single nic to multiple bridges

[antonio_ciaccia]

Good morning, everyone,
I premise that I am a novice as far as this proxmox is concerned (and maybe also as far as the network is concerned).
I am trying to configure my proxmox in this way:
- each ct should have its own network (10.10.1.0/24)
- each vm should have its own network (10.10.2.0/24)

The problem? I only have one NIC.

This currently my configuration!

auto lo
iface lo inet loopback

iface enp0s31f6 inet manual

auto vmbr0
iface vmbr0 inet static
        address 192.168.188.51/24
        gateway 192.168.188.1
        bridge-ports enp0s31f6
        bridge-stp off
        bridge-fd 0


source /etc/network/interfaces.d/*

I thank in advance anyone who can help me out!
Thank you very much

 

[Chris]

Hi,
you can separate the networks based on VLANs, I recommend having a look at the SDN features introduced with the latest Proxmox VE release. See https://pve.proxmox.com/pve-docs/pve-admin-guide.html#chapter_pvesdn, especially the section about network zones https://pve.proxmox.com/pve-docs/pve-admin-guide.html#pvesdn_config_zone

 

[antonio_ciaccia]

Hi, and thank you very much for your reply Chris.
In the meantime, I tried configuring like this.
Can anyone be able to give me feedback?

auto lo
iface lo inet loopback

iface enp0s31f6 inet manual

auto vmbr0
iface vmbr0 inet static
        address 192.168.188.51/24
        gateway 192.168.188.1
        bridge-ports enp0s31f6
        bridge-stp off
        bridge-fd 0

auto vmbr0.10
iface vmbr0.10 inet static
    address 10.10.1.1
    netmask 255.255.255.0
    vlan-raw-device vmbr0

auto vmbr0.20
iface vmbr0.20 inet static
    address 10.10.2.1
    netmask 255.255.255.0
    vlan-raw-device vmbr0

source /etc/network/interfaces.d/*

 

[Chris]

Hi, and thank you very much for your reply Chris.
In the meantime, I tried configuring like this.
Can anyone be able to give me feedback?

auto lo
iface lo inet loopback

iface enp0s31f6 inet manual

auto vmbr0
iface vmbr0 inet static
        address 192.168.188.51/24
        gateway 192.168.188.1
        bridge-ports enp0s31f6
        bridge-stp off
        bridge-fd 0

auto vmbr0.10
iface vmbr0.10 inet static
    address 10.10.1.1
    netmask 255.255.255.0
    vlan-raw-device vmbr0

auto vmbr0.20
iface vmbr0.20 inet static
    address 10.10.2.1
    netmask 255.255.255.0
    vlan-raw-device vmbr0

source /etc/network/interfaces.d/*

Do you require the Proxmox VE host to have VLAN tagging as well? Otherwise you could better achieve the network separation by setting vmbr0 to be vlan-aware and only tag the VMs/CTs NICs with the required VLAN tag. Also, you can find some configuration examples in this wiki article https://pve.proxmox.com/wiki/Network_Configuration#sysadmin_network_vlan

 

[antonio_ciaccia]

Do you require the Proxmox VE host to have VLAN tagging as well? Otherwise you could better achieve the network separation by setting vmbr0 to be vlan-aware and only tag the VMs/CTs NICs with the required VLAN tag. Also, you can find some configuration examples in this wiki article https://pve.proxmox.com/wiki/Network_Configuration#sysadmin_network_vlan

No, absolutely no need for the host to have a VLAN tag. I tried to execute trying to adapt the examples to my use case, but with poor results.

I also tried running several online guides, but even those did not get me the desired result.

My goal is to use my one NIC to access Proxmox VE via this address 192.168.188.51/24.

While all the VMs will have to have (10.10.1.0/24) and the CTs (10.10.2.0/24) so as to isolate them.

Thanks

 

[divStar]

No, absolutely no need for the host to have a VLAN tag. I tried to execute trying to adapt the examples to my use case, but with poor results.

I also tried running several online guides, but even those did not get me the desired result.

My goal is to use my one NIC to access Proxmox VE via this address 192.168.188.51/24.

While all the VMs will have to have (10.10.1.0/24) and the CTs (10.10.2.0/24) so as to isolate them.

Thanks

Have you had any success?

I am basically in the same boat it seems.. I have currently vmbr0 with the CIDR and gateway set to 192.168.178.27/24 and 192.168.178.1 respectively and want to have my VMs be on 10.0.0.x and inaccessible to my home network - and then expose a LoadBalancer from those VMs to 192.168.178.223 for example, but apparently I don't get internet access if I just use vmbr1.

Here's the /etc/network/interfaces file:

root@sanctum:~# cat /etc/network/interfaces
# network interface settings; autogenerated
# Please do NOT modify this file directly, unless you know what
# you're doing.
#
# If you want to manage parts of the network configuration manually,
# please utilize the 'source' or 'source-directory' directives to do
# so.
# PVE will preserve these directives, but will NOT read its network
# configuration from sourced files, so do not attempt to move any of
# the PVE managed interfaces into external files!

auto lo
iface lo inet loopback

iface enp193s0f0 inet manual

iface enp69s0f0 inet manual

iface enp69s0f1 inet manual

iface enxeed55e65a9e6 inet manual

iface enp193s0f1 inet manual

auto vmbr0
iface vmbr0 inet static
    address 192.168.178.27/24
    gateway 192.168.178.1
    bridge-ports enp193s0f0
    bridge-stp off
    bridge-fd 0
    bridge-vlan-aware yes
    bridge-vids 10-50

auto vmbr1
iface vmbr1 inet manual
    bridge-ports none
    bridge-stp off
    bridge-fd 0
    bridge-vlan-aware yes
    bridge-vids 2-4094
#VM-internal

source /etc/network/interfaces.d/*

And I'd like for ping -I vmbr1 google.com to actually send/receive packages I think (that's how I'd verify the internet access for vmbr1). It works for vmbr0.

 

[muekno]

same problem, need no VLAN, can not use it
have 172.27.x.x /16
and 172.28.x.x /16
but only one nic, how to configure