[SOLVED] Proxmox VE 6 - OVH

frmiqueias

New Member
Aug 5, 2021
8
1
1
33
Brazil
miqueiasfrancisco.com.br
I have a server at OVH with Proxmox VE 6 installation and also a failover IP block.

I created a virtual MAC in OVH and assigned it to a VM with static failover ip. But VM cannot ping 8.8.8.8.

I've tried several articles and tutorials but none have been able to help me with this problem.

See my settings

File /etc/network/interfaces in PROXMOX

Code:
auto lo
iface lo inet loopback

iface ens3f0 inet manual
        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up echo 1 > /proc/sys/net/ipv4/conf/ens3f0/proxy_arp

iface enp0s20f0u2u2c2 inet manual

iface ens13f0 inet manual

iface ens13f1 inet manual

iface ens3f1 inet manual

auto vmbr0
iface vmbr0 inet static
        address 51.222.YYY.XXXX/24
        gateway 51.222.YYY.254
        bridge-ports ens3f0
        bridge-stp off
        bridge-fd 0

My centOS 7 VM in attached file!


Could someone please help me with this question.

Thanks!
 
Last edited:

lps90

Member
May 21, 2020
172
9
23
I'm with Proxmox 7 and Centos 8 Stream VM

1628207488003.png

Using the virtual mac address.
Only needed to configure the server like this.
Then you need to add your failover ip in your dedicated server iptables
Command: nano /etc/iptables

Private ip used in Centos VM = 192.168.1.52
Failover ip used in Centos VM = 37.xx5.xx3.152
Default deficated server ip = 146.xx5.xx3.100

Code:
#####
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
# FAILOVER IPS
-A POSTROUTING -s 192.168.1.50 -j SNAT --to-source 37.xx5.xx3.150
-A POSTROUTING -s 192.168.1.51 -j SNAT --to-source 37.xx5.xx3.151
-A POSTROUTING -s 192.168.1.52 -j SNAT --to-source 37.xx5.xx3.152
-A POSTROUTING -s 192.168.1.0/24 -o ens3f0 -j SNAT --to-source 146.xx5.xx3.100
-A POSTROUTING -s 192.168.1.0/24 -o vmbr0 -j MASQUERADE
COMMIT
#####
*filter
:INPUT ACCEPT [1662:633649]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1416:420500]
-A FORWARD -i ens3f0 -o vmbr0 -j ACCEPT
COMMIT
#####

My resolv.conf
Command: nano /etc/sysctl.conf

Code:
### IPv4
net.ipv4.conf.all.rp_filter=1
net.ipv4.icmp_echo_ignore_broadcasts=1
net.ipv4.conf.default.forwarding=1
net.ipv4.conf.default.proxy_arp=0
net.ipv4.ip_forward=1
kernel.sysrq=1
net.ipv4.conf.default.send_redirects=1
net.ipv4.conf.all.send_redirects=0


I hope it helps ;)
 
Last edited:

frmiqueias

New Member
Aug 5, 2021
8
1
1
33
Brazil
miqueiasfrancisco.com.br
I'm with Proxmox 7 and Centos 8 Stream VM

View attachment 28462

Using the virtual mac address.
Only needed to configure the server like this.
Then you need to add your failover ip in your dedicated server iptables
Command: nano /etc/iptables

Private ip used in Centos VM = 192.168.1.52
Failover ip used in Centos VM = 37.xx5.xx3.152
Default deficated server ip = 146.xx5.xx3.100

Code:
#####
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
# FAILOVER IPS
-A POSTROUTING -s 192.168.1.50 -j SNAT --to-source 37.xx5.xx3.150
-A POSTROUTING -s 192.168.1.51 -j SNAT --to-source 37.xx5.xx3.151
-A POSTROUTING -s 192.168.1.52 -j SNAT --to-source 37.xx5.xx3.152
-A POSTROUTING -s 192.168.1.0/24 -o ens3f0 -j SNAT --to-source 146.xx5.xx3.100
-A POSTROUTING -s 192.168.1.0/24 -o vmbr0 -j MASQUERADE
COMMIT
#####
*filter
:INPUT ACCEPT [1662:633649]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1416:420500]
-A FORWARD -i ens3f0 -o vmbr0 -j ACCEPT
COMMIT
#####

My resolv.conf
Command: nano /etc/sysctl.conf

Code:
### IPv4
net.ipv4.conf.all.rp_filter=1
net.ipv4.icmp_echo_ignore_broadcasts=1
net.ipv4.conf.default.forwarding=1
net.ipv4.conf.default.proxy_arp=0
net.ipv4.ip_forward=1
kernel.sysrq=1
net.ipv4.conf.default.send_redirects=1
net.ipv4.conf.all.send_redirects=0


I hope it helps ;)

I really appreciate your answer!
I did the configuration exactly as you gave me, not yet I'm not successful in ping 8.8.8.8

Could you give me your /etc/network/interfaces example in proxmox

Thank you very much!
 

lps90

Member
May 21, 2020
172
9
23
Sure ;)

Code:
auto lo
iface lo inet loopback

iface lo inet6 loopback

auto ens3f0
iface ens3f0 inet manual

auto vmbr0
iface vmbr0 inet static
        address 146.xx5.xx3.100/24
        gateway 146.xx5.xx3.254
        bridge-ports ens3f0
        bridge-stp off
        bridge-fd 0
        hwaddress a0:36:xx:xx:xx:xx

    post-up echo 1 > /proc/sys/net/ipv4/ip_forward
    post-up iptables -t nat -A POSTROUTING -s '192.168.1.0/24' -o ens3f0 -j MASQUERADE
    post-down iptables -t nat -D POSTROUTING -s '192.168.1.0/24' -o ens3f0 -j MASQUERADE


**Do not forget to restart your server just to be sure that everything is being applied ;)
 
Last edited:

frmiqueias

New Member
Aug 5, 2021
8
1
1
33
Brazil
miqueiasfrancisco.com.br
Sure ;)

Code:
auto lo
iface lo inet loopback

iface lo inet6 loopback

auto ens3f0
iface ens3f0 inet manual

auto vmbr0
iface vmbr0 inet static
        address 146.xx5.xx3.100/24
        gateway 146.xx5.xx3.254
        bridge-ports ens3f0
        bridge-stp off
        bridge-fd 0
        hwaddress a0:36:xx:xx:xx:xx

    post-up echo 1 > /proc/sys/net/ipv4/ip_forward
    post-up iptables -t nat -A POSTROUTING -s '192.168.1.0/24' -o ens3f0 -j MASQUERADE
    post-down iptables -t nat -D POSTROUTING -s '192.168.1.0/24' -o ens3f0 -j MASQUERADE


**Do not forget to restart your server just to be sure that everything is being applied ;)
Thank you again! I'm going to test it right now!
hwaddress a0:36:xx:xx:xx:xx is the same MACADRESS as your ens3f0 card?

I created the /etc/iptables file and added the modified script!
Then I run
Code:
#iptables-restore < /etc/iptables

Can you tell me if this is enough?

Thank you very much for the support.
 

lps90

Member
May 21, 2020
172
9
23
Forget about "hwaddress" (only needed in Proxmox 7).

Install iptables:
apt-get install -y iptables-persistent

The iptable rules will be in:
/etc/iptables/rules.v4

Then add the respective rules i sent to you (edit the rules with your ips).

To apply them:
service netfilter-persistent reload
 

frmiqueias

New Member
Aug 5, 2021
8
1
1
33
Brazil
miqueiasfrancisco.com.br
Forget about "hwaddress" (only needed in Proxmox 7).

Install iptables:
apt-get install -y iptables-persistent

The iptable rules will be in:
/etc/iptables/rules.v4

Then add the respective rules i sent to you (edit the rules with your ips).

To apply them:
service netfilter-persistent reload
Thanks for your help! But I was not successful in implementing it that way!

But with your configuration model I could think of a different way of configuration, using a dummy virtual device and traffic redirection by iptables. This problem is solved!

I'm installing cpanel now, and if everything goes well I'll create a tutorial on how I solve the problem to share here on the forum.

Thanks again!
 

lps90

Member
May 21, 2020
172
9
23
I think you need to disable the centos firewall mate (i did it in my VM so it works) ;)
Commands to disable:
systemctl stop firewalld
systemctl disable firewalld
 
Last edited:

lps90

Member
May 21, 2020
172
9
23
@frmiqueias
Did you managed to configure centos 7 vm network?
cause i just installed a vm with centos 7 (in proxmox 7) and i am facing the same problem, i cant acess the network.
 

frmiqueias

New Member
Aug 5, 2021
8
1
1
33
Brazil
miqueiasfrancisco.com.br

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!