I have a VPS on which i run Proxmox 6.2-1. The VPS has one single IP address assigned. On this VPS i want to run various websites, all configured in separate containers. HTTP and HTTPS trafic is redirected to a container that acts as the reverse proxy for the other containers.
All is working well as configured below. The reverse proxy container can reach and redirect trafic to the appropriate container, all containers can reach each other, and they all have internet connection. However, i can't ping the host bridge from within my reverse proxy container.
So, container 10.0.0.100 can ping 10.0.0.101 and 8.8.8.8 however, can't ping 10.0.0.254.
All is working well as configured below. The reverse proxy container can reach and redirect trafic to the appropriate container, all containers can reach each other, and they all have internet connection. However, i can't ping the host bridge from within my reverse proxy container.
Code:
auto lo
iface lo inet loopback
auto ens18
iface ens18 inet dhcp
auto vmbr0
iface vmbr0 inet static
address 10.0.0.254/24
netmask 255.255.255.0
broadcast 10.0.0.255
network 10.0.0.0
gateway 10.0.0.1
bridge-ports none
bridge-stp off
bridge-fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -o ens18 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -o ens18 -j MASQUERADE
post-up iptables -t raw -I PREROUTING -i fwbr+ -j CT --zone 1
post-down iptables -t raw -D PREROUTING -i fwbr+ -j CT --zone 1
post-up iptables -t nat -I PREROUTING -i ens18 -p TCP -d xxx.xxx.xxx.xxx/32 --dport 443 -j DNAT --to-destination 10.0.0.100:443
post-up iptables -t nat -I PREROUTING -i ens18 -p TCP -d xxx.xxx.xxx.xxx/32 --dport 80 -j DNAT --to-destination 10.0.0.100:80So, container 10.0.0.100 can ping 10.0.0.101 and 8.8.8.8 however, can't ping 10.0.0.254.