Hetzner Proxmox Host with 1 public IP and OpenvSwitch

[alexanderc]

Hello together,

I am hosting a Hetzner Server and using the Linux Bridge with one public IP.

auto lo
iface lo inet loopback

iface enp34s0 inet manual

auto vmbr0
iface vmbr0 inet static
        address 78.x.x.115/26
        gateway 78.x.x.66
        bridge-ports enp34s0
        bridge-stp off
        bridge-fd 0

auto vmbr1
iface vmbr1 inet static
        address 10.x.x.1/24
        bridge-ports none
        bridge-stp off
        bridge-fd 0
        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up iptables -t nat -A POSTROUTING -s '10.x.x.0/24' -o vmbr0 -j MASQUERADE
        post-down iptables -t nat -F

Now I am forced to implement ovsBridges and want to ask if someone know how I need to do this.
I mean to manage inside SDN with OpenVSwitch I know but can I configure it like the Linux Bridges?

Thank you guys for Support.

 

[spirit]

you can't do nat with iptables with openvswitch.

(It's possible to do it natively I think with specific ovs command + openflow, but I never have done it, good luck).
http://www.openvswitch.org//support/ovscon2014/17/1030-conntrack_nat.pdf
http://www.openvswitch.org/support/ovscon2015/16/1620-stringer.pdf


any reason to be forced to implement ovs ?

 

[alexanderc]

you can't do nat with iptables with openvswitch.

(It's possible to do it natively I think with specific ovs command + openflow, but I never have done it, good luck).
http://www.openvswitch.org//support/ovscon2014/17/1030-conntrack_nat.pdf
http://www.openvswitch.org/support/ovscon2015/16/1620-stringer.pdf


any reason to be forced to implement ovs ?

Yes I need to in implement Portmirroring and instead to work with TC, I need to implement OVS. Otherwise I am not able to mirror to the Traffic through the IDS.