I
ilikenwf
Guest
Hello, everyone. I've been trying out similar forum threads, my own wits and tutorials, etc, to no luck.
What I'm wanting to do is have all of my KVM guests use a pfSense guest as their gateway, so that they can all share their own private internal network, and if possible, use iptables to block all normal traffic to the host except through the pfSense gateway as well. I am pretty sure I have /etc/network/interfaces setup correctly, as below. I plan on eventually having 5 or more pubic IP's pointing to this box eventually, and also wish to manage those via pfSense, which I suppose I can somehow manage with more bridges, by using virtual interfaces and vlans on the host for each IP.
So far, no matter how I set it up, DHCP or not, I'm unable to ping the pfSense box from another guest, and the guests thus are also unable to ping the pfSense box. Pinging 10.0.0.2 always works fine to ping the host, though...so I'm not sure what's going on with the virtual switching here, but I'd really appreciate some help...
Please note: the bridge 0 IP is coming from my home network connection for now until I colocate the box, so that's why I'm using a private IP range there.
Thanks!
/etc/network/interfaces:
What I'm wanting to do is have all of my KVM guests use a pfSense guest as their gateway, so that they can all share their own private internal network, and if possible, use iptables to block all normal traffic to the host except through the pfSense gateway as well. I am pretty sure I have /etc/network/interfaces setup correctly, as below. I plan on eventually having 5 or more pubic IP's pointing to this box eventually, and also wish to manage those via pfSense, which I suppose I can somehow manage with more bridges, by using virtual interfaces and vlans on the host for each IP.
So far, no matter how I set it up, DHCP or not, I'm unable to ping the pfSense box from another guest, and the guests thus are also unable to ping the pfSense box. Pinging 10.0.0.2 always works fine to ping the host, though...so I'm not sure what's going on with the virtual switching here, but I'd really appreciate some help...
Please note: the bridge 0 IP is coming from my home network connection for now until I colocate the box, so that's why I'm using a private IP range there.
Thanks!
/etc/network/interfaces:
Code:
auto lo
iface lo inet loopback
iface eth1 inet manual
auto eth0
iface eth0 inet manual
auto vmbr1
iface vmbr1 inet static
address 10.0.0.2
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
auto vmbr0
iface vmbr0 inet static
address 192.168.2.200
netmask 255.255.255.0
gateway 192.168.2.1
bridge_ports eth0
bridge_stp off
bridge_fd 0
Last edited by a moderator: