Gateway already set/two Ethernet adapters different Gateway not possible?

Feb 27, 2024
3
1
1
Hello Team,

I would like to know if the following concept is expected/by design in Proxmox 8.x?:

I have an Intel NUC with i7 1360p with two network adapters (one onboard & another via expansion card).

On one it is with gateway 192.168.30.1. & another 10.10.10.1., although I cannot set a different gateway for each adapter. It prompts Gateway is already set. Is this expected?

What I would like to accomplish:

One network is used for the management vlan & another is for iOT. For example, when having different physical adapters for VMware/Hyper-V setups, this works, although for Proxmox it looks different.

Do I need to configure it manually via editing the config file & if yes, how? I tried searching the forum for similar issues like:

https://forum.proxmox.com/threads/i...ork-from-the-ceph-network.141966/#post-636532
https://forum.proxmox.com/threads/multiple-vlans-in-proxmox.141939/#post-636366

Thank you for the support/clarifications.
 
Hello Udo, team.

Thank you for the answer, although it is not what I am looking for.

I have an external router on the network with configured firewall rules for the vlan. Traffic gets correctly routed in each vlan using that router, matching its rules.

I would like to be able to set a gateway for each network adapter responsible for it. Why is this working on hyper-V/VMware hosts & why is it not working in Proxmox? Do you mean it is by design for some reason?

Once the host has for each adapter the gateway vlan set, I would like to create separate VMs on the host to utilize this. In this way, I can also separate the traffic by adapter installed on the host

Currently, I do not see a point in each physical Ethernet adapter not having the possibility to have its own separate gateway?

Thank you for the clarifications/additional links to read about.
 
There are "hacks" to produce more router-like behavior on PVE as it is just debian Bookworm under the hood. But this functionality is not included "by default" nor available in the WebGui. So my main statement stays "for connection two (or more) networks you need a router".

One workaround is NAT which would hide a network by replacing source addresses by the address of the PVE node. An example is here: https://pve.proxmox.com/wiki/Network_Configuration#sysadmin_network_masquerading

A solution with routing enabled is in the section above it: https://pve.proxmox.com/wiki/Network_Configuration#sysadmin_network_routed

I do run a VM with simply iptables-based "Shorewall" as a router / packet filter. Yes, technically I could have placed that piece of software directly on the PVE node, absolutely! But no, I never thought this would be an acceptable add on for the host of my infrastructure. This is my personal opinion, and ymmv!

Probably I just didn't understand your situation very well...
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!