Hello everyone,
I'm trying to build a Proxmox-Host with LXC-Containers in the HETZNER Cloud. Basic information about the current network:
Home network <-> pfSense (onprem) <-> pfSense (in HETZNER Cloud) <-> PVE host <-> LXC-Containers
Home network: 10.0.0.0/16
Cloud network: 10.10.0.0/16; HETZNER Cloud Gateway: 10.10.0.1; subnet with PVE host: 10.10.20.0/24; PVE host ip address: 10.10.20.2/32
Target situation:
I want to reach my Containers in the cloud from my home network. The containers should be in the network 10.10.21.0/24.
What I've already done:
Trying to solve the problem using NAT between the PVE host and the container network. But it doesn't work.
Here is the /etc/network/interfaces:
Here is the output of
iptables -L -v -n
iptables -t nat -L -v -n
Is anyone able to help me with my problem?
I'm trying to build a Proxmox-Host with LXC-Containers in the HETZNER Cloud. Basic information about the current network:
Home network <-> pfSense (onprem) <-> pfSense (in HETZNER Cloud) <-> PVE host <-> LXC-Containers
Home network: 10.0.0.0/16
Cloud network: 10.10.0.0/16; HETZNER Cloud Gateway: 10.10.0.1; subnet with PVE host: 10.10.20.0/24; PVE host ip address: 10.10.20.2/32
Target situation:
I want to reach my Containers in the cloud from my home network. The containers should be in the network 10.10.21.0/24.
What I've already done:
Trying to solve the problem using NAT between the PVE host and the container network. But it doesn't work.
Here is the /etc/network/interfaces:
Code:
auto lo
iface lo inet loopback
#iface enp7s0 inet manual
auto vmbr0
iface vmbr0 inet static
address 10.10.20.2/32
gateway 10.10.0.1
pointopoint 10.10.0.1
bridge-ports enp7s0
bridge-stp off
bridge-fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -F
post-up iptables -t nat -A POSTROUTING -s '10.10.21.1/24' -o enp7s0 -j MASQUERADE
post-up iptables -A FORWARD -i vmbr1 -o enp7s0 -j ACCEPT
post-up iptables -A FORWARD -i enp7s0 -o vmbr1 -m state --state RELATED,ESTABLISHED -j ACCEPT
auto vmbr1
iface vmbr1 inet static
address 10.10.21.1/24
bridge-ports none
bridge-stp off
bridge-fd 0
source /etc/network/interfaces.d/*Here is the output of
iptables -L -v -n
iptables -t nat -L -v -n
Code:
Chain INPUT (policy ACCEPT 10156 packets, 2666K bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT 0 -- vmbr1 vmbr0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT 0 -- vmbr0 vmbr1 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT 0 -- vmbr1 enp7s0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT 0 -- enp7s0 vmbr1 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT 0 -- vmbr1 enp7s0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT 0 -- enp7s0 vmbr1 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT 0 -- vmbr1 enp7s0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT 0 -- enp7s0 vmbr1 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
Chain OUTPUT (policy ACCEPT 9141 packets, 2629K bytes)
pkts bytes target prot opt in out source destination
Chain PREROUTING (policy ACCEPT 533 packets, 27716 bytes)
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 533 packets, 27716 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 458 packets, 27784 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 458 packets, 27784 bytes)
pkts bytes target prot opt in out source destination
0 0 MASQUERADE 0 -- * enp7s0 10.10.21.0/24 0.0.0.0/0Is anyone able to help me with my problem?