Public IP(s) Masquerade, gateway not reachable

W

wldlkx

New Member
Jun 17, 2024
4
0
1
Hello,

I really need help to understand what is the best network configuration I shall make.
I have 3 Public IPs that share the same /24 netmask, thus they have the same gateway.
At first, I tried using only one of them and route all my VMs traffic through it using Masquerading (my VMs have to connect to the internet) like so :
/etc/network/interfaces
Code: 
auto lo
iface lo inet loopback

auto enp4s0
iface enp4s0 inet static
        address REDACTED.7/24
        gateway REDACTED.1
        dns-nameservers REDACTED.14 REDACTED.REDACTED.11


auto vmbr0
iface vmbr0 inet static
        address 172.16.0.1/24
        bridge-ports none
        bridge-stp off
        bridge-fd 0

        post-up   echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up   iptables -t nat -A POSTROUTING -s '172.16.0.0/24' -o enp4s0 -j MASQUERADE
        post-down iptables -t nat -D POSTROUTING -s '172.16.0.0/24' -o enp4s0 -j MASQUERADE

After having found this configuration satisfying, I went on to creating a debian VM.
I assigned 172.16.0.100 to it and 172.16.0.1 as a gateway.
Everything works, I get to the VM

Then, for a reason I can't fathom, after downloading some things (nodejs environment) and restarting networking service, I can't ping my VM gateway 172.16.0.1 anymore.
I also notice inconsistency between VM /etc/network/interfaces and ip show output, ens18 not present in file but present in ip show output.
IP route seems fine on both ends. Host and guest can't ping each other anymore, they could before.

I tried using a setup with 2 Bridges, one with the public IP, one with the private net, like in this video but I ended up cutting my SSH connection, I thought I'd done it properly. Got it back, now I'm writing this post b4 trying anything, no ideas.

Can someone recommend me a better way to get this working ?
In the optimal setup I have in mind, a Public IP will reach Host Proxmox, and another Public IP would serve as VMs' Internet access, but I don't know how to do that as they have the same gateway it confuses me on how to set it up.

EDIT1: I've relocated my post in the right forum. Sorry for the inconvenience. In the previous thread I've been told that the Proxmox IP and Gateway IP being the same is probably the reason for my problem. But the thing is I can't seem to put a new gateway on the vmbr0 interface error "gateway: Default gateway already exists on interface 'enp4s0'."
I cannot and do not want to use the enp4s0 gateway as its the hosting provider's. Anyone now what configuration would be best ?

I'd be eternally grateful for any help. I can offer some coffee if you want.

Thanks in advance !
 
did you try with this:
Code: 
post-up   echo 1 > /proc/sys/net/ipv4/ip_forward
post-up   iptables -t nat -A POSTROUTING -s '172.16.0.0/24' -o enp4s0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '172.16.0.0/24' -o enp4s0 -j MASQUERADE
post-up iptables -t raw -I PREROUTING -i fwbr+ -j CT --zone 1
post-down iptables -t raw -D PREROUTING -i fwbr+ -j CT --zone 1

i had some trouble without the PREROUTING last line

For reference this is how i doing my NAT (just following proxmox doc)
Code: 
auto lo
iface lo inet loopback

iface enp1s0 inet manual

auto vmbr0
iface vmbr0 inet static
        address 192.168.1.32/24 #dhcp internet provider
        gateway 192.168.1.254 # internet provider gateway
        bridge-ports enp1s0
        bridge-stp off
        bridge-fd 0

auto vmbr1
iface vmbr1 inet static
        address 192.168.100.254/24 #NAT gateway
        bridge-ports none
        bridge-stp off
        bridge-fd 0
    
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s 192.168.100.0/24 -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '192.168.100.0/24' -o vmbr0 -j MASQUERADE
post-up iptables -t raw -I PREROUTING -i fwbr+ -j CT --zone 1
post-down iptables -t raw -D PREROUTING -i fwbr+ -j CT --zone 1

In my VM
Code: 
auto enp0s3  # interface_name
iface enp0s3 inet static
    address 192.168.100.2   # ip in network vmbr1
    netmask 255.255.255.0
    gateway 192.168.100.254 # IP gateway NAT vmbr1
 
Last edited:
- I don't have a DHCP
- I don't have a private network gateway
- My default server config after having it bought from the hosting provider was the auto enp4s0 static, I don't think my hosting provider will attribute a public IP to my host if I put it in inet manual, i have to specify
- I don"t know how to use two bridges, whats the point in two bridges ?
 
this is my default proxmox install (i have dhcp & i'm behind my router internet provider)
second bridge i had it for my NAT
Code: 
auto lo
iface lo inet loopback

iface enp1s0 inet manual

auto vmbr0
iface vmbr0 inet static
        address 192.168.1.32/24 #dhcp internet provider
        gateway 192.168.1.254 # internet provider gateway
        bridge-ports enp1s0
        bridge-stp off
        bridge-fd 0
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back