snat

I have 5 IP addresses from my ISP and need to setup a VNET for each IP with a pfSense firewall to provide UPNP support for each IP. My test machine has a an internal Ethernet port and a USB Dongle. I am using the dongle (enx22) for the WAN The network looks like this: enx22 <--> vmbr1 <-->...

hello. When checking the Proxmox roadmap, there is information about stabilizing VLAN and SNAT. I'm curious whether VLAN and SNAT stabilization are planned for the next 8.3 update, and if not, when will they be stabilized? Additionally, I would like to set up snat in a VLAN environment...

Hi, I have a very simple setup as I am still learning about Proxmox and SNAT. We have 1 host in Proxmox Datacenter and the host has 1 VM and 1 container on it. I have setup SNAT as follows - Zone name : DHCP vnet name : vnet0 subnet : 10.10.50.0/24 and IP range: 10.10.50.2 to 10.10.50.5 (...

Hi, I have a very simple setup as I am still learning about Proxmox and SNAT. We have 1 host in Proxmox Datacenter and the host has 1 VM and 1 container on it. I have setup SNAT as follows - Zone name : DHCP vnet name : vnet0 subnet : 10.10.50.0/24 and IP range: 10.10.50.2 to 10.10.50.5 (...

I have 2 public IP addresses on a single NIC, configured on vmbr0: 1.1.1.1 (for PVE management) 1.1.1.2 (for a private LAN to NAT to in order to reach the internet) (Those aren't the real IP addresses, just substituted by me). And a private IP range 10.0.0.0/24 with the gateway on 10.0.0.1 I...

I've setup a simple zone with automatic DHCP, a vnet and 10.0.0.0/24 subnet with SNAT enabled. On the host I have 2 bridges configured: - vmbr0 with public IP 1.1.1.1 - vmbr1 with public IP 1.1.1.2 (Those aren't the real IP addresses, just substituted by me). When creating the subnet and...

Hi all! I've been playing around with EVPN SDNs. I have SNAT enabled on some Vnets. After some ping tests on containers, 8.8.8.8 is unreachable only once enabling the datacenter firewall. All outbound traffic is accepted by default, not sure if EVPNs require inbound rules to the hosts in order...

(delete)

Hello, I've been playing with EVPN SDN on Proxmox VE 8.1.4 and I love it so far, but there are a few things that got me scratching my head. I apologize in advance if this topic has already been discussed, but the forum is just too huge to comb it all. Anway, I got a 2 node cluster and I've...

Hi, I configured 2 Proxmox 8.1.3 servers in one cluster and configure SDN zones as VXLAN. 1. No option turn on DHCP 2. When SNAT checked on subnet, no snat rules /etc/pve/sdn/zones.cfg vxlan: vxlan peers 10.33.3.20,10.33.3.21 ipam pve mtu 1450 nodes pve1,pve...

Hi, since switching to Proxmox VE 8 Postrouting SNAT (Unfortunately I must use NAT) in combination with the Proxmox Firewall is not working anymore even with conntrack zones enabled. In Proxmox VE 7 it worked after adding post-up iptables -t raw -I PREROUTING -i fwbr+ -j CT --zone 1...

Hello everybody, I noticed a bug when using multiple VRFs. When using the same exit-nodes on different vrfs but the primary is different, there is a deny route-map that is added in the MAP_VTEP_IN route-map for type 5 routes. So if vrf "red" has primary exit-node node 1 and vrf "blue" has...

Hello everyone, I configured a zone with multiple vrf with SDN functionality. I defined all nodes in my cluster as exit-nodes. Is it possible to define a primary exit-node per vnet rather than per zone? or to define it on the basis of the subnet? I would actually like to be able to set up SNAT...

Greetings, I have set up a test environment for BGP EVPN SDN as follows: * 3 hypervisor hosts running pve-manager/7.2-7/d0dd0e85. * Each hypervisor has a public IP and is set up as an exit node with SNAT. * Each hypervisor has a private IP that is used to create the BGP EVPN peering. The...

I've set my system up to use NAT. Which works ok, I can give my containers network access and run services on them However I am currently just running one bridge for the network and extending that with new pre and post iptables routes for each port on each container I want to expose. The problem...

Hello, is there any way to configure DNAT, and SNAT to hosts via pve-firewall? Currently we use for outgoing connections: iptables -t nat -A POSTROUTING -s 192.168.64.0/24 -o vmbr0 -j SNAT --to-source 5.7.9.99 iptables -t nat -A POSTROUTING -s 192.168.80.102/32 -o vmbr0 -j SNAT --to-source...

Proxmox 4.4 with CentOS 7 guest in container. Host can reach the internet, but containers cannot. It seems others have had similar problems but I cannot find a solution. Host /etc/network/interfaces auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 192.168.0.2...