This assumes a routing/IP setup like OVH has for multiple IPs, with everything through a single physical interface. Virtual MACs should not be used.
The key benefits of this over editing application configs are:
- Handles applications that force listen on all interfaces
- Handles outbound traffic sensibly (ie without editing source addresses)
- Applications that sniff the public IP see the secondary IP
- Fails loudly - application will lose all connectivity, rather than being silently unconfined
Write a post-up script like:
#!/bin/sh ip netns add mynamespace ip link add myipvl link eno1 type ipvlan mode l3 ip link set myipvl netns mynamespace ip netns exec mynamespace ifconfig myipvl 184.108.40.206/32 up ip netns exec mynamespace ip route add default dev myipvl ip netns exec mynamespace ip link set dev lo up
myipvl are arbitrary strings, and
220.127.116.11 is the secondary IP you want to use.
Then in the systemd service, add:
Leave a Reply