bridge setup issue

D

Doragon

New Member
Apr 3, 2021
2
0
1
40
Good afternoon.

I look through the forum and could not find an answer thought this topic is quite often asked. Seems I missed something.

I have a proxmox setup and want to create two LANs but let's focus on one as both LANs will be similar

  • LANs do not need to access host but host needs to access LANs
  • one of the VM of each LAN will be accessible from the WEB but I assume I can here either create a specific vMAC from host provider
  • if I need to access other VMs I will make temporary PREROUTING rules on the host

so the question is mainly internal network setup related.

proxmox IP is A.A.A.A and its gateway is A.A.A.254

I want to create a LAN on 192.168.0.0/24 so I thought I could do it as follow (and as per https://pve.proxmox.com/wiki/Network_Configuration#_choosing_a_network_configuration)

Code: 
auto lo
iface lo inet loopback

iface eno1 inet manual

iface eno2 inet manual

auto vmbr0
iface vmbr0 inet dhcp
        bridge-ports eno1
        bridge-stp off
        bridge-fd 0


#lan setup
auto vmbr1
iface vmbr1 inet static
        address 192.168.0.1
        netmask 255.255.255.0
        bridge-ports none
        bridge-stp off
        bridge-fd 0

        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up   iptables -t nat -A POSTROUTING -s '192.168.0.1/24' -o vmbr0 -j MASQUERADE
        post-down iptables -t nat -D POSTROUTING -s '192.168.0.1/24' -o vmbr0 -j MASQUERADE

Obviously, the VMs of this LAN are attached to bridge vmbr1 and networking, debian, is set as

Code: 
address 192.168.0.3/24
gateway 192.168.01
dns-nameservers 8.8.8.8

but I can not access VM from host and host or NET from VM

error is Host Unreachable
Code: 
ping 192.168.0.2
PING 192.168.0.2 (192.168.0.2) 56(84) bytes of data.
From 192.168.0.1 icmp_seq=1 Destination Host Unreachable
From 192.168.0.1 icmp_seq=2 Destination Host Unreachable
From 192.168.0.1 icmp_seq=3 Destination Host Unreachable


routes seems fine to me

Host route
Code: 
       target            gateway          source    proto    scope    dev tbl
    192.168.0.0 24                     192.168.0.1   kernel     link  vmbr1

VM routes
Code: 
         target            gateway          source    proto    scope    dev tbl
  192.168.0.0 24                     192.168.0.3   kernel     link  ens18

Thanks for the help !
 
Last edited:
a slight update :
  • after forcing a restart of networking, LAN seems OK as both Host can ping VM and VM can ping Host
  • VM network has been updated to have gateway A.A.A.254
I can still have local pings after an ifup of ens18 but NET is still not reachable.

I thought that having the POSTROUTING on host would be enough. but seems not the case.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom