Linux netns: run different commands with different IP's on one physical interface

Question

I have a Debian Stretch VPS with 4 IPv4 addresses. I want to run several programs, binding them to specific IP addresses (To make outgoing HTTP requests from different IP's). So for example command

~$ curl icanhazip.com

would output specific different IP's.

What I've done:

0) Ordered extra IP's from my ISP

1) Edited /etc/network/interfaces and added extra IP's:

# Initial configuration after ordering VPS
source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback

allow-hotplug ens3 
iface ens3 inet static
    address 194.67.205.100
    netmask 255.255.252.0
    gateway 194.67.204.1

# Next lines were added by me
auto ens3:1
iface ens3:1 inet static
    address 185.125.216.101
    netmask 255.255.252.0

auto ens3:2
iface ens3:2 inet static
    address 185.125.216.102
    netmask 255.255.252.0

auto ens3:3
iface ens3:3 inet static
    address 185.125.216.103
    netmask 255.255.252.0

2) Then I've created netns for each IP

ip netns add ns1
ip netns add ns2
and so on

3) Tried to add interface to newly created netns:

# ip link set ens3:1 netns ns1

4) At that moment SSH connection drops. If I login using VNC, and execute ip a, I see that the whole physical interface ens3 and all its subinterfaces disappeared from main netns. Command output screenshot

Wnat am I doing wrong? How can I bind programs to different source IP addresses?

P.S. I am developing a simple site scraper using Python, need different IP's to speed up parsing (making more requests per second) and avoid ban.

"I am developing a simple site scraper [and] need different IP's to speed up parsing ... **_and avoid ban_**." Questions implicating "[unauthorized use or misuse of IT systems](https://serverfault.com/help/on-topic)," which has long included [circumvention of security or policy](https://meta.serverfault.com/questions/5228/when-did-udp-hole-punching-become-off-topic-on-server-fault#comment8625_5229), are off-topic at ServerFault. — Colt, Mar 14 '18 at 08:34
Those are ancient interface aliases, which don't actually exist anymore. All of the IP addresses are on ens3, not "ens3:1" etc. The file format is still supported for backward compatibility but it simply puts all the IP addresses on the interface. [They should not be used anymore](https://wiki.debian.org/NetworkConfiguration#Multiple_IP_addresses_on_one_Interface) for new installations, and existing installations should remove them. — Michael Hampton, Mar 14 '18 at 15:45

score 1 · Answer 1 · answered Mar 14 '18 at 14:40

A given physical interface can only be in one network namespace, so each of your alias can not be in their own namespaces. As soon as you start to move one, everything will move, which explains your observation.

See this question: Secondary IP in its own netns namespace for both explanations on why it is so, and also a solution based on macvlan (or otherwise you can do bridges, IP forwarding or NAT).

Linux netns: run different commands with different IP's on one physical interface

1 Answers1