VM no internet even with masquerading on dedicated server

T

tofugeek

New Member
Dec 9, 2023
2
0
1
Hi all. I have been reading related threads in these forums but nothing seems to work.
I have a dedicated server with Contabo with one single public IP address, Proxmox 8.1.3 is installed. I created a Win 10 VM.

I followed https://pve.proxmox.com/wiki/Network_Configuration#sysadmin_network_masquerading to set up masquerading, and also followed some threads eg https://forum.proxmox.com/threads/p...bridge-in-vps-with-only-one-ip-address.69618/

Below is my /etc/network/interfaces.

Code: 
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet manual

iface eth1 inet manual

auto vmbr0
iface vmbr0 inet static
        address <public IP>/18
        gateway <public gateway >
        bridge-ports eth0
        bridge-stp off
        bridge-fd 0

        up ip route replace <X.X.X.0>/18 via <public gateway> dev vmbr0

# Everything above was set up by Contabo. I added the below.


auto vmbr1
#private sub network

iface vmbr1 inet static
        address 192.168.1.1/24
        bridge-ports none
        bridge-stp off
        bridge-fd 0

post-up   echo 1 > /proc/sys/net/ipv4/ip_forward
post-up   iptables -t nat -A POSTROUTING -s '192.168.1.1/24' -o eth0 -j MASQUERADE
post-down   iptables -t nat -D POSTROUTING -s '192.168.1.1/24' -o eth0 -j MASQUERADE
post-up   iptables -t raw -I PREROUTING -i fwbr+ -j CT --zone 1
post-down iptables -t raw -D PREROUTING -i fwbr+ -j CT --zone 1


(I know that this is slightly different from the suggested configuration in the Network_Configuration wiki, but I tried that and it didnt work either)

My VM has the IP details below. It is created with the bridge vmbr1
1702220509829.png

1702220533917.png


1702220315165.png

I can ping the default gateway 192.168.1.1 and my Proxmox host's public IP, but not 8.8.8.8 or the DNS servers provided by Contabo.
Does anyone know what i have done wrong?
 
Last edited:
Spoke too soon, spotted a mistake and now it works fine.

Code: 
auto vmbr1
#private sub network
iface vmbr1 inet static
        address 192.168.1.1/24
        bridge-ports none
        bridge-stp off
        bridge-fd 0

      #
post-up   echo 1 > /proc/sys/net/ipv4/ip_forward
post-up   iptables -t nat -A POSTROUTING -s '192.168.1.0/24' -o vmbr0 -j MASQUERADE
post-down   iptables -t nat -D POSTROUTING -s '192.168.1.0/24' -o vmbr0 -j MASQUERADE
post-up   iptables -t raw -I PREROUTING -i fwbr+ -j CT --zone 1
post-down iptables -t raw -D PREROUTING -i fwbr+ -j CT --zone 1
 
You must log in or register to reply here.
Top Bottom