My dream: dhcp server built into proxmox - how do you users workarround it?

D

dominikp

Member
Aug 28, 2018
36
3
13
39
1. Static assignments works only for CT and is not sufficient because you dont see assignments in form of list which would show you what IPs are reserved and what are free.

2. External DHCP servers are always tedious to use - you have to manually copy generated MAC address back and forth. And you have to remember to delete the entry when you delete the VM/CT

3. Yes, you could try Ansible/Terraform to somehow workarround the issue.

I would love to be able to just set static DHCP assigment for VM/CT as you do local assigment for CT but with some error when you choose already reserved IP. And when you delete VM/CT you also release IP assignment. And there is some panel/view when you see all IP assignments.

So what do you think? And what are your solutions for that? Ive read about Netbox, php-ipam but those are still separate tools which require manual copying and dont track the VM/CT exitence
 
I guess most people just don't want to use DHCP and think static IPs will do the job too. And if your cluster is too big to be managed manually you probably are also running some dedicated hardware firewalls working as a DHCP server and gateway so there is no need that PVE would need to do that.

I personally dont like DHCP. If I want to secure my VMs I need static IPs anyway to create firewall rules, fail2ban, static routes, setting up all of the guests services to only serve on specific IP and so on.
If I need to to setup my DHCP so that every VM got a fixed IP assignment so that IPs wont be allowed to change I can use static IP too and dont need all of that additional complexity a DHCP server would bring in. Only benefit I would see is that I could rollout DNS IP changes easier but that is also easily being done using stuff like ansible, And I'm running my own DNS server, so these got static IP that womt change anyway.

And for temporarily connecting clients where I dont care about security I got I got isolated DMZs and a OPNsense VM serves as a DHCP server/router/firewall/gateway.
 
Last edited:
Yeah after long analysis and internet advises i think DHCP isnt good way too. I mean, we failed once with local static ip assigments because office and server room were in the same network. So devs machines, builder devices and proxmox virtual machines IPS had to be managed from one place -> DHCP server.
But now, proxmox is in another place, has its own network bridged with sit-to-site vpn with office network. So in this case, DHCP for proxmox is not usefull so much. And thus local static assigments seems to be better - all is in proxmox gui, deleting the vm/ct also deletes assignment, no orphaned entries, less work with copying MAC addresses and less human error factor. The only additional thing which would be usefull is some kind of webui with list of leased ips to estimate which ip are free to use. Because using nmap for network scan would be a kind of bothersome.

Thanks for your post @Dunuin
 
Proxmox doesn't include an IPAM. It could be a nice feature but I think in larger setups you need more than proxmox and an IPAM software. There are a lot of software which include proxmox with a lot of other features. For example ProxCP or Virtualizor. I also tried puppet with foreman which also works very well. Proxmox brings a lot of good features but is only one of a few needed parts I think. Also with Cloud-Init proxmox brings a lot of features such as setting IPs for your vms.
 
Hi,
I have some plan for sdn

https://bugzilla.proxmox.com/show_bug.cgi?id=3382

to manage gateway vms, where dhcp could be used fine.

(dhcp server require ip address is different subnets, so it's difficult to have it directly distributed on each proxmox nodes without a central location)



(about sdn ipam feature, the plan is to manage static ip address for containers + cloudinit for vms. Work is not yet finished).
 
  • Like
Reactions: dominikp
If you really want to use DHCP (pro's and con's are mentioned above already), how about setting up a VM in Proxmox as dedicated DHCP-Server? This would also follow the "separate services by having there own machine" doctrine, and you can use DHCP server and front-end of your choice (e. g., OPNsense).
 
Marco S. said:
If you really want to use DHCP (pro's and con's are mentioned above already), how about setting up a VM in Proxmox as dedicated DHCP-Server? This would also follow the "separate services by having there own machine" doctrine, and you can use DHCP server and front-end of your choice (e. g., OPNsense).
Click to expand...
You dont understand. Please read again my main post. The idea is to have VM and its IP assigment bonded together. You create vm/ct, add static assigment from free pool. You delete VM/CT, IP goes back to the pool. No additional work required.
Using opensense is just another place of setting things which i want to avoid. Theoretically If Opensense had some gui to use proxmox api, to create and destroy machines along with assingments, yes that would what i want -> strong corelation between instance and its ip. But offcourse opensense doesnt have that because its just firewall.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back