Today we will learn to configure out Proxmox hypervisor on a rented server in Hetzner datacenter.
Proxmox need a special setup for public IPs because they filter traffic based on MAC address of physical host and a standard bridge is not enough. Also today we will configure a second linux bridge as a Private network because not all VMs need a public IP.
Configure Public IPs:
iface enp2s0 inet static
address [IP of physical server]
netmask 255.255.255.255
pointopoint [Gateway IP of physical server]
gateway [Gateway IP of physical server]
post-up echo 1 > /proc/sys/net/ipv4/conf/enp2s0/proxy_arp
auto vmbr0
iface vmbr0 inet static
address [IP of physical server]
netmask 255.255.255.255
bridge_ports none
bridge_stp off
bridge_fd 0
bridge_maxwait 0
# Repeat this line for each IP of extra subnet
up route add -host [Extra public IP] dev vmbr0
Once configured our public network we will move forward to configure a private one.
Configure Private network:
auto vmbr2
iface vmbr2 inet static
address 10.0.0.1
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up iptables -t nat -A POSTROUTING -s '10.0.0.0/24' -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.0.0.0/24' -j MASQUERADE
Using this setup you will be able to host VMs with both Public and Private IPs.
Due to latest bug in Proxmox you will also need to add a firewall rule to drop port 43 ad Datacenter level.
Need help building secure virtualization platforms with routed networking?
→ Explore our Virtualization & Container Services
3 Comments
Alex · March 13, 2022 at 7:13 pm
Could you please add an example for completely ipv6 network?