[SOLVED] New Server, New Container but no internet access

C

ciarandwi

New Member
Aug 22, 2024
19
7
3
Hi,

We just bought a new server, i've installed SSH onto it just so that I can use Terminal instead of the console that the Proxmox gives us, created a new container but is having issues with having a internet connection i.e: I cannot ping from this container, however ping from the server with 0% packet loss. I believe this to be a bridge issue but I could be completely wrong.

This container has a:
Local IP: 192.168.0.101/24 (IPV4/CIDR)
Gateways: 16.....6
Bridge: VMBR0

I'm completely new to this and currently learning what to do so any help would be greatly appreciated. I know I can do the linux parts but it's just have to get over this first hurdle to progress.
 

Attachments

  • container.png
    container.png
    38.4 KB · Views: 6
  • server.png
    server.png
    48.2 KB · Views: 6
  • interfaces.png
    interfaces.png
    19.5 KB · Views: 6
Hi @ciarandwi .

The gateway is a way for the network node (container in your case) to reach other network nodes that are outside its (container's) own network broadcast.
Your container is capable of reaching any node within 192.168.0.1 to 192.168.0.254, ie 253 _local_ nodes.
Your gateway _must_ be within the reach of your network node (container). Currently - it is not.

Since your hypervisor is sitting directly connected to the Internet (ie using Public IP), you need to implement something similar to what is described here:
https://wiki.abyssproject.net/en/proxmox/proxmox-with-one-public-ip

Good luck

PS and since you self-admittedly are new to this, I would recommend rethinking placing servers directly on the public internet at this point in time.

Blockbridge : Ultra low latency all-NVME shared storage for Proxmox - https://www.blockbridge.com/proxmox
 
  • Like
Reactions: UdoB
bbgeek17 said:
Hi @ciarandwi .

The gateway is a way for the network node (container in your case) to reach other network nodes that are outside its (container's) own network broadcast.
Your container is capable of reaching any node within 192.168.0.1 to 192.168.0.254, ie 253 _local_ nodes.
Your gateway _must_ be within the reach of your network node (container). Currently - it is not.

Since your hypervisor is sitting directly connected to the Internet (ie using Public IP), you need to implement something similar to what is described here:
https://wiki.abyssproject.net/en/proxmox/proxmox-with-one-public-ip

Good luck

PS and since you self-admittedly are new to this, I would recommend rethinking placing servers directly on the public internet at this point in time.

Blockbridge : Ultra low latency all-NVME shared storage for Proxmox - https://www.blockbridge.com/proxmox
Click to expand...
Sorry for the late response. Appreciate the feedback and the resource link you've provided

How do you get around the server not being connected public internet? Aren't all websites connected to the public internet and surely they must have a public IP that anyone can search for or am I thinking about this completely wrong?

From looking at the link you've given, it just seems like I need to create a bridge with a local ip of 192.168.0.X and then create containers from the VMBR1

Thanks for your time, it's much appreciated
 
ciarandwi said:
How do you get around the server not being connected public internet?
Click to expand...
The most common configuration is:
ISP <> Router/Cable modem with Public IP <> LAN (private IPs) <> PVE with Private IP <> VMs (either same LAN as PVE or using NAT)

Arguably, for new users the Router/Modem built-in firewall provides an adequate day one protection.

ciarandwi said:
From looking at the link you've given, it just seems like I need to create a bridge with a local ip of 192.168.0.X and then create containers from the VMBR1
Click to expand...
Either your VMs and Containers need to have their own dedicated Public IP, or you need to implement Private LAN/NAT for them.
https://forum.proxmox.com/threads/create-private-network-bridge-with-nat.126232/

Blockbridge : Ultra low latency all-NVME shared storage for Proxmox - https://www.blockbridge.com/proxmox
 
  • Like
Reactions: ciarandwi
bbgeek17 said:
The most common configuration is:
ISP <> Router/Cable modem with Public IP <> LAN (private IPs) <> PVE with Private IP <> VMs (either same LAN as PVE or using NAT)

Arguably, for new users the Router/Modem built-in firewall provides an adequate day one protection.


Either your VMs and Containers need to have their own dedicated Public IP, or you need to implement Private LAN/NAT for them.
https://forum.proxmox.com/threads/create-private-network-bridge-with-nat.126232/

Blockbridge : Ultra low latency all-NVME shared storage for Proxmox - https://www.blockbridge.com/proxmox
Click to expand...
Perfect, thank you for your feedback. I think we will be going down the route of using private local IPs as that's what we got configured on other servers. If it works why change it, you know?

I appreciate all the information you've given and its clarified some issues/concerns I had
 
  • Like
Reactions: bbgeek17
After a couple of days, I managed to resolve this by using a NAT setup...

Here's what I did. On the server node, add this:
  1. nano /etc/network/interface
    1. a. Add below (These are tabs)

      1. auto BRIDGE_NAME
        iface BRIDGE_NAME inet static
        address 192.168.1.2
        netmask 255.255.255.0
        bridge_ports none
        bridge_stp off
        bridge_fd 0
        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up iptables -t nat -A POSTROUTING -s '192.168.1.0/24' -o vmbr0 -j MASQUERADE
        post-down iptables -t nat -D POSTROUTING -s '192.168.1.0/24' -o vmbr0 -j MASQUERADE
      2. Couple of things to note:
        1. Please make sure that this post-up/post-down POSTROUTING is in the same IP range i.e: 192.168.1.123 is in the range of 192.168.1.0 and 192.168.1.255 but 192.168.2.123 is not.
        2. Make sure you don't even the IP in .1 i.e: 192.168.1.1 is wrong but 192.168.1.2 is correct
  2. ifup vmbr1
  3. Create a new container using BRIDGE_NAME as your bridge.
  4. Set the Static IP to a 192.168.1.#/24 and with a gateway of SERVERS_IP
Here's a couple of resources that helped me :)

https://www.youtube.com/watch?v=ITYMeRE455g
https://www.youtube.com/watch?v=Q5l7VH6b5r4
https://bobcares.com/blog/setup-nat-on-proxmox

If someone can tell me if i've done this wrong then please tell me otherwise but I believe this is how it's done

Edit: You don't need to have a gateway of the same IP. The Gateway needs to be your servers public IP address.
 
Last edited:
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom