Hello guys, I'm trying to setup proxmox and prepare it for a future cluster at hetzner infrastructure. The network is formed in 4 parts:
private LAN, production lan, demo lan and dev lan. I have a opnsense firewall that have it's own public ip and a mac address generated from the hetzner root interface. My goal is to pass my "lans" to the entrie cluster using the virtual switch offered by hetzner. For example, I have the firewall on proxmox 1 (host1) and every vm o ct need to exit with the public ip of the firewall from any other proxmox host into the cluster. So a vm on proxmox 3 can reach a vm on proxmox 1. I can do this with a normal physical LAN connection between the hosts but I have problems with vlans method and only one physical connection. I have created and assigned 5 virtual switches from the hetzner robot panel to the proxmox host. Then I have created the vlans over the physical interface into /etc/network/interfaces also variuos virtual switches on proxmox for every lan. Every vlan have it's own ip address. Now the problem is the following: If the vswitches on proxmox have no bridge-ports then the network is working without problems but if i assign a vlan to the vswitch something breaks. I still have internet but I can't do apt update or install and can't reach the gui of the firewall (but I can ping it). Here is the entrie configuration.Thanks for the help and sorry for the bad explanation.
/etc/network/interfaces proxmox
vm on LAN network
screen from the vm or ct when I'm trying to perform apt update (I can't post links)
private LAN, production lan, demo lan and dev lan. I have a opnsense firewall that have it's own public ip and a mac address generated from the hetzner root interface. My goal is to pass my "lans" to the entrie cluster using the virtual switch offered by hetzner. For example, I have the firewall on proxmox 1 (host1) and every vm o ct need to exit with the public ip of the firewall from any other proxmox host into the cluster. So a vm on proxmox 3 can reach a vm on proxmox 1. I can do this with a normal physical LAN connection between the hosts but I have problems with vlans method and only one physical connection. I have created and assigned 5 virtual switches from the hetzner robot panel to the proxmox host. Then I have created the vlans over the physical interface into /etc/network/interfaces also variuos virtual switches on proxmox for every lan. Every vlan have it's own ip address. Now the problem is the following: If the vswitches on proxmox have no bridge-ports then the network is working without problems but if i assign a vlan to the vswitch something breaks. I still have internet but I can't do apt update or install and can't reach the gui of the firewall (but I can ping it). Here is the entrie configuration.Thanks for the help and sorry for the bad explanation.
/etc/network/interfaces proxmox
Code:
#physical interface
auto eno2
iface eno2 inet manual
#lan vlan on vswitch
auto eno2.4000
iface eno2.4000 inet static
address 10.0.0.1
netmask 255.255.255.0
mtu 1400
#cluster vlan on vswitch
auto eno2.4001
iface eno2.4001 inet static
address 10.0.1.1
netmask 255.255.255.0
mtu 1400
#prod vlan on vswitch
auto eno2.4002
iface eno2.4002 inet static
address 10.0.2.1
netmask 255.255.255.0
mtu 1400
#demo vlan on vswitch
auto eno2.4003
iface eno2.4003 inet static
address 10.0.3.1
netmask 255.255.255.0
mtu 1400
#dev vlan on vswitch
auto eno2.4004
iface eno2.4004 inet static
address 10.0.4.1
netmask 255.255.255.0
mtu 1400
#--------VSWITCH--------#
auto vmbr0
iface vmbr0 inet static
address 95.x.x.x main-ip
netmask 26
gateway 95.x.x.x
pointopoint gw-ip
broadcast 95.x.x.x
bridge-ports eno2
bridge-stp off
bridge-fd 1
bridge_hello 2
bridge_maxage 12
up ip route add 95.x.x.x/32 dev vmbr0
#MGNT
auto vmbr1
iface vmbr1 inet manual
bridge-ports eno2.4000
bridge-stp off
bridge-fd 0
#LAN
auto vmbr2
iface vmbr2 inet manual
bridge-ports eno2.4002
bridge-stp off
bridge-fd 0
#PROD
auto vmbr3
iface vmbr3 inet manual
bridge-ports eno2.4003
bridge-stp off
bridge-fd 0
#DEMO
auto vmbr4
iface vmbr4 inet manual
bridge-ports eno2.4004
bridge-stp off
bridge-fd 0
#DEVvm on LAN network
Code:
agent: 1
bios: ovmf
bootdisk: virtio0
cores: 2
cpu: host
efidisk0: vm-storage:101/vm-101-disk-1.qcow2,size=128K
ide2: none,media=cdrom
memory: 2048
name: mgnt-cl-01
net0: virtio=x:x:x:x:x:x,bridge=vmbr1,firewall=1
numa: 1
ostype: l26
scsihw: virtio-scsi-pci
sockets: 1
vga: std,memory=128
virtio0: vm-storage:101/vm-101-disk-0.qcow2,size=30Gscreen from the vm or ct when I'm trying to perform apt update (I can't post links)
