[SOLVED] unreachable additional IP on VM with routed net config

miu

Member
Apr 24, 2021
16
1
8
44
Hello Folks,

i have VPS with 2 IPv4s:

1) this is main IP used by PVE node: 46.30.189.229/24 w GW 46.30.189.1

2) additional IP what i wanna use for VM: 5.183.95.30/24 w GW 5.183.95.1

In net config (debian 10) on PVE node (46.30.189.229) i have this config:

Code:
auto lo
iface lo inet loopback

auto ens3
iface ens3 inet static
        address  46.30.189.229/24
        gateway  46.30.189.1
        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up echo 1 > /proc/sys/net/ipv4/conf/ens3/proxy_arp

auto vmbr0
iface vmbr0 inet static
       address 46.30.189.229/24
       bridge_ports none
       bridge_stp off
       bridge_fd 0

Code:
route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         46.30.189.1     0.0.0.0         UG    0      0        0 ens3
46.30.189.0     0.0.0.0         255.255.255.0   U     0      0        0 ens3
46.30.189.0     0.0.0.0         255.255.255.0   U     0      0        0 vmbr0

Code:
ip route show
default via 46.30.189.1 dev ens3 onlink
46.30.189.0/24 dev ens3 proto kernel scope link src 46.30.189.229
46.30.189.0/24 dev vmbr0 proto kernel scope link src 46.30.189.229

IP 46.30.189.229 is for PVE node working and i can connect via SSH.

On VM i have this net config:

Code:
auto lo
iface lo inet loopback

auto ens18
iface ens18 inet static
        address 5.183.95.30/24
        gateway 5.183.95.1

1653250052462.png

But this additional IP for VM is not working and i cannot reach this VM with SSH from internet and also internet is unreachable from this VM (in console)

I am not able resolve this...

Can you pls say what is wrong and what is proper config for this to make VM working on its IP please?

Many thanks for all help and suggestions what i should do different.
 
Last edited:
Hi,

Why didn't you assign the bridge a network port was there a specific reason? With the currenty configuration you only have a local bridge where different VMs on vmbr0 can see each other but can't reach anything else. I would suggest doing something like this
Code:
auto lo
iface lo inet loopback

auto ens3
iface ens3 inet static
       ### remove this - begin
        address  46.30.189.229/24
        gateway  46.30.189.1
       ### remove this - end
        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up echo 1 > /proc/sys/net/ipv4/conf/ens3/proxy_arp

auto vmbr0
iface vmbr0 inet static
       address 46.30.189.229/24
       # add gateway here:
       gateway  46.30.189.1
       # add bridge port
       bridge_ports ens3
       bridge_stp off
       bridge_fd 0
 
Code:
auto lo
iface lo inet loopback

auto ens3
iface ens3 inet static
       ### remove this - begin
        address  46.30.189.229/24
        gateway  46.30.189.1
       ### remove this - end
        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up echo 1 > /proc/sys/net/ipv4/conf/ens3/proxy_arp

auto vmbr0
iface vmbr0 inet static
       address 46.30.189.229/24
       # add gateway here:
       gateway  46.30.189.1
       # add bridge port
       bridge_ports ens3
       bridge_stp off
       bridge_fd 0

Hello @shrdlicka .
Thank you very much for your suggestion, i will try this config today and then update here if this works
Regards Milos
 
Last edited:
Hi,

Why didn't you assign the bridge a network port was there a specific reason? With the currenty configuration you only have a local bridge where different VMs on vmbr0 can see each other but can't reach anything else. I would suggest doing something like this
Code:
auto lo
iface lo inet loopback

auto ens3
iface ens3 inet static
       ### remove this - begin
        address  46.30.189.229/24
        gateway  46.30.189.1
       ### remove this - end
        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up echo 1 > /proc/sys/net/ipv4/conf/ens3/proxy_arp

auto vmbr0
iface vmbr0 inet static
       address 46.30.189.229/24
       # add gateway here:
       gateway  46.30.189.1
       # add bridge port
       bridge_ports ens3
       bridge_stp off
       bridge_fd 0
Hello @shrdlicka

By you suggested configuration WORKS fine, thank you (dakujem) one more time!
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!