venet attached to vmbr0

M

MeneM

Active Member
Dec 21, 2008
20
0
41
Hi all,

After installing Proxmox, all the openvz VM's I create get a venet0 interface. Which is ofcourse normal.

These venet's are linked to the vmbr0 setup within Proxmox.

I've created a vmbr1 next to it, and would like to be able to link all the venet's to this new vmbr1. (vmbr0 has got an external Interface and I do not want all the vm's to be on there.)

Is this possible?

Thanks
 
MeneM said:
Hi all,

After installing Proxmox, all the openvz VM's I create get a venet0 interface. Which is ofcourse normal.

These venet's are linked to the vmbr0 setup within Proxmox.
Click to expand...

no, venet is not linked to anything. venet uses normal routing tables instead.

MeneM said:
I've created a vmbr1 next to it, and would like to be able to link all the venet's to this new vmbr1. (vmbr0 has got an external Interface and I do not want all the vm's to be on there.)
Click to expand...

venet is routed. If you want to connect to a specific bridge use veth instead of venet.
 
Ah that's good, I can influence routing ;-)

Situation sketch:

vmbr0 = 172.167.67.2 and has the default gw to the internet at 172.167.67.1
vmbr0 = 10.10.0.1 and all the vm's get this network (10.10.0.2, etc.)

When a VM tries to do something on the Internet, it will be routed out through the default gw of the vmbr0.

I want the proxmox host to continue to use 172.67.67.1 as it's def gw for the internet, but 10.10.0.1 for all the vm's that want to go to the Internet.

(Pffff, typing in technical issues / explaining tech in written speech is hard work ;-) Finding the right words... )

can I selectively user different Gateway's?
 
Last edited:
Yeah.. I'm not beeing all too clear am I ;-)

Allright, let me try again...


The hardware node has got two network interfaces. One is attached to the Internet and the other is not connected in anyway.

I want to only attach the hardware host (proxmox itself) to the Internet and 1 KVM machine with has two virtual network cards. 1 inside the vmbr0 (attached to the Internet) and 1 attached into vmbr1.

All the other vm's get "local" ip addresses that need to be routed via the KVM virtual machine.

But as I create VM's, they tend to route through the hardware node which in turn looks at it's own routing table and it sees the main gateway.

So the VM's then loose the connection (They have local ip addresses after all) and should have been told to go through the KVM virtual machine...

I do hope this makes more sense now, thanks for reading... again...
 
MeneM said:
I do hope this makes more sense now, thanks for reading... again...
Click to expand...

Sorry, but you first talked about venet (OpenVZ), and now you talk about KVM? For KVM simply connect to the bridge you want - there is no routing involved here.
 
dietmar said:
Sorry, but you first talked about venet (OpenVZ), and now you talk about KVM? For KVM simply connect to the bridge you want - there is no routing involved here.
Click to expand...

This time around I was clear I think, the firewall is inside a KVM, and the openvz VM's need to use IT as the default gateway, not the hardware node's default gateway.

But I think I can solve the whole thing by using shorewall on the node itself. It's probably safer too than using a Virtual machine as my firewall ;-)

Thanks,
MeneM
 
You must log in or register to reply here.
Top Bottom