Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


PVE interfaces net config help pls
New on LowEndTalk? Please Register and read our Community Rules.

PVE interfaces net config help pls

miumiu Member
edited May 22 in Help

Hello

i have public ip say 22.33.44.55/24 (for PVE vps) and 22.33.44.80/24 (for VM)
gateway 22.33.44.1

and also assigned by provider ip for internal (private) networking in DC: 10.1.1.200/24 for this VPS, 10.1.1.201 for another VPS and so on...
gateway 10.1.1.1

i have on PVE node this in config:

auto lo
iface lo inet loopback

iface ens3 inet manual

# bridge for public IPs:
auto vmbr0
iface vmbr0 inet static
  address 22.33.44.55/24
  gateway 22.33.44.1
  bridge_ports ens3
  bridge_stp off
  bridge_fd 0

# bridge for internal/private IPs:
auto internal
iface internal inet static
   address  10.1.1.200/24
   gateway  10.1.1.1
   bridge_ports ens3
   bridge_stp off
   bridge_fd 0

unfortunately internal networking doesnot work with above config (this PVE vps is not able connect through internal net to other VPSes in DC)
probably proper routing is missing, route -n does not appears/not contains:
10.1.1.0/24 dev internal proto kernel scope link src 10.1.1.200

when i replace line address 10.1.1.200/24 w address 10.1.1.200/32
and comment line with gateway: # gateway 10.1.1.1
then it works and i can connect other vpses in DC through internal network and ips...

BUT:

to destination internal IP seems to be still routed through public IP and useless through Its gateway (22.33.44.1) instead direct routing through (nearest) 10.1.1.1 gw and network, bcs ping note New nexthop what means when i good understand that router redirect packets to more direct route:
From 22.33.44.1: icmp_seq=2 Redirect Host(New nexthop: 10.1.1.201)

What should be proper config pls instead:

# bridge for internal/private IPs:
auto internal
iface internal inet static
   address  10.1.1.200/24
   gateway  10.1.1.1
   bridge_ports ens3
   bridge_stp off
   bridge_fd 0

for internal networking to make it working properly, have direct routing between private Ips through 10.1.1.0/24 instead 22.33.44.0/24 and avoid mentioned redirection by router?

Many thanks for solution and help with this!

Comments

  • kerus1024kerus1024 Member

    why you need gateway for 10.1.1.200?

  • miumiu Member

    UPDATE:

    this seems to be properly working ROUTED configuration for private networking (without redirecting):

    auto ens3
    iface ens3 inet static
            address  22.33.44.55/24
            gateway  22.33.44.1
            post-up echo 1 > /proc/sys/net/ipv4/ip_forward
            post-up echo 1 > /proc/sys/net/ipv4/conf/ens3/proxy_arp
    
    auto ens3:1
    iface ens3:1 inet static
            address  10.1.1.200/24
    #       gateway 10.0.1.1
    

    does know someone how would be proper BRIDGED config for above mentioned private networking (without redirects) pls?

    thanks

  • kevertjekevertje Member

    Problem is I think bridged VMs have different MAC and some filter MAC on their network. I guess this is why you need proxy_arp. Usually if you pay for additional IPs support is willing to whitelist MAC addresses

Sign In or Register to comment.