30:48:28:65:2b
inet addr:192.168.1.5 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::230:48ff:fe28:652b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:101278725 errors:10 dropped:0 overruns:0 frame:10
TX packets:96594294 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3734515707 (3.7 GB) TX bytes:1773845088 (1.7 GB)eth0:0 Link encap:Ethernet HWaddr 00:30:48:28:65:2b
inet addr:192.168.1.253 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Remember the subinterface is gone unless you add it to /etc/network/interfaces
.
Adding a Ubuntu subinterface permanently¶
Now that you have added the subinterface without restarting networking, and or rebooting we need to add the ip address to the configuration file on Ubuntu so the new ip address will be on the system when you do some upgrades and need to reboot
Open the /etc/network/interfaces
file with your favorite editor
sudo vi /etc/network/interfaces
Add the following lines below your physical interface to create the subinterface on reboot.
auto eth0:0 iface eth0:0 inet static address 192.168.1.253 netmask 255.255.255.0
You can always add more subinterfaces by adding eth0:1
and eth0:2
and so on.
Here is and example of my complete /etc/network/interfaces
file with Ubuntu subinterfaces.
# This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto eth0 iface eth0 inet static address 192.168.1.5 netmask 255.255.255.0 network 192.168.1.0 broadcast 192.168.1.255 gateway 192.168.1.1 auto eth0:0 iface eth0:0 inet static address 172.16.0.3 netmask 255.255.255.0
Resources¶
- The Ubuntu Wiki Network page has links to articles covering more advanced network configuration.
- The interfaces man page has details on more options for
/etc/network/interfaces
. - The dhclient man page has details on more options for configuring DHCP client settings.
- For more information on DNS client configuration see the resolver man page. Also, Chapter 6 of O'Reilly's Linux Network Administrator's Guide is a good source of resolver and name service configuration information.
- For more information on bridging see the brctl man page and the Linux Foundation's Net:Bridge page.