VLAN setup

D

dad311

Member
Jul 20, 2009
41
1
6
Can someone give me a very basic VLAN howto?

I have a very basic Proxmox (1.7) server with one NIC. I would like to separate my VOIP traffic from my data traffic by creating two VLANs. All my VMs are in OpenVZ containers.

Ive read several posts, but I still don't have a good understanding.


Thanks!
 
dad311 said:
Can someone give me a very basic VLAN howto?

I have a very basic Proxmox (1.7) server with one NIC. I would like to separate my VOIP traffic from my data traffic by creating two VLANs. All my VMs are in OpenVZ containers.

Ive read several posts, but I still don't have a good understanding.


Thanks!
Click to expand...
Hi,
I tried do give one overview:
For vlan-tagging use the default-vlan (this without tagging) only as dummy.
Modify /etc/network/interface in this way (example for eth0 with vlan.tagging):
Code: 
cat /etc/network/interfaces
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
        address  0.0.0.0
        netmask  0.0.0.0

auto eth0.10
iface eth0.10 inet static
        address  0.0.0.0
        netmask  0.0.0.0

auto eth0.20
iface eth0.20 inet static
    address  0.0.0.0
    netmask  0.0.0.0

auto eth0.30
iface eth0.30 inet static
    address  0.0.0.0
    netmask  0.0.0.0

auto vmbr0
iface vmbr0 inet static
    address 192.168.1.20
    netmask 255.255.255.0
    gateway 192.168.1.1
    bridge_ports eth0.10
    bridge_stp off
    bridge_fd 0

auto vmbr20
iface vmbr20 inet static
    bridge_ports eth0.20
    bridge_stp off
    bridge_fd 0

auto vmbr30
 iface vmbr30 inet static
     bridge_ports eth0.30
     bridge_stp off
     bridge_fd 0
In this case, vlan-10 was used for proxmox-communication (if there a cluster, all nodes should be in vlan-10). Vlan 20 + 30 are only for the VMs.

For the VMs you can select a NIC in one of the bridge-net.
Your switch must tagg the packages of course.

Works very well.

Udo
 
Thanks, this project is on my list for this weekend. Does it matter if the VMs are OpenVZ or KVM. Will it matter if I'm using veth or bridged interfaces?
 
Hi,

I have a similar question to dad311. I've been running Proxmox for quite sometime now and love it. My Proxmox servers are physically located in my DMZ. Now, however, I have a need to build a few VMs in my LAN, and therefore need to set up a VLAN configuration for the servers.

I already have VLANs configured on my firewall and switches for my LAN and DMZ, as follows:

LAN: 192.168.10.0 / 24
DMZ: 192.168.11.0 / 24​

The LAN subnet is allowed to access the DMZ subnet, while no access is allowed from the DMZ to the LAN.

I have a cluster of two Proxmox servers in the DMZ. My master server has two NICs. Although, right now only one of them is being used. I'm planning on bonding eth0 and eth1 for this new VLAN setup.

Now, what I want to achieve is to build a few VMs that I can place in the LAN subnet, applying the same set of firewall rules that I already have in place. Because I have a few important production machines I don't want to mess things up and cause a bunch of downtime caused by my own mistakes. I'm hoping someone can provide some guidance for how I best achieve my desired setup.

Thanks in advance!
 
@mlanner: I wanted to do it similarly, except, that I have no vlans and also two nics.
I've tried to configure the 2nd vmbr1 and as soon as I bring it up all the VPSes on the vmbr0 are inaccessible.
Have also played with routes as explained in http://lartc.org/howto/lartc.rpdb.multiple-links.html#AEN268

ip route add 192.168.10.0/24 dev vmbr0 src 192.168.10.10 table dmz
ip route add 192.168.0.0/24 dev vmbr1 src 192.168.0.10 table lan

#gateway routes...
ip route add default via 192.168.10.1 table dmz
ip route add default via 192.168.0.1 table lan

#Now the regular routes.. ( table routes minus the tables)
ip route add 192.168.10.0/24 dev vmbr0 src 192.168.10.10
ip route add 192.168.0.0/24 dev vmbr1 src 192.168.0.10

#And finally the rules of who comes from where..
ip rule add from 192.168.10.10 table dmz
ip rule add from 192.168.0.10 table lan

but still no joy.
 
@mvrhov: what kernel are you using, i have the exact same setup (and had the same problem) when I was using 2.6.32, as soon as i changed to 2.6.18 everything works fine. I don't know what the difference is, and I wish that someone would tel me how to set it up for 2.6.32 because i'd like to use that kernel, however at this time i can't seem to make it work.
 
I'm on .32 kernel, and won't switch down to .18 as I really don't want to go trough grub manual new kernel install hell. I need a kernel with custom module for a RAID card.
 
Fair enough, i don't want to be on it either, but for now it's working until i figure out how to get it working with the .32 kernel. If anyone has any suggestions for us please let us know.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back