[SOLVED] Proxmox VE 6 - OVH

frmiqueias · Aug 5, 2021

I have a server at OVH with Proxmox VE 6 installation and also a failover IP block.

I created a virtual MAC in OVH and assigned it to a VM with static failover ip. But VM cannot ping 8.8.8.8.

I've tried several articles and tutorials but none have been able to help me with this problem.

See my settings

File /etc/network/interfaces in PROXMOX

Code:

auto lo
iface lo inet loopback

iface ens3f0 inet manual
        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up echo 1 > /proc/sys/net/ipv4/conf/ens3f0/proxy_arp

iface enp0s20f0u2u2c2 inet manual

iface ens13f0 inet manual

iface ens13f1 inet manual

iface ens3f1 inet manual

auto vmbr0
iface vmbr0 inet static
        address 51.222.YYY.XXXX/24
        gateway 51.222.YYY.254
        bridge-ports ens3f0
        bridge-stp off
        bridge-fd 0

My centOS 7 VM in attached file!

Could someone please help me with this question.

Thanks!

lps90 · Aug 6, 2021

I'm with Proxmox 7 and Centos 8 Stream VM

Using the virtual mac address.
Only needed to configure the server like this.
Then you need to add your failover ip in your dedicated server iptables
Command: nano /etc/iptables

Private ip used in Centos VM = 192.168.1.52
Failover ip used in Centos VM = 37.xx5.xx3.152
Default deficated server ip = 146.xx5.xx3.100

Code:

#####
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
# FAILOVER IPS
-A POSTROUTING -s 192.168.1.50 -j SNAT --to-source 37.xx5.xx3.150
-A POSTROUTING -s 192.168.1.51 -j SNAT --to-source 37.xx5.xx3.151
-A POSTROUTING -s 192.168.1.52 -j SNAT --to-source 37.xx5.xx3.152
-A POSTROUTING -s 192.168.1.0/24 -o ens3f0 -j SNAT --to-source 146.xx5.xx3.100
-A POSTROUTING -s 192.168.1.0/24 -o vmbr0 -j MASQUERADE
COMMIT
#####
*filter
:INPUT ACCEPT [1662:633649]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1416:420500]
-A FORWARD -i ens3f0 -o vmbr0 -j ACCEPT
COMMIT
#####

My resolv.conf
Command: nano /etc/sysctl.conf

Code:

### IPv4
net.ipv4.conf.all.rp_filter=1
net.ipv4.icmp_echo_ignore_broadcasts=1
net.ipv4.conf.default.forwarding=1
net.ipv4.conf.default.proxy_arp=0
net.ipv4.ip_forward=1
kernel.sysrq=1
net.ipv4.conf.default.send_redirects=1
net.ipv4.conf.all.send_redirects=0

I hope it helps

frmiqueias · Aug 6, 2021

lps90 said:
I'm with Proxmox 7 and Centos 8 Stream VM

View attachment 28462

Using the virtual mac address.
Only needed to configure the server like this.
Then you need to add your failover ip in your dedicated server iptables
Command: nano /etc/iptables

Private ip used in Centos VM = 192.168.1.52
Failover ip used in Centos VM = 37.xx5.xx3.152
Default deficated server ip = 146.xx5.xx3.100

Code:

##### *nat :PREROUTING ACCEPT [0:0] :INPUT ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] # FAILOVER IPS -A POSTROUTING -s 192.168.1.50 -j SNAT --to-source 37.xx5.xx3.150 -A POSTROUTING -s 192.168.1.51 -j SNAT --to-source 37.xx5.xx3.151 -A POSTROUTING -s 192.168.1.52 -j SNAT --to-source 37.xx5.xx3.152 -A POSTROUTING -s 192.168.1.0/24 -o ens3f0 -j SNAT --to-source 146.xx5.xx3.100 -A POSTROUTING -s 192.168.1.0/24 -o vmbr0 -j MASQUERADE COMMIT ##### *filter :INPUT ACCEPT [1662:633649] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [1416:420500] -A FORWARD -i ens3f0 -o vmbr0 -j ACCEPT COMMIT #####

My resolv.conf
Command: nano /etc/sysctl.conf

Code:

### IPv4 net.ipv4.conf.all.rp_filter=1 net.ipv4.icmp_echo_ignore_broadcasts=1 net.ipv4.conf.default.forwarding=1 net.ipv4.conf.default.proxy_arp=0 net.ipv4.ip_forward=1 kernel.sysrq=1 net.ipv4.conf.default.send_redirects=1 net.ipv4.conf.all.send_redirects=0

I hope it helps

I really appreciate your answer!
I did the configuration exactly as you gave me, not yet I'm not successful in ping 8.8.8.8

Could you give me your /etc/network/interfaces example in proxmox

Thank you very much!

lps90 · Aug 6, 2021

Sure

Code:

auto lo
iface lo inet loopback

iface lo inet6 loopback

auto ens3f0
iface ens3f0 inet manual

auto vmbr0
iface vmbr0 inet static
        address 146.xx5.xx3.100/24
        gateway 146.xx5.xx3.254
        bridge-ports ens3f0
        bridge-stp off
        bridge-fd 0
        hwaddress a0:36:xx:xx:xx:xx

    post-up echo 1 > /proc/sys/net/ipv4/ip_forward
    post-up iptables -t nat -A POSTROUTING -s '192.168.1.0/24' -o ens3f0 -j MASQUERADE
    post-down iptables -t nat -D POSTROUTING -s '192.168.1.0/24' -o ens3f0 -j MASQUERADE

**Do not forget to restart your server just to be sure that everything is being applied

frmiqueias · Aug 6, 2021

lps90 said:

Sure

Code:

auto lo
iface lo inet loopback

iface lo inet6 loopback

auto ens3f0
iface ens3f0 inet manual

auto vmbr0
iface vmbr0 inet static
        address 146.xx5.xx3.100/24
        gateway 146.xx5.xx3.254
        bridge-ports ens3f0
        bridge-stp off
        bridge-fd 0
        hwaddress a0:36:xx:xx:xx:xx

    post-up echo 1 > /proc/sys/net/ipv4/ip_forward
    post-up iptables -t nat -A POSTROUTING -s '192.168.1.0/24' -o ens3f0 -j MASQUERADE
    post-down iptables -t nat -D POSTROUTING -s '192.168.1.0/24' -o ens3f0 -j MASQUERADE

**Do not forget to restart your server just to be sure that everything is being applied

Thank you again! I'm going to test it right now!
hwaddress a0:36:xx:xx:xx:xx is the same MACADRESS as your ens3f0 card?

I created the /etc/iptables file and added the modified script!
Then I run

Code:

#iptables-restore < /etc/iptables

Can you tell me if this is enough?

Thank you very much for the support.

lps90 · Aug 6, 2021

Forget about "hwaddress" (only needed in Proxmox 7).

Install iptables:
apt-get install -y iptables-persistent

The iptable rules will be in:
/etc/iptables/rules.v4

Then add the respective rules i sent to you (edit the rules with your ips).

To apply them:
service netfilter-persistent reload

frmiqueias · Aug 6, 2021

lps90 said:
Forget about "hwaddress" (only needed in Proxmox 7).

Install iptables:
apt-get install -y iptables-persistent

The iptable rules will be in:
/etc/iptables/rules.v4

Then add the respective rules i sent to you (edit the rules with your ips).

To apply them:
service netfilter-persistent reload

Thanks for your help! But I was not successful in implementing it that way!

But with your configuration model I could think of a different way of configuration, using a dummy virtual device and traffic redirection by iptables. This problem is solved!

I'm installing cpanel now, and if everything goes well I'll create a tutorial on how I solve the problem to share here on the forum.

Thanks again!

lps90 · Aug 6, 2021

I think you need to disable the centos firewall mate (i did it in my VM so it works)

Commands to disable:
systemctl stop firewalld
systemctl disable firewalld

lps90 · Aug 10, 2021

@frmiqueias
Did you managed to configure centos 7 vm network?
cause i just installed a vm with centos 7 (in proxmox 7) and i am facing the same problem, i cant acess the network.

frmiqueias · Aug 12, 2021

lps90 said:
@frmiqueias
Did you managed to configure centos 7 vm network?
cause i just installed a vm with centos 7 (in proxmox 7) and i am facing the same problem, i cant acess the network.

I can't say if it will work in PROMOX 7, but I've shared here https://forum.proxmox.com/threads/proxmox-ve-6-ovh-ip-failover.94340/ how I managed to solve the problem in PROXMOX 6.

I hope it helps.

lps90 · Aug 12, 2021

frmiqueias said:
I can't say if it will work in PROMOX 7, but I've shared here https://forum.proxmox.com/threads/proxmox-ve-6-ovh-ip-failover.94340/ how I managed to solve the problem in PROXMOX 6.

I hope it helps.

your link "The requested thread could not be found."

frmiqueias · Aug 12, 2021

lps90 said:
your link "The requested thread could not be found."

Thread was under review, please try again.

Search

Search

[SOLVED] Proxmox VE 6 - OVH

frmiqueias

New Member

lps90

Active Member

frmiqueias

New Member

lps90

Active Member

frmiqueias

New Member

lps90

Active Member

frmiqueias

New Member

lps90

Active Member

lps90

Active Member

frmiqueias

New Member

lps90

Active Member

frmiqueias

New Member