Multiple NIC bridging/routing

G

GregoryM

New Member
Dec 29, 2018
3
0
1
65
(Please see attached image)

I have a single host with four interfaces (2x 1Gb, 2x 10Gb).
eno0 is used for the external nat/route to the upstream firewall and external access via 172.16.27.1.
eno1 is not currently used, but *will* be used as a 1Gb guest bridge into a switch (10.0.30.x)
enp2s0f0 and f1 are 10gb ports into two different uplink switches (10.0.10.x, 10.0.20.x)

What I don't understand how to do in the proxmox environment is to set up route/NAT so that the guest machines in 10.0.x.x (10.x, 20.x, 30.x) will have a gateway interface (10.1, 20.1, 30.1) to:

1. Allow them to communicate between network segments like 10.x <=> 20.x
2. Allow them to communicate uplink like 10.x <=> 10.1 which NAT/route to eno0 (172.16.27.1)



proxmoxnetwork.JPG

Is there a guide anywhere on how to do this kind of thing? I am new to Proxmox, but I have worked in VMWare before and I'm familiar with basic networking.

Thanks in advance for any help provided.
 
Also, I'm wondering if people would recommend using the VSwitch OVS stuff instead of the native layer.
 
for NAT you can use
Code: 
auto vmbr192

iface vmbr192 inet static
        address  10.1.0.1
        netmask  255.255.0.0
        bridge-ports none
        bridge-stp off
        bridge-fd 0

        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up   iptables -t nat -A POSTROUTING -s '10.1.0.0/16' -o vmbr0 -j MASQUERADE
        post-down iptables -t nat -D POSTROUTING -s '10.1.0.0/16' -o vmbr0 -j MASQUERADE


and for the 10. bridges you could bond all the LAN NIC's

Code: 
auto bond0
iface bond0 inet manual
    slaves enp2s0f0 enp2s0f1 eno2
    bond_miimon 100
    bond_mode broadcast

auto vmbr10
iface vmbr10 inet static
        address  10.255.255.1
        netmask  255.0.0.0
        bridge-ports bond0
        bridge-stp off
        bridge-fd 0
        bridge-vlan-aware yes
        bridge-vids 2-4094

hope this helps
 
GregoryM said:
Also, I'm wondering if people would recommend using the VSwitch OVS stuff instead of the native layer.
Click to expand...

then you may wanna read what OVS can do.
when you create a bridge its basically a stupid switch, that kinda supports vlan and thats about it.

OVS is kinda a smart switch that let you isolate certain ports, port mirror,qos, and so on.
i woudl actually love to see OVS nativly implemented into promox with config over its api (for automisation)

without OVS you have noi clue or control whats happening on a vmbridge (well not much anyway).
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back