How to – Debian Static IP Configuration

On a basic Debian machine without a graphical interface assigning the same IP address all the times can be achieved in two ways.

Static IP Address

To configure a static IP, (an IP that will never change), and not use DHCP you must edit the file /etc/networking/interfaces.
Insert the following code at the end of the file and don’t change anything else unless you know what you do:

# The first network card – this entry was created during the Debian installation
# (network, broadcast and gateway are optional)
#Private Interface
iface eth0 inet static
address 192.168.0.254
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
## only use gateway if your machine is not multi-homed, (two network cards). You can only have a default route.
# gateway 192.168.0.1

In our case the IP of the Debian machine is 192.168.0.254. The gateway, (the router), is 192.168.0.1 and it is a standard Class C network.

To refresh the network configuration without restarting the server execute:
/etc/init.d/networking restart

If that doesn’t work reboot the machine (reboot or init 6).

For a second network card you should add at the end of the file another entry for your second card:
#External interface
iface eth1 inet static
address 1.1.2.2
netmask 255.255.255.0
network 1.1.2.0
gateway 1.1.2.254

Check the new configuration by issuing the command:
ifconfig

DHCP Reserved address

If you want to set this via DHCP you have to make a reservation into your DHCP server for your network card’s MAC address.
You can find your MAC address by using the command ifconfig.
The server will spit some information on the screen that looks like this:
eth0 Link encap:Ethernet HWaddr 00:33:ff:c4:2f:2b
inet addr:192.168.0.254 Bcast:192.168.10.255 Mask:255.255.255.0
inet6 addr: fe80::230:f4ff:fdd4:bf33/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:93373 errors:0 dropped:0 overruns:0 frame:0
TX packets:38320 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:76539317 (72.9 MiB) TX bytes:5551726 (5.2 MiB)
Interrupt:17 Base address:0x6000

The first line is the one you are interested in:
HWaddr 00:33:ff:c4:2f:2b
In your DHCP server make a reservation using 0033ffc42f2b as your MAC address. Note the removal of the colons in between.
Reboot the server and when the machine will try to renegociate its IP address the DHCP server will assign it the newly reserver address.

If you want to add a static route on your Debian machine edit your /etc/networking/interfaces file and add the following two lines at the end of your eth1, (eth0), configuration.
up route add -net 192.168.22.0 netmask 255.255.255.0 gw 192.168.100.254
down route del -net 192.168.22.0 netmask 255.255.255.0 gw 192.168.100.254
The two lines tell Debian to add a static route when the computer boots, and to remove the static route when it shuts down.

The parameters mean: 192.168.22.0 is the network you want to make your Debian machine aware of; 255.255.255.0 is the netmask of your added network, 192.168.100.254 is the gateway to that network.

Why would you need a static network? In our configuration example your default route is through your public network interface.
Any additional internal networks or VPN’s will not be available. The configuration above tells your Debian machine how to reach any VPN or networks not reachable via the default Network.

There is another change needed if you plan to configure this machine as a simple router. You need to enable IP forwarding, in other words allow the machine to forward traffic for its clients.
# nano /etc/sysctl.conf
Change the following line : net.ipv4.ip_forward = 0
to net.ipv4.ip_forward = 1

Reboot the machine to make the setting active, or issue the following command to make the kernel aware of the change:
# echo 1 > /proc/sys/net/ipv4/ip_forward

Why do you want your Debian machine to connect to other networks or VPN’s? If your machine is a proxy, or a gateway it needs to know where to route packets for its clients. Even if your remote networks or VPN’s have their own proxy, if you have a shared server in one of these networks you need to make it available for your users. It is easier to maintain a static route on one server than add it to all of the clients.

Loading Facebook Comments ...

Leave a Reply

Your email address will not be published. Required fields are marked *

*