Add additional Public IPs to proxmox and route them to some VMs

M

mfaridi

Renowned Member
Oct 17, 2015
85
0
71
I installed proxmox, this server has two LAN cards, and it has one public IP, I use Vmbr0 and Vmbr1 for networking and VMs can use Vmbr0 and Vmbr1 for see each other and can update or install package.
I have additional public IPs and I want set these IPs and route these IPs to some VMs,
How I can do this?
this is our current interfaces
Code: 
ource /etc/network/interfaces.d/*

auto lo
iface lo inet loopback

iface lo inet6 loopback

auto eno1
iface eno1 inet static
    address 3.2.1.8/26
    gateway 3.2.1.1
    up route add -net 3.2.1.0 netmask 255.255.255.192 gw 3.2.1.1 dev eno1
        

iface eno1 inet6 static
    address 0000:000:3070:0000::2/64
    gateway fe80::1

iface eno2 inet manual

iface enx4a4191fd312a inet manual

auto vmbr0
#private sub network
iface vmbr0 inet static
        address  10.10.10.1/24
        bridge-ports none
        bridge-stp off
        bridge-fd 0

        post-up   echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up   iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o eno1 -j MASQUERADE
        post-down iptables -t nat -D POSTROUTING -s '10.10.10.0/24' -o eno1 -j MASQUERADE
        post-up   iptables -t raw -I PREROUTING -i fwbr+ -j CT --zone 1
        post-down iptables -t raw -D PREROUTING -i fwbr+ -j CT --zone 1


auto vmbr1
iface vmbr1 inet static
        address 11.11.11.0/24
        bridge-ports none
        bridge-stp off
        bridge-fd 0
3.2.1.8/24 is current public IP.
I want these public IPs too

Code: 
5.6.3.6/29
 
shanreich said:
You should be able to achieve this by using a routed setup [1]

[1] https://pve.proxmox.com/wiki/Network_Configuration#sysadmin_network_routed
Click to expand...
Thank you,
I have some private IPs too,
Do I have to do this for NAT these new public IPs to some VMs.
Code: 
post-up   echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up   iptables -t nat -A POSTROUTING -s '5.6.3.6/29' -o eno1 -j MASQUERADE #new Public IPs
        post-down iptables -t nat -D POSTROUTING -s '5.6.3.6/2924' -o eno1 -j MASQUERADE
My question is this How I can router these new public IPs to some VMs
 
If you use a routed setup, then you can just configure the public IPs inside the VM - without needing to use NAT.
 
shanreich said:
If you use a routed setup, then you can just configure the public IPs inside the VM - without needing to use NAT.
Click to expand...
If I add these to /etc/network/interfaces is enough and some VMs can have Pulic IPs?
Code: 
auto vmbr2
iface vmbr2 inet static
    address 5.6.3.6/29 # additional public IPs
    bridge-ports none
    bridge-stp off
    bridge-fd 0
 
yes, but you might also have to enable proxy_arp for your outbound interface:

Code: 
post-up echo 1 > /proc/sys/net/ipv4/conf/eno1/proxy_arp
 
shanreich said:
yes, but you might also have to enable proxy_arp for your outbound interface:

Code: 
post-up echo 1 > /proc/sys/net/ipv4/conf/eno1/proxy_arp
Click to expand...
Thanks,
like these
Code: 
auto vmbr2
iface vmbr2 inet static
    address 5.6.3.6/29
    bridge-ports none
    bridge-stp off
    bridge-fd 0
    post-up echo 1 > /proc/sys/net/ipv4/conf/eno1/proxy_arp
 
You must log in or register to reply here.
Top Bottom