[SOLVED] HELP - How to IP MASQ & Bridge /w 1 NIC

[bryan3301]

I have an Intel NUC running Proxmox and it has a single Ethernet NIC connected. I would like to have two (2) bridges off this single NIC as follows:

1. One bridge that runs a network that only exists on the Proxmox host and leverages MASQUERADE to NAT and route the traffic out of Proxmox. (172.16.77.0/24)
   • The current interfaces file below does this.
2. I would like to add a second bridge that acts as a true bridge for the physical network to which the proxmox host is connected. (172.20.73.0/24)

Can someone help me make the changes needed to my interfaces file? Thank you so much!

auto lo
iface lo inet loopback


auto enp86s0
iface enp86s0 inet static
         address  172.20.73.11/24
         gateway  172.20.73.1
        #Ethernet


auto vmbr0
iface vmbr0 inet static
        address  172.16.77.1/24
        #vSwitch1-172.16.77.0/24
        bridge-ports none
        bridge-stp off
        bridge-fd 0


        post-up   echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up   iptables -t nat -A POSTROUTING -s '172.16.77.0/24' -o enp86s0 -j MASQUERADE
        post-down iptables -t nat -D POSTROUTING -s '172.16.77.0/24' -o enp86s0 -j MASQUERADE

 

[bryan3301]

I figured out how to make this work. Here is my file.

auto lo
iface lo inet loopback

iface enp86s0 inet manual
#Ethernet

auto vmbr0
iface vmbr0 inet static
        address 172.20.73.11/24
        gateway 172.20.73.1
        #Bridge
        bridge_ports enp86s0
        bridge_stp off
        bridge_fd 0

auto vmbr1
iface vmbr1 inet static
        address 172.16.77.1/24
        #NAT
        bridge_ports none
        bridge_stp off
        bridge_fd 0

        post-up   echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up   iptables -t nat -A POSTROUTING -s '172.16.77.0/24' -o enp86s0 -j MASQUERADE
        post-down iptables -t nat -D POSTROUTING -s '172.16.77.0/24' -o enp86s0 -j MASQUERADE