Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Advertise on LowEndTalk.com
KVM on Online.net Dedibox
New on LowEndTalk? Please read our 'Community Rules' by clicking on it in the right menu!

KVM on Online.net Dedibox

Hi,

I'm running a online.net dedibox which i want to use to host multiple kvm virtual machines. I'm having problems with configuring the correct ip addresses on the host in connection with the bridging that is needed. is there anyone who can help me to configure it correctly?

thanks :)

Comments

  • racksxracksx Member without signature
    edited February 2017
  • Well I do actually only have the main IP of the server I ordered initially and just bought an additional failover ip. I'm currently failing on configuring my vm to use one of those ips.

    what i'd like to achieve is the host running with the main IP address which came with the server and at the same time build up a virtual network which allows me to have multiple vms (probably 4) of which only one vm should have access to the internet and the others should be connectable with "internal" ips.

  • JackHJackH Moderator

    So you want an internal network with a 192.168.0.0/24 addressing scheme, and to then NAT forward out to the internet?

    NVMe KVM VPS in Amsterdam, Stockholm, Oslo, Vienna and LA ($2.50/1GB RAM/10GB NVMe/month) (AFF LINK)

  • @jackhadrill said:
    So you want an internal network with a 192.168.0.0/24 addressing scheme, and to then NAT forward out to the internet?

    exactly!

  • JackHJackH Moderator

    @nobizzle said:

    @jackhadrill said:
    So you want an internal network with a 192.168.0.0/24 addressing scheme, and to then NAT forward out to the internet?

    exactly!

    Set this up only last week, send me a PM :)

    Thanked by 1racksx

    NVMe KVM VPS in Amsterdam, Stockholm, Oslo, Vienna and LA ($2.50/1GB RAM/10GB NVMe/month) (AFF LINK)

  • racksxracksx Member without signature

    In order for the failover IP to work, you need to add route else will not work.
    @jackhadrill, maybe a share would help all the people in the same situation, so no PM, share so all the people can have the answer or make a tutorial.

  • racksxracksx Member without signature
    edited February 2017

    @nobizzle, you can use the additional ips, as long you do the proper routing.

  • JackHJackH Moderator

    @racksx said:
    In order for the failover IP to work, you need to add route else will not work.
    @jackhadrill, maybe a share would help all the people in the same situation, so no PM, share so all the people can have the answer or make a tutorial.

    I will perhaps share a tutorial later on today. Didn't have a lot of time to phrase things in a forum-friendly format ;-)

    NVMe KVM VPS in Amsterdam, Stockholm, Oslo, Vienna and LA ($2.50/1GB RAM/10GB NVMe/month) (AFF LINK)

  • nobizzlenobizzle Member
    edited February 2017

    Mhh, jackhadrill tried to help me, but i guess i don't get it correctly.

    what do i want to do?

    All systems are Debian Jessie

    Main IP=XXX.XXX.XXX.XXX
    Second IP=YYY.YYY.YYY.YYY

    HOST: external IP: XXX.XXX.XXX.XXX Supposed to be connectable from the internet internal IP: 192.168.0.10

    KVM1Webserver: external IP: YYY.YYY.YYY.YYY Supposed to be connectable from the internet internal IP: 192.168.0.20

    KVM2 DB-Server: external IP: NONE! NOT supposed to be directly reachable Internal IP: 192.168.0.30

    All machines should be able to connect to each other, but only two of them are supposed to be on the internet.

    What I THINK needs to be done (at least a part of the main configuration)

    HOST
    auto lo iface lo inet loopback auto br0 iface br0 inet static address XXX.XXX.XXX.XXX netmask 255.255.255.255 gateway ??? bridge_ports eth0 bridge_stp off bridge_fd 1 bridge_hello 2 bridge_maxage 12

    KVM 1
    auto lo iface lo inet loopback auto lo iface lo inet loopback auto eth0 iface eth0 inet static address YYY.YYY.YYY.YYY netmask 255.255.255.255 gateway 192.168.0.10 pointopoint 192.168.0.10

  • FalzoFalzo Member
    edited February 2017

    if you go with /32 netmask you need to use pointopoint (no typo, one t), which is my preferred method too. gateway for the main IP most probably should be the .1 from the same subnet for online.net.

    if you can use the second IP directly within the guest depends on the ability to set and use a virtual mac in the control panel at online.net (which is what I presume for now)

    for the private network you need or at least should use an additional bridge. also enable IP forwarding if you want the guest itself to be able to connect to the internet (not the same as being able to access services on it the other way round ;-))

    HOST:

    auto lo br0 br1 eth0
    
    iface lo inet loopback
    
    iface eth0 inet manual
    
    iface br0 inet static
       address XXX.XXX.XXX.XXX
       netmask 255.255.255.255
       pointopoint XXX.XXX.XXX.1
       gateway XXX.XXX.XXX.1
       bridge_ports eth0
       bridge_stp off
       bridge_fd 1
       bridge_hello 2
       bridge_maxage 12
    
    iface br1 inet static
            address 192.168.0.10
            netmask 255.255.255.0
            bridge_ports none
            bridge_stp off
            bridge_fd 0
    
        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
    
        post-up iptables -t nat -A POSTROUTING -s '192.168.0.0/24' -o br0 -j MASQUERADE
        post-down iptables -t nat -D POSTROUTING -s '192.168.0.0/24' -o br0 -j MASQUERADE
    

    depending how you setup the guests, you are going to add one or more network interfaces using either br0 and the virtual mac for external IPs and/or br1 for local IPs (with any random mac).

    KVM1:

    auto lo eth0 eth1
    
    iface lo inet loopback
    
    allow-hotplug eth0
    
    iface eth0 inet static
        address YYY.YYY.YYY.YYY
        netmask 255.255.255.255
        pointopoint XXX.XXX.XXX.1
        gateway XXX.XXX.XXX.1
    
    iface eth1 inet static
        address 192.168.0.20
        netmask 255.255.255.0
        gateway 192.168.0.10
    

    please note that you normally should use the HOSTs gateway inside the guests, at least that's what always worked for me.

    KVM2:

    auto lo eth0
    
    iface lo inet loopback
    
    allow-hotplug eth0
    
    iface eth0 inet static
        address 192.168.0.30
        netmask 255.255.255.0
        gateway 192.168.0.10
    

    if you want to be able to access KVM2 from the outside e.g. via SSH you would need to add forwarding rules on the host for the related ports of that service to the internal IP.

    once again: this is a bridged setup, so the additional IP on the guest only will work this way, if you setup a virtual mac which you give to the network interface.

    if you can't set virtual MACs you need to use routed setup which is a bit different, let me know if the above works for you or not ;-)

    PS: about virtual MACs with online.net https://documentation.online.net/en/dedicated-server/network/ip-failover/multi-ip-virtual-mac

    PPS: also they point out here https://documentation.online.net/en/dedicated-server/network/ip-failover/virtual-machine that you can generally use

    62.210.0.1

    as gateway on the guest (KVM1/eth0).

    Thanked by 2alown K4Y5

    UltraVPS.eu KVM in US/UK/NL/DE: 15% off first 6 month | Netcup VPS/rootDS - 5€ off: 36nc15279180197 (ref)

  • nobizzlenobizzle Member
    edited February 2017

    @Falzo said:

    Wow.. Thank you very much. It seems so obvious now. Very much appreciated. I'll try it later and tell you if it worked :)

  • @nobizzle said:

    @Falzo said:

    Wow.. Thank you very much. It seems so obvious now. Very much appreciated. I'll try it later and tell you if it worked :)

    Thank you! Exactly what i wanted! Works flawlessly..

    Thanked by 2JackH Falzo
  • JackHJackH Moderator

    @nobizzle said:

    @nobizzle said:

    @Falzo said:

    Wow.. Thank you very much. It seems so obvious now. Very much appreciated. I'll try it later and tell you if it worked :)

    Thank you! Exactly what i wanted! Works flawlessly..

    Glad he was able to help! Have fun :D

    NVMe KVM VPS in Amsterdam, Stockholm, Oslo, Vienna and LA ($2.50/1GB RAM/10GB NVMe/month) (AFF LINK)

  • @nobizzle said:

    Thank you! Exactly what i wanted! Works flawlessly..

    you're welcome, good to see you got it working ;-)

    UltraVPS.eu KVM in US/UK/NL/DE: 15% off first 6 month | Netcup VPS/rootDS - 5€ off: 36nc15279180197 (ref)

  • thanks to you too, @jackhadrill

    the only thing i was struggelin with while configuring... i had to add a seconed network interface via virt-manager. it's also obvious, yeah, but as i'm only doing this as a hobby, i think its ok anyway :D

    Virtualisation is really fantastic!

  • JackHJackH Moderator

    @nobizzle said:
    thanks to you too, @jackhadrill

    the only thing i was struggelin with while configuring... i had to add a seconed network interface via virt-manager. it's also obvious, yeah, but as i'm only doing this as a hobby, i think its ok anyway :D

    Virtualisation is really fantastic!

    Glad it's working great! And yeah, KVM is amazing - I use it for my desktop as virtualisation comes with lots of nifty features like portability and snapshots.

    NVMe KVM VPS in Amsterdam, Stockholm, Oslo, Vienna and LA ($2.50/1GB RAM/10GB NVMe/month) (AFF LINK)

  • I'd just like to point out that br1 is a separate bridge which is not attached to any actual hardware. It's designed in such a way like a virtual "private" network. Most people would think/try to bridge it to a NIC, but it's not necessary for this purpose.

    Thanked by 1Falzo
Sign In or Register to comment.