Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Hetzner with Proxmox
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Hetzner with Proxmox

hakuna1100hakuna1100 Member
edited August 2020 in Help

So I finally got a Hetzner box, got it for cheap. However, I am struggling to setup networking for Proxmox.

Desired setup

Internet <-> Proxmox <-> VMs (I just need internet access but I don't necessarily need to expose ports) [VMs should be able to talk to each other]

I am aware I will need NAT and DHCP for most of this, however, online tutorials have been of no help.

My network config file

source /etc/network/interfaces.d/*

    auto lo
    iface lo inet loopback

    iface lo inet6 loopback

    auto enp2s0
    iface enp2s0 inet static
            address PUBLIC_IP/27
            gateway PUBLIC_GATEWAY
    -- REDACTED --

    iface enp2s0 inet6 static
            address PUBLIC_IP6/64
            gateway IP6_GATEWAY

    auto vmbr0
    iface vmbr0 inet manual
            address 10.10.10.1
            netmask 255.255.255.0
            bridge-ports none
            bridge-stp off
            bridge-fd 0

            post-up echo 1 > /proc/sys/net/ipv4/ip_forward
            post-up   iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o enp2s0 -j MASQUERADE
            post-down iptables -t nat -D POSTROUTING -s '10.10.10.0/24' -o enp2s0 -j MASQUERADE

I am unable to connect to internet from within the VMs.
Help would be appreciated. Thank you.

Comments

  • I know hetzner have some community knowledge articles now have you tried - https://community.hetzner.com/tutorials/install-and-configure-proxmox_ve?title=Proxmox_VE/en

    Thanked by 1l2o88j
  • I'm not sure i f you have any firewall or something else but do make sure you have something analogous to the following:

    post-up        iptables -A FORWARD -i enp2s0 -o vmbr0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
    post-down      iptables -D FORWARD -i enp2s0 -o vmbr0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
    
    post-up        iptables -A FORWARD -i vmbr0 -o enp2s0 -j ACCEPT
    post-down      iptables -D FORWARD -i vmbr0 -o enp2s0 -j ACCEPT
    

    Again I can only give you rough ideas because I don't know if you have any other iptables rules messing things up.

    Hope this helps.

  • config looks correct. I only use inet static on the nat bridge rather then manual, but not sure if this changes much.

    what does the config inside the guests look like?
    can you ping the private gateway IP from the guests and can the guests ping each other?

    usually you should neither need a dhcp as you can set the IPs directly in the guests anyway nor you should need additional FORWARD rules.

    maybe post (redacted) ifconfig output for the host?

Sign In or Register to comment.