single nic to multiple bridges

antonio_ciaccia · Feb 14, 2024

Good morning, everyone,
I premise that I am a novice as far as this proxmox is concerned (and maybe also as far as the network is concerned).
I am trying to configure my proxmox in this way:
- each ct should have its own network (10.10.1.0/24)
- each vm should have its own network (10.10.2.0/24)

The problem? I only have one NIC.

This currently my configuration!

Code:

auto lo
iface lo inet loopback

iface enp0s31f6 inet manual

auto vmbr0
iface vmbr0 inet static
        address 192.168.188.51/24
        gateway 192.168.188.1
        bridge-ports enp0s31f6
        bridge-stp off
        bridge-fd 0


source /etc/network/interfaces.d/*

I thank in advance anyone who can help me out!
Thank you very much

Chris · Feb 14, 2024

Hi,
you can separate the networks based on VLANs, I recommend having a look at the SDN features introduced with the latest Proxmox VE release. See https://pve.proxmox.com/pve-docs/pve-admin-guide.html#chapter_pvesdn, especially the section about network zones https://pve.proxmox.com/pve-docs/pve-admin-guide.html#pvesdn_config_zone

antonio_ciaccia · Feb 14, 2024

Hi, and thank you very much for your reply Chris.
In the meantime, I tried configuring like this.
Can anyone be able to give me feedback?

Code:

auto lo
iface lo inet loopback

iface enp0s31f6 inet manual

auto vmbr0
iface vmbr0 inet static
        address 192.168.188.51/24
        gateway 192.168.188.1
        bridge-ports enp0s31f6
        bridge-stp off
        bridge-fd 0

auto vmbr0.10
iface vmbr0.10 inet static
    address 10.10.1.1
    netmask 255.255.255.0
    vlan-raw-device vmbr0

auto vmbr0.20
iface vmbr0.20 inet static
    address 10.10.2.1
    netmask 255.255.255.0
    vlan-raw-device vmbr0

source /etc/network/interfaces.d/*

Chris · Feb 14, 2024

antonio_ciaccia said:

Hi, and thank you very much for your reply Chris.
In the meantime, I tried configuring like this.
Can anyone be able to give me feedback?

Code:

auto lo
iface lo inet loopback

iface enp0s31f6 inet manual

auto vmbr0
iface vmbr0 inet static
        address 192.168.188.51/24
        gateway 192.168.188.1
        bridge-ports enp0s31f6
        bridge-stp off
        bridge-fd 0

auto vmbr0.10
iface vmbr0.10 inet static
    address 10.10.1.1
    netmask 255.255.255.0
    vlan-raw-device vmbr0

auto vmbr0.20
iface vmbr0.20 inet static
    address 10.10.2.1
    netmask 255.255.255.0
    vlan-raw-device vmbr0

source /etc/network/interfaces.d/*

Do you require the Proxmox VE host to have VLAN tagging as well? Otherwise you could better achieve the network separation by setting vmbr0 to be vlan-aware and only tag the VMs/CTs NICs with the required VLAN tag. Also, you can find some configuration examples in this wiki article https://pve.proxmox.com/wiki/Network_Configuration#sysadmin_network_vlan

antonio_ciaccia · Feb 14, 2024

Chris said:
Do you require the Proxmox VE host to have VLAN tagging as well? Otherwise you could better achieve the network separation by setting vmbr0 to be vlan-aware and only tag the VMs/CTs NICs with the required VLAN tag. Also, you can find some configuration examples in this wiki article https://pve.proxmox.com/wiki/Network_Configuration#sysadmin_network_vlan

No, absolutely no need for the host to have a VLAN tag. I tried to execute trying to adapt the examples to my use case, but with poor results.

I also tried running several online guides, but even those did not get me the desired result.

My goal is to use my one NIC to access Proxmox VE via this address 192.168.188.51/24.

While all the VMs will have to have (10.10.1.0/24) and the CTs (10.10.2.0/24) so as to isolate them.

Thanks

divStar · Jan 12, 2025

antonio_ciaccia said:
No, absolutely no need for the host to have a VLAN tag. I tried to execute trying to adapt the examples to my use case, but with poor results.

I also tried running several online guides, but even those did not get me the desired result.

My goal is to use my one NIC to access Proxmox VE via this address 192.168.188.51/24.

While all the VMs will have to have (10.10.1.0/24) and the CTs (10.10.2.0/24) so as to isolate them.

Thanks

Have you had any success?

I am basically in the same boat it seems.. I have currently vmbr0 with the CIDR and gateway set to 192.168.178.27/24 and 192.168.178.1 respectively and want to have my VMs be on 10.0.0.x and inaccessible to my home network - and then expose a LoadBalancer from those VMs to 192.168.178.223 for example, but apparently I don't get internet access if I just use vmbr1.

Here's the /etc/network/interfaces file:

Bash:

root@sanctum:~# cat /etc/network/interfaces
# network interface settings; autogenerated
# Please do NOT modify this file directly, unless you know what
# you're doing.
#
# If you want to manage parts of the network configuration manually,
# please utilize the 'source' or 'source-directory' directives to do
# so.
# PVE will preserve these directives, but will NOT read its network
# configuration from sourced files, so do not attempt to move any of
# the PVE managed interfaces into external files!

auto lo
iface lo inet loopback

iface enp193s0f0 inet manual

iface enp69s0f0 inet manual

iface enp69s0f1 inet manual

iface enxeed55e65a9e6 inet manual

iface enp193s0f1 inet manual

auto vmbr0
iface vmbr0 inet static
    address 192.168.178.27/24
    gateway 192.168.178.1
    bridge-ports enp193s0f0
    bridge-stp off
    bridge-fd 0
    bridge-vlan-aware yes
    bridge-vids 10-50

auto vmbr1
iface vmbr1 inet manual
    bridge-ports none
    bridge-stp off
    bridge-fd 0
    bridge-vlan-aware yes
    bridge-vids 2-4094
#VM-internal

source /etc/network/interfaces.d/*

And I'd like for ping -I vmbr1 google.com to actually send/receive packages I think (that's how I'd verify the internet access for vmbr1). It works for vmbr0.

muekno · Jan 27, 2025

same problem, need no VLAN, can not use it
have 172.27.x.x /16
and 172.28.x.x /16
but only one nic, how to configure

Thies88 · Saturday at 13:12

Hi,

I use this config for communication between 2 OPNSense VM's (CARP SYNC interfaces) on 2 different Proxmox Hosts with both 1 nic.

Using your input we need to do something like this:

1. We have the default vmbr0(setup for 172.27.0.0/16). Make it vlan aware (WebGui).
2. Create a Linux Vlan(WebGui) name it vmbr0.28 (This uses vmbr0 as Vlan raw device automaticly). This creates a new virtual NIC attached to vmbr0
3. Create a Linux Bridge(WebGui), name it: vmbr28 and at "Bridge ports" fill in: vmbr0.28
4. VM's with a NIC using Bridge: vmbr28 should be able to communicate(ping) devices attached the NIC on vmbr0.

With this setup both vmbr0 and vmbr28 use the bridge-ports configured on vmbr0(eno1). So the are both attached to NIC: eno1.

Config should look something like this:

auto vmbr0
iface vmbr0 inet static
address 172.27.1.250/16
gateway 172.27.1.1
bridge-ports eno1
bridge-stp off
bridge-fd 0
bridge-vlan-aware yes
bridge-vids 2-4094
#LAN network

auto vmbr28
iface vmbr28 inet manual
address 172.28.1.250/16
bridge-ports vmbr0.28
bridge-stp off
bridge-fd 0
#Datacenter network

auto vmbr0.28
iface vmbr0.28 inet manual
#vlan28 on vmbr0

Search

Search

single nic to multiple bridges

antonio_ciaccia

New Member

Chris

Proxmox Staff Member

antonio_ciaccia

New Member

Chris

Proxmox Staff Member

antonio_ciaccia

New Member

divStar

New Member

muekno

Member

Thies88

Renowned Member

We value your privacy