Re: PROXMOX VE , can we segment servers if some are in another directly connected net
Your question is not verry clear to me but:
if you have 2 LANs, 1 HOST with 2 interfaces, you can separate the VMs on one or another LANs. You can even create internals LANs (Bridges) in the HOST that...
After 24h it appears that the routers lost the route.
It is due to restriction in DropBroadcast which was blocking neighbourhood packets before autorisation.
This patch has to be applied over my last one:
--- Firewall.pm.flav20150404 2015-04-05 17:46:34.000000000 +0200
I've got troubles using IPv6 with firewall enabled. After different searches I've found that some more ICMPv6 types have to be enabled.
After reading post like this : http://pivotallabs.com/configuring-freebsd-9-1-as-an-ipv6-dhcp-client/ and...
Just a reminder for the following. The host 220.127.116.11 is in an unsecured 18.104.22.168/24 network.
The user controled alias is not taken into account for all the rules. The code without my correction does not reads the local_network alias in enable_host_firewall (it is set by my $localnet =...
Yes sure... but not all the network belongs to the cluster and local_network alias should be allowed to user control.
What I propose is a patch like this in enable_host_firewall:
*** Firewall.pm.orig 2015-03-15 11:26:34.000000000 +0100
--- Firewall.pm 2015-03-15 11:44:33.000000000...
I'm setting up a new Proxmox 3.4 cluster/host with pve-firewall.
The firewall has some default rules allowing all the host's local network. That network is public.
My host IP is 22.214.171.124 on network 126.96.36.199/24
Here are the rules
RETURN udp -- 188.8.131.52/24...
Do not need to add any rule in raw table.
You just need to add a some firewall rules to allow your VM to access your virtual network.
eg from 192.168.0.0/24 to some_internal_IP on ICMP
This is not working for me. Can some one help ?
I'm tring to setup a VM with NAT and ProxmoxVE Firewall.
My config is:
on the host with ProxMox 3.4-1:
Upgraded to kernel 3.10:
# uname -a
Linux XXXX 3.10.0-7-pve #1 SMP Thu Jan 22 11:20:00 CET 2015 x86_64 GNU/Linux...