Hi,
I need to use NAT to bridge Multiple Virtual Maschines on two IP Addresses.
But first of all, heres my masked Network Configuration:
The last one was intended to have an Internal Network, but is no longer needed so it will deleted soon.^^
What I don't really get, is how does the Bridge know where to route what incoming request.
On all Services there is an ssh server running, but it should not be reachable from the outside (except from one virtual maschine).
Also all Server have an https and http server running.
I also already thought of having an nginx server running on the route host, that acts as an reverse proxy for handling the http and https requests.
The only ones he can't handle are ssh. (I have an seperate ssh+git server running on each ip with Port 7990 from stash which is running in two seperated instances ==> Need to be seperated because of an license issue of the software).
I am running the latest stable version of Proxmox with its kernel.
Hope I provided all required Informations for Help^^
I would like to buy an subscription as soon as everything works.
But first I need everything up and running ^^
I need to use NAT to bridge Multiple Virtual Maschines on two IP Addresses.
But first of all, heres my masked Network Configuration:
Code:
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
address 1.1.1.1
netmask 255.255.255.255
network 0.0.0.0
broadcast 255.255.255.255
pointopoint 1.1.1.244
gateway 1.1.1.244
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 99.99.99.1 99.99.99.2 99.99.99.3
dns-search search.provider.net
#additional IP addresses
auto eth0:1
iface eth0:1 inet static
address 1.1.1.2
netmask 255.255.255.255
#IPv6
iface eth0 inet6 static
address 0000:0000:0000:0000::0/64
netmask 64
up ip -6 route add 1000:0000:0000:0000::0/64 dev eth0
up ip -6 route add default via 1000:0000:0000:0000::0/64 dev eth0
down ip -6 route del default via 1000:0000:0000:0000::0/64 dev eth0
down ip -6 route del 1000:0000:0000:0000::0/64 dev eth0
#Network Bridges
auto vmbr0
iface vmbr0 inet static
address 10.10.10.1
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o eth0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.10.10.0/24' -o eth0 -j MASQUERADE
auto vmbr1
iface vmbr1 inet static
address 10.10.20.1
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '10.10.20.0/24' -o eth0:1 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.10.20.0/24' -o eth0:1 -j MASQUERADE
auto vmbr2
iface vmbr2 inet static
address 10.10.30.1
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
The last one was intended to have an Internal Network, but is no longer needed so it will deleted soon.^^
What I don't really get, is how does the Bridge know where to route what incoming request.
On all Services there is an ssh server running, but it should not be reachable from the outside (except from one virtual maschine).
Also all Server have an https and http server running.
I also already thought of having an nginx server running on the route host, that acts as an reverse proxy for handling the http and https requests.
The only ones he can't handle are ssh. (I have an seperate ssh+git server running on each ip with Port 7990 from stash which is running in two seperated instances ==> Need to be seperated because of an license issue of the software).
I am running the latest stable version of Proxmox with its kernel.
Code:
proxmox-ve-2.6.32: 3.4-160 (running kernel: 2.6.32-40-pve)pve-manager: 3.4-9 (running version: 3.4-9/4b51d87a)
pve-kernel-2.6.32-40-pve: 2.6.32-160
pve-kernel-2.6.32-26-pve: 2.6.32-114
lvm2: 2.02.98-pve4
clvm: 2.02.98-pve4
corosync-pve: 1.4.7-1
openais-pve: 1.1.4-3
libqb0: 0.11.1-2
redhat-cluster-pve: 3.2.0-2
resource-agents-pve: 3.9.2-4
fence-agents-pve: 4.0.10-3
pve-cluster: 3.0-18
qemu-server: 3.4-6
pve-firmware: 1.1-4
libpve-common-perl: 3.0-24
libpve-access-control: 3.0-16
libpve-storage-perl: 3.0-33
pve-libspice-server1: 0.12.4-3
vncterm: 1.1-8
vzctl: 4.0-1pve6
vzprocps: 2.0.11-2
vzquota: 3.1-2
pve-qemu-kvm: 2.2-11
ksm-control-daemon: 1.1-1
glusterfs-client: 3.5.2-1
Hope I provided all required Informations for Help^^
I would like to buy an subscription as soon as everything works.
But first I need everything up and running ^^