networking help,

[stxrlite]

so i ordered a dedicated server and had proxmox installed, fresh install i am struggling on the bridge, trying to get the windows vms conected to internet

 

[viferreira]

Hi, as far as I understood, I am a newbie, but vmbr0 (linux bridge) should have all the configuration that you configured in enp5s0f0 and port slaves should have configured only enp5s0f0.

 

[B.Otto]

Hello,

did you install the Proxmox host yourself or is this a dedicated server with pre-configured settings? You seem to have a public IP address there.

A configuration like in your screenshot indicates that there is (should be) a NAT-Setup between your vmbr0 and enp5s0f0 interfaces, but the GUI won't give us enough information. Can you post the content of your /etc/network/interfaces file?

Oh, and try to mask your public IP (XXX.XXX.XXX.151/26), because you never know who else reads this public forum.

Hi, as far as I understood, I am a newbie, but vmbr0 (linux bridge) should have all the configuration that you configured in enp5s0f0 and port slaves should have configured only enp5s0f0.

You are right, but that is good only for a basic Proxmox configuration (like, inside your LAN). This server is reachable from the internet, so we need a bit more configuration here. (else the VMs connected to vmbr0 too need - expensive - public IP adresses).

Kind regards,
Benedikt

 

[viferreira]

Hello,

did you install the Proxmox host yourself or is this a dedicated server with pre-configured settings? You seem to have a public IP address there.

A configuration like in your screenshot indicates that there is (should be) a NAT-Setup between your vmbr0 and enp5s0f0 interfaces, but the GUI won't give us enough information. Can you post the content of your /etc/network/interfaces file?

Oh, and try to mask your public IP (XXX.XXX.XXX.151/26), because you never know who else reads this public forum.


You are right, but that is good only for a basic Proxmox configuration (like, inside your LAN). This server is reachable from the internet, so we need a bit more configuration here. (else the VMs connected to vmbr0 too need - expensive - public IP adresses).

Kind regards,
Benedikt

Hi,

Thanks for the important alerts.



Thanks,
Vítor

 

[stxrlite]

Hello,

did you install the Proxmox host yourself or is this a dedicated server with pre-configured settings? You seem to have a public IP address there.

A configuration like in your screenshot indicates that there is (should be) a NAT-Setup between your vmbr0 and enp5s0f0 interfaces, but the GUI won't give us enough information. Can you post the content of your /etc/network/interfaces file?

Oh, and try to mask your public IP (XXX.XXX.XXX.151/26), because you never know who else reads this public forum.


You are right, but that is good only for a basic Proxmox configuration (like, inside your LAN). This server is reachable from the internet, so we need a bit more configuration here. (else the VMs connected to vmbr0 too need - expensive - public IP adresses).

Kind regards,
Benedikt

sorry for the late response got busy, will show u rn

 

[stxrlite]

anyone else that can help i need this up soon lol

 

[stxrlite]

Hello,

did you install the Proxmox host yourself or is this a dedicated server with pre-configured settings? You seem to have a public IP address there.

A configuration like in your screenshot indicates that there is (should be) a NAT-Setup between your vmbr0 and enp5s0f0 interfaces, but the GUI won't give us enough information. Can you post the content of your /etc/network/interfaces file?

Oh, and try to mask your public IP (XXX.XXX.XXX.151/26), because you never know who else reads this public forum.


You are right, but that is good only for a basic Proxmox configuration (like, inside your LAN). This server is reachable from the internet, so we need a bit more configuration here. (else the VMs connected to vmbr0 too need - expensive - public IP adresses).

Kind regards,
Benedikt

preconfigured settings,

 

[B.Otto]

Well then I suggest you use a classic Masquerading setup:

auto lo
iface lo inet loopback

auto enp5s0f0
#real IP address
iface enp5s0f0 inet static
        address  XXX.XXX.XXX.151/26
        gateway  XXX.XXX.XXX.129
        dns-nameservers 8.8.8.8
        dns-search xxxx.xxxx

iface enp5s0f1 inet manual

auto vmbr0
#private sub network
iface vmbr0 inet static
        address  10.10.10.1/24
        bridge-ports none
        bridge-stp off
        bridge-fd 0

        post-up   echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up   iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o enp5s0f0 -j MASQUERADE
        post-down iptables -t nat -D POSTROUTING -s '10.10.10.0/24' -o enp5s0f0 -j MASQUERADE

You then connect your VM to the bridge vmbr0 and give it a static IP in the 10.10.10.0/24 subnet, like 10.10.10.2 with Gateway 10.10.10.1 and a DNS server like 8.8.8.8
Do note that Proxmox does not come with a DHCP server, so you can't just assume that your VMs automatically get a IP address.

 

[stxrlite]

Well then I suggest you use a classic Masquerading setup:

auto lo
iface lo inet loopback

auto enp5s0f0
#real IP address
iface enp5s0f0 inet static
        address  XXX.XXX.XXX.151/26
        gateway  XXX.XXX.XXX.129
        dns-nameservers 8.8.8.8
        dns-search xxxx.xxxx

iface enp5s0f1 inet manual

auto vmbr0
#private sub network
iface vmbr0 inet static
        address  10.10.10.1/24
        bridge-ports none
        bridge-stp off
        bridge-fd 0

        post-up   echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up   iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o enp5s0f0 -j MASQUERADE
        post-down iptables -t nat -D POSTROUTING -s '10.10.10.0/24' -o enp5s0f0 -j MASQUERADE

You then connect your VM to the bridge vmbr0 and give it a static IP in the 10.10.10.0/24 subnet, like 10.10.10.2 with Gateway 10.10.10.1 and a DNS server like 8.8.8.8
Do note that Proxmox does not come with a DHCP server, so you can't just assume that your VMs automatically get a IP address.

hey thanks sorry for the late reply again, so dns-search what should i put for that would google.com work or what?



EDIT: NEVERMIND

 

[stxrlite]

trie

Well then I suggest you use a classic Masquerading setup:

auto lo
iface lo inet loopback

auto enp5s0f0
#real IP address
iface enp5s0f0 inet static
        address  XXX.XXX.XXX.151/26
        gateway  XXX.XXX.XXX.129
        dns-nameservers 8.8.8.8
        dns-search xxxx.xxxx

iface enp5s0f1 inet manual

auto vmbr0
#private sub network
iface vmbr0 inet static
        address  10.10.10.1/24
        bridge-ports none
        bridge-stp off
        bridge-fd 0

        post-up   echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up   iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o enp5s0f0 -j MASQUERADE
        post-down iptables -t nat -D POSTROUTING -s '10.10.10.0/24' -o enp5s0f0 -j MASQUERADE

You then connect your VM to the bridge vmbr0 and give it a static IP in the 10.10.10.0/24 subnet, like 10.10.10.2 with Gateway 10.10.10.1 and a DNS server like 8.8.8.8
Do note that Proxmox does not come with a DHCP server, so you can't just assume that your VMs automatically get a IP addresstr

copied and pasted it in and edeted it now for my windows vps its looking like this. still not connected to the internet



this is what my /etc/network/interfaces file looks like

#
# If you want to manage parts of the network configuration manually,
# please utilize the 'source' or 'source-directory' directives to do
# so.
# PVE will preserve these directives, but will NOT read its network
# configuration from sourced files, so do not attempt to move any of
# the PVE managed interfaces into external files!

source /etc/network/interfaces.d/*


auto lo
iface lo inet loopback

auto enp5s0f0
#real IP address
iface enp5s0f0 inet static
        address  x.x.x.151/26 (actual ips)

        gateway  x.x.x.129
        dns-nameservers 8.8.8.8
        dns-search 8564f34.com

iface enp5s0f1 inet manual

auto vmbr0
#private sub network
iface vmbr0 inet static
        address  10.10.10.1/24
        bridge-ports none
        bridge-stp off
        bridge-fd 0

        post-up   echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up   iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o enp5s0f0 -j MASQUERADE
        post-down iptables -t nat -D POSTROUTING -s '10.10.10.0/24' -o enp5s0f0 -j MASQUERADE

 

[B.Otto]

The interfaces-file looks good. Did you reload the network config? Just copying it in won't be enough.

Subnet mask of your Windows VM should be 255.255.0.0 since your internal network is /24. It is weird that your ipconfig yields the link-local addresses, is the network interface connected to vmbr0? What is your VM config?

You can then try to trace your path by doing pings with increasing scope from your VM:

• ping 10.10.10.1 (local gateway)
• ping XXX.XXX.XXX.151 (proxmox-WAN)
• ping XXX.XXX.XXX.129 (WAN-gateway)
• ping 8.8.8.8 (internet)
• ping proxmox.com (DNS-resolve & internet)

 

[stxrlite]

this is my network config

 

[stxrlite]

The interfaces-file looks good. Did you reload the network config? Just copying it in won't be enough.

Subnet mask of your Windows VM should be 255.255.0.0 since your internal network is /24. It is weird that your ipconfig yields the link-local addresses, is the network interface connected to vmbr0? What is your VM config?

You can then try to trace your path by doing pings with increasing scope from your VM:

• ping 10.10.10.1 (local gateway)
• ping XXX.XXX.XXX.151 (proxmox-WAN)
• ping XXX.XXX.XXX.129 (WAN-gateway)
• ping 8.8.8.8 (internet)
• ping proxmox.com (DNS-resolve & internet)

i did not reload the net conf my bad, im just gonna do a reboot cause my dedi was acting up,

 

[stxrlite]

THE REBOOT HELPED THANKSSS

 

[stxrlite]

another question, how would i get ports on the vms, ex, im going to have two vms running rdp i want one with 3389 and 3390 i tried remoting into the first vm with the ip of the dedicated server and it didint work

 

[B.Otto]

From inside, so another machine in the 10.10.10.0 subnet? The connection should work already, there is nothing related to layer 4.

From outside? Then you need to set up port forwarding rules in your interfaces file. I rarely do this in Proxmox, but something like this might work for TCP/3389: (no guarantee though):

        post-up   iptables -A PREROUTING -t nat -i enp5s0f0 -p tcp --dport 3389 -j DNAT --to-destination 10.10.10.2:3389 
        post-up   iptables -A POSTROUTING -t nat -p tcp -d 10.10.10.2 --dport 3389 -j MASQUERADE

 

[stxrlite]

From inside, so another machine in the 10.10.10.0 subnet? The connection should work already, there is nothing related to layer 4.

From outside? Then you need to set up port forwarding rules in your interfaces file. I rarely do this in Proxmox, but something like this might work for TCP/3389: (no guarantee though):

        post-up   iptables -A PREROUTING -t nat -i enp5s0f0 -p tcp --dport 3389 -j DNAT --to-destination 10.10.10.2:3389
        post-up   iptables -A POSTROUTING -t nat -p tcp -d 10.10.10.2 --dport 3389 -j MASQUERADE

will try this out right now ill keep you updated

 

[stxrlite]

From inside, so another machine in the 10.10.10.0 subnet? The connection should work already, there is nothing related to layer 4.

From outside? Then you need to set up port forwarding rules in your interfaces file. I rarely do this in Proxmox, but something like this might work for TCP/3389: (no guarantee though):

        post-up   iptables -A PREROUTING -t nat -i enp5s0f0 -p tcp --dport 3389 -j DNAT --to-destination 10.10.10.2:3389
        post-up   iptables -A POSTROUTING -t nat -p tcp -d 10.10.10.2 --dport 3389 -j MASQUERADE

also if i wanted a tcp/udp port what would i do? ex tcp/udp for 30120 & 40120, also the RDP session worked thank you so much man youve been so much help

 

[stxrlite_]

also if i wanted a tcp/udp port what would i do? ex tcp/udp for 30120 & 40120, also the RDP session worked thank you so much man youve been so much help

Got the port situation working, one more thing then im all set, im trying to setup a ubuntu server, and im confused
how would i get the 10.10.10.1 subnet working?

 

[B.Otto]

Got the port situation working, one more thing then im all set, im trying to setup a ubuntu server, and im confused
how would i get the 10.10.10.1 subnet working?
View attachment 48159

The first field sets the subnet, not the IP address. So the right values would be

• Subnet: 10.10.10.0/24
• Address: 10.10.10.5
• Gateway: 10.10.10.1
• Name Servers: 8.8.8.8 (or what you prefer)
• Search Domain: <empty> (unless you have your own domain)

Great to hear that you have figured it out! I do suggest you try to learn about basic networking though, since it is usually assumed that things like Subnets, Gateway, TCP/UDP, DNS and all that stuff is known when doing advanced network configurations like we did above.

Kind regards,
Benedikt