Hello!
I want to create a private network for my containers (IP range
pve is used in a local network, and my pve host connects to my network with a VLAN-aware bridge. I use various VLANs, and VLAN20 shall be used for the outbound connections of the container network.
According to the official tutorial on this topic, I set up the following. I use no firewall.
Host
Container network configuration (Ubuntu 22.04 LXC):
I can ping the host on
What could I be missing? Thanks in advance!
I want to create a private network for my containers (IP range
10.10.200.0/24), and allow these containers to establish outbound connections.pve is used in a local network, and my pve host connects to my network with a VLAN-aware bridge. I use various VLANs, and VLAN20 shall be used for the outbound connections of the container network.
According to the official tutorial on this topic, I set up the following. I use no firewall.
Host
/etc/network/interfaces:
Code:
auto lo
iface lo inet loopback
iface eno1 inet manual
auto vmbr0
iface vmbr0 inet manual
bridge-ports eno1
bridge-stp off
bridge-fd 0
bridge-vlan-aware yes
bridge-vids 2-4094
#Main VLAN-aware bridge
auto vmbr1
iface vmbr1 inet static
address 10.10.200.1/24
bridge-ports none
bridge-stp off
bridge-fd 0
# Enable forwarding
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
# Add rule to rewrite (masquerade) outoing packets from vmbr1
# to appear as coming from the IP address of VLAN20
post-up iptables -t nat -A POSTROUTING -s '10.10.200.0/24' -o vlan20 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.10.200.0/24' -o vlan20 -j MASQUERADE
#Proxmox guests private network 10.10.200.0
auto vlan20
iface vlan20 inet manual
vlan-raw-device vmbr0
#lan
# There are some more VLANs that are removed here.
source /etc/network/interfaces.d/*Container network configuration (Ubuntu 22.04 LXC):
I can ping the host on
10.10.200.1, but not my network's router on VLAN20 which lives at 10.10.20.1.What could I be missing? Thanks in advance!
