networking problem/vmbr

1

1100101

New Member
Mar 12, 2011
4
0
1
hello,

i have a problem setting up a working vmbr on my root.
Its a Hetzner EQ6 and I found some threads, but all solutions are not working on my system so I hope anyone here as a good idea.

Heres my setup:
Code: 
#pveversion -v
pve-manager: 1.7-11 (pve-manager/1.7/5470)
running kernel: 2.6.35-1-pve
proxmox-ve-2.6.35: 1.7-9
pve-kernel-2.6.35-1-pve: 2.6.35-9
qemu-server: 1.1-28
pve-firmware: 1.0-10
libpve-storage-perl: 1.0-16
vncterm: 0.9-2
vzctl: 3.0.24-1pve4
vzdump: 1.2-10
vzprocps: 2.0.11-1dso2
vzquota: 3.0.11-1
pve-qemu-kvm: 0.13.0-3
ksm-control-daemon: 1.0-4
Code: 
#sysctl -p
net.ipv4.conf.all.rp_filter = 1
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.ip_forward = 1
and the network configuration (ip's changed). eth0 and vmbr0 are working fine. I need to set up an additional (private) network. The VM's must be able to access the internet

Code: 
auto eth0
iface eth0 inet static
    address  178.55.34.77 (main IP)
    netmask  255.255.255.192
    gateway  178.55.34.1
    broadcast  178.55.34.82
    pointopoint 178.55.34.1

auto vmbr0
iface vmbr0 inet static
       address   178.55.34.77
       netmask   255.255.255.255
       broadcast 178.55.34.82
       bridge_ports none
       bridge_stp off
       bridge_fd 0
       up ip route add 178.55.34.78 dev vmbr0
178.55.34.78 is the 2nd public IP. I know the netmask of vmbr0 is not right, but its only working with this configuration.
Now i need to create vmbr1 for the internal routing, but im not sure about the right config. Hetzner allows only one MAC address to access the internet, i have no more public IP's.

Maybe somebody of you has an idea working with this szenario.

Thanks!
 
The following conf is working for me
just had to add these lines in the vmbr1 def.
Code: 
  post-up iptables -t nat -A POSTROUTING -s 'ip' -o eth0 -j MASQUERADE
   post-down iptables -t nat -D POSTROUTING -s 'ip' -o eth0 -j MASQUERADE
thanks.
 
Sir,

following conf works for me:
Code: 
auto eth0
iface eth0 inet static
    address  178.55.34.77 (main IP)
    netmask  255.255.255.192
    gateway  178.55.34.1
    broadcast  178.55.34.82
    pointopoint 178.55.34.1

auto vmbr0
iface vmbr0 inet static
       address   178.55.34.77
       netmask   255.255.255.255
       broadcast 178.55.34.82
       bridge_ports none
       bridge_stp off
       bridge_fd 0
       up ip route add 178.55.34.78 dev vmbr0 (2nd IP)
       up ip route add 178.55.34.79 dev vmbr0 (3rd IP)








auto vmbr1
iface vmbr1 inet static
        address  10.10.0.1
        netmask  255.255.255.0
        bridge_ports none
        bridge_stp off
        bridge_fd 0
        post-up iptables -t nat -A POSTROUTING -s '10.10.0.0/24' -o eth0 -j MASQUERADE
        post-down iptables -t nat -D POSTROUTING -s '10.10.0.0/24' -o eth0 -j MASQUERADE
After adding vmbr0 to a new client the connections timed out, I had to stop the vm and start it again with the right IP settings. Starting networking service only fails. After reboot everything is fine.
 
If I use this config, then the VMs attached to vmbr1 cannot see (ping, ssh, ...) each other. They can go to the internet, ping the gateway address (10.10.0.1), but are isolated from each other. When one VM is pinging an other one, the error message is "Destination host unreachable".

Any hint?

Doka
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back