Hi,
Long ago, I had set up PVE to pass the external IP address through to a KVM firewall by doing something like the following:
...This worked well, & I'd like to do something similar again. But my configuration's a bit different now & I'm unsure as to how to pull it off in my new situation. Thus, I'm here to ask for help & clarification.
The following is my new /etc/network/interfaces:
What would my config look like if I were to do a passthrough similarly to how I did it before, as I described in the vmbr(1,2,3,4) example above?
Thanks,
-J
Long ago, I had set up PVE to pass the external IP address through to a KVM firewall by doing something like the following:
- PVE's vmbr1 was on eth1 with a static address of 0.0.0.0.
- vmbr1 was eth0 on the KVM running the firewall distro.
- The firewall distro had its eth0 set to the external IP address.
- PVE had internal networks on vmbr2, vmbr3 & vmbr4.
- Internal vmbr(foo#)'s weren't attached to any eth(foo#) in PVE.
- Other KVMs had their eth0's on vmbr(2,3,4), with the addresses being managed by the firewall distro.
...This worked well, & I'd like to do something similar again. But my configuration's a bit different now & I'm unsure as to how to pull it off in my new situation. Thus, I'm here to ask for help & clarification.
The following is my new /etc/network/interfaces:
Code:
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# for Routing
auto vmbr1
iface vmbr1 inet manual
post-up /etc/pve/kvm-networking.sh
bridge_ports dummy0
bridge_stp off
bridge_fd 0
# vmbr0: Bridging. Make sure to use only MAC adresses that were assigned to you.
auto vmbr0
iface vmbr0 inet static
address x.x.x.x
netmask 255.255.255.0
network y.y.y.y
broadcast z.z.z.z
gateway a.a.a.a
bridge_ports eth0
bridge_stp off
bridge_fd 0
iface vmbr0 inet6 static
address bbbb:bbbb:bbb:bbbb::
netmask 64
post-up /sbin/ip -f inet6 route add cccc:cccc:ccc:00ff:ff:ff:ff:ff dev vmbr0
post-up /sbin/ip -f inet6 route add default via cccc:cccc:ccc:00ff:ff:ff:ff:ff
pre-down /sbin/ip -f inet6 route del default via cccc:cccc:ccc:00ff:ff:ff:ff:ff
pre-down /sbin/ip -f inet6 route del cccc:cccc:ccc:00ff:ff:ff:ff:ff dev vmbr0
# vMAC
auto eth0:0
iface eth0:0 inet static
address d.d.d.d
netmask 255.255.255.255
post-up /sbin/ifconfig eth0:0 d.d.d.d netmask 255.255.255.255 broadcast e.e.e.e
pre-down /sbin/ifconfig eth0:0 downWhat would my config look like if I were to do a passthrough similarly to how I did it before, as I described in the vmbr(1,2,3,4) example above?
Thanks,
-J