Need help getting PVE host online with OpenWRT VM as main router

R

rahx

New Member
May 18, 2019
2
0
1
39
Hello all, I've recently rewired my home network and have set up an OpenWRT VM on PVE to act as the main router. It would dial directly PPPoE to my ISP via a modem in bridge mode to provide internet access to all of my LAN devices. This has worked rather well actually, except that the PVE host couldn't get any connection. I've searched quite a bit and found this: https://forum.proxmox.com/threads/map-all-the-traffic-to-a-router-vm.26952/. But as I'm quite a newbie in this area and doesn't have much (if any) networking or administrative experience, it's all rather difficult for me to understand.

I tried my best to draw out a diagram to illustrate how my set up is:
networking-diagram.png
The red-shaded and cross indicates what doesn't work at the moment.

And here's the content of /etc/network/interface:
Code: 
auto lo
iface lo inet loopback

iface eno2 inet manual

iface eno1 inet manual

auto vmbr0
iface vmbr0 inet static
    address    192.168.1.2
    netmask    255.255.255.0
    gateway    192.168.1.1
    bridge-ports eno2
    bridge-stp off
    bridge-fd 0
#WAN

auto vmbr1
iface vmbr1 inet static
    address  192.168.72.2
    netmask  255.255.255.0
    bridge-ports eno1
    bridge-stp off
    bridge-fd 0
#LAN

I know that this part
Code: 
    address    192.168.1.2
    netmask    255.255.255.0
    gateway    192.168.1.1
shouldn't be there and these are not correct values. But everything breaks down as soon as I take them out.

As I said, I'm very new to this. Any help on how I can get my PVE host online is very much appreciated.

Thank you all in advance.
 
rahx said:
I know that this part
Code: 
    address    192.168.1.2
    netmask    255.255.255.0
    gateway    192.168.1.1
shouldn't be there and these are not correct values. But everything breaks down as soon as I take them out.
Click to expand...

What means "everything" here? Also OpenWRT's connection to Internet?

If so it is not quite clear for me how OpenWRT VM is defined - can you post the VM's configuration?

From this apart I would say the solution is to route Internet traffic from the host across vmbr1 via OpenWRT and MASQUERADING there, i.e.:+

Code: 
auto lo
iface lo inet loopback

iface eno2 inet manual

iface eno1 inet manual

auto vmbr0
iface vmbr0 inet static
   bridge-ports eno2
   bridge-stp off
   bridge-fd 0
#WAN for pppoe connection in OpenWRT

auto vmbr1
iface vmbr1 inet static
   address  192.168.72.2
   netmask  255.255.255.0
   gateway 192.168.72.1
   bridge-ports eno1
   bridge-stp off
   bridge-fd 0
#LAN and route to internet via OpenWRT
 
Richard said:
What means "everything" here? Also OpenWRT's connection to Internet?

If so it is not quite clear for me how OpenWRT VM is defined - can you post the VM's configuration?

From this apart I would say the solution is to route Internet traffic from the host across vmbr1 via OpenWRT and MASQUERADING there, i.e.:+

Code: 
auto lo
iface lo inet loopback

iface eno2 inet manual

iface eno1 inet manual

auto vmbr0
iface vmbr0 inet static
   bridge-ports eno2
   bridge-stp off
   bridge-fd 0
#WAN for pppoe connection in OpenWRT

auto vmbr1
iface vmbr1 inet static
   address  192.168.72.2
   netmask  255.255.255.0
   gateway 192.168.72.1
   bridge-ports eno1
   bridge-stp off
   bridge-fd 0
#LAN and route to internet via OpenWRT
Click to expand...

Thank you for your reply Richard.
Yes that means OpenWRT is out of network as well (though I think I might have done something else wrong here...)

Unfortunately I just headed out for a business trip and won't be back home till this Sunday. I will post more details about the VM once I get back.

In the meantime, a friend of mine suggested a configuration like this:

Code: 
auto lo
iface lo inet loopback

iface eno2 inet manual

iface eno1 inet manual

auto vmbr0
iface vmbr0 inet static
  bridge-ports eno2
  bridge-stp off
  bridge-fd 0
#WAN

auto vmbr1
iface vmbr1 inet static
  bridge-ports eno1
  bridge-stp off
  bridge-fd 0
#SWITCH

auto vmbr2
iface vmbr2 inet static
  address  192.168.172.2
  netmask  255.255.255.0
  bridge-ports vmbr1
  bridge-stp off
  bridge-fd 0
#LAN
... where vmbr0 and vmbr1 are assigned to OpenWRT and vmbr2 is given to PVE itself.

I haven't tried it yet since I'm away from home right now. Does this make sense and worth a try?

Thank you again.
 
rahx said:
auto vmbr2
iface vmbr2 inet static
address 192.168.172.2
netmask 255.255.255.0
bridge-ports vmbr1
bridge-stp off
bridge-fd 0
#LAN

... where vmbr0 and vmbr1 are assigned to OpenWRT and vmbr2 is given to PVE itself.

I haven't tried it yet since I'm away from home right now. Does this make sense and worth a try?
Click to expand...

No, you cannot use a bridge as a bridgeport for another bridge.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom