Multiple private networks using single network card

Jan 13, 2022
5
0
1
37
Hi,
I have installed proxmox with single private lan sgment (10.1.0.*). On my private network I would like to have multiple vlans with different private lan IP ranges. i.e. 192.168.1.* for guests, seeing some VMs, 10.1.0.* for voip related VMs and 10.2.0.* for some othr VMs.
How can b this achieved? I have tryied to add multiple bridges and I have cut off my network connection for now :)

Is there any recommended "try new settings and revert back after 10 minutes, if something goes wrong"?
 

Dunuin

Famous Member
Jun 30, 2020
5,659
1,287
144
Germany
You can either work with one vlan unaware bridge + vlan interface per vlan or you can use a single vlan aware bridge and set vlan tags in the VMs virtual NICs.

Example option 1:
Code:
iface eno1 inet manual

# VLAN 10
iface eno1.10

auto vmbr10
iface vmbr10 inet static     
        address 192.168.10.2/24
        gateway 192.168.10.1
        bridge-ports eno1.10
        bridge-stp on
        bridge-fd 0

# VLAN 20
iface eno1.20

auto vmbr20
iface vmbr20 inet static     
        bridge-ports eno1.20
        bridge-stp on
        bridge-fd 0

...
One bridge + vlan interface per VLAN. You attach the virtual NICs of the VMs to the bridge the VM should be part of. Management on VLAN 10.

Example option 2:
Code:
iface eno1 inet manual

auto vmbr0
iface vmbr0 inet manual
        bridge-ports eno1
        bridge-stp on
        bridge-fd 0
        bridge-vlan-aware yes
        bridge-vids 2-4094

auto vmbr0.10
iface vmbr0.10 inet static
        address 192.168.10.2/24
        gateway 192.168.10.1
One vlan aware bridge that can handle VLANs 2 to 4094 with the PVE management on VLAN10. You can then set a VLAN tag (2 to 4094) in the VMs hardware tab so the VMs NIC will be automatically in that VLAN (so no VLAN configuration inside the guest is needed).

If you don't want to lockout yourself I would recommend to backup your /etc/network/interfaces (cp /etc/network/interfaces /etc/network/interfaces.1) so in case your config changes won't work you can restore it using mv /etc/network/interfaces.1 /etc/network/interfaces using WebKVM or physical keyboard attached to your server.
 
Last edited:
Jan 13, 2022
5
0
1
37
Just asking, would this approach work as fallback in case of trying changes in networking remotely?

With working config, make backup:
cp /etc/network/interfaces /etc/network/interfaces.workingOld

Than make changes (using gui, or editing files directly). And than:

Run in screen (or other terminal multiplexer. this way, session will not fail when networks disconnects) this:
pvesh set /nodes/yourhostname/network ; sleep 400 && cp /etc/network/interfaces.workingOld /etc/network/interfaces; pvesh set /nodes/yourhostname/network; sleep 400 && reboot

It should apply changes and sleep for 400 seconds. If sleep is not interrupted (using ctrl+c), it will copy backup file to normal one and than apply changes. After another 400 seconds, it will reboot machine (just for sure :). After issuing given commands, I would check if network is still working and if so, I would terminate running commands in screen.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!