Virtual Network Interface Cards (vNIC)
This document provides information about the operational functionalities related to the product page like Virtual Network Interface Cards and Auxiliary IPs.
Glossary
-
Default Network Interface Card: When the host system runs the network card functionality, the system automatically creates a default network card. The Elastic IP (EIP) and firewall initially attached to the virtual machine will now be attached to this default network card.
-
Custom Network Interface Card: This is a network card manually created from the console and can be flexibly bound with the virtual machine.
-
Auxiliary IP: This is a secondary IP manually applied from the console to use in conjunction with the main IP. It can also be flexibly bound with the virtual machine. The number of Auxiliary IPs that can be applied depends on the configuration of the virtual machine.
Features in Enhanced Network 1.0
| Serial Number | vCPU | Number of Elastic Network Interface Cards | Number of Private IPs per Interface Card |
|---|---|---|---|
| 1 | 1 ≤ vCPU ≤ 2 | 2 | 2 |
| 2 | 2 < vCPU ≤ 4 | 3 | 3 |
| 3 | 4 < vCPU ≤ 8 | 4 | 4 |
| 4 | 8 < vCPU ≤ 32 | 8 | 6 |
| 5 | 32 < vCPU ≤ 64 | 12 | 8 |
| 6 | 64 < vCPU ≤ 128 | 15 | 10 |
| 7 | VCPU > 128 | 15 | 12 |
Features in Enhanced Network 2.0:
| Serial Number | vCPU | Number of Elastic Network Interface Cards | Number of Private IPs per Interface Card |
|---|---|---|---|
| 1 | 1 ≤ vCPU ≤ 2 | 1 | 4 |
| 2 * 2 < vCPU ≤ 4 | 1 | 9 | |
| 3 | 4 < vCPU ≤ 8 | 1 | 16 |
| 4 | 8 < vCPU ≤ 32 | 1 | 48 |
| 5 | 32 < vCPU ≤ 64 | 1 | 96 |
| 6 | 64 < vCPU ≤ 128 | 1 | 150 |
| 7 | VCPU > 128 | 1 | 180 |
Creating a Network Interface Card
Login to the console, select "Virtual NIC" from the "All Products" section and click on "Create Virtual NIC".
Notes:
- A new network card will automatically bind to the default web firewall.
- Custom Network Interface Card uniquely has its set of configurations such as Resource Name Remarks, Business Group, Elastic IP, Firewall Configuration, etc. and they are independent of the main machine, but they can be flexiblely bound with the virtual machine.
- The network configuration of the virtual machine will fall on the default network card. The default network card is strongly bound with the life cycle of the virtual machine and cannot be unbound.
Using Network Interface Cards
Newly created network cards that are not yet bound with any external Elastic IPs, need to be bound after the network cards are created. Simultaneously, operations like changing the network resource's name, binding it with the main machine, etc. can be performed on the Virtual NIC list or the details page.
After a customized network card is bound with the virtual machine, it is necessary to configure the network card information and policy routing to the system on the virtual machine (it is not required for the default network card).
-
List Page Operations
-
Operations on the Details Page
-
Binding the Network Card to Virtual Machine
Notes:
- Clicking on the "Resource Name" on the List Page or "Details" in the operation column will open the resource's details page.
- On the top-right of the console, network card information display, downloading network resource list, refreshing network resource list information, reading documentation, and other operations are supported.
Network Card Configuration Guide
The default network card of the virtual machine does not require any configuration, but its auxiliary IPs need to be configured.
CentOS 7 Configuration Guide
Assuming the configuration of three existing host network cards, and two custom network cards are already bound to the virtual machine, is as follows,
eth0 (Default Network Interface Card)
(Master IP) 10.42.108.166
(Auxiliary IP) 10.42.107.2
eth1 (Custom Network Interface Card Created)
(Master IP) 10.42.71.137
(Auxiliary IP) 10.42.71.3
eth2 (Custom Network Interface Card Created)
(Master IP) 10.42.175.116
(Auxiliary IP) 10.42.175.3First Step: Deactivate RPF
Temporary Deactivation
Modify /proc/sys/net/ipv4/conf/all/rp_filter value:
echo 0 > /proc/sys/net/ipv4/conf/all/rp_filterRestart Network Service
service network restartPermanent Deactivation
Edit /etc/sysctl.conf file, Modify net.ipv4.conf.all.rp_filter value to 0, then restart the server
Second Step: Configure Custom Network Interface Card
Configuring eth1
# ifconfig eth1 10.42.71.137 netmask 255.255.0.0
# ifconfig eth1 mtu 1454
# echo "101 net_101 " >> /etc/iproute2/rt_tables
# ip route add default via 10.42.0.1 dev eth1 src 10.42.71.137 table net_101
# ip rule add from 10.42.71.137 table net_101Configuring eth2
# ifconfig eth2 10.42.175.116 netmask 255.255.0.0
# ifconfig eth2 mtu 1454
# echo "102 net_102 " >> /etc/iproute2/rt_tables
# ip route add default via 10.42.0.1 dev eth2 src 10.42.175.116 table net_102
# ip rule add from 10.42.175.116 table net_102Configuring Persistence
Create configuration files for eth1 and eth2
Create Configuration File
# cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-eth1
# cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-eth2
Modify the -
- DEVICE=Network Card Name of Virtual NIC
- HWADDR= MAC address of Virtual NIC
- IPADDR= IP address of Virtual NICWrite Policy Routing Configuration File
# cat /etc/sysconfig/network-scripts/route-eth1
default via 10.42.0.1 dev eth1 src 10.42.71.137 table net_101
# cat /etc/sysconfig/network-scripts/rule-eth1
from 10.42.71.137 table net_101
# cat /etc/sysconfig/network-scripts/route-eth2
default via 10.42.0.1 dev eth2 src 10.42.175.116 table net_102
# cat /etc/sysconfig/network-scripts/rule-eth2
from 10.42.175.116 table net_102Third Step: Configuring Auxiliary IP
ip addr add 10.42.107.2 dev eth0
ip addr add 10.42.71.3 dev eth1
ip addr add 10.42.175.3 dev eth2
Replace the IP address with the Auxiliary IP to be bound, to configure the Auxiliary IP for the default network card, just change the network card name to eth0 et ceteraConfiguration is complete when the primary IP and Auxiliary IP that are added to the Virtual Network Card can be pinged;
Fourth Step: After the Auxiliary IP is bound to EIP, follow these steps to configure policy routing
Create a new Policy Routing Table
echo '101 net_101' >> /etc/iproute2/rt_tablesConfigure Policy Matching Rules
ip rule add from X.X.X.X(Auxiliary IP) table net_101
ip rule add from X.X.X.X(Auxiliary IP) table net_102Configure Policy Routing
ip route add default via X.X.X.X(Gateway IP) dev eth1 table net_101
ip route add default via X.X.X.X(Gateway IP) dev eth2 table net_102CentOS 8 Configuration Guide
According to your needs, you can purchase a 2C2G cloud machine, which can be bound with two virtual network cards, and each Network Card can apply for six auxiliary IPs.
The configuration of two network cards of the existing host system, and one custom network card already bound to the cloud host, is as follows,
eth0 (Default Network Card)
(Main IP) 10.40.121.96
(Auxiliary IP) 10.40.4.124
(Auxiliary IP) 10.40.91.199
...
(Auxiliary IP) 10.40.47.171
eth1 (Custom Network Card Created)
(Main IP) 10.40.54.131
(Auxiliary IP) 10.40.33.188
(Auxiliary IP) 10.40.134.89
...
(Auxiliary IP) 10.40.44.17First Step: Deactivate RPF
Temporary Deactivation
Modify /proc/sys/net/ipv4/conf/all/rp_filter value:
echo 0 > /proc/sys/net/ipv4/conf/all/rp_filterRestart Networking Service
nmcli c reloadSecond Step: Configure Custom Network Card eth1
Write a configuration file for eth1, at this point only configure the Master IP
# cp -f /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-eth1
# vim /etc/sysconfig/network-scripts/ifcfg-eth1
Edit the configuration in the file -
- DEVICE=Network Card Name of Virtual NIC
- HWADDR= MAC address of Virtual NIC
- IPADDR= IP address of Virtual NIC
Example:
DEVICE=eth1
HWADDR=52:54:00:1B:5E:57
IPADDR=10.40.54.131Configuring the Master Network Card through nmc to route policy;
Create a new Policy Routing Table
# nmcli c modify System\ eth1 +ipv4.route-table 101Configure Policy Routing
# ip rule
0: from all lookup local
32766: from all lookup main
32767: from all lookup defaul
// No policy routing has been configured earlier, start decrementing from priority 32765
# nmcli c modify System\ eth1 +ipv4.routing-rules "priority 32765 from 10.40.54.131 table 101"
# nmcli c show System\ eth1 | grep -E 'ipv4.route-table|ipv4.routing-rules'
ipv4.route-table: 101
ipv4.routing-rules: priority 32765 from 10.40.54.131 table 101Restart Network Service and Verify Policy Routing Rule
#nmcli c reload
#nmcli c up System\ eth1
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/...)
#ip rule
...
32765: from 10.40.54.131 lookup 101
...Configuration is complete when the primary IP of the added Virtual NIC can be pinged after the firewall rule of the External Elastic IP is enabled
Third Step: Configuring the Auxiliary IP of eth1
Verify the subnet mask of the Auxiliary IP, it is to be identical to the Primary IP.
Replace the IP address with the Auxiliary IP to be bound to, to configure the Auxiliary IP for the default network card, all you need to do is change the network card name to eth0 that it is bound to, and so on.
# nmcli c modify System\ eth1 +ipv4.addresses X.X.X.X(Auxiliary IP)/Subnet Mask
# nmcli c show System\ eth1 | grep ipv4.addresses
ipv4.addresses: 10.40.54.131/16, $X.X.X.X(Auxiliary IP)/Subnet Mask
Configure the Auxiliary IP of eth1 through nmcli
# nmcli c modify System\ eth1 +ipv4.routing-rules "priority 32764 from X.X.X.X(Auxiliary IP) table 101"
# nmcli c show System\ eth1 | grep ipv4.routing-rules
ipv4.routing-rules: priority 32765 from 10.40.54.131 table 101, priority 32764 from X.X.X.X(Auxiliary IP) table 101Restart Networking Service, and verify the policy routing rules
# nmcli c reload
# nmcli c up System\ eth1
#ip rule
...
32764: from X.X.X.X(Auxiliary IP) lookup 101
32765: from 10.40.54.131 lookup 101
...Configuration is complete when the primary IP of the added Virtual NIC can be pinged.
Windows Configuration Guide
The standard image is pre-configured with DHCP, hence no extra configuration is required.
If DHCP has been turned off, you can follow the manual configuration steps mentioned below:
- Navigate to the "Network and Sharing Center" on your Windows system. If the system already has DHCP enabled, you can see the network card that has been bound.
- Click on the Network, then select "Properties" - Double Click on "Internet Protocol Version 4 (TCP/IPv4)" - Choose "Use the following IP address", and enter the actual IP and DNS information.
- Validation: Ping the internal IP address of the bound custom network card using any machine in the same VPC. If it's successful it implies the configuration is complete.
Ubuntu 20.04 Configuration Guide
1. Deactivate RPF and Restart Networking Service
Temporary Deactivation
echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
sudo apt-get install network-manager (Install network-manager tools)
sudo service network-manager restartPermanent Deactivation
Edit /etc/sysctl.conf file. Modify the value of net.ipv4.conf.all.rp_filter to 0 and then restart the server
2. Configure the newly bound Virtual Network Card
Assuming the new network card bound is eth1. All the following operations are based on eth1.
sudo ifconfig eth1 up
Edit /etc/netplan/50-cloud-init.yaml
vim /etc/netplan/50-cloud-init.yaml. The configuration of the newly bound network card is shown as below. Make modifications according to the actual scenario.
sudo netplan apply
3. Temporary configuration of policy routing (Will be ineffective once the host is restarted.)
ip route add default via 10.0.0.1 dev eth1 table 2000
ip rule add from 10.0.0.222 table 20004. Temporary configuration of Auxiliary IPs (Perform this setting when using Auxiliary IP)
- Bind the Auxiliary IP to the corresponding Network Card (eth1 in this example). Temporary Configuration (Will be ineffective once the host is restarted)
ip addr add 10.0.0.101/24 dev eth1 # Do this setting when using Auxiliary IP
ip addr add 10.0.0.102/24 dev eth1 # Do this setting when using Auxiliary IP- Configure the policy routing for Auxiliary IP. Temporary Configuration (Will be ineffective once the host is restarted)
ip rule add from 10.0.0.101 table 2000
ip rule add from 10.0.0.102 table 20005. Policy routing and Auxiliary IP permanent configuration
Carry out the configuration via rc.local. Take ubuntu20.04 as an example. The following configuration steps are performed when using Auxiliary IPs together. If you are not using Auxiliary IPs, just remove the related configurations of Auxiliary IP.
-
sudo vim /lib/systemd/system/rc-local.service
-
Add the below content to the file:
[Install]
WantedBy=multi-user.target
Alias=rc-local.service- Create rc.local
sudo touch /etc/rc.local
- Edit rc.local
#!/bin/sh
ip route add default via 10.0.0.1 dev eth1 table 2000 # Configure Policy Routing
ip rule add from 10.0.0.222 table 2000 # Virtual Network Card Master IP
ip addr add 10.0.0.101/24 dev eth1 # Add Auxiliary IP, do this setting when using Auxiliary IP
ip addr add 10.0.0.102/24 dev eth1 # Add Auxiliary IP, do this setting when using Auxiliary IP
ip rule add from 10.0.0.101 table 2000 # Configure Auxiliary IP Policy Routing. Do this setting when using Auxiliary IP
ip rule add from 10.0.0.102 table 2000 # Configure Auxiliary IP Policy Routing. Do this setting when using Auxiliary IP
exit 0- Change File Permissions
sudo chmod +x /etc/rc.local- Create Soft Link
ln -s /lib/systemd/system/rc.local.service /etc/systemd/system/- Check the configuration of Policy Routing
Reboot the host
root@xx-xx-xx-xx:/home/ubuntu# ip route show table 2000
default via 10.0.0.1 dev eth1
root@xx-xx-xx-xx:/home/ubuntu# ip rule show
0: from all lookup local
32760: from 10.0.0.101 lookup 2000
32761: from 10.0.0.102 lookup 2000
32762: from 10.0.0.222 lookup 2000
32763: from all lookup main
32764: from all lookup default
If the Primary IP and Auxiliary IP of the added Virtual NIC can be pinged, the configuration is complete.
6. After the Auxiliary IP is bound to EIP, follow these steps to configure policy routing
Create a new Policy Routing Table
echo '2001 ROUTER_IP_T' >> /etc/iproute2/rt_tablesConfigure Policy Matching Rules
ip rule add from X.X.X.X(Auxiliary IP) table ROUTER_IP_T
ip rule add from X.X.X.X(Auxiliary IP) table ROUTER_IP_TConfigure Policy Routing
ip route add default via X.X.X.X(Gateway IP) dev eth1 table ROUTER_IP_TFrequently Asked Questions (FAQ)
1. Why is the multi-network card configuration not working?
In general, the issue is due to the configuration of the network card. Here's how you can check:
- Check if the network card is bound to the cloud host and if the network card has been configured on the cloud host.
- Check if RPF is deactivated.
- Verify if the network card has been correctly routed.
If the issue persists after checking the above configurations, please provide:
- Five-element tuples from source IP to target IP and information about each hop
- Binding relationships between the network card and the host
- Information about the subnet the resources belong to
- Network card routing configuration
You can use After-Sales Consultation (opens in a new tab) for assistance.
2. If the cloud host has not activated the network card functionality and would like to activate the secondary network card, how to proceed?
If the network card feature was not activated when the cloud host was created, it cannot be activated later on. It is advisable to create a new host to use the network card function.
