How to configure lan on 2 pcie network cards?

Question

I used to work only with openwrt x86, configured zapret + dnscrypt2 dnsmasq, openvpn sever on it, I hardly know Ubuntu. This PC has a built-in network card and 2 pcie cards, wan was configured on one pcie card, it automatically received a static ip, the second one has a cable to the switch and a PC with windows 11, and the internal card went to the router. There was a need to remake this whole system on ubuntu and got stuck at the very beginning. I installed Ubuntu 24.04. 2, the system immediately received the Internet from the provider's cable (enp5s0), but I can't give the Internet to the other connectors (enp6s0 - router and ens4 - switch). I tried to make a connection through netplan on ens4, I registered the static ip of the provider with a difference in the number at the end and the gateway of the provider. As a result, the system writes that there is a connection, and the Windows PC also writes that there is a connection, but there is no Internet. I also can't connect via ssh from a Windows PC, I installed the necessary packages on Ubuntu, I entered 127.0.0.1 in Putty, it asks for a user and password, but no matter what I enter, it always denies access. I gave the root password, but with root, too, access denied

lshw -C network WARNING: you should run this program as super-user. *-network description: Ethernet interface product: RTL8125 2.5GbE Controller vendor: Realtek Semiconductor Co., Ltd. physical id: 0 bus info: pci@0000:04:00.0 logical name: ens4 version: 04 serial: 3c:64:cf:20:d3:ef size: 1Gbit/s capacity: 1Gbit/s width: 64 bits clock: 33MHz capabilities: bus_master cap_list ethernet physical tp mii 10bt 10bt-fd 100bt 100bt-fd 1000bt-fd autonegotiation configuration: autonegotiation=on broadcast=yes driver=r8169 driverversion=6.11.0-26-generic duplex=full firmware=rtl8125b-2_0.0.2 07/13/20 latency=0 link=yes multicast=yes port=twisted pair speed=1Gbit/s resources: irq:30 ioport:d000(size=256) memory:fb300000-fb30ffff memory:fb310000-fb313fff *-network description: Ethernet interface product: RTL8111/8168/8211/8411 PCI Express Gigabit Ethernet Controller vendor: Realtek Semiconductor Co., Ltd. physical id: 0 bus info: pci@0000:05:00.0 logical name: enp5s0 version: 07 serial: a0:a3:f0:aa:66:d4 size: 1Gbit/s capacity: 1Gbit/s width: 64 bits clock: 33MHz capabilities: bus_master cap_list ethernet physical tp mii 10bt 10bt-fd 100bt 100bt-fd 1000bt 1000bt-fd autonegotiation configuration: autonegotiation=on broadcast=yes driver=r8169 driverversion=6.11.0-26-generic duplex=full firmware=rtl8168e-3_0.0.4 03/27/12 ip=95.79.92.160 latency=0 link=yes multicast=yes port=twisted pair speed=1Gbit/s resources: irq:16 ioport:c000(size=256) memory:fb200000-fb200fff memory:f2100000-f2103fff *-network description: Ethernet interface product: RTL8111/8168/8211/8411 PCI Express Gigabit Ethernet Controller vendor: Realtek Semiconductor Co., Ltd. physical id: 0 bus info: pci@0000:06:00.0 logical name: enp6s0 version: 15 serial: 0a:e0:af:a2:12:3e size: 1Gbit/s capacity: 1Gbit/s width: 64 bits clock: 33MHz capabilities: bus_master cap_list ethernet physical tp mii 10bt 10bt-fd 100bt 100bt-fd 1000bt-fd autonegotiation configuration: autonegotiation=on broadcast=yes driver=r8169 driverversion=6.11.0-26-generic duplex=full firmware=rtl8168h-2_0.0.2 02/26/15 ip=169.254.145.181 latency=0 link=yes multicast=yes port=twisted pair speed=1Gbit/s resources: irq:16 ioport:b000(size=256) memory:fb104000-fb104fff memory:fb100000-fb103fff WARNING: output may be incomplete or inaccurate, you should run this program as super-user.

sudo cat /etc/netplan/*.yaml
network:
  version: 2
  renderer: NetworkManager
network:
  version: 2
  ethernets:
    enp4s0:
      addresses:
      - "95.79.92.161/24"
      gateway4: 95.79.92.254
    enp6s0:
      addresses:
      - "192.168.1.1/24"
      gateway4: 192.168.1.1
network:
  version: 2
  ethernets:
    NM-1b117d5a-b3f0-4c42-9ea8-e82e178347f5:
      renderer: NetworkManager
      match:
        name: "ens4"
      dhcp4: true
      dhcp6: true
      wakeonlan: true
      networkmanager:
        uuid: "1b117d5a-b3f0-4c42-9ea8-e82e178347f5"
        name: "Profile 1"
        passthrough:
          ethernet._: ""
          ipv6.addr-gen-mode: "default"
          ipv6.ip6-privacy: "-1"
          proxy._: ""
network:
  version: 2
  ethernets:
    enp5s0:
      renderer: NetworkManager
      match:
        name: "enp5s0"
      dhcp4: true
      networkmanager:
        uuid: "e1419a5e-5e1d-3fff-a17c-b2fc6d2cef99"
        name: "netplan-enp5s0"
        passthrough:
          connection.timestamp: "1749719874"
          ipv6.method: "dhcp"
          ipv6.ip6-privacy: "-1"
          proxy._: ""

 ip a
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host noprefixroute 
       valid_lft forever preferred_lft forever
2: ens4:  mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 3c:64:cf:20:d3:ef brd ff:ff:ff:ff:ff:ff
    altname enp4s0
    inet6 fe80::5cea:54bf:9388:b1d5/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
3: enp5s0:  mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether a0:a3:f0:aa:66:d4 brd ff:ff:ff:ff:ff:ff
    inet 95.79.92.160/24 brd 95.79.92.255 scope global dynamic noprefixroute enp5s0
       valid_lft 1510sec preferred_lft 1510sec
    inet6 fe80::a2a3:f0ff:feaa:66d4/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
4: enp6s0:  mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 0a:e0:af:a2:12:3e brd ff:ff:ff:ff:ff:ff
    inet 169.254.145.181/16 brd 169.254.255.255 scope global noprefixroute enp6s0
       valid_lft forever preferred_lft forever
    inet6 fe80::275f:8203:930f:213c/64 scope link 
       valid_lft forever preferred_lft forever

sudo apt policy openssh-server
openssh-server:
  Installed: 1:9.6p1-3ubuntu13.12
  Candidate: 1:9.6p1-3ubuntu13.12
  Version table:
 *** 1:9.6p1-3ubuntu13.12 500
        500 http://ru.archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages
        100 /var/lib/dpkg/status
     1:9.6p1-3ubuntu13.11 500
        500 http://security.ubuntu.com/ubuntu noble-security/main amd64 Packages
     1:9.6p1-3ubuntu13 500
        500 http://ru.archive.ubuntu.com/ubuntu noble/main amd64 Packages

I try configure netplan - not working

network:
    version: 2
    renderer: networkd
    ethernets:
        enp4s0:
             dhcp4: no
        enp6s0:
             dhcp4: no
    bridges:
        br0:
             dhcp4: no
             addresses: [ 192.168.1.1/24 ]
             interfaces: [ enp4s0, enp6s0 ]

I need an Ubuntu machine for subsequent installation of amnezia VPN server with xray, for connection to the home network from the outside. In my country, the protocol wireguard, shadowsocks, cloak is already blocked, so I will have to switch to x-ray, but unfortunately I did not find information about the possibility of setting up an x-ray server on openwrt. Openwrt was installed on the ssd of this Ubuntu machine, and zapret + dnscrypt2 + openvpn server were configured. I need all this to have access to YouTube, x.com, Facebook (meta). But recently, the openvpn protocol began to be blocked especially strongly, because of which I can no longer access these resources when I am at home. Also, this whole structure is needed so that while at work, I could connect to my home PC on Windows, to edit video and use it as a file network storage. That is, in general, before the bans, I had the following chain: Internet provider -> router -> wifi and switch -> 2 Windows PCs. Then I had to redo it like this: Internet provider -> openwrt x86 (zapret, VPN server, dnscrypt2) -> wifi router and switch -> 2 windows PCs. Now I need to transfer openwrt x86 to Ubuntu to run amnezia VPN x-ray on it, instead of the now non-working openvpn

I forgot to mention that the provider connection is via dhcp, that is, now through the enp5s0 interface I get the Internet with dhcp enabled on auto

mpboden · Answer 1 · 2025-06-13T00:37:36.157

You stated that this is a Desktop install and not a Server install. Therefore, network configuration is via System Settings and Network Manager, not Netplan. With that said, as of Ubuntu 23.10 Network Manager uses Netplan APIs to save the network configuration. Quoting from "How to integrate Netplan with desktop", it states the following:

On Ubuntu 23.10 “Mantic Minotaur” and later, NetworkManager uses Netplan APIs to save the configuration created using any of its graphical or programmatic interfaces. This leads to having a centralised location to store network configuration. On the Desktop, it’s convenient to use graphical tools for configuration when they are available, so nothing changes from the user perspective; only the way the system handles the configuration in the background.

What this means is that Netplan .yaml configuration files are created automatically to store network configuration settings, but this is not the place to make any configuration changes.

So let's take a look at a default Ubuntu 24.04 Desktop installation in a VirtualBox virtual machine I created with three interfaces. From there, we'll configure all interfaces with IP address as you desire.

In System Settings, we have the three interfaces as shown below. Note that the first interface is connected and the other two are in a connecting state. This is because I haven't configured those yet, and in their default state of acquiring an IP address via DHCP, there isn't a DHCP server connected to them so that's why they're not getting an IP address.

Looking at the IPv4 tab of the first interface's settings, we can see that it gets its IP address automatically via DHCP.

Next, look at the output of ip a where we can see an IP address assigned to the first interface, but not to the other two:

$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host noprefixroute 
       valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:28:d1:0e brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.111/24 brd 192.168.10.255 scope global dynamic noprefixroute enp0s3
       valid_lft 6360sec preferred_lft 6360sec
    inet6 fe80::a00:27ff:fe28:d10e/64 scope link 
       valid_lft forever preferred_lft forever
3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:6c:66:25 brd ff:ff:ff:ff:ff:ff
4: enp0s9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:80:a2:11 brd ff:ff:ff:ff:ff:ff

Also, look in the directory, /etc/netplan/, where we have the following .yaml configuration files:

$ ls -l /etc/netplan
total 8
-rw-r--r-- 1 root root 104 Apr 24  2024 01-network-manager-all.yaml
-rw------- 1 root root 391 Apr 30  2024 50-cloud-init.yaml

01-network-manager-all.yaml is a basic file indicating that the back-end renderer is Network Manager:

$ sudo cat /etc/netplan/01-network-manager-all.yaml 
# Let NetworkManager manage all devices on this system
network:
  version: 2
  renderer: NetworkManager

The other configuration file is automatically generated based off of the first interface configured in System Settings, which is configured as DHCP. This file is not to be edited. It is dynamically created based off any changes in System Settings.

$ sudo cat /etc/netplan/50-cloud-init.yaml 
# This file is generated from information provided by the datasource.  Changes
# to it will not persist across an instance reboot.  To disable cloud-init's
# network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
network:
    ethernets:
        enp0s3:
            dhcp4: true
    version: 2

Now let's configure a static IP address on the 2nd interface, enp0s8, via System Settings. Configure as follows and click apply:

Look at the output of ip a where you'll see the IP address has been assigned to enp0s8:

$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host noprefixroute 
       valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:28:d1:0e brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.111/24 brd 192.168.10.255 scope global dynamic noprefixroute enp0s3
       valid_lft 5734sec preferred_lft 5734sec
    inet6 fe80::a00:27ff:fe28:d10e/64 scope link 
       valid_lft forever preferred_lft forever
3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:6c:66:25 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.1/24 brd 10.0.0.255 scope global noprefixroute enp0s8
       valid_lft forever preferred_lft forever
    inet6 fe80::903a:c939:b869:e839/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
4: enp0s9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:80:a2:11 brd ff:ff:ff:ff:ff:ff

Looking in /etc/netplan, we have the following files, where a new file has been created:

$ ls -l /etc/netplan
total 12
-rw-r--r-- 1 root root 104 Apr 24  2024 01-network-manager-all.yaml
-rw------- 1 root root 391 Apr 30  2024 50-cloud-init.yaml
-rw------- 1 root root 527 Jun 12 16:19 90-NM-dd091a3f-42f3-3ba8-8a5a-b38752d0721e.yaml

Looking at the contents of this new file, we have the following:

$ sudo cat 90-NM-dd091a3f-42f3-3ba8-8a5a-b38752d0721e.yaml 
network:
  version: 2
  ethernets:
    NM-dd091a3f-42f3-3ba8-8a5a-b38752d0721e:
      renderer: NetworkManager
      match:
        name: "enp0s8"
      addresses:
      - "10.0.0.1/24"
      dhcp6: true
      wakeonlan: true
      networkmanager:
        uuid: "dd091a3f-42f3-3ba8-8a5a-b38752d0721e"
        name: "Wired connection 1"
        passthrough:
          connection.autoconnect-priority: "-999"
          connection.timestamp: "1749770630"
          ethernet._: ""
          ipv6.addr-gen-mode: "default"
          ipv6.ip6-privacy: "-1"
          proxy._: ""

As you can see, the information you entered in System Settings regarding this interface is automatically entered into this new file.

Continue with the 3rd interface:

Output of ip a:

$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host noprefixroute 
       valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:28:d1:0e brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.111/24 brd 192.168.10.255 scope global dynamic noprefixroute enp0s3
       valid_lft 5378sec preferred_lft 5378sec
    inet6 fe80::a00:27ff:fe28:d10e/64 scope link 
       valid_lft forever preferred_lft forever
3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:6c:66:25 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.1/24 brd 10.0.0.255 scope global noprefixroute enp0s8
       valid_lft forever preferred_lft forever
    inet6 fe80::903a:c939:b869:e839/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
4: enp0s9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:80:a2:11 brd ff:ff:ff:ff:ff:ff
    inet 172.16.0.1/24 brd 172.16.0.255 scope global noprefixroute enp0s9
       valid_lft forever preferred_lft forever
    inet6 fe80::be95:3a09:4b58:78fa/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

Directory listing of /etc/netplan/:

$ ls -l /etc/netplan
total 16
-rw-r--r-- 1 root root 104 Apr 24  2024 01-network-manager-all.yaml
-rw------- 1 root root 391 Apr 30  2024 50-cloud-init.yaml
-rw------- 1 root root 529 Jun 12 16:26 90-NM-7780a2aa-e70a-352d-9f91-13a8325f8bfa.yaml
-rw------- 1 root root 572 Jun 12 16:24 90-NM-dd091a3f-42f3-3ba8-8a5a-b38752d0721e.yaml

And contents of new .yaml configuration file for enp0s9:

$ sudo cat 90-NM-7780a2aa-e70a-352d-9f91-13a8325f8bfa.yaml 
network:
  version: 2
  ethernets:
    NM-7780a2aa-e70a-352d-9f91-13a8325f8bfa:
      renderer: NetworkManager
      match:
        name: "enp0s9"
      addresses:
      - "172.16.0.1/24"
      dhcp6: true
      wakeonlan: true
      networkmanager:
        uuid: "7780a2aa-e70a-352d-9f91-13a8325f8bfa"
        name: "Wired connection 2"
        passthrough:
          connection.autoconnect-priority: "-999"
          ethernet._: ""
          ipv6.addr-gen-mode: "default"
          ipv6.ip6-privacy: "-1"
          proxy._: ""

From here, you can continue setting up your network as you wish by specifying your IP addresses as needed. Additionally, you'll need to configure your firewall, possibly setup a DHCP server on your additional interfaces, configure IP forwarding, and configure any necessary routing.

But your question asked how to configure your interfaces with IP addresses, which is what I've shown here. The remaining items would be considered separate questions, which I encourage you to ask.

More info:

UFW - Uncomplicated Firewall

IP Forwarding

How do I install and configure a DHCP Server?

Setting up an Ubuntu Wired/Wireless Router

How to configure lan on 2 pcie network cards?

1 Answers1