Moved from private LAN to Root-Server

T

ThomasS

Member
Feb 28, 2011
29
0
21
Zwickau, Germany, Germany
Hello,

I moved with my VMs from a private hosted Proxmox instance to a external hosted Root-Server. The situation before was:

  • Proxmox itself and all my VMs had an IP in my LAN
  • the internet router in my LAN did portforwarding to my apache VM
  • my apache VM was a reverse proxy to all other VMs (Wiki, Redmine, Calendar, ...)

The situation now:
  • Proxmox is running on the Root-Server with a static internet IP
  • I created with vmbr0 an internal network, which is similar to the former LAN

Question: How do I connect my apache reverse proxy VM to the public static internet IP (instead of proxmox itself) and let the apache route to proxmox, wiki, calendar, ... ?

Here is my current configuration (/etc/network/interfaces):

Code: 
### Hetzner Online AG
auto lo
iface lo inet loopback

auto  eth0
iface eth0 inet static
  address   176.9.15.182
  broadcast 176.9.15.187
  netmask   255.255.255.248
  gateway   176.9.15.176
  # default route to access subnet
  up route add -net 176.9.15.175 netmask 255.255.255.248 gw 176.9.15.176 eth0

auto vmbr0
iface vmbr0 inet static
  address 192.168.4.1
  netmask 255.255.255.0
  network 192.168.4.0
  broadcast 192.168.4.255

How do I proceed from here?
 
Last edited:
Nice, I've got the solution:

Here's the part unchanged part of the 'real' network connected to the internet with a real IP:
Code: 
auto  eth0
iface eth0 inet static
  address   176.9.15.182
  broadcast 176.9.15.187
  netmask   255.255.255.248
  gateway   176.9.15.176
  # default route to access subnet
  up route add -net 176.9.15.175 netmask 255.255.255.248 gw 176.9.15.176 eth0

And here is the new part creating the VMs network with routing to the internet

Code: 
auto vmbr0
iface vmbr0 inet static
    address 192.168.4.1
    netmask 255.255.255.0
    bridge_ports none
    bridge_stp off
    bridge_fd 0
    post-up echo 1 > /proc/sys/net/ipv4/ip_forward
    # this part is for routing packeges from all VMs TO the internet
    post-up iptables -t nat -A POSTROUTING -s '192.168.4.0/24' -o eth0 -j MASQUERADE
    post-down iptables -t nat -D POSTROUTING -s '192.168.4.0/24' -o eth0 -j MASQUERADE
    # this part is for routing packages FROM the internet to the reverse proxy on 192.168.4.3
    post-up iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to 192.168.4.3:80
    post-down iptables -t nat -D PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to 192.168.4.3:80

But one more Question is left. Newly created Containers can access the internet out of the box. The old Containers restored from backups can't acces the internet. E.g. 'ping www.google.de' brings 'no route to host'. Any idea?
 
Oh, sorry. I just 'invented' the IPs for the case, thus they are differ between my two posts. I adjusted them in the first post. Nevertheless the second post shows the working configuration of the HOST system (where Proxmox is running and having the public internet IP).

The curious thing is, that the client /etc/network/interfaces configuration from the Containers is, despite from the own IP, exactly the same. From the newly created containers as with the restored ones. Here an example:

Code: 
auto lo
iface lo inet loopback

auto venet0
iface venet0 inet manual
    up ifconfig venet0 up
    up ifconfig venet0 127.0.0.2
    up route add default dev venet0
    down route del default dev venet0
    down ifconfig venet0 down

auto venet0:0
iface venet0:0 inet static
    address 192.168.4.3
    netmask 255.255.255.255

However there must be other settings Proxmox mention, when restoring VMs that prevent the routing to the internet :(
 
Hooray, I've got some time to make further investigation and stumbled over the solution. With moving my old VM's to the new server I have forgot to setup the new DNS-Server for the restored VMs. You can do this on the 'DNS' tab on every VM. That is also why new VMs had automatically access to the internet - because the DNS Server was derived from the hosts one.

@Proxmos-Team: Could proxmox inform the user in the case that the host dns server has changed after restoring a VM on another machine?
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back