Setting up a Dedibox Failover-IP

tested on NetBSD, Slackware, Ubuntu


It is much easier to use a Failover-IP from the host, as an alias. But if you are sure you want that for e.g. XEN or LXC, ok here is how it goes. We are assuming a bridge here, without any NAT nor routing trick from the host. Therefore no proxy_arp nor ip_forward is neededi (as xen-routing would otherwise require).

Hardcode your MAC

Dedibox requires you to define your guest’s MAC in their management console. Then hardcode it as such

vif = [ 'bridge=xenbr0,vifname=GUEST.0,mac=00:16:3e:xx:xx:xx' ]

Check that the bridge is in good state

brctl show

GNU/Linux guest system setup

the new school

ip l show eth0 # check MAC address
    ip addr add $failover/32 dev eth0

    ip route add dev eth0
ping -c1

    ip route add default via dev eth0

    ip route add HOST-IP dev eth0
ping -c1 HOST-IP

if you had net-tools already, you could have done it the old way

ifconfig eth0 # check MAC address
    ifconfig eth0 $failover/32
    route add -host dev eth0
    route add default gw

or as such step by step

ifconfig eth0 $failover/32 up
route add -host dev eth0
ping -c1
route add default gw
ping -c1

as for slackware’s rc.inet1, that would look like

    echo -n eth0...
    ifconfig eth0 $failover/32 up && echo done || echo FAIL
    #ifconfig eth0 $failover/32 pointopoint up && echo done || echo FAIL
unset failover

    echo -n custom route for non-subnet gateway...
    route add -host dev eth0 && echo done || echo FAIL

    echo -n default route...
    route add default gw && echo done || echo FAIL

Note: no much success with the pointopoint argument

NetBSD guest system setup

Once the guest has booted-up, check your MAC address

ifconfig xennet0 | grep address

Ping from the outside and validate step-by-step first


ifconfig xennet0 inet $fo/32 up
route add -net $fogw/32 -link -cloning -iface xennet0
ping -c1 $fogw
route add default $fogw
#route add default $fogw -iface $fo
netstat -rn -f inet
ping -c1
ping -c1

And your box should now respond from the public network.

Besides, you can also make a shortcut to reach the XEN host (if you want the return path to be also direct, you will need to tweak the XEN host itself)

route add -net $xenhost/32 -link -cloning -iface xennet0
traceroute $xenhost
ping -c1 $xenhost

While there is really no point of reaching its gateway, though. Otherwise add a route to the whole subnet (both $xenhost and $xenhostgw).

#route add -net $xenhostgw/32 -link -cloning -iface xennet0
#traceroute $xenhostgw
#ping -c1 $xenhostgw

You’re now ready to proceed with this at boot-time

cat > /etc/ifconfig.xennet0 <<-EOF
inet $fo/32 up
!/sbin/route add -net $fogw/32 -link -cloning -iface xennet0
!/sbin/route add default $fogw
!/sbin/route add -net $xenhost/32 -link -cloning -iface xennet0
cat /etc/ifconfig.xennet0
shutdown -r now



Failover IP - Scaleway Dedibox


Network configuration on a virtual machine

MAC virtuelles multi-IP

Virtualisation Xen

IP Failover

routing tricks

Networking with a gateway not on the local subnet

Add static routes and keep them across boots on NetBSD

Can I prevent a default route being added when bringing up an interface?

does the gateway have to be on the subnet?

How to add a route for a specific subnet?

Соединение point-to-point в Debian и CentOS

Copyright © 2024 Pierre-Philipp Braun