dnat

On a root server with one NIC I set up Proxmox VE 8.1.4 with two SDN simple zones, so I have three bridges configured: vmbr0 connected to eno1 with public IP, dmznet with SNAT and subnet 192.168.100.0/24 for nginx reverse proxy. Third bridge is labnet 192.168.200.0/24 for the application...

Hello everybody, I noticed a bug when using multiple VRFs. When using the same exit-nodes on different vrfs but the primary is different, there is a deny route-map that is added in the MAP_VTEP_IN route-map for type 5 routes. So if vrf "red" has primary exit-node node 1 and vrf "blue" has...

Hello everyone, I configured a zone with multiple vrf with SDN functionality. I defined all nodes in my cluster as exit-nodes. Is it possible to define a primary exit-node per vnet rather than per zone? or to define it on the basis of the subnet? I would actually like to be able to set up SNAT...

I am planning on configuring a single public IP dedicated server at OVH, every how-to I have read describes using pfSense, I am not against using pfSense, however I like to keep things simple, secure and reliable. So, I can't help but wonder, how will things go, if instead I install nftables...

Hi, I'm trying to achieve following: I want everything, what comes in with TCP protocol, will be natted to 10.10.100.1 except: - Source IP 100.100.100.1 to destination port 22, 8006 - Source IP 100.100.100.2 to destination port 22, 8006 - Source IP 100.100.100.3 to destination port 22, 8006 -...

Hi everybody, I am struggeling with a problem where I did not figure out yet if it is a "basic" networking problem or something that has to do with my SDN configuration. The setup is the following: I have two VEs (192.168.2.10 and .11) coupled as a cluster. Within this cluster there is an...

Hello everyone, I have looked around and did not find the one solution that fits my current setup. Maybe you can help me what needs to be done to enable the additional subnet for my instance. Here is the general network layout: I would like to use the additional subnet for several servers...

Greetings, I have set up a test environment for BGP EVPN SDN as follows: * 3 hypervisor hosts running pve-manager/7.2-7/d0dd0e85. * Each hypervisor has a public IP and is set up as an exit node with SNAT. * Each hypervisor has a private IP that is used to create the BGP EVPN peering. The...

Hi, I've a network problem on Proxmox configuration. I've installed Proxmox on a Cloud VPS (provider uses VmWare VE) with only one NIC and 3 public Ip addressess (same subnet and gateway). My goal is to assign one public Ip to the Host (Proxmox VE) and others to VMs I tried to configure a...

I've set my system up to use NAT. Which works ok, I can give my containers network access and run services on them However I am currently just running one bridge for the network and extending that with new pre and post iptables routes for each port on each container I want to expose. The problem...

Hi everybody, I'm getting an issue with my Proxmox v5, I create a new interface to use the nat method, however, after restarting the network all VMS is disconnected to the internet. my interface configure below auto lo iface lo inet loopback iface ens33 inet manual auto vmbr0 iface vmbr0...

Hello, is there any way to configure DNAT, and SNAT to hosts via pve-firewall? Currently we use for outgoing connections: iptables -t nat -A POSTROUTING -s 192.168.64.0/24 -o vmbr0 -j SNAT --to-source 5.7.9.99 iptables -t nat -A POSTROUTING -s 192.168.80.102/32 -o vmbr0 -j SNAT --to-source...

Hello community! I have: - dedicatied server with 1 public IPv4 with pve-manager/5.1-43/bdb08029 (running kernel: 4.13.13-5-pve) - routed network configuration - 2 VMs with 1 NIC in NAT mode each I need to DNAT some TCP ports from public IP to VMs. I have already read...