Network setup, two uplinks

[petr_tecto]

Hello, I have two physical uplinks on my server. One (enp4s0) is used for internal network and the other (enp1s0) is used for internet access. More my settings:

---
auto lo
iface lo inet loopback

iface enp4s0 inet manual

iface enp1s0 inet manual

auto vmbr0
iface vmbr0 inet static
address 172.20.26.1/24
gateway 172.20.26.254
bridge-ports enp4s0
bridge-stp off
bridge-fd 0

auto vmbr1
iface vmbr1 inet manual
bridge-ports enp1s0
bridge-stp off
bridge-fd 0
---

I am trying to set up the network so that I can assign a public IPv4 address to any virtual server (via interface: enp1s0).

Even if I set all parameters (IPv4, GW, mask, DNS) directly on the VM, the server will not connect to the internet.



Please, can someone help me?

 

[Hqu]

Hey,

as I read that correctly, this can be the solution you're looking for - https://pve.proxmox.com/wiki/Network_Configuration#sysadmin_network_routed

Do you have an public IPv4 range from your ISP/provider?

Best

 

[petr_tecto]

Hey,

I have 89.xxx.xxx.102/32 and 89.xxx.xxx.103/32

 

[petr_tecto]

According to the instructions sent to me, it is not clear how I would achieve that proxmox administration will be available on the internal IP address, but all VM traffic will be routed through the public IP address.

Example of the new configuration according to the instructions:


auto vmbr0
iface vmbr0 inet static
address 172.20.26.1/24
gateway 172.20.26.254
bridge-ports enp4s0
bridge-stp off
bridge-fd 0

auto vmbr1
iface vmbr1 inet static
address 87.xxx.xxx.102/32
gateway 87.xxx.xxx.1
bridge-ports enp1s0
bridge-stp off
bridge-fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up echo 1 > /proc/sys/net/ipv4/conf/enp5s0/proxy_arp

After deployment I could not access the server via IP (internal and public).

 

[Hqu]

You did not define your NICs (enp4s0 & enp1s0) regarding to your setup it's possible that you need to customize those settings for your environment.

vmbr0 is you internal lan range for your VMs and containers?
vmbr1 is just a single (1 IPv4 addr) /32 IPv4 address block which you want to access your hypervisor from?

You probably want to set your settings accordingly for post-up echo 1 > /proc/sys/net/ipv4/ip_forward & post-up echo 1 > /proc/sys/net/ipv4/conf/enp5s0/proxy_arp directly to the defined NIC.

https://pve.proxmox.com/pve-docs/images/default-network-setup-routed.svg

I highly recommend you to test this types of settings in a test environment so you don't have troubles later in production.

Best