Whats the difference between these two network configurations?

[pablo808]

Apologies if this has been asked numerous times already. I just want to get this straight before building out our Promox environment further.

Whats the difference between these two network configurations?

3.4.5. Routed Configuration
3.4.6. Masquerading (NAT) with iptables

They appear to provide the same outcome in that they route all trafic via the same interface or MAC address.

Are their any advanges/disadvantages from using one or the other?

I have a cluster setup with a vmbr0 network on all nodes using Masquerading (NAT with iptables) and it appears to functioning well. Looking at the /etc/network/interfaces config, they seem nearly identifcal except for the extra iptables NAT rules for Masquerading.

So basically doing the same thing but different configs only?

Thanks.

 

[pablo808]

I wasn't able to delete my own post so I hope this helps someone.

From the pve admin guide:

Proxmox VE server at hosting provider, with public IP ranges for Guests​

For this setup, you can use either a Bridged or Routed model, depending on what your provider allows.

Proxmox VE server at hosting provider, with a single public IP address​

In that case the only way to get outgoing network accesses for your guest systems is to use Masquerading. For incoming network access to your guests, you will need to configure Port Forwarding.
For further flexibility, you can configure VLANs (IEEE 802.1q) and network bonding, also known as "link aggregation". That way it is possible to build complex and flexible virtual networks.