Route/Bridge 2 ip addresses at hetzner to vm

D

dev123

New Member
Aug 18, 2022
1
2
3
Hey,

I have to IP addresses:
95.21x.yy.z58
95.21x.yy.z37

They both have a gw 95.21x.yy.z29

Now I'm trying to figure out a way bridge the first ip address and route the second IP addresses to my pfSense vm.

vmbr0 is used internally for my VMs.
vmbr1 is used connect the my pfSense to the proxmox host. Everything apart from port 2222 for ssh is natted.

So far this is working, but I don't get the second ip routed to pfSense. I added the mac address generated at hetzner to my vm and wanted to use vmbr2 to route 95.21x.yy.z37 to the pfSense to use it on a second wan gw. That doesn't work.

Here's my /etc/network/interfaces:
Code: 
source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback

iface lo inet6 loopback

auto enp0s31f6
iface enp0s31f6 inet6 static
        address 0000:0000:0000:0000:0000:0000/64
        gateway fe80::1

iface enp0s31f6 inet static
        address 95.21x.yy.z58/26
        gateway 95.21x.yy.z29
        up route add -net 95.21x.yy.z28 netmask 255.255.255.192 gw 95.21x.yy.z29 dev enp0s31f6
        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up iptables -t nat -A PREROUTING -d 95.21x.yy.z58/32 -p tcp -m multiport ! --dport 2222 -j DNAT --to 172.17.0.2
        post-up iptables -t nat -A PREROUTING -d 95.21x.yy.z58/32 -p udp -j DNAT --to 172.17.0.2
# route 95.21x.yy.z28/26 via 95.21x.yy.z29

iface enp41s0 inet6 static
        address 0000:00000:0000:0000:0000:0000/64
        gateway fe80::1

auto vmbr0
iface vmbr0 inet static
        address 10.13.0.2/24
        bridge-ports none
        bridge-stp off
        bridge-fd 0
        bridge-vlan-aware yes
        bridge-vids 2-4094
        up route add -net 192.168.0.0 netmask 255.255.0.0 gw 10.13.0.1 dev vmbr0
        up route add -net 10.0.0.0 netmask 255.0.0.0 gw 10.13.0.1 dev vmbr0
#VMs

auto vmbr1
iface vmbr1 inet static
        address 172.17.0.1/30
        bridge-ports none
        bridge-stp off
        bridge-fd 0
        post-up iptables -t nat -A POSTROUTING -s '172.17.0.0/30' -o enp0s31f6 -j MASQUERADE
        post-down iptables -t nat -D POSTROUTING -s '172.17.0.0/30' -o enp0s31f6 -j MASQUERADE
#Tunnel

auto vmbr2
iface vmbr2 inet manual
        bridge-ports none
        bridge-stp off
        bridge-fd 0
        up route add 95.21x.yy.z37/32 dev vmbr2
        down route del 95.21x.yy.z37/32 dev vmbr2
#additional ips

Any idea? Is there some fundamental mistake I made?
Any help is appreciated
 
  • Like
Reactions: Jan VL and magnum
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom