Hetzner Proxmox configuration public and private network

ropiecin

Renowned Member
May 7, 2015
9
0
66
the following network configuration is not working, can anyone help me solve it?

# /etc/network/interfaces
auto lo
iface lo inet loopback

# public network
iface enp2s0 inet static
address [public IP]
hwaddress XX:XX:XX:XX:XX:XX
netmask 255.255.255.255
pointopoint [gateway public IP]
gateway [gateway public IP]
up route add -net [gateway public IP - 1] netmask 255.255.255.255 gw [gateway public IP] dev enp2s0

post-up echo 1 > /proc/sys/net/ipv4/conf/enp2s0/proxy_arp

auto vmbr0
iface vmbr0 inet static
address [public IP]
netmask 255.255.255.255
bridge_ports none
bridge_stp off
bridge_fd 0
bridge_maxwait 0

up route add -host [extra public IP] dev vmbr0

# private network
auto vmbr99
iface vmbr99 inet static
address 10.0.0.1
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0

post-up echo 1 > /proc/sys/net/ipv4/ip_forward

post-up iptables -t nat -A POSTROUTING -s '10.0.0.0/24' -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.0.0.0/24' -j MASQUERADE

post-up iptables -t raw -I PREROUTING -i fwbr+ -j CT --zone 1
post-down iptables -t raw -D PREROUTING -i fwbr+ -j CT --zone 1
 
up route add -net [gateway public IP - 1] netmask 255.255.255.255 gw [gateway public IP] dev enp2s0

post-up echo 1 > /proc/sys/net/ipv4/conf/enp2s0/proxy_arp

Remove the above line, the my not disturb but not be necessary either.

auto vmbr0
iface vmbr0 inet static
address [public IP]
netmask 255.255.255.255
bridge_ports none
bridge_stp off
bridge_fd 0
bridge_maxwait 0

Remove address entry, the same address must not be specified twice.

up route add -host [extra public IP] dev vmbr0

The question is what this IP is good for.

#

post-up iptables -t raw -I PREROUTING -i fwbr+ -j CT --zone 1
post-down iptables -t raw -D PREROUTING -i fwbr+ -j CT --zone 1

Remove the above - at least for the moment (take care about firewalls later).
 
hi Richard,
applying your suggestions, this is the result:

---
# /etc/network/interfaces
auto lo
iface lo inet loopback

# public network
iface enp2s0 inet static
address [public IP]
hwaddress XX:XX:XX:XX:XX:XX
netmask 255.255.255.255
pointopoint [gateway public IP]
gateway [gateway public IP]

auto vmbr0
iface vmbr0 inet static
netmask 255.255.255.255
bridge_ports none
bridge_stp off
bridge_fd 0
bridge_maxwait 0

up route add -host [extra public IP] dev vmbr0

# private network
auto vmbr99
iface vmbr99 inet static
address 10.0.0.1
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0

post-up echo 1 > /proc/sys/net/ipv4/ip_forward

post-up iptables -t nat -A POSTROUTING -s '10.0.0.0/24' -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.0.0.0/24' -j MASQUERADE
---

could be correct now?

PS [extra public IP] is because I get multiples public IP
 
hi Richard,
I apply the /etc/network/interfaces modified as you suggested, but unfortunatelly it's not working, and I cannot access to the server by remote, so it's not possible to follow the packets via tcpdump.

Thanks in advance for any other suggestions.
 
I cannot access to the server by remote, so it's not possible to follow the packets via tcpdump.

Console access should be always possible, I cannot imagine that any hoster does not offer it .....
 
hi Richard,
if the network interface is not working they cannot access to the server.

There's no console, only reboot in rescue mode, mounting the disk and substitute the /etc/network/interfaces file.

So it is! :-(
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!