private VLAN to Public IP

D

damnlie

New Member
Jul 3, 2019
13
0
1
41
Hi,

I'm new to proxmox and networking in general, and I'm facing a problem I have to move an existing proxmox server which has a default configuration using a bridge cause it's private LAN, using an external gateway to reach the internet.
I have an internal DNS server there so all IP address on 192.168.80.x which is used has a dns record too.
I'm moving it to a datacenter where we gona have a singel public IP address. I read the wiki about how to configure network for a new server but what to do if its an already running one?
I was thinking of something like this but tbh. I have no idea if it would still work.

auto lo
iface lo inet loopback

auto eno1np0
#real IP address
iface eno1np0 inet static
address 198.51.100.5
netmask 255.255.255.0
gateway 198.51.100.1

auto vmbr0
iface vmbr0 inet static
address 192.168.80.2
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '192.168.80.0/24' -o eno1np0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '192.168.80.0/24' -o eno1np0 -j MASQUERADE

iface eno2d1 inet manual

iface eno3 inet manual

iface eno4 inet manual

auto vmbr1
iface vmbr1 inet static
address 10.10.10.1
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.10.10.0/24' -o vmbr0 -j MASQUERADE

the original settings at the moment:

auto lo
iface lo inet loopback

iface eno1np0 inet manual

auto vmbr0
iface vmbr0 inet static
address 192.168.80.2
netmask 255.255.255.0
gateway 192.168.80.1
bridge_ports eno1np0
bridge_stp off
bridge_fd 0

iface eno2d1 inet manual

iface eno3 inet manual

iface eno4 inet manual

auto vmbr1
iface vmbr1 inet static
address 10.10.10.1
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.10.10.0/24' -o vmbr0 -j MASQUERADE​

Any ideas?
 
damnlie said:
Hi,

I'm new to proxmox and networking in general, and I'm facing a problem I have to move an existing proxmox server which has a default configuration using a bridge cause it's private LAN, using an external gateway to reach the internet.
I have an internal DNS server there so all IP address on 192.168.80.x which is used has a dns record too.
I'm moving it to a datacenter where we gona have a singel public IP address. I read the wiki about how to configure network for a new server but what to do if its an already running one?
I was thinking of something like this but tbh. I have no idea if it would still work.

auto lo
iface lo inet loopback

auto eno1np0
#real IP address
iface eno1np0 inet static
address 198.51.100.5
netmask 255.255.255.0
gateway 198.51.100.1

auto vmbr0
iface vmbr0 inet static
address 192.168.80.2
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '192.168.80.0/24' -o eno1np0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '192.168.80.0/24' -o eno1np0 -j MASQUERADE

iface eno2d1 inet manual

iface eno3 inet manual

iface eno4 inet manual

auto vmbr1
iface vmbr1 inet static
address 10.10.10.1
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.10.10.0/24' -o vmbr0 -j MASQUERADE

the original settings at the moment:

auto lo
iface lo inet loopback

iface eno1np0 inet manual

auto vmbr0
iface vmbr0 inet static
address 192.168.80.2
netmask 255.255.255.0
gateway 192.168.80.1
bridge_ports eno1np0
bridge_stp off
bridge_fd 0

iface eno2d1 inet manual

iface eno3 inet manual

iface eno4 inet manual

auto vmbr1
iface vmbr1 inet static
address 10.10.10.1
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.10.10.0/24' -o vmbr0 -j MASQUERADE​

Any ideas?
Click to expand...


In iptables you have to use eno1np0 instead of vmbr0 - do you have connected any VMs with vmbr0? If so note that they will not find default gateway 192.168.80.1 and no DHCP server at its LAN any more.
 
So I guess my question more like if I use the following config:

auto lo
iface lo inet loopback

auto eno1np0
#real IP address
iface eno1np0 inet static
address 198.51.100.5
netmask 255.255.255.0
gateway 198.51.100.1

auto vmbr0
iface vmbr0 inet static
address 192.168.80.2
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '192.168.80.0/24' -o eno1np0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '192.168.80.0/24' -o eno1np0 -j MASQUERADE
Would this still work? Cause the problem is all my VM has 192.168.80.x IP address and a DNS server based on that range. So my logic was to turn 192.168.80.x as an private range. Then portworward to the VPN.
 
You must log in or register to reply here.
Top Bottom