Hi.
I am trying to migrate to Proxmox from a poorly implemented lxd system. I only have 1 public facing IP, so I have my VM's set up with a private network bridge (vmbr1) with masquerade in iptables. I was trying to follow some best practices by not installing anything on the pve host, so I have a reverse proxy vm built to manage all the separate web services I'm going to be working with.
I realized as I was setting up the port forwarding in iptables, that there might be a conflict between the masquerade entry and any postrouting snat entries that normally you'd enter per port forward... are these necessary with the masquerade in place? Since I only have 1 public IP for this machine, would it be better to just install the reverse proxy system directly on the pve host?
I would really appreciate a little guidance.
I am trying to migrate to Proxmox from a poorly implemented lxd system. I only have 1 public facing IP, so I have my VM's set up with a private network bridge (vmbr1) with masquerade in iptables. I was trying to follow some best practices by not installing anything on the pve host, so I have a reverse proxy vm built to manage all the separate web services I'm going to be working with.
I realized as I was setting up the port forwarding in iptables, that there might be a conflict between the masquerade entry and any postrouting snat entries that normally you'd enter per port forward... are these necessary with the masquerade in place? Since I only have 1 public IP for this machine, would it be better to just install the reverse proxy system directly on the pve host?
I would really appreciate a little guidance.
