diff options
Diffstat (limited to 'devdocs/vagrant/networking%2Fpublic_network.html')
| -rw-r--r-- | devdocs/vagrant/networking%2Fpublic_network.html | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/devdocs/vagrant/networking%2Fpublic_network.html b/devdocs/vagrant/networking%2Fpublic_network.html new file mode 100644 index 00000000..54329bd4 --- /dev/null +++ b/devdocs/vagrant/networking%2Fpublic_network.html @@ -0,0 +1,63 @@ +<h1 id="public-networks"> Public Networks </h1> <p><strong>Network identifier: <code>public_network</code></strong></p> <p>Vagrant public networks are less private than private networks, and the exact meaning actually varies from <a href="../providers/index">provider to provider</a>, hence the ambiguous definition. The idea is that while <a href="private_network">private networks</a> should never allow the general public access to your machine, public networks can.</p> <blockquote class="alert alert-info"> <p><strong>Confused?</strong> We kind of are, too. It is likely that public networks will be replaced by <code>:bridged</code> in a future release, since that is in general what should be done with public networks, and providers that do not support bridging generally do not have any other features that map to public networks either.</p> </blockquote> +<blockquote class="alert alert-warning"> <p><strong>Warning!</strong> Vagrant boxes are insecure by default and by design, featuring public passwords, insecure keypairs for SSH access, and potentially allow root access over SSH. With these known credentials, your box is easily accessible by anyone on your network. Before configuring Vagrant to use a public network, consider <em>all</em> potential security implications and review the <a href="../boxes/base">default box configuration</a> to identify potential security risks.</p> </blockquote> +<h2 id="dhcp"> DHCP </h2> <p>The easiest way to use a public network is to allow the IP to be assigned via DHCP. In this case, defining a public network is trivially easy:</p> <div class="highlight"><pre class="highlight ruby" data-language="ruby">Vagrant.configure("2") do |config| + config.vm.network "public_network" +end +</pre></div> +<p>When DHCP is used, the IP can be determined by using <code>vagrant ssh</code> to SSH into the machine and using the appropriate command line tool to find the IP, such as <code>ifconfig</code>.</p> <h3 id="using-the-dhcp-assigned-default-route"> Using the DHCP Assigned Default Route </h3> <p>Some cases require the DHCP assigned default route to be untouched. In these cases one may specify the <code>use_dhcp_assigned_default_route</code> option. As an example:</p> <div class="highlight"><pre class="highlight ruby" data-language="ruby">Vagrant.configure("2") do |config| + config.vm.network "public_network", + use_dhcp_assigned_default_route: true +end +</pre></div> +<h2 id="static-ip"> Static IP </h2> <p>Depending on your setup, you may wish to manually set the IP of your bridged interface. To do so, add a <code>:ip</code> clause to the network definition.</p> <div class="highlight"><pre class="highlight ruby" data-language="ruby">config.vm.network "public_network", ip: "192.168.0.17" +</pre></div> +<h2 id="default-network-interface"> Default Network Interface </h2> <p>If more than one network interface is available on the host machine, Vagrant will ask you to choose which interface the virtual machine should bridge to. A default interface can be specified by adding a <code>:bridge</code> clause to the network definition.</p> <div class="highlight"><pre class="highlight ruby" data-language="ruby">config.vm.network "public_network", bridge: "en1: Wi-Fi (AirPort)" +</pre></div> +<p>The string identifying the desired interface must exactly match the name of an available interface. If it cannot be found, Vagrant will ask you to pick from a list of available network interfaces.</p> <p>With some providers, it is possible to specify a list of adapters to bridge against:</p> <div class="highlight"><pre class="highlight ruby" data-language="ruby">config.vm.network "public_network", bridge: [ + "en1: Wi-Fi (AirPort)", + "en6: Broadcom NetXtreme Gigabit Ethernet Controller", +] +</pre></div> +<p>In this example, the first network adapter that exists and can successfully be bridge will be used.</p> <h2 id="disable-auto-configuration"> Disable Auto-Configuration </h2> <p>If you want to manually configure the network interface yourself, you can disable auto-configuration by specifying <code>auto_config</code>:</p> <div class="highlight"><pre class="highlight ruby" data-language="ruby">Vagrant.configure("2") do |config| + config.vm.network "public_network", auto_config: false +end +</pre></div> +<p>Then the shell provisioner can be used to configure the ip of the interface:</p> <div class="highlight"><pre class="highlight ruby" data-language="ruby">Vagrant.configure("2") do |config| + config.vm.network "public_network", auto_config: false + + # manual ip + config.vm.provision "shell", + run: "always", + inline: "ifconfig eth1 192.168.0.17 netmask 255.255.255.0 up" + + # manual ipv6 + config.vm.provision "shell", + run: "always", + inline: "ifconfig eth1 inet6 add fc00::17/7" +end +</pre></div> +<h2 id="default-router"> Default Router </h2> <p>Depending on your setup, you may wish to manually override the default router configuration. This is required if you need access the Vagrant box from other networks over the public network. To do so, you can use a shell provisioner script:</p> <div class="highlight"><pre class="highlight ruby" data-language="ruby">Vagrant.configure("2") do |config| + config.vm.network "public_network", ip: "192.168.0.17" + + # default router + config.vm.provision "shell", + run: "always", + inline: "route add default gw 192.168.0.1" + + # default router ipv6 + config.vm.provision "shell", + run: "always", + inline: "route -A inet6 add default gw fc00::1 eth1" + + # delete default gw on eth0 + config.vm.provision "shell", + run: "always", + inline: "eval `route -n | awk '{ if ($8 ==\"eth0\" && $2 != \"0.0.0.0\") print \"route del default gw \" $2; }'`" +end +</pre></div> +<p>Note the above is fairly complex and may be guest OS specific, but we document the rough idea of how to do it because it is a common question.</p><div class="_attribution"> + <p class="_attribution-p"> + © 2010–2018 Mitchell Hashimoto<br>Licensed under the MPL 2.0 License.<br> + <a href="https://www.vagrantup.com/docs/networking/public_network.html" class="_attribution-link">https://www.vagrantup.com/docs/networking/public_network.html</a> + </p> +</div> |