[SOLVED] 1 public IP / NAT / Masquerade issue

A

albans

Active Member
May 7, 2015
49
1
26
Hi,

I installed Proxmox 3.4 with the installation ISO.
Therefore, the setup created automatically a vmbr0 network bridge representing my public IP.
Everything works well as long as I create VMs on this vmbr0 bridge and I have 1 public IP dedicated for each of them.

Unfortunately, I'll have to switch back to a only one public IP configuration.
Therefore, I need to use NAT to create a local network for my VMs, and only the proxmox host will keep the public IP.

So, I followed the FAQ here https://pve.proxmox.com/wiki/Network_Model#Masquerading_.28NAT.29 , except I modified the config (/etc/network/interfaces) as follow:

Code: 
auto lo
iface lo inet loopback
iface eth0 inet manual

auto vmbr0
iface vmbr0 inet static
        address 192.168.10.2
        netmask 255.255.255.0
        gateway 192.168.10.1
        bridge_ports eth0
        bridge_stp off
        bridge_fd 0

auto vmbr1
iface vmbr1 inet static
        address  10.10.10.1
        netmask  255.255.255.0
        bridge_ports none
        bridge_stp off
        bridge_fd 0

        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up   iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o vmbr0 -j MASQUERADE
        post-down iptables -t nat -D POSTROUTING -s '10.10.10.0/24' -o vmbr0 -j MASQUERADE

I still cannot ping neither the public IP from a VM on vmbr1, neither another external website. Only the ping between VMs (or proxmox host) on 10.10.10.0/24 network works fine.
The VM on 10.10.10.0/24 network are simply configured with a static IP on this network and the correct netmask 255.255.255.0, no gateway.

Any clue on what's the problem?
Am I right to not define any gateway on VMs that are on vmbr1 (as it's not mentioned in the Proxmox documentation)?

Thx for your much appreciated help.
 
Last edited:
Alban Staehli said:
The VM on 10.10.10.0/24 network are simply configured with a static IP on this network and the correct netmask 255.255.255.0, no gateway.

Any clue on what's the problem?
Am I right to not define any gateway on VMs that are on vmbr1 (as it's not mentioned in the Proxmox documentation)?
Click to expand...

I'm assuming pinging the external network from inside the VMs gives you a "no route to host" error?
Inside the VMs you should use the host (10.10.10.1) as gateway. The comment on the wiki about not setting a gateway was for the host's vmbr1 interface, not for inside the guests.
 
Great, it works with the gateway set in the VM to the proxmox host!
Thx for this clarification.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back