Configure multiple subnets

Informatica Gistek

Active Member
Mar 7, 2018
3
0
41
Spain
www.gistek-s.com
I have a problem configuring my proxmox server

The server has 2 NICs and I want to connect each one to a different subnet (one for the LAN and the other one directly to the firewall for the WAN).

The "/etc/network/interfaces" file looks as follows:

Code:
# network interface settings; autogenerated
# Please do NOT modify this file directly, unless you know what
# you're doing.
#
# If you want to manage part of the network configuration manually,
# please utilize the 'source' or 'source-directory' directives to do
# so.
# PVE will preserve these directives, but will NOT its network
# configuration from sourced files, so do not attempt to move any of
# the PVE managed interfaces into external files!

auto lo
iface lo inet loopback

iface eth0 inet manual

iface eth1 inet manual

auto vmbr0
iface vmbr0 inet static
        address  10.115.130.154
        netmask  255.255.255.0
        gateway  10.115.130.101
        bridge_ports eth0
        bridge_stp off
        bridge_fd 0
#Switch (Intranet)

auto vmbr1
iface vmbr1 inet static
        address  10.115.129.154
        netmask  255.255.255.0
        gateway 10.115.129.101
        bridge_ports eth1
        bridge_stp off
        bridge_fd 0
#Firewall Direct
With this configuration the server is able to ping "10.115.130.101" but can't ping "10.115.129.101"

Is it possible to configure the server to do want I want?
Which would be the configuration to do it?
 
Hi,

it is not possible to have more than one gateway.
Gateway is the default route and you can't have multiples defaults.
If you have on the LAN side multiple subnets you have to add static routes.
You can use "post-up ip route ...." for this in the network config
 
Hi,

it is not possible to have more than one gateway.
Gateway is the default route and you can't have multiples defaults.
If you have on the LAN side multiple subnets you have to add static routes.
You can use "post-up ip route ...." for this in the network config

Thanks for the reply Wolfgang
How is it supposed to be done the solution you mentioned?
Could it be done like this?

CODE FOR "/etc/network/interfaces"
Code:
# network interface settings; autogenerated
# Please do NOT modify this file directly, unless you know what
# you're doing.
#
# If you want to manage part of the network configuration manually,
# please utilize the 'source' or 'source-directory' directives to do
# so.
# PVE will preserve these directives, but will NOT its network
# configuration from sourced files, so do not attempt to move any of
# the PVE managed interfaces into external files!

auto lo
iface lo inet loopback

iface eth0 inet manual

iface eth1 inet manual

auto vmbr0
iface vmbr0 inet static
        address  10.115.130.154
        netmask  255.255.255.0
        gateway  10.115.130.101
        bridge_ports eth0
        bridge_stp off
        bridge_fd 0
#Switch (Intranet)

auto vmbr1
iface vmbr1 inet static
        address  10.115.129.154
        netmask  255.255.255.0
#        gateway 10.115.129.101
        bridge_ports eth1
        bridge_stp off
        bridge_fd 0
        post-up ip route add 10.115.129.0/24 dev eth1 table eth1
        post-up ip route add default via 10.115.129.1 dev eth1 table eth1
        post-up ip rule add from 10.115.129.154/32 table eth1
        post-up ip rule add to 10.115.129.154/32 table eth1
#Firewall Direct

CODE FOR "/etc/iproute2/rt_tables"
Code:
#
# reserved values
#
255     local
254     main
253     default
0       unspec
#
# local
#
#1      inr.ruhep
1        eth1
 
As i tould you before you can't set two default routes.
You have add every single subnet in the route.
ip route add 10.115.129.0/24 via 10.115.129.1 dev eth1
ip route add 10.10.121.0/24 via 10.115.129.1 dev eth1
 
As i tould you before you can't set two default routes.
You have add every single subnet in the route.
ip route add 10.115.129.0/24 via 10.115.129.1 dev eth1
ip route add 10.10.121.0/24 via 10.115.129.1 dev eth1

Thanks again Wolfgang.
I am not very proud of my skills configuring networks on Linux systems...
Could it be done like this (without adding any table in "/etc/iproute2/rt_tables" and any rule to eth1 in "/etc/network/interfaces")?

Code:
# network interface settings; autogenerated
# Please do NOT modify this file directly, unless you know what
# you're doing.
#
# If you want to manage part of the network configuration manually,
# please utilize the 'source' or 'source-directory' directives to do
# so.
# PVE will preserve these directives, but will NOT its network
# configuration from sourced files, so do not attempt to move any of
# the PVE managed interfaces into external files!

auto lo
iface lo inet loopback

iface eth0 inet manual

iface eth1 inet manual

auto vmbr0
iface vmbr0 inet static
        address  10.115.130.154
        netmask  255.255.255.0
        gateway  10.115.130.101
        bridge_ports eth0
        bridge_stp off
        bridge_fd 0
#Switch (Intranet)

auto vmbr1
iface vmbr1 inet static
        address  10.115.129.154
        netmask  255.255.255.0
#        gateway 10.115.129.101
        bridge_ports eth1
        bridge_stp off
        bridge_fd 0
        post-up ip route add 10.115.129.0/24 dev eth1
        post-up ip route add via 10.115.129.1 dev eth1
#Firewall Direct


The scenario I want to reach is having one NIC connected to the subnet 10.115.130 with the IP 10.115.130.154 and using the Gateway 10.115.130.101; and the other NIC connected to the subnet 10.115.129 with the IP 10.115.129.154 and using the Gateway 10.115.129.101
The first NIC would be connected to a switch where all the PC on the LAN are connected (to support all the internal traffic) and the second one would be connected directly to the firewall (to support all the external traffic).
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!