Virtual Private network

[necrolyte2]

I was wondering if there is a way to create a bridge that was essentially only internal that the VM's would be able to communicate on.

What I am trying to do is have 2 Windows kvm vm's have 2 nics inside the vm. One on a public bridge and the other on a private bridge.

Right now the host has vmbr0 which is connected to eth0 and both VM's can communicate with the outside world. I've also created vmbr1 which has no associated network interface from the host. I assumed that I could just add this bridge to the vm's as their second interface and it would essentially act as a virtual switch, which does not seem to be the case.

Hope I've described this well enough

---Host /etc/network/interfaces file---
# network interface settings
auto lo
iface lo inet loopback

iface eth0 inet manual

#Public bridge
auto vmbr0
iface vmbr0 inet static
address 192.168.1.2
netmask 255.255.255.0
gateway 192.168.1.1
bridge_ports eth0
bridge_stp off
bridge_fd 0

#Private bridge
auto vmbr1
iface vmbr1 inet manual
bridge_ports none
bridge_stp off
bridge_fd 0

 

[dietmar]

I assumed that I could just add this bridge to the vm's as their second interface and it would essentially act as a virtual switch, which does not seem to be the case.

Whats the problem?

 

[necrolyte2]

Inside the OS I assigned ip's of 192.168.0.1 and 192.168.0.2, however, I can not ping either vm's private ip from the other.

 

[dietmar]

Do you use the latest version (pve-manager 1.0-10)?

# pveversion -v

 

[necrolyte2]

pveversion -v

pve-manager: 1.0-6 (pve-manager/1.0/3427)
qemu-server: 1.0-2
pve-kernel: 2.6.24-4
pve-kvm: 75-1
pve-firmware: 1
vncterm: 0.9-1
vzctl: 3.0.22-3pve3
vzdump: 1.1-1
vzprocps: 2.0.11-1dso2
vzquota: 3.0.11-1dso1

I'm upgrading now.

 

[necrolyte2]

Sorry, turns out it was the Windows 2008 IPSEC blocking the private network only for some reason.

Thanks for the responses.

 

[dietmar]

please update to pve-manager 1.0-10 anyways.

# apt-get update
# upt-get upgrade