I think with Shaw residential I can get 2 dynamic IPs?
I'm using my modem in "bridge mode" or "wired mode" or whatever the shaw techs want to call it this week. In other words, the builtin router is disabled and it acts just like an old-style cable modem direct into my firewall.
Obviously, I'm getting 1 dynamic. That's great.
Can I get the 2nd too, but using just the one cable to the modem, and just the one NIC?
I'm guessing I'll have to assign a 2nd IP, 2nd fake MAC, and/or "fake" interface to the existing interface? Then setup dhcpclient to use it (too)? (All in linux, of course.)
Is what I'm describing doable or am I missing something here? Any tips on the sequence of events here?
Thanks!
I can answer the first part of your questions, up to the NIC, but not beyond.
On my residential Shaw, I have had 3 IP addresses (all 3 dynamic, but they rarely change) for several years now. The first one was of course included in the service, the second one was available for free just for the asking (subject to availability in the area, they said), and the third one is costing $10 per month.
I wish you had told us which model of Shaw modem-router you have. Here's the 4 common ones they've issued over the last number of years:
1. Cisco DPC3825. 2. Hitron CGNM-2250. 3. Cisco/Motorola DPC3848V. 4. That funny-looking new contraption that promises to reach every corner of your house and your cranium with deep penetration.
Details:
1. Cisco DPC3825. A complete piece of junk, designed by a company that Cisco then bought so that they had something to sell to carriers for their lowest-priced plans. It does support "bridge" mode, but only on an all-or-nothing basis for the whole box, not per RJ-45 socket (4 of them). "Bridge" mode is the only way people get this junk to work somewhat reasonably.
4. That funny-looking new contraption. I have no idea about this one, but I wouldn't want my remaining brain cells to be destroyed this way.
3. Cisco/Motorola DPC3848V. Well-regarded, and I THINK it works the same way as #2 below.
2. Hitron CGNM-2250. A top-notch gem, which I've been using for several years now. It does support "bridge" mode, aka IP pass-thru, on a per RJ-45 socket (4 of them) basis. Its (Web) config lets you configure that, along with loads of other parameters (most of which don't apply to IP pass-thru sockets). The raw (non-NAT'ed, non-firewalled) IP addresses coming out of the chosen pass-thru RJ-45 sockets are fit to send into SEPARATE routers or SEPARATE NIC's, and the non-pass-thru RJ-45 sockets (if any) remain as NAT'ed/firewalled sockets, along with the Hitron's own Wi-Fi output.
Now, back to Shaw. You need to request the second (and beyond) IP's explicitly, otherwise #2 above will NOT work as described. Once you do have the second (and beyond) IP's, the Hitron nicely distributes them as above. Even if all 4 RJ-45 sockets are configured as IP pass-thru, though, the Hitron might still retain one IP to service its own Wi-Fi, perhaps even if you turn off Wi-Fi in its config - I'm not sure about this part.
As for two IP's to one NIC, I have no idea. Hence my comment right at the beginning, along with my emphasis on "SEPARATE routers or SEPARATE NIC's".
Hmmm, now all I have to do is remember why I need 3 IP addresses at Shaw. 🙂
Hartmut W Sager - Tel +1-204-339-8331
________________________________ From: Roundtable roundtable-bounces@muug.ca on behalf of Trevor Cordes trevor@tecnopolis.ca Sent: November 30, 2021 22:42 To: MUUG RndTbl roundtable@muug.ca Subject: [RndTbl] shaw 2nd ip
I think with Shaw residential I can get 2 dynamic IPs?
I'm using my modem in "bridge mode" or "wired mode" or whatever the shaw techs want to call it this week. In other words, the builtin router is disabled and it acts just like an old-style cable modem direct into my firewall.
Obviously, I'm getting 1 dynamic. That's great.
Can I get the 2nd too, but using just the one cable to the modem, and just the one NIC?
I'm guessing I'll have to assign a 2nd IP, 2nd fake MAC, and/or "fake" interface to the existing interface? Then setup dhcpclient to use it (too)? (All in linux, of course.)
Is what I'm describing doable or am I missing something here? Any tips on the sequence of events here?
Thanks! _______________________________________________ Roundtable mailing list Roundtable@muug.ca https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmuug.ca%2Fm...
Oh, I forgot to add: Yes, the multiple IP addresses would come in on the single Shaw coax RG-6 cable and into/thru the same single Shaw modem-router.
________________________________ From: Hartmut W Sager hwsager@live.ca Sent: December 1, 2021 07:59 To: Continuation of Round Table discussion roundtable@muug.ca Cc: Trevor Cordes trevor@tecnopolis.ca Subject: Re: [RndTbl] shaw 2nd ip
I can answer the first part of your questions, up to the NIC, but not beyond.
On my residential Shaw, I have had 3 IP addresses (all 3 dynamic, but they rarely change) for several years now. The first one was of course included in the service, the second one was available for free just for the asking (subject to availability in the area, they said), and the third one is costing $10 per month.
I wish you had told us which model of Shaw modem-router you have. Here's the 4 common ones they've issued over the last number of years:
1. Cisco DPC3825. 2. Hitron CGNM-2250. 3. Cisco/Motorola DPC3848V. 4. That funny-looking new contraption that promises to reach every corner of your house and your cranium with deep penetration.
Details:
1. Cisco DPC3825. A complete piece of junk, designed by a company that Cisco then bought so that they had something to sell to carriers for their lowest-priced plans. It does support "bridge" mode, but only on an all-or-nothing basis for the whole box, not per RJ-45 socket (4 of them). "Bridge" mode is the only way people get this junk to work somewhat reasonably.
4. That funny-looking new contraption. I have no idea about this one, but I wouldn't want my remaining brain cells to be destroyed this way.
3. Cisco/Motorola DPC3848V. Well-regarded, and I THINK it works the same way as #2 below.
2. Hitron CGNM-2250. A top-notch gem, which I've been using for several years now. It does support "bridge" mode, aka IP pass-thru, on a per RJ-45 socket (4 of them) basis. Its (Web) config lets you configure that, along with loads of other parameters (most of which don't apply to IP pass-thru sockets). The raw (non-NAT'ed, non-firewalled) IP addresses coming out of the chosen pass-thru RJ-45 sockets are fit to send into SEPARATE routers or SEPARATE NIC's, and the non-pass-thru RJ-45 sockets (if any) remain as NAT'ed/firewalled sockets, along with the Hitron's own Wi-Fi output.
Now, back to Shaw. You need to request the second (and beyond) IP's explicitly, otherwise #2 above will NOT work as described. Once you do have the second (and beyond) IP's, the Hitron nicely distributes them as above. Even if all 4 RJ-45 sockets are configured as IP pass-thru, though, the Hitron might still retain one IP to service its own Wi-Fi, perhaps even if you turn off Wi-Fi in its config - I'm not sure about this part.
As for two IP's to one NIC, I have no idea. Hence my comment right at the beginning, along with my emphasis on "SEPARATE routers or SEPARATE NIC's".
Hmmm, now all I have to do is remember why I need 3 IP addresses at Shaw. 🙂
Hartmut W Sager - Tel +1-204-339-8331
________________________________ From: Roundtable roundtable-bounces@muug.ca on behalf of Trevor Cordes trevor@tecnopolis.ca Sent: November 30, 2021 22:42 To: MUUG RndTbl roundtable@muug.ca Subject: [RndTbl] shaw 2nd ip
I think with Shaw residential I can get 2 dynamic IPs?
I'm using my modem in "bridge mode" or "wired mode" or whatever the shaw techs want to call it this week. In other words, the builtin router is disabled and it acts just like an old-style cable modem direct into my firewall.
Obviously, I'm getting 1 dynamic. That's great.
Can I get the 2nd too, but using just the one cable to the modem, and just the one NIC?
I'm guessing I'll have to assign a 2nd IP, 2nd fake MAC, and/or "fake" interface to the existing interface? Then setup dhcpclient to use it (too)? (All in linux, of course.)
Is what I'm describing doable or am I missing something here? Any tips on the sequence of events here?
Thanks! _______________________________________________ Roundtable mailing list Roundtable@muug.ca https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmuug.ca%2Fm...
Not sure I understood the question but yes you can have as many IPs as you want on the same nic.
It's been a while since I have done it but you just add virtual nics and they look like this:
Eth0:0 Eth0:1 Eth0:2 Etc.
Each one has its own Mac and can operate independently on the network. They can all be static IPs or dhcp.
They can even be on different vlans.
John
On a modern Linux system you would
check what you've got ip addr
add a new IP ip addr add ...
You can do things like cp -a /etc/sysconfig/network-scripts-icfg-eth0 /etc/sysconfig/network-scripts-icfg-eth0:0 (then edit the new file with the correct details)
or whatever your startup scripts look like
On 2021-12-01 09:22, John Lange wrote:
Not sure I understood the question but yes you can have as many IPs as you want on the same nic.
It's been a while since I have done it but you just add virtual nics and they look like this:
Eth0:0 Eth0:1 Eth0:2 Etc. Each one has its own Mac and can operate independently on the network. They can all be static IPs or dhcp.
They can even be on different vlans.
John
Roundtable mailing list Roundtable@muug.ca https://muug.ca/mailman/listinfo/roundtable
John,
I think you might be conflating two different types of virtual interfaces. The eth0:n notation is for a virtual interface that works at the IP layer, and shares the link layer, including MAC address, of the parent interface. Like this...
https://linuxconfig.org/configuring-virtual-network-interfaces-in-linux
Then there's the eth0.n notation (note the "." rather than the ":") for a macvlan interface that works at the link layer, and can have a separate MAC address (and VLAN) from the parent interface. This shows an example of each...
https://unix.stackexchange.com/questions/21841/make-some-virtual-mac-address
And this gives all the gory details of various types of virtual interfaces for various VM hosting scenarios...
https://developers.redhat.com/blog/2018/10/22/introduction-to-linux-interfac...
(I learned some new concepts and lots of new terminology from this last one.)
In any case, Linux does indeed provide a way (or more) to support multiple MAC addresses on one physical Ethernet interface, so setting this up for multiple dynamic IP addresses from Shaw should be doable.
Gilbert
On 2021-12-01 9:22 a.m., John Lange wrote:
Not sure I understood the question but yes you can have as many IPs as you want on the same nic.
It's been a while since I have done it but you just add virtual nics and they look like this:
Eth0:0 Eth0:1 Eth0:2 Etc.
Each one has its own Mac and can operate independently on the network. They can all be static IPs or dhcp.
They can even be on different vlans.
John
Thanks for the corrections Gilbert. I'm certainly rusty at this point having not had any need for multiple IPs for quite some time.
John
On Wed, Dec 1, 2021 at 4:06 PM Gilbert E. Detillieux < gedetil@cs.umanitoba.ca> wrote:
John,
I think you might be conflating two different types of virtual interfaces. The eth0:n notation is for a virtual interface that works at the IP layer, and shares the link layer, including MAC address, of the parent interface. Like this...
https://linuxconfig.org/configuring-virtual-network-interfaces-in-linux
Then there's the eth0.n notation (note the "." rather than the ":") for a macvlan interface that works at the link layer, and can have a separate MAC address (and VLAN) from the parent interface. This shows an example of each...
https://unix.stackexchange.com/questions/21841/make-some-virtual-mac-address
And this gives all the gory details of various types of virtual interfaces for various VM hosting scenarios...
https://developers.redhat.com/blog/2018/10/22/introduction-to-linux-interfac...
(I learned some new concepts and lots of new terminology from this last one.)
In any case, Linux does indeed provide a way (or more) to support multiple MAC addresses on one physical Ethernet interface, so setting this up for multiple dynamic IP addresses from Shaw should be doable.
Gilbert
On 2021-12-01 9:22 a.m., John Lange wrote:
Not sure I understood the question but yes you can have as many IPs as you want on the same nic.
It's been a while since I have done it but you just add virtual nics and they look like this:
Eth0:0 Eth0:1 Eth0:2 Etc.
Each one has its own Mac and can operate independently on the network. They can all be static IPs or dhcp.
They can even be on different vlans.
John
-- Gilbert E. Detillieux E-mail: gedetil@cs.umanitoba.ca Dept. of Computer Science Web: http://www.cs.umanitoba.ca/~gedetil/ University of Manitoba Phone: (204)474-8161 Winnipeg MB CANADA R3T 2N2 For best service, contact cstech@cs.umanitoba.ca.
Thanks everyone, from all the replies it looks like I should be able to pull it off, and probably with just the one CAT6 cable to one port on the modem. If that fails, maybe better luck using 2 CAT6 cables between modem and computer (can do another NIC, or go through a VLAN in my switch).
The real fun comes when I try to update my manual firewall rules for yet another interface, and then routing only some packets to the new interface... That is going to take some serious time.
I think I have the Hitron modem, but I'm not positive (and it's currently buried pretty well).
I'll report back if/when I make it work! Thanks!
If you have two interfaces where traffic must remain separated (i.e. inbound connection to IP #1 needs reply packets from #1, inbound connection to #2 needs reply packets from #2) you'll also need to look into Routing Domains or Routing Tables - can't remember offhand what Linux calls them. On a router, we'd call this a VRF, or a Virtual Routing Instance. Basically, you no longer have one set of routes, you have two sets. Each interface is a "member" of one set or the other, not both. -Adam
-----Original Message----- From: Roundtable roundtable-bounces@muug.ca On Behalf Of Trevor Cordes Sent: Wednesday, December 1, 2021 7:56 PM To: roundtable@muug.ca Subject: Re: [RndTbl] shaw 2nd ip
Thanks everyone, from all the replies it looks like I should be able to pull it off, and probably with just the one CAT6 cable to one port on the modem. If that fails, maybe better luck using 2 CAT6 cables between modem and computer (can do another NIC, or go through a VLAN in my switch).
The real fun comes when I try to update my manual firewall rules for yet another interface, and then routing only some packets to the new interface... That is going to take some serious time.
I think I have the Hitron modem, but I'm not positive (and it's currently buried pretty well).
I'll report back if/when I make it work! Thanks!
_______________________________________________ Roundtable mailing list Roundtable@muug.ca https://muug.ca/mailman/listinfo/roundtable
Is Linux policy routing what you mean?...
https://blog.scottlowe.org/2013/05/29/a-quick-introduction-to-linux-policy-r...
See also...
https://www.kernel.org/doc/Documentation/networking/vrf.txt https://tldp.org/HOWTO/pdf/Adv-Routing-HOWTO.pdf
Gilbert
On 2021-12-01 8:12 p.m., Adam Thompson wrote:
If you have two interfaces where traffic must remain separated (i.e. inbound connection to IP #1 needs reply packets from #1, inbound connection to #2 needs reply packets from #2) you'll also need to look into Routing Domains or Routing Tables - can't remember offhand what Linux calls them. On a router, we'd call this a VRF, or a Virtual Routing Instance. Basically, you no longer have one set of routes, you have two sets. Each interface is a "member" of one set or the other, not both. -Adam
-----Original Message----- From: Roundtable roundtable-bounces@muug.ca On Behalf Of Trevor Cordes Sent: Wednesday, December 1, 2021 7:56 PM To: roundtable@muug.ca Subject: Re: [RndTbl] shaw 2nd ip
Thanks everyone, from all the replies it looks like I should be able to pull it off, and probably with just the one CAT6 cable to one port on the modem. If that fails, maybe better luck using 2 CAT6 cables between modem and computer (can do another NIC, or go through a VLAN in my switch).
The real fun comes when I try to update my manual firewall rules for yet another interface, and then routing only some packets to the new interface... That is going to take some serious time.
I think I have the Hitron modem, but I'm not positive (and it's currently buried pretty well).
I'll report back if/when I make it work! Thanks!
-
Adam Thompson -
Gilbert E. Detillieux -
Hartmut W Sager -
Hartmut W Sager -
John Lange -
Scott Toderash -
Tony Richardson -
Trevor Cordes