I've been trying to figure this one out all day, really didn't want to post such a n00b question here, but I'm totally stumped. This hasn't been helped by the sheer number of different ways of setting up multiple IPs in Proxmox I've seen online, my head is totally spinning!
I have a freshly installed Proxmox setup on a home server in which I'm trying to assign multiple IPs to a number of LXC containers.
The node has IP 10.0.1.10, and the following /etc/network/interfaces:
I can SSH into the node from my laptop just fine, using ssh root@10.0.1.10
I can also see the Apache2 web server running on the LXC container. So far so good.
Something strange happens when I try to SSH into the LXC container from outwith the node. If I try it from my laptop (ssh root@10.0.1.11) I'm prompted for login and password which I type (correctly) but authentication fails. I'm really confused by this. Also, and do please bear in mind this is a test system on a local network, the login and password are the same for node and containers, so even if I'd somehow been redirected to login for the node it should still have worked (although perhaps it would fail because of the host being passed through).
Is this something to do with the firewall? I'd tried to keep my network configs simple but just can't figure this out.
Another observation, not sure if this is material or not, is that pinging one LXC from another (or from the node) causes a redirect:
I have a freshly installed Proxmox setup on a home server in which I'm trying to assign multiple IPs to a number of LXC containers.
The node has IP 10.0.1.10, and the following /etc/network/interfaces:
auto lo
iface lo inet loopback
auto enp3s0
iface enp3s0 inet manual
auto vmbr0
iface vmbr0 inet static
address 10.0.1.10
netmask 255.255.255.0
gateway 10.0.1.1
bridge_ports enp3s0
bridge_stp off
bridge_fd 0
Here's an example of an LXC container with the following /etc/network/interfaces:iface lo inet loopback
auto enp3s0
iface enp3s0 inet manual
auto vmbr0
iface vmbr0 inet static
address 10.0.1.10
netmask 255.255.255.0
gateway 10.0.1.1
bridge_ports enp3s0
bridge_stp off
bridge_fd 0
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 10.0.1.11
netmask 255.255.255.255
# --- BEGIN PVE ---
post-up ip route add 10.0.1.1 dev eth0
post-up ip route add default via 10.0.1.1 dev eth0
pre-down ip route del default via 10.0.1.1 dev eth0
pre-down ip route del 10.0.1.1 dev eth0
# --- END PVE ---
The good news is that outbound traffic works just fine. iface lo inet loopback
auto eth0
iface eth0 inet static
address 10.0.1.11
netmask 255.255.255.255
# --- BEGIN PVE ---
post-up ip route add 10.0.1.1 dev eth0
post-up ip route add default via 10.0.1.1 dev eth0
pre-down ip route del default via 10.0.1.1 dev eth0
pre-down ip route del 10.0.1.1 dev eth0
# --- END PVE ---
I can SSH into the node from my laptop just fine, using ssh root@10.0.1.10
I can also see the Apache2 web server running on the LXC container. So far so good.
Something strange happens when I try to SSH into the LXC container from outwith the node. If I try it from my laptop (ssh root@10.0.1.11) I'm prompted for login and password which I type (correctly) but authentication fails. I'm really confused by this. Also, and do please bear in mind this is a test system on a local network, the login and password are the same for node and containers, so even if I'd somehow been redirected to login for the node it should still have worked (although perhaps it would fail because of the host being passed through).
Is this something to do with the firewall? I'd tried to keep my network configs simple but just can't figure this out.
Another observation, not sure if this is material or not, is that pinging one LXC from another (or from the node) causes a redirect:
PING 10.0.1.11 (10.0.1.11) 56(84) bytes of data.
From 10.0.1.1: icmp_seq=1 Redirect Host(New next hop: 10.0.1.11)
64 bytes from 10.0.1.11: icmp_seq=1 ttl=63 time=1.60ms
Any help appreciated!From 10.0.1.1: icmp_seq=1 Redirect Host(New next hop: 10.0.1.11)
64 bytes from 10.0.1.11: icmp_seq=1 ttl=63 time=1.60ms
