Network configuration - need help

  • Thread starter Thread starter Oleg Shushkovsky
  • Start date Start date
O

Oleg Shushkovsky

Guest
Hello!
Need help config network. (Sorry for my english).
I have server with 3 lan connections
1 lan0 (a.a.a.a (vmbr0)) - for Proxmox
2 lan1 (b.b.b.b (vmbr1))- for http server (virtual server)
3 lan2 (192.168.0.1 (vmbr2))- for local net

I need configure for
1.internet for local net and all my VM's go true a.a.a.a and I connect to proxmox via https://a.a.a.a

2. lan2 forward for http server domain.com, this server is KVM

can anybody wright me step-by-step what i need do to all its work?
 
You need the vmbr only for vms.
What do you mean with local net? Client subnet? --> The routing should do your router or switch or firewall
I don't understand why you want to use 3 vmsbridges. Do you internal an external ips?
In this case i have an advice for you:
Give all vms only internel ips. The external only have the firewall and do a 1:1 nat to the internal. In this case you have the vms also firewalled. With Proxmox you can't load kernel modules into openvz.
Please give more informations. I think this are too less infos to help you for making a good configuration.
 
network configuration
a.a.a.a and b.b.b.b public IP's
a.a.a.a > eth0 (proxmox)
b.b.b.b > eth1 (proxmox)
192.168.0.1 > eth2 to local net (proxmox) > local machines 192.168.0.50, 192.168.0.51....
Virtual VM-100 http server in proxmox (not understand how configure net)
192.168.0.101 Virtual machine #1
....
i need all virtual and real machines in local net (192.168.0.*) have internet connection through a.a.a.a and manage proxmox server through it
only VM-100 use eth1 with b.b.b.b
 
My config is similar but i make my configuration for extern ips with my firewall (pfsense)
Do a 1:1 nat. This is easy and you did not get routing problems. In earlier times i have the interfaces in my vms. One interface for internal traffic like interconnect to other vms and also monitoring and the other interface was the wan ip. I can say don't do this. If you also plan to do this you will also get the experience that this is not so easy to configure. What do you mean with Virtual VM 100 and http. For example the problems starts if you need different ips to go out. This is needed for mailservers.
I think the way with 1:1 nat is the best and also the most secure way. On the Proxmox and also to the VM you only have the internal network (in your config 192.168.0.0/24) and the firewall is managing you external ips.
 
You must log in or register to reply here.
Top Bottom