requirement SDN

[vesuvienne]

Hi teams !

Do SDN create bridge automatically ? can i use it for NAT bridge who's already existing ?
Ex: I want dhcp on my NAT bridge
creating my Subnets under VNETs should i put my NAT bridge IP

 

[spirit]

a vnet is a bridge.

as a vnet in a simple zone is internal only (not attached to a physical interface), you can reuse the same subnet present on another bridge.

But don't use same gateway/bridge ip than your other nat bridge, or it'll break the routing.

 

[vesuvienne]

So if i create a VNets and Subnet with SNAT do proxmox create the iptables rules ? like i will normally do with iptables for a new NAT bridge?

auto vmbr1
iface vmbr1 inet static
        address 192.168.100.254/24
        bridge-ports none
        bridge-stp off
        bridge-fd 0

post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s 192.168.100.0/24 -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '192.168.100.0/24' -o vmbr0 -j MASQUERADE
post-up iptables -t raw -I PREROUTING -i fwbr+ -j CT --zone 1
post-down iptables -t raw -D PREROUTING -i fwbr+ -j CT --zone 1

i'm a beginner with proxmox and i'm wondering what's the best practice to create network on single NIC behind a ISP router, i want two network (local network + private network for testing)
- OPNsense - bridge (vmbr1) - VLAN
or
- just add bridge NAT

 

[spirit]

yes, the "nat" checkbox on the subnet is creating the iptables rules.

 

[vesuvienne]

perfect ! thx for the help