VMs with public IP for outgoging traffic and local network on routed configuration

B

Buschdieb

New Member
Proxmox Subscriber
Oct 18, 2024
1
0
1
Good evening, I have been trying to create a specific network configuration for several days but keep encountering difficulties. Therefore, I would like to take this opportunity to ask the community for some input and assistance. I have a Hetzner server running Proxmox version 8.2.7. My previous use case worked with a single public IP and an internal network (192.168.1.0/24). Several VMs provided services through an Nginx proxy. This worked wonderfully for years with the routed configuration and masquerading. See also this wiki entry on the topic. https://pve.proxmox.com/wiki/Network_Configuration

Code: 
auto lo
iface lo inet loopback

iface lo inet6 loopback

iface enp0s31f6 inet manual
        up route add -net 122.150.130.0 netmask 255.255.255.192 gw 122.150.130.1 dev enp0s31f6

auto vmbr0
iface vmbr0 inet static
        address  122.150.130.22
        netmask  255.255.255.192
        gateway  122.150.130.1
        bridge-ports enp0s31f6
        bridge-stp off
        bridge-fd 0
# route 122.150.130.0/26 via 122.150.130.1

iface vmbr0 inet6 static
        address  2a02:5a8:231:25c2::2
        netmask  64
        gateway  pe90::1

auto vmbr1
iface vmbr1 inet static
        address  192.168.1.1
        netmask  255.255.255.0
        bridge-ports none
        bridge-stp off
        bridge-fd 0
        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up iptables -t nat -A POSTROUTING -s '192.168.1.0/24' -o vmbr0 -j MASQUERADE
        post-down iptables -t nat -D POSTROUTING -s '192.168.1.0/24' -o vmbr0 -j MASQUERADE

Now new requirements are being added. I need several VMs, each making outgoing connections with their own public IP. Incoming traffic does not need to be handled. However, these VMs must also be able to access the internal local network (192.168.1.0/24).

So far, I haven't been able to allow the new VMs to access the internet via an additional public IP. Either there is no internet traffic at all, or it goes through the main IP of the server to the internet.

What do you think? Should the approach be to add the additional IPs to vmbr0, or should I create a separate bridge along with an additional public IP? But then, how would I access my local network?

Thank you in advance for the assistance.
 
I THINK (don't hold me to it) this is your problem
Code: 
up route add -net 122.150.130.0 netmask 255.255.255.192 gw 122.150.130.1 dev enp0s31f6

Your default router is NOT going to the interface, it's going to the VMBR0 interface. Try moving the route command over to the static config of vmbr0 and see if that works.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back