Advice on using my vlan on managed switch for VM access to DMZ

G

greavette

Renowned Member
Apr 13, 2012
163
9
83
Hello,

I have a security router as a gateway to our network. It has an extra Nic on it for DMZ. My plan is to have one of our VM's hosted on Proxmox connected to the DMZ for outside access. Here's my plan on how to do this. I'm hoping this community can give feedback please.

I have a managed switch setup with 4 vlans. For this task I have 4 ports on the managed switch assigned to vlan4. My plan is to connect a network cable from the DMZ nic on the router to one of these 4 ports on the managed switch that's assigned to vlan4.

on our Proxmox Host I has 4 network cables. I'm going to take eth3 cable on the host and connect it to one of the 4 ports on the managed switch that's assigned to vlan4.

Would this work? What do I have to do to my networking on Proxmox besides setting up eth3 to connect to vmbr4 so I can connect my VM to vmbr4? My managed switch handles the vlan4 setup already...Do I have to do anything more on my Proxmox networking to make this work?

Thanks!
 
You are sure that you don't need any vlan tagging on the proxmox host?

I have a similar setup using vlan10 for DMZ:
Code: 
auto vlan10
iface vlan10 inet manual
        vlan-raw-device bond0

auto vmbr10
iface vmbr10 inet manual
        bridge_ports vlan10
        bridge_stp off
        bridge_fd 0
 
Hello,

No, I'm not sure, but I'm hoping someone here on this forum will tell me if I need it or not. ;)

Sounds like I need to add to my Proxmox Host vlan tagging. How would I do this from the GUI? I know how to setup vmbr, but how did you setup your auto vlan10 setup? I don't see your ethx represented anywhere?

Thank you.
 
My ethx are assigned to a bond (vlan-raw-device bond0)

You cannot do this from the gui, you need to turn to CLI ninja tricks:cool:

On every node in your cluster do the following as user root:
1) echo 8021q >> /etc/modules
2) update-initramfs -u
3) cp /etc/network/interfaces /etc/network/interfaces.new
4) use nano or vim to open the file: nano|vim /etc/network/interfaces.new
5) Add below before your vmbr configuration:
auto vlan4
iface vlan4 inet manual
vlan-raw-device eth3

6) Change vmbr4 configuration: replace bridge_ports ethx with bridge_ports vlan4
7) Reboot the node
 
Thanks very much for the instructions. I don't have my hosts in a cluster (yet). What would change in your instructions then for my network? Do I still execute steps 1 and 2?
Thank you.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back