MAC filtering causing issues inside virtual machines (nesting)

harmonyp

Member
Nov 26, 2020
195
4
23
46
I have installed Proxmox inside of a virtual machine with a provider and want to create multiple small virtual machines out of it (nesting).

I have come across issues trying to get the network working inside of these virtual machines. This is due to the provider using "MAC filtering"

Code:
auto lo
iface lo inet loopback


iface ens3 inet manual


auto vmbr0
iface vmbr0 inet static
        address 107.189.30.xxx/24
        gateway 107.189.30.1
        bridge_ports ens3
        bridge_stp off
        bridge_fd 0
    up ip route add 104.244.74.xxx/32 dev vmbr0 #additional IP 1
    post-up echo 1 > /proc/sys/net/ipv4/ip_forward
    post-up echo 1 > /proc/sys/net/ipv4/conf/ens3/proxy_arp

107.189.30.xxx/24 is the main VPS IP and I am trying to get 104.244.74.xxx/32 working inside of that. 104.244.74.xxx/32 would need to use 104.244.74.1 normally as the gateway.

I have read I can "MAC address NAT" but not too sure how to do that.
 
NAT automatically does MAC translation, how else should that work?
You probably have to spoof vmbr0's MAC address for the one that's registered with your provider.
 
NAT automatically does MAC translation, how else should that work?
You probably have to spoof vmbr0's MAC address for the one that's registered with your provider.
How would I do that?

I have read vmbr0 has the same MAC as the main interface but I also tried adding "hwaddress ether xx:xx:xx:xx:xx" inside /etc/network/interfaces for vmbr0 with no luck.
 
I had the same problem trying to use Proxmox nested on Hyper-V (on Windows 11).
MAC address spoofing is the answer.

In order for network packets to be routed through two virtual switches, MAC address spoofing must be enabled on the first (L1) level of virtual switch

The second option could relies on network address translation (NAT).
This approach is best suited for cases where MAC address spoofing isn't possible, like in a public cloud environment.

Source : https://learn.microsoft.com/en-us/v...ndows/user-guide/enable-nested-virtualization
 
Last edited:

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!