LAN over WAN communication

check-ict

Well-Known Member
Apr 19, 2011
102
18
58
Hello,

I have a big server with around 50 KVM machines on it. It is located in a 2u colo.

Now I have my own rack in another datacenter, where I would like to continue expanding my new KVM machines.

I have a layer 3 switch with fiber uplinks. For now, it's just a dump switch.

Is it possible to have both locations on the same LAN? I'm able to create a OpenVPN, but this will only let me communicatie from a 10.10.1.0 network to a 10.10.2.0 network. I need my other machines in the same netwerk (10.10.1.0). This way, I don't need to change all the IP configuration when migrating all VM's.

So for example:
VM 1 (in datacenter X) = 10.10.1.20
VM 2 (in datacenter Y) = 10.10.1.21

On the old server I have a Ubuntu firewall, that has eth0 on the vmbr0 (uplink) and eth1 on vmbr1 (LAN). I was also wondering if I can use both eth0 (wan) and eth1 (lan) on the same Proxmox vmbr0. If this is true, I can bond the 2 physical nics.

Please let me know what options I have!
 
Hello,

I have a big server with around 50 KVM machines on it. It is located in a 2u colo.

Now I have my own rack in another datacenter, where I would like to continue expanding my new KVM machines.

I have a layer 3 switch with fiber uplinks. For now, it's just a dump switch.

Is it possible to have both locations on the same LAN? I'm able to create a OpenVPN, but this will only let me communicatie from a 10.10.1.0 network to a 10.10.2.0 network.
Hi,
with openvpn in bridging-mode (on both sides) it's should be possible to join both networks - see here http://openvpn.net/index.php/open-source/documentation/miscellaneous/76-ethernet-bridging.html
Important part of this site:
Code:
By bridging a physical ethernet NIC with an OpenVPN-driven TAP interface  at two separate locations,
 it is possible to logically merge both  ethernet networks, as if they were a single ethernet subnet.
But i use OpenVPN-bridging only on the server-side.

Udo
 
Hi,
with openvpn in bridging-mode (on both sides) it's should be possible to join both networks - see here http://openvpn.net/index.php/open-source/documentation/miscellaneous/76-ethernet-bridging.html
Important part of this site:
Code:
By bridging a physical ethernet NIC with an OpenVPN-driven TAP interface  at two separate locations,
 it is possible to logically merge both  ethernet networks, as if they were a single ethernet subnet.
But i use OpenVPN-bridging only on the server-side.

Udo
Hi,
and one thing forgotten - this mean that all brodcast and so on go over the openvpn-tunnel, perhaps not this what you wan't

Udo
 
Hello Udo,

I just created a VPN tunnel and it works! Thanks!

Any idea if I can use both eth0 and eth1 on the same vmbr?
 
Hello Udo,

The VPN tunnel works, however I'm unable to connect with other VM's.

This works: datacenter X -> openvpn (10.10.1.2) -> datacenter Y -> openvpn (10.10.1.1) -> all networks (10.10.X.X)

However, this doesn't work: Datacenter X -> Test VM (10.10.1.101) -> openvpn X (10.10.1.2) (can't ping openvpn X?) -> datacenter Y -> openvpn Y (10.10.1.1) -> all networks (10.10.X.X)

So my test VM can't ping to OpenVPN X, therefore it can't reach the other datacenter or networks.

Both Test VM and OpenVPN X are connected to the same vmbr0 on the same proxmox host.

Any ideas?

It does work if I change the IP of OpenVPN X to 10.X.1.1, wich isn't active in the other datacenter:
Datacenter X -> Test VM (10.2.1.101) -> openvpn X (10.2.1.1) -> datacenter Y -> openvpn Y (10.10.1.1) -> all networks (10.10.X.X)
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!