In this article, we’ll be discussing on how one can bind a whole IP subnet in a single Ubuntu 18.04 LTS Bionic Beaver linux machine. IP subnet binding enables us to use a whole ip address subnet in a single machine. We can bind any IP subnet /24, /16, /8 or a CIDR (Classless inter-domain routing) into a single linux machine.
In order to achieve this and bind an entire IP subnet in a single Linux machine, we can make use of a linux kernel feature called AnyIP. AnyIP is the capability to receive packets and establish incoming connections on IPs we have not explicitly configured on a linux machine.
This Linux kernel feature works on both IPv4 and IPv6 subnets.
Before moving ahead for the configuration, we’ll need to first make sure that we are running as root user or have sudo privileges.
$ sudo -s
For IPv4 :
Let us assume we have an IPv4 subnet of 10.20.2.0/24, then the command in order to bind the entire subnet to the Ubuntu 18.04 LTS machine would be :
# ip -4 route add local 10.20.2.0/24 dev lo
For IPv6
Let us assume we have an IPv4 subnet of fd13:a9d0:5ec6:a12e::/64, then the command in order to bind the entire IPv6 subnet to the Ubuntu 18.04 LTS machine would be :
# ip -6 route add local fd13:a9d0:5ec6:a12e::/64 dev lo
Once the above command is executed, we can then test the setup by pinging an IP of that particular subnet from an external network/internet using ping command.
Conclusion
In this way, we learned how we can bind an entire IPv4 and IPv6 subnet into a single Linux machine, Ubuntu 18.04 LTS Bionic Beaver in this case. This was possible due to the kernel feature called AnyIP else we’d need to explicitly add the IPs of the entire subnet in the linux network interface. In order to check whether the binding was done to the correct subnet, we can execute the following command:
# ip route show table local
An example use case of AnyIP setup can be when one requires to setup a mass shared hosting service where a website domain needs a dedicated IP. Instead of adding/binding all those IPs explicitly in the interface one by one, we can simply bind an entire IP subnet to the linux machine and can use it.
Another example use case is to configure a machine to accept all incoming traffic on eth0, and leave the policy of whether traffic for a given IP should be delivered to the machine up to the load balancer.
This does not work on CentOS (maybe not Ubuntu either?)
While the “route add” does cause your own box to accept those connections, it does NOT appear to instruct your kernel to respond to the router to tell it that you’re accepting those connections for those IPs (e.g. the ARP requests are ignored) so you can only connect from yourself to yourself this way – not from outside your own box?
But how to reach the IP addresses of anyip subnet from other machine? (I tried to add static route in the second machine but it did not work)
If your machine is assigned with certain a public IP address in the network end, then it shouldn’t routable through the internet.