Dual NIC woes in ProxMox VE 1.7

A

apmuthu

Renowned Member
Feb 26, 2009
871
12
83
Chennai - India & Singapore
github.com
Net1 = 192.168.1.x
Net2 = 192.168.2.x

eth0 connected to upline router (gateway) and has IP address in Net1, bridged on vmbr0
eth1 connected (no IP) to switch having many PCs and bridged on vmbr1
KVM appliance (bridged to vmbr1) provides machines connected to eth1 (thru vmbr1) with DHCP IPs on Net2.
OpenVZ Container bridged on vmbr1 does not get IP on Net2 from the DHCP server in KVM appliance
OpenVZ Container on venet provided with static IP in Net2 cannot ping the KVM Appliance on Net2.
No IP address is given to eth1 as we do not want Net2 machines to access the ProxMox GUI and it's machines.

Code: 
# cat /etc/network/interfaces

# network interface settings
auto lo
iface lo inet loopback

iface eth0 inet manual

iface eth1 inet manual

auto vmbr0
iface vmbr0 inet static
    address  192.168.1.100
    netmask  255.255.255.0
    gateway  192.168.1.1
    bridge_ports eth0
    bridge_stp off
    bridge_fd 0

auto vmbr1
iface vmbr1 inet manual
    bridge_ports eth1
    bridge_stp off
    bridge_fd 0


route add ... does not work inside OpenVZ containers
How do we make machines on Net2 see the OpenVZ containers on Net2 and the DHCP Server in the KVM Appliance on Net2 ?

Code: 
# pveversion -v
pve-manager: 1.7-10 (pve-manager/1.7/5323)
running kernel: 2.6.32-4-pve
proxmox-ve-2.6.32: 1.7-28
pve-kernel-2.6.32-4-pve: 2.6.32-28
qemu-server: 1.1-25
pve-firmware: 1.0-9
libpve-storage-perl: 1.0-16
vncterm: 0.9-2
vzctl: 3.0.24-1pve4
vzdump: 1.2-9
vzprocps: 2.0.11-1dso2
vzquota: 3.0.11-1
pve-qemu-kvm: 0.13.0-2
ksm-control-daemon: 1.0-4
 
Since ProxMox GUI was Listening on all interfaces, restricted it to listen only on eth0's bridge - vmbr0 by following instructions in this post. Essentially making the /etc/network/interfaces file:

# cat /etc/network/interfaces
Code: 
# network interface settings
auto lo
iface lo inet loopback

iface eth0 inet manual

iface eth1 inet manual

auto vmbr0
iface vmbr0 inet static
    address  192.168.1.100
    netmask  255.255.255.0
    gateway  192.168.1.1
    bridge_ports eth0
    bridge_stp off
    bridge_fd 0
    post-up echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6

auto vmbr1
iface vmbr1 inet manual
    address  192.168.2.100
    netmask  255.255.255.0
    bridge_ports eth1
    bridge_stp off
    bridge_fd 0
ie., putting in an IP for the vmbr1 bridge in the Net2 and optionally disabling IPV6.

Then we restrict the ProxMox Web GUI to listening to only one chosen interface
- vmbr1. This is done by editing the following files and rebooting:
File: /etc/apache2/sites-available/pve.conf
Code: 
Line 114:
<VirtualHost *:443>
alter to:
<VirtualHost 192.168.1.100:443>

Line 127:
<VirtualHost *:80>
alter to:
<VirtualHost 192.168.1.100:80>
File: /etc/apache2/ports.conf
Code: 
    Listen 80
    Listen 443

alter to:

    Listen 192.168.1.100:80
    Listen 192.168.1.100:443

Bridging the OpenVZ VM to vmbr1 does not seem to work atleast if the DHCP Server is an SMEServer v8b6 - the moment it sees different MAC Addresses emanating from one interface, it fails to deliver a DHCP Address - Or is it a kernel issue for ProxMox?
 
Last edited:
You must log in or register to reply here.
Top Bottom