Hi,
I'm having trouble making two subnets use the same NIC and being able to pass to the cluster nodes
scenery:
- 1 node with two NICs (one exclusively for public IPs - untagged; and another for private ips - tagged)
- 5 node with one NIC (tagged)
** I don't have direct access to the switch that connects these machines (I have to ask for adjustments if necessary - the less the better), but at first there are 6 ports forming a vlan (tagged) and 1 port for the public ip (untagged)
- subnet 192.168.0.0/23 - ip-cluster (lan pfsense)
- subnet 192.168.4.1/23 - ip-vms (lan pfsense)
- subnet 192.168.2.0/30 - wan pfsense (via nat with public-ip interface)
the cluster ips are 192.168.0.10-15. When I link the cluster ips directly on the NIC interface or on vmbrX your subnet works fine. I can pass ips and internet link to the vms of all nodes, but (1) I can't pass internet link to cluster nodes
(2) When I try to use vlans the nodes lose contact with each other. when linking ip to enp2s0.5 or vmbr0.5 they don't see each other anymore. This also occurs when I try OVS.
(3) with this subnet 192.168.4.0/23 works only on pfsense local node
Any idea why this is happening and how I can solve it?
I'm having trouble making two subnets use the same NIC and being able to pass to the cluster nodes
scenery:
- 1 node with two NICs (one exclusively for public IPs - untagged; and another for private ips - tagged)
- 5 node with one NIC (tagged)
** I don't have direct access to the switch that connects these machines (I have to ask for adjustments if necessary - the less the better), but at first there are 6 ports forming a vlan (tagged) and 1 port for the public ip (untagged)
- subnet 192.168.0.0/23 - ip-cluster (lan pfsense)
- subnet 192.168.4.1/23 - ip-vms (lan pfsense)
- subnet 192.168.2.0/30 - wan pfsense (via nat with public-ip interface)
the cluster ips are 192.168.0.10-15. When I link the cluster ips directly on the NIC interface or on vmbrX your subnet works fine. I can pass ips and internet link to the vms of all nodes, but (1) I can't pass internet link to cluster nodes
(2) When I try to use vlans the nodes lose contact with each other. when linking ip to enp2s0.5 or vmbr0.5 they don't see each other anymore. This also occurs when I try OVS.
(3) with this subnet 192.168.4.0/23 works only on pfsense local node
Any idea why this is happening and how I can solve it?
Bash:
source /etc/network/interfaces.d/*
auto lo
iface lo inet loopback
iface enp3s0 inet manual
auto enp2s0
iface enp2s0 inet manual
auto enp1s0
iface enp1s0 inet static
address xxx.xxx.xxx.xxx/27
gateway xxx.xxx.xxx.xxy
#ip-public
auto vmbr0
iface vmbr0 inet manual
bridge-ports enp2s0
bridge-stp off
bridge-fd 0
bridge-vlan-aware yes
bridge-vids 2-4094
auto vmbr0.10
iface vmbr0.10 inet static
address 192.168.0.13/23
#wan - ip-cluster
auto vmbr0.20
iface vmbr0.20 inet static
address 192.168.4.2/23
#lan - ip-vms
auto vmbr1
iface vmbr1 inet static
address 192.168.2.1/30
bridge-ports none
bridge-stp off
bridge-fd 0
#wan nat enp1s0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '192.168.2.0/30' -o enp1s0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '192.168.2.0/30' -o enp1s0 -j MASQUERADEAttachments
Last edited: