private VLAN to Public IP

damnlie · Jul 3, 2019

Hi,

I'm new to proxmox and networking in general, and I'm facing a problem I have to move an existing proxmox server which has a default configuration using a bridge cause it's private LAN, using an external gateway to reach the internet.
I have an internal DNS server there so all IP address on 192.168.80.x which is used has a dns record too.
I'm moving it to a datacenter where we gona have a singel public IP address. I read the wiki about how to configure network for a new server but what to do if its an already running one?
I was thinking of something like this but tbh. I have no idea if it would still work.

auto lo
iface lo inet loopback

auto eno1np0
#real IP address
iface eno1np0 inet static
address 198.51.100.5
netmask 255.255.255.0
gateway 198.51.100.1

auto vmbr0
iface vmbr0 inet static
address 192.168.80.2
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '192.168.80.0/24' -o eno1np0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '192.168.80.0/24' -o eno1np0 -j MASQUERADE

iface eno2d1 inet manual

iface eno3 inet manual

iface eno4 inet manual

auto vmbr1
iface vmbr1 inet static
address 10.10.10.1
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.10.10.0/24' -o vmbr0 -j MASQUERADE

the original settings at the moment:

auto lo
iface lo inet loopback

iface eno1np0 inet manual

auto vmbr0
iface vmbr0 inet static
address 192.168.80.2
netmask 255.255.255.0
gateway 192.168.80.1
bridge_ports eno1np0
bridge_stp off
bridge_fd 0

iface eno2d1 inet manual

iface eno3 inet manual

iface eno4 inet manual

auto vmbr1
iface vmbr1 inet static
address 10.10.10.1
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.10.10.0/24' -o vmbr0 -j MASQUERADE

Any ideas?

Richard · Jul 8, 2019

damnlie said:
Hi,

I'm new to proxmox and networking in general, and I'm facing a problem I have to move an existing proxmox server which has a default configuration using a bridge cause it's private LAN, using an external gateway to reach the internet.
I have an internal DNS server there so all IP address on 192.168.80.x which is used has a dns record too.
I'm moving it to a datacenter where we gona have a singel public IP address. I read the wiki about how to configure network for a new server but what to do if its an already running one?
I was thinking of something like this but tbh. I have no idea if it would still work.

auto lo
iface lo inet loopback

auto eno1np0
#real IP address
iface eno1np0 inet static
address 198.51.100.5
netmask 255.255.255.0
gateway 198.51.100.1

auto vmbr0
iface vmbr0 inet static
address 192.168.80.2
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '192.168.80.0/24' -o eno1np0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '192.168.80.0/24' -o eno1np0 -j MASQUERADE

iface eno2d1 inet manual

iface eno3 inet manual

iface eno4 inet manual

auto vmbr1
iface vmbr1 inet static
address 10.10.10.1
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.10.10.0/24' -o vmbr0 -j MASQUERADE

the original settings at the moment:

auto lo
iface lo inet loopback

iface eno1np0 inet manual

auto vmbr0
iface vmbr0 inet static
address 192.168.80.2
netmask 255.255.255.0
gateway 192.168.80.1
bridge_ports eno1np0
bridge_stp off
bridge_fd 0

iface eno2d1 inet manual

iface eno3 inet manual

iface eno4 inet manual

auto vmbr1
iface vmbr1 inet static
address 10.10.10.1
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.10.10.0/24' -o vmbr0 -j MASQUERADE

Any ideas?

In iptables you have to use eno1np0 instead of vmbr0 - do you have connected any VMs with vmbr0? If so note that they will not find default gateway 192.168.80.1 and no DHCP server at its LAN any more.

damnlie · Jul 9, 2019

So I guess my question more like if I use the following config:

auto lo
iface lo inet loopback

auto eno1np0
#real IP address
iface eno1np0 inet static
address 198.51.100.5
netmask 255.255.255.0
gateway 198.51.100.1

auto vmbr0
iface vmbr0 inet static
address 192.168.80.2
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '192.168.80.0/24' -o eno1np0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '192.168.80.0/24' -o eno1np0 -j MASQUERADE

Would this still work? Cause the problem is all my VM has 192.168.80.x IP address and a DNS server based on that range. So my logic was to turn 192.168.80.x as an private range. Then portworward to the VPN.

Search

Search

private VLAN to Public IP

damnlie

New Member

Richard

Renowned Member

damnlie

New Member