Proxmox VE multiple Gateways

dqq

Active Member
Jan 30, 2020
34
1
28
54
Hi,

I want to utilize IPs pointing to my server.
Some of them are failover IPs, that are set to my server and can be redirected to other machines in case of dedicated machine failure.


What I want to do is setting up IP address and gateway to my second Network Device, but I get default gateway error (as attached)

What I do have:
- Linux bridge vmbr0 for my main ip with gateway

What I want to add:
- Linux bridge vmbrX for my failover IP with different gateway


Thanks for help
 

Attachments

  • scr.png
    scr.png
    12.3 KB · Views: 192
There can be only one default gateway.

In most setups a failover is done on the router that is placed in front of Proxmox VE. I don't know a way of how to achieve failover in that way set up directly on Proxmox VE.

Maybe someone else has an idea or an actual working setup.
 
  • Like
Reactions: hmohr
The advantages of a dual gateway setup on the OS level (Proxmox) for 'redundancy' is at best questionable. As @aaron said, usually you achieve failover / redundancy on the router level, which is way more suitable.

@dqq please provide more details about your setup here:

- Provider (//hosting company) (!)
- Do you want to use these additional IPs for a router / VM on Proxmox or Proxmox itself
- are all IPs GWs in the same subnet
 
Another advantage might be security. You could have management on one network and vms/resources on others.
 
  • Like
Reactions: rd1218
I would like to create 2 separate networks as well, one for management (VM mgmt interface + clustering of proxmox servers) and other network for the VM's datapath.
Since I would be running heavy workloads on VM's I would like to isolate that network so that I do not starve out the management links (or lose access to proxmox GUI or RDP/SSH to VM's)
I am able to do this in vsphere with each VM's having 2 NIC's and placed in different port groups

My server has 2x1G and 2x100G interfaces and I would like to create a bond of 2x100G interface and point it to gateway 1 (for VM datapath) and bond of 2x1G interfaces and point it to gateway 2 (for VM management+accessing proxmox server)

Please let me know if this is possible with the current PVE 7.3
 
  • Like
Reactions: GrumpyDave
you can have different bridges, but there can only ever be one gateway on any single linux host (although you can have arbitrary routes for various parts of your network).
 
  • Like
Reactions: rohitp
Hi,

I have 2 network device + 1 Linux bridge :
NameTypePorts/slavesCIDRGatewayComments
eno1Network Device172.20.30.250/24Management (1Gb interface)
eno2Network Device10Gb interface
vmbr0Linux Bridgeeno210.0.0.250/2410.0.0.254

2 networks :
172.20.30.0/24 : management network
10.0.0.0/24 : fast network for VM

From the management network I target eno1 to connect to the GUI for the maintenance.
But when I reach Internet (upgrade packages for example) without gw on eno1, PVE will use eno2 to reach Internet (there is the gw on eno2), right ?

In the my external firewall, I only have to allow the IP of eno2 (not eno1) if I need internet for the maintenance, is it correct ?
 
Last edited:
with the config above traffic to 172.20.30.250/24 should go over eno1, and everything else including the default route/uplink via vmbr0->eno2->10.0.0.254->... , except for guests attached to vmbr0 of course, which are directly reachable over vmbr0 on the PVE host itself ;)
 
with the config above traffic to 172.20.30.250/24 should go over eno1, and everything else including the default route/uplink via vmbr0->eno2->10.0.0.254->... , except for guests attached to vmbr0 of course, which are directly reachable over vmbr0 on the PVE host itself ;)
Thanks for your answer.
Something I don't understand : why eno2 is used when I use for exemple "apt upgrade" from the host pve ?
I would like to manage PVE with eno1, it means :
- reaching webUI of pve with eno1 (it's working)
- upgrade PVE with eno1 (not working) : reaching internet

And I would like to use only eno2 for guests attached to vmbr0.

Is it possible ?
 
Last edited:
Something I don't understand : why eno2 is used when I use for exemple "apt upgrade" from the host pve ?
because it is your default route to the internet..

if you have two uplinks and want to use one as default, and the other for specific sources or subnet-originating traffic, then you need to route accordingly, but that is a bit more advanced of a setup..
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!