How to add IP subnet /27, setup bridge ?

P

postcd

Renowned Member
Sep 16, 2013
41
0
71
Hello,

i would like to ask for help on how to add IPv4 subnet/vLAN to the Proxmox so it can be used by virtual servers and how to setup bridge (if it is needed).

today i installed Proxmox VE 5.0.x on Debian 9 stretch
My server was assigned /29 and /27 public IPv4 subnets which i want to add to Proxmox.

I logged in and went to the Network page where i can create:
Linux Bridge, Linux Bond, OVS Bridge, OVS Bond

I can also edit existing "interfaces", there i have eno1 and eno2 (have these not eth), eno1 is active one and has these properties:
IP address: 108.156.141.138
Subnet mask: 255.255.255.224
Gateway: 108.156.141.137

# ip route
Code: 
default via 108.156.141.137 dev eno1 onlink
108.156.141.128/27 dev eno1 proto kernel scope link src 108.156.141.138

# cat /etc/network/interfaces
Code: 
#loopback
auto lo
iface lo inet loopback

auto eno1
allow-hotplug eno1
iface eno1 inet static
    address 108.156.141.138
   gateway 108.156.141.137
    netmask 255.255.255.224
    dns-nameservers 8.8.8.8 23.93.93.93 108.156.156.156
    dns-search oldhostnamereceivedfromprovider

# ifconfig -a
Code: 
eno1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 108.156.141.138  netmask 255.255.255.224  broadcast 108.156.141.159
        inet6 fe80::f24d:***  prefixlen 64  scopeid 0x20<link>
        ether f0:4d:a2:***  txqueuelen 1000  (Ethernet)
        RX packets 337658  bytes 463311180 (441.8 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 64877  bytes 8224888 (7.8 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eno2: flags=4098<BROADCAST,MULTICAST>  mtu 1500
        ether f0:4d:a2:72:f5:87  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 191  bytes 92900 (90.7 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 191  bytes 92900 (90.7 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

# ip link show
Code: 
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
    link/ether f0:4d:a2:*** brd ff:ff:ff:ff:ff:ff
3: eno2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/ether f0:4d:a2:*** brd ff:ff:ff:ff:ff:ff

The subnets that i want to add to Proxmox are:
185.176.243.192/27 Primary VLAN
108.156.141.136/29 DDoS Protected

My host server was assigned IP from "Primary VLAN" subnet, but i editted /etc/network/interfaces and used first usable IP from "DDoS Protected" subnet (108.156.141.138).

Can you please tell me how to add two mentioned subnets into Proxmox, preferably via graphical interface so newly created VPSs will use them and be able to communicate with internet?

If i will need to create "Linux Bridge" in Proxmox, they ask these fields:
Name:
IP address:
Subnet mask:
Gateway:
Bridge ports:
vLAN aware: (yes/no)
Click to expand...
And i do not know what i would enter as there is no description of that fields.

Subnets which i need to add are:
185.176.243.192/27 Primary VLAN
108.156.141.136/29 DDoS Protected

The one of those IPs: 108.156.141.138 is already used by the host server (i assigned it in /etc/network/interfaces)

Thank You

----
Update: i made first subnet fully working and VPS can connect internet! But unable to add second subnet.
i was lucky and made the networking work for one of the IPv4 subnets (185.176.243.192/27 one), the different one than the host/dedicated server IP is in. I did it like this:
add new Linux bridge and name is vmbr0, the IP address is: 185.176.243.194 (the first usable one and also the first available one of the 185.176.243.192/27 subnet) and the Subnet mask is 255.255.255.224 , do not ticket anything else and confirm bridge be created. then when creating a CT/VPS, on network tab i mention venet0 or eth0 as a network interface name and Bridge is vmbr0, IPv4 is static and i set first available IP from the 185.176.243.192/27 subnet. It is *.195 (entered (185.176.243.195/32 into that IP field), because *.194 is the vmbr0 bridge IP, so the next fisrs available is *.195. Next field on the Network tab when creating new CT/VPS is the gateway IP and there i always set the IP of the vmbr0 bridge, which is in my case (185.176.243.194)
Second necessary step i needed to do in my case (OpenVZ CT's) in order to make VPSs networking work and ping to/from the outside internet was to enable proxy_arp by:
echo 1 > /proc/sys/net/ipv4/conf/eno1/proxy_arp
(update eno1 to your main network interface (eth0, em1 etc)
add:
net.ipv4.conf.all.proxy_arp=1
net.ipv4.conf.default.proxy_arp=1
to /etc/sysctl.conf
sysctl -p
service networking restart
then i also restarted whole host/dedi server: reboot
then the 1st subnet works.
BUT when i wanted to create CTs and assign them IPs from my second IPv4 subnet (108.156.141.136/29), i tried to add next bridge (vmbr1) and set everything similar way like first bridge, but i was unable to ping the newly created CT which got IP from this new subnet.
How can i please add and use second subnet so it coexist with first one?
 
Last edited:
postcd said:
BUT when i wanted to create CTs and assign them IPs from my second IPv4 subnet (108.156.141.136/29), i tried to add next bridge (vmbr1) and set everything similar way like first bridge, but i was unable to ping the newly created CT which got IP from this new subnet.
How can i please add and use second subnet so it coexist with first one?
Click to expand...

If there are not restrictions regarding MAC addresses (depends on your provider), then the only question is at which of both NICs you have the subnet. Then simply add the respective NIC to a bridge and assign the VM's or CT's virtual NICs to it too. Assign finally the requested IP address to the virtual NICs inside the VM - in case of a container you can do this already in container configuration. To assign to the bridge itself an address in that subnet is not necessary. If both subnet are at eno1: you need just one bridge - usually vmbr0 - for all. The Ip address(es) for Proxmox host assign to the bridge.

In case of provider restrictions (sometimes they allow only certain MAC addresses) it's more complicate, you need to define bridges without physical NICs and to route in Proxmox host.
 
That is too general/theoretical. Please kindly write an example in which you mention interface/bridge names and IPs which i used in this case. So me and future noobs know how to exactly apply.
 
postcd said:
That is too general/theoretical. Please kindly write an example in which you mention interface/bridge names and IPs which i used in this case. So me and future noobs know how to exactly apply.
Click to expand...

Here an example for the case when there are no provider restrictions:


1st Address (use for Proxmox Host):
IP address: 108.156.141.138
Subnet mask: 255.255.255.224
Gateway: 108.156.141.137


More Addresses (for VMs and Containers):
185.176.243.192/27 = 185.176.243.194-185.176.243.223
Subnet mask: 255.255.255.224
Gateway 185.176.243.193

Assuming all extern connections are on eno1 without any vlan tag


/etc/network/interfaces in Proxmox Host:

Code: 
auto lo
iface lo inet loopback

iface eno10 inet manual


auto vmbr0
iface vmbr0 inet static
   address  108.156.141.138
   netmask  255.255.240.0
   gateway  108.156.141.137
   bridge_ports eno0
   bridge_stp off
   bridge_fd 0


/etc/network/interfaces (or equivalent file, depending on OS and distribution) in VM with address 185.176.243.194


Code: 
auto lo
iface lo inet loopback



auto eno0
iface eno0 inet static
   address  185.176.243.194
   netmask  255.255.240.0
   gateway  185.176.243.193



The net device for the VM has to be bridged to vmbr0



An example for the case when ther are restriction from provider/hoster side can not be given her; it depends from the provider/hoster and has to be clarified with him.
 
  • Like
Reactions: postcd
I replaced my /etc/network/interfaces by Richard's "/etc/network/interfaces in Proxmox Host" content one post up, only i added line:
dns-nameservers 8.8.8.8 8.8.4.4

then "service networking restart" and i can create CTs (VPS's) which are connectable from/to internet. So it worked for me for both subnets! Thank you Richard Apparently also worked configuration where the netmask is 55.255.255.224 I only had to install openssh-server and start it on guests.

Regarding CT's configuration when CT is being created, on the "Network" tab i changed nothing:
name: eth0 (other servers may have other interface like eno0 or em1..)
bridge: vmbr0
and only added IPv4 as:
1.2.3.4/32
gateway: as a gateway, i used gateway IP of the particular subnet from which the IP i am assigning to the VPS is (GW ip is one IP above subnet name. if subnet is 185.176.243.192/27, then i set GW: 185.176.243.193)

thx, I hope this setup will work for additional subnets and also single IPs additionaly assigned tot he server.
If anyone have other ways to achieve 2 or more IPv4 subnets with whole different A and B class IPs, please kindly share. Thank you

---
Update: some issue is there
When i login Proxmox, click my node server, click Network section, Open vmbr0 bridge and tick "VLAN tag" and save. The open vmbr0 again and untick vlan tag and save. And then i do "diff interfaces and interfaces.new" file and is shows difference (it added new eth1 line):
>
5a17
> iface eth1 inet manual
9,15c21,27
< address 108.156.141.138
< netmask 255.255.255.224
< gateway 108.156.141.137
< bridge_ports eth0
< bridge_stp off
< bridge_fd 0
< dns-nameservers 8.8.8.8 108.156.155.155
---
> address 108.156.141.138
> netmask 255.255.255.224
> gateway 108.156.141.137
> bridge_ports eth0
> bridge_stp off
> bridge_fd 0
> dns-nameservers 8.8.8.8 108.156.155.155

but more importantly, i no longer can ping my VPSs when i apply changed config (cp -p interfaces.new interfaces) and "service networking restart"..
When i revert back working interfaces file and restart networking, still do not works. I have to restart VPSs in order for ping/connect start working. Isn't this some kind of bug? Or i have bad interfaces file config, how to fix it? I can no longer assist with this as no longer have this test server.
 
Last edited:
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back