proxmox on DMZ with 3 networks

grharry

New Member
May 3, 2010
12
0
1
I have a Proxmox server running in my DMZ zone.
My DMZ zone has 3 nets assigned
2 with public IP's xx.xx.xx.xx/28 ( A and B )
1 private 10.0.0.0/28

In order to dedicate a vhost into a different net than the one the main vmbr0 interface is on
I had to use a veth interface rather than a venet in order to be seen.

now one vhost that serves as mail server was assigned with a public IP of net A with a venet iface, I would like to assign a second public ip from the B NET in order to load balance the mail traffic among 2 providers.

How Do I approach this ?
Assing a second public IP on the vmbr0 and then a venet ip+interface from net B in the mail server ??? ( this options takes away an ip )
Use veth along with a venet in the mail server ??

None of the above ??

Please specify ...
Regards Harry
 
Hi,
why you don't use three separate networks? If you have only one nic, use vlan-tagging (switches with vlan-tagging are not expensive these days - e.g. cisco slm2008).
Then you can use tree bridges and the VMs can use all of them.

Udo
 
Hi,
why you don't use three separate networks? If you have only one nic, use vlan-tagging (switches with vlan-tagging are not expensive these days - e.g. cisco slm2008).
Then you can use tree bridges and the VMs can use all of them.

Udo

Thanks, but it's a bit more complicated than that ...
See the DMZ zone is a vlan by it's self
Besides your solution won't eliminate the need for additional public ip's.
NAT and SNAT would be a solution but the whole system stands behind an already complex FW that I do not intend to make it even more complex.
The existence of the 1 rfc1918 serves this purpose of ip economy ( DB servers that need to be accessed by a public web or mail server don;t need to waste a public ip ).
Any way I assigned a 2nd public ip to vmbr0 so far it works OK.

Another problem that I am faced with now is the cluster vm machine.
I am not able to tranfer these particular vs's.

Cheers,
Harry
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!