Add a second static IP address

Hi everyone,

I just got a Intel NUC i5 8th with Debian 10 running HA Supervised, and I´m trying to install HA with MQTT + Ubiquity. Since there is a port conflict between these 2 apps I thought of setting 2 static IP addresses on the same NIC, 1 for HA and its apps and a 2nd which I could manage directly from the OS.

I configured the ip address from Supervisor UI and then took a look at /etc/nework/interfaces and there is nothing there… I´m afraid that by changing this file I might ruin somethimg for HA.

How to configure 2 IP addresses without messing with HA?

Many thanks
Francisco

Hi Francisco, welcome to the community!

It is not possible to just set another ip address through Supervisor UI if the network interface (NIC) you want to bind that additional ip address to doesn’t exist on the OS level. You have to add a static virtual network interface through Debian first and only then you can assign an(-other) ip address to it.

Please show us the output of:
sudo ip a

or if you have net-tools installed:
sudo ifconfig

Hi @Tamsy
Thanks for your reply.
My linux skills are a bit limited, but I usually go to /etc/nework/interfaces and configure the IP settings.
I got a bit scare when I configured the IP from HA webUI and them I found the interfaces file empty.
I was planning to use for example .10 for HA and .11 for Ubiquity.

# Static IP address
auto eth0
iface eth0 inet static
        address 172.31.1.10
        netmask 255.255.255.0
        network  172.31.1.0
        broadcast  172.31.1.255
        gateway  172.31.1.1

# Virtual interface 
# Static IP address
auto eth0:0
iface eth0:0 inet static
        address 172.31.1.11
        netmask 255.255.255.0

Heres the output :

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 1c:69:7a:a1:73:01 brd ff:ff:ff:ff:ff:ff
    inet 172.31.1.10/24 brd 172.31.1.255 scope global noprefixroute eno1
       valid_lft forever preferred_lft forever
    inet6 2001:818:e22b:8e00:2be3:3d0d:a393:ee33/64 scope global dynamic noprefixroute 
       valid_lft 86352sec preferred_lft 3552sec
    inet6 fe80::f0f1:b0fd:267:7a60/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether 02:42:b8:26:c5:44 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
    inet6 fe80::42:b8ff:fe26:c544/64 scope link 
       valid_lft forever preferred_lft forever
7: vethedcbc86@if6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default 
    link/ether d2:63:86:3c:0c:fc brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet6 fe80::d063:86ff:fe3c:cfc/64 scope link 
       valid_lft forever preferred_lft forever
8: hassio: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether 02:42:a0:c5:42:1e brd ff:ff:ff:ff:ff:ff
    inet 172.30.32.1/23 brd 172.30.33.255 scope global hassio
       valid_lft forever preferred_lft forever
    inet6 fe80::42:a0ff:fec5:421e/64 scope link 
       valid_lft forever preferred_lft forever
10: veth75476cb@if9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master hassio state UP group default 
    link/ether 32:92:70:75:3a:56 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet6 fe80::3092:70ff:fe75:3a56/64 scope link 
       valid_lft forever preferred_lft forever
12: vetha08a952@if11: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master hassio state UP group default 
    link/ether 42:eb:76:07:db:45 brd ff:ff:ff:ff:ff:ff link-netnsid 1
    inet6 fe80::40eb:76ff:fe07:db45/64 scope link 
       valid_lft forever preferred_lft forever
14: veth6baa7e6@if13: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master hassio state UP group default 
    link/ether fa:55:5e:85:cd:2c brd ff:ff:ff:ff:ff:ff link-netnsid 2
    inet6 fe80::f855:5eff:fe85:cd2c/64 scope link 
       valid_lft forever preferred_lft forever
16: veth14d6592@if15: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master hassio state UP group default 
    link/ether 6e:d8:64:68:c2:4a brd ff:ff:ff:ff:ff:ff link-netnsid 3
    inet6 fe80::6cd8:64ff:fe68:c24a/64 scope link 
       valid_lft forever preferred_lft forever
18: veth5485225@if17: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master hassio state UP group default 
    link/ether 2e:02:e1:71:41:99 brd ff:ff:ff:ff:ff:ff link-netnsid 4
    inet6 fe80::2c02:e1ff:fe71:4199/64 scope link 
       valid_lft forever preferred_lft forever

root@domus:~# docker network ls
NETWORK ID     NAME      DRIVER    SCOPE
791af569ff8b   bridge    bridge    local
f909a24cd35c   hassio    bridge    local
a3883cedffe2   host      host      local
57908c517ad6   none      null      local

I understand some people might say I should separate things, but to be honest I think the NUC is powerfull enough to run other things.
Ideally how can I configure the 2 IPs without messing HA supervisor?

I don’t think it is possible to assign two IP addresses to a single Network Interface. I also don’t understand why?

I once believed that static IP was the way to go. But I have some 65 devices on my local network and managing a few dozen IP addresses was becoming tedious.

Today, I do not have a single device, computer or server with a static IP address.

When I want the device IP to remain unchanged, for example servers, I assign a permanent DHCP lease in my router. Some routers call this a static IP or a fixed IP, but they are a permanent lease. Anytime the router sees the device MAC address, it gets the IP previously assigned.

It’s possible and it’s actually pretty common (and useful). It’s called IP aliasing. For example, you can use this to access multiple subnets, like the internet and your IoT intranet using a single NIC.

That said, sadly I have no idea on how to configure this on Supervised. Maybe just using a cheap USB NIC for the second IP would be a quick and easy alternative. That’s what I did on my PC to access two separate subnets out of pure lazyness and not wanting to mess up my network config (nothing to do with HA though).

As HeyImAlex has already pointed it out IP aliasing is possible although it is an obsolete way to manage multiple IP-addresses but it is still supported for backwards compatibility on modern Linux systems. It’s successor is the newer tool iproute2 to support multiple address/prefixes per interface.

However, because setting IP aliasing is still a valid way to configure a Virtual NIC and is easy to setup lets do it with the most simple legacy method first.

Your approach within /etc/network/interfaces is correct but as your shown output of sudo ip a shows you made a mistake at the naming of the interfaces:

You set:
eth0 (and eth0:0 for the alias interface)
but in fact it is:
eno1 (and can be i.e. eno1:10 for the alias interface).

Change the content of /etc/network/interfaces to the following:

# The loopback interface
auto lo
iface lo inet loopback

# Static IP address
auto eno1
allow-hotplug eno1
iface eno1 inet static
    address 172.31.1.10
    netmask 255.255.255.0
    broadcast 172.31.1.255
    gateway 172.31.1.1

# Virtual interface 
# Static IP address
auto eno1:10
allow-hotplug eno1:10
iface eno1:10 inet static
    address 172.31.1.11
    netmask 255.255.255.0
    broadcast 172.31.1.255

Note: Don’t set a Gateway address (nor a DNS server) with an alias interface!

Restart networking service (from CLI):
sudo systemctl restart networking

What is
sudo ip addr
showing now?

In case the above legacy method doesn’t work I’ll show you another way.

A little bit off-topic though:

In times where MAC-spoofing becomes more and more popular (just think of the newer Android- or iOS-versions where the MAC-address is ever changing every time that device connects to a WLAN) you wont get any far by assigning permanent DHCP leases with your router because, as you already explained it, your router identifies the connecting device through it’s MAC-address.

As for single devices, computers or servers which are fxed inside your LAN, probably for their whole lifetime (for what reason smart plugs etc., once correctly configured, have to change their ip-address anyway?) it makes perfectly sense to assign static ip-addresses.

@Tamsy

Thank you for your help. I´ll try what you suggested and I´ll report back.
And also thanks everyone for your input .

Exploring a bit more of the reason why I want 2 (or more IPs), is like I said, it´s a i5 8th generation. It´s has enough power to run HA as well other things.

@stevemann you can bind many IPs to single NIC. As for the reason why would someone do it, take my example. I want to use HA supervisor for the possibility of doing snapshots + addons. In my “inexperient” point of view it´s a hugeeeee benefit to be able to snapshot and restore HA and everything related to HA on another machine in case of failure. Now … MQTT and Ubiquity clash on port 8883. One can argue why not change ports on one side, but I from experience don´t like to change defaults. For example, I could change my webserver ports from 80/443, but then I would have to remember to what new port I changed it to when connecting, and inform everyone else also.

It would be perfect if HA managed multiple IPs with the addons, but not being possible, so I choose to keep Ubiquity out of HA “box” and run it elsewhere. I the “old days” I would run a Virtual Machine with Ubiquity but now we have Docker . I posted this question because I started using HA and didn´t wanted to start messing with Debian an ruin HA ecosystem.

I´m not saying this is the better way, it´s the one I thought of. In fact I appreciate all the comments and different approaches.

I would still prefer to run a VM or LXC container, would make your life much easier, take a look at proxmox super lean environment…

I have no clue what Ubiquity is, but if it’s a port conflict, just plug in a USB WiFi dongle. Poof, a second IP.

I have three NUC i5’s here. One running Ubuntu and the second running Home Assistant (only), and the third running Plex. I love running Node Red on the HA NUC. Just click on Deploy and it’s finished in less than a second. I toyed with the idea of putting the Linux version of the Arduino IDE on my Ubuntu NUC, but it’s in the basement with my Home Assistant NUC, my Sonic NAS, my Plex server and my MQTT Broker, so how would I upload to the Arduino hardware?

Ubiquiti.

Fancy website. Still don’t know what Ubiquity is.

@franciscorc a little bit late, but maybe still of help: I’ve configured a second ip address on my HA raspberry, took me some time to figure out the "right"™ way

1. I’ve enabled “SSH & Web Terminal” add-on with “Protection mode disabled” (I’m actually not sure whether the latter is really needed)
2. log in to your ha instance
3. nmcli dev status lists all network connection available in ha and info about the ones managed via NetworkManager. The profile you are looking for is either “HassIO default” (as it used to be) or somehting like “Supvervisor eth0” (to which it seems to have changed very recently)
4. with nmcli con show "Supervisor eth0" you can get all details of you current profile, or you can use

   nmcli dev show eth0
   

   to get only the details about you network device (this is what you usually want)
5. example output

   GENERAL.DEVICE:                         eth0
   GENERAL.TYPE:                           ethernet
   GENERAL.HWADDR:                         xxxxx
   GENERAL.MTU:                            1500
   GENERAL.STATE:                          100 (connected)
   GENERAL.CONNECTION:                     Supervisor eth0
   GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveConnection/1
   WIRED-PROPERTIES.CARRIER:               on
   IP4.ADDRESS[1]:                         192.168.177.4/24
   IP4.GATEWAY:                            192.168.177.3
   IP4.ROUTE[1]:                           dst = 0.0.0.0/0, nh = 192.168.177.3, mt = 100
   IP4.ROUTE[2]:                           dst = 192.168.177.0/24, nh = 0.0.0.0, mt = 100
   IP4.DNS[1]:                             192.168.177.3
   IP4.DOMAIN[1]:                          xxxxx.local
   

6. now you can add a new ip address quite easily with

   nmcli con mod "Supervisor eth0" +ipv4.addresses 192.168.176.1/24
   

7. now you need to reboot the host
8. after ssh login you can check with

   nmcli dev status eth0
   

   whether the new ip has been added

The configuration remains active after reboots BUT it’s not heavily tested whether it survives all different types of updates. Maybe some config files in /etc/NetworkManager/conf.d would be more resilient but I have not tested this. Also the config seems to be overwritten when you make manual changes to the network configuration via the UI.

CAUTION: nmcli is very powerfull, you can change nearly everything pertaining to your network config. This might lead to not being able to connect to your home assistant device anymore. Be prepared!!!

Can you elaborate on step 2?
Opened up SSH web interface and

I added the second IP using nmcli, and just realised that Home Assistant Supervisor is actually knowledge it.
Showing the right way to do it as in the screenshot here

Screenshot 2022-10-01 at 03.09.051204×994 71.8 KB

FWIW the supervisor network interface options no longer support multiple IP’s in cidr notation

I tried 192.168.120.3/23,192.168.100.50/24 and got the following error:

expected IPv4Interface @ data['ipv4']['address'][0]. Got '192.168.120.3/23,192.168.100.50/24/23'