Problem with ips in nat

[jaminka]

Hello
i have a network configuration that used to work on proxmox 3 but now on proxmox 5.1 it doesn't work.
I have multiple external ips and one vm in lxc, which should have access to all of the ips.
I use nat to give access the vm to the ips, and map some ports to the vm.
I have one subnetwork for each ip, 192.168.0.0/24 for the first external ip, 192.168.1.0/24 for the second, etc.

This is the conf on host :
auto vmbr1
iface vmbr1 inet manual
bridge_ports dummy0
bridge_stp off
bridge_fd 0

auto vmbr0
iface vmbr0 inet static
address (external ip 1)
netmask 255.255.255.0
gateway (external ip 1).254
broadcast (external ip 1).255
bridge_ports eth0
bridge_stp off
bridge_fd 0
network (external ip 1).0

auto vmbr100
iface vmbr100 inet static
address 192.168.0.254
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '192.168.0.0/24' -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '192.168.0.0/24' -o vmbr0 -j MASQUERADE
post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 1022 -j DNAT --to 192.168.0.1:22


auto vmbr2
iface vmbr2 inet static
address (external ip 2)
netmask 255.255.255.255


auto vmbr101
iface vmbr101 inet static
address 192.168.1.254
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j SNAT --to-source (external ip 2)
post-down iptables -t nat -D POSTROUTING -s 192.168.1.0/24 -j SNAT --to-source (external ip 2)

and i have the following ip configuration on the guest :

(see attachment)

Then i run the following commands on guest :
curl "http: wtfismyip.com/text" --interface venet1 -4
(timeout)
curl "http: wtfismyip.com/text" --interface venet0 -4
(external ip 1)
curl "http: wtfismyip.com/text" --interface 192.168.1.1 -4
(timeout)
curl "http: wtfismyip.com/text" --interface 192.168.0.1 -4
(external ip 1)


and the following on host :
curl "http: wtfismyip.com/text" --interface 192.168.0.254 -4
(external ip 1)
curl "http: wtfismyip.com/text" --interface 192.168.1.254 -4
(external ip 2)
curl "http: wtfismyip.com/text" --interface vmbr0 -4
(external ip 1)
curl "http: wtfismyip.com/text" --interface vmbr2 -4
(timeout)



Thanks for you help !

ps: i have censored the links to wtfismyip as i'm not allowed to post links

 

[kotakomputer]

According to your attachment, netmask for 255.255.255.0 in CIDR format is not /32, instead /24

 

[jaminka]

thanks, i changed and restarted the vm, the results are the same

 

[jaminka]

hello
anyone can help ?

 

[jaminka]

i have the following on my vm :

and the following on my host :


so why when i type the following commands on the host i have :
ping 192.168.1.1 -I vmbr100
PING 192.168.1.1 (192.168.1.1) from 192.168.0.254 vmbr100: 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=0.042 ms

ping 192.168.1.1 -I vmbr101
PING 192.168.1.1 (192.168.1.1) from 192.168.1.254 vmbr101: 56(84) bytes of data.
^C
--- 192.168.1.1 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 4075ms

why does it respond on vmbr100 while the subnetwork 192.168.1.1/24 is on vmbr101 ?

 

[tom]

You still run 3.x?

This is outdated and out of support. Consider using the current version.
See also https://forum.proxmox.com/threads/proxmox-ve-support-lifecycle.35755/

 

[jaminka]

no i don't run 3.x anymore, that's the problem. It was working on 3.x, but i switched to 5.1 and now it doesn't work anymore

 

[jaminka]

i switched to 5.1 using a backup and a new server