Linode Forum

[TeddyR42]

The ability to have eth1 interface on a private vlan only for the linodes under your own account to use for internal traffic.

This would allow more secure frontend/backend communications or testing without too much exposure (even with firewall rules setup) it would be one additional useful feature. This would also make NFS mounts more secure if needed.

I know that a private ip address can already be requested, but that address is on the same interface as the rest of the datacenter (eth0) and can be seen by any other linode at your datacenter.

[jebblue]

You might be able to do what you want with an alias if you are using a static ip already:

/etc/network/interfaces

auto eth0:1
iface eth0:1 inet static
address 127.0.0.100
netmask 255.255.255.0
#gateway

[TeddyR42]

jebblue wrote: You might be able to do what you want with an alias if you are using a static ip already:
That would not work for what I am requesting.. :-(.

- 127.x.x.x is reserved for the local machine only and MUST not traverse outside the machine it is running on.

- I would want to have the two (or more) linodes communicate with each other, but not have other machines that are not on my account be able to see them at all

- I dont want to "pick an ip out the air" on a vlan shared by other users. Can you say "Anarchy!" [or headache troubleshooting an ip conflict or other problem caused by a misconfiguration on your part or on someone else selecting the same network range as you]....

[Guspaz]

Firewall rules are good enough; nobody else can see your non-broadcast traffic, and you can prevent broadcast traffic with firewall rules. Adding a VLAN wouldn't make it any more secure. If you need more security, there's OpenVPN or the like.

[jebblue]

TeddyR42 wrote: That would not work for what I am requesting.. :-(.
I see, I misunderstood what you were asking for.