All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
PVE interfaces net config help pls
Hello
i have public ip say 22.33.44.55/24 (for PVE vps) and 22.33.44.80/24 (for VM)
gateway 22.33.44.1
and also assigned by provider ip for internal (private) networking in DC: 10.1.1.200/24 for this VPS, 10.1.1.201 for another VPS and so on...
gateway 10.1.1.1
i have on PVE node this in config:
auto lo
iface lo inet loopback
iface ens3 inet manual
# bridge for public IPs:
auto vmbr0
iface vmbr0 inet static
address 22.33.44.55/24
gateway 22.33.44.1
bridge_ports ens3
bridge_stp off
bridge_fd 0
# bridge for internal/private IPs:
auto internal
iface internal inet static
address 10.1.1.200/24
gateway 10.1.1.1
bridge_ports ens3
bridge_stp off
bridge_fd 0
unfortunately internal networking doesnot work with above config (this PVE vps is not able connect through internal net to other VPSes in DC)
probably proper routing is missing, route -n does not appears/not contains:
10.1.1.0/24 dev internal proto kernel scope link src 10.1.1.200
when i replace line address 10.1.1.200/24
w address 10.1.1.200/32
and comment line with gateway: # gateway 10.1.1.1
then it works and i can connect other vpses in DC through internal network and ips...
BUT:
to destination internal IP seems to be still routed through public IP and useless through Its gateway (22.33.44.1) instead direct routing through (nearest) 10.1.1.1 gw and network, bcs ping note New nexthop
what means when i good understand that router redirect packets to more direct route:
From 22.33.44.1: icmp_seq=2 Redirect Host(New nexthop: 10.1.1.201)
What should be proper config pls instead:
# bridge for internal/private IPs:
auto internal
iface internal inet static
address 10.1.1.200/24
gateway 10.1.1.1
bridge_ports ens3
bridge_stp off
bridge_fd 0
for internal networking to make it working properly, have direct routing between private Ips through 10.1.1.0/24 instead 22.33.44.0/24 and avoid mentioned redirection by router?
Many thanks for solution and help with this!
Comments
why you need gateway for 10.1.1.200?
UPDATE:
this seems to be properly working ROUTED configuration for private networking (without redirecting):
does know someone how would be proper BRIDGED config for above mentioned private networking (without redirects) pls?
thanks
Problem is I think bridged VMs have different MAC and some filter MAC on their network. I guess this is why you need proxy_arp. Usually if you pay for additional IPs support is willing to whitelist MAC addresses