Hi. I've dig around as much as I could for a simple setup that allows me to combine VMs on public IPs with others with private ones (hoping some of this services could be NATed via a the firewall/router).
I found some interesting proposal that made me configure the host machine network as:
I understand the concept here is that vmbr10 address acts a "router" for the VMs on private addresses.
The VMs would then be configed as:
auto lo
iface lo inet loopback
You can check a thread (in spanish) on OVH forums here:
http://foros.ovh.es/showthread.php?t=8039
Someone suggested there also to simply add a local virtual address to the VM in the form of a standart venet conf with no extra configuration. This is, create a machine and make it be i.e. 127.0.0.XX. All local VMs (on public or private address) seems to see each other correctly, which is great, but I just CAN NOT seem to find a way to NAT the traffic of the external IPs to a service on any of this machines with virtual addresses.
Could anyone point me at some documentation on how to easily combine private+virtual VM IPs being able to NAT the private ones if required via router or iproute rules?
Many thanks.
I found some interesting proposal that made me configure the host machine network as:
Code:
auto lo
iface lo inet loopback
iface eth0 inet manual
auto vmbr0
iface vmbr0 inet static
address XX.105.XXX.XXX <- ip fisica de la maquina
netmask 255.255.255.0
gateway XX.105.XXX.XXX
broadcast XX.105.XXX.XXX
bridge_ports eth0
bridge_stp off
bridge_fd 0
network XX.105.XXX.0
auto vmbr1
iface vmbr1 inet manual
bridge_ports dummy0
bridge_stp off
bridge_fd 0
post-up /etc/pve/kvm-networking.sh
auto vmbr10
iface vmbr10 inet static
address 192.168.0.1
netmask 255.255.255.0
network 255.0.0.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '192.168.0.0/24' -o vmbr10 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '192.168.0.0/24' -o vmbr10 -j MASQUERADEI understand the concept here is that vmbr10 address acts a "router" for the VMs on private addresses.
The VMs would then be configed as:
auto lo
iface lo inet loopback
Code:
auto eth0
iface eth0 inet static
address 192.168.0.101
netmask 255.255.0.0
gateway 192.168.0.1You can check a thread (in spanish) on OVH forums here:
http://foros.ovh.es/showthread.php?t=8039
Someone suggested there also to simply add a local virtual address to the VM in the form of a standart venet conf with no extra configuration. This is, create a machine and make it be i.e. 127.0.0.XX. All local VMs (on public or private address) seems to see each other correctly, which is great, but I just CAN NOT seem to find a way to NAT the traffic of the external IPs to a service on any of this machines with virtual addresses.
Could anyone point me at some documentation on how to easily combine private+virtual VM IPs being able to NAT the private ones if required via router or iproute rules?
Many thanks.