Hello,
I've got 2 12-node Proxmox VE clusters (which are great, by the way - proxmox is awesome!) which I'm trying to merge.
I'm using exclusively OpenVZ containers & I'm trying to supply container IPs from 2 pools (one internet routable, one private that goes through a NAT). Can anyone help?
I've read the OpenVZ guides but they seem to be focused on using veth - I'd like to use venet for performance & ease of automatic configuration
Host Nodes: 10.0.0.0/24
Untrusted Client Nodes: 10.0.0.0/24
Trusted Client Nodes: 123.123.123.0/24
NAT: 10.0.0.1 (gateway for Host Nodes and Untrusted Client Nodes)
Internet gateway: 123.123.123.65
(Host Nodes are allocated 10.0.0.* and ignore packets from untrusted client nodes)
I'd like Trusted Client Nodes to talk directly to the Internet Gateway (so they'd have a 123.123.123.xxx IP), and for the Untrusted Client Nodes to talk to their NAT at 10.0.0.1
Is this possible using only venet adapters? Ideally I'd like host nodes to have private IPs, but I can also allocate them internet-routable IPs if that makes anything easier.
Our proxmox cluster master does NAT and when I allocate a CT with a 123.123.123.0/24 IP on the master, it communicates perfectly - but it doesn't work on any other node, obviously.
I've got 2 12-node Proxmox VE clusters (which are great, by the way - proxmox is awesome!) which I'm trying to merge.
I'm using exclusively OpenVZ containers & I'm trying to supply container IPs from 2 pools (one internet routable, one private that goes through a NAT). Can anyone help?
I've read the OpenVZ guides but they seem to be focused on using veth - I'd like to use venet for performance & ease of automatic configuration
Host Nodes: 10.0.0.0/24
Untrusted Client Nodes: 10.0.0.0/24
Trusted Client Nodes: 123.123.123.0/24
NAT: 10.0.0.1 (gateway for Host Nodes and Untrusted Client Nodes)
Internet gateway: 123.123.123.65
(Host Nodes are allocated 10.0.0.* and ignore packets from untrusted client nodes)
I'd like Trusted Client Nodes to talk directly to the Internet Gateway (so they'd have a 123.123.123.xxx IP), and for the Untrusted Client Nodes to talk to their NAT at 10.0.0.1
Is this possible using only venet adapters? Ideally I'd like host nodes to have private IPs, but I can also allocate them internet-routable IPs if that makes anything easier.
Our proxmox cluster master does NAT and when I allocate a CT with a 123.123.123.0/24 IP on the master, it communicates perfectly - but it doesn't work on any other node, obviously.