Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see:
viewtopic.php?t=158230
Linux Kernel, Network, and Services configuration.
setcm
Posts: 3 Joined: 2018-07-13 13:18
#1
Post
by setcm » 2018-07-13 13:24
I've got a Debian 9 box hosting a few VMs. I want the VMs to be on their own network from the rest of my lab.
Physical lab IPs: 172.19.20.x
Debian 9 host: 172.19.20.254
VM IP network: 192.168.1.x
Code: Select all
# cat /etc/network/interfaces
auto lo
iface lo inet loopback
auto ens18
iface ens18 inet static
address 172.19.20.254
netmask 255.255.255.0
gateway 172.19.20.1
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up echo 1 > /proc/sys/net/ipv4/conf/ens18/proxy_arp
auto vmbr0
iface vmbr0 inet static
address 192.168.1.1
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
The above config is what I've been able to piece together from searching online, but the VMs still can't communicate out. Can anyone assist?
Last edited by
setcm on 2018-07-13 15:58, edited 2 times in total.
setcm
Posts: 3 Joined: 2018-07-13 13:18
#3
Post
by setcm » 2018-07-13 15:03
Yes, that was one of the docs I consulted. The bridge alone seems to work fine -- if I put the VMs on the 172.19.20.x network, they communicate fine.
Getting routing between 192.168.1.x and 172.19.20.x to work, however, has been a non-starter.
arzgi
Posts: 1197 Joined: 2008-02-21 17:03
Location: Finland
Been thanked: 31 times
#4
Post
by arzgi » 2018-07-13 15:42
I'm not an expert on this field, but what I just read, suggests you should change
to:
setcm
Posts: 3 Joined: 2018-07-13 13:18
#5
Post
by setcm » 2018-07-13 15:45
I was able to get it going with the following tweaks/additions:
Code: Select all
auto lo
iface lo inet loopback
auto ens18
iface ens18 inet static
address 172.19.20.254
netmask 255.255.255.0
gateway 172.19.20.1
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up echo 1 > /proc/sys/net/ipv4/conf/ens18/proxy_arp
auto vmbr0
iface vmbr0 inet static
address 192.168.1.1
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '192.168.1.0/24' -o ens18 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '192.168.1.0/24' -o ens18 -j MASQUERADE
arzgi
Posts: 1197 Joined: 2008-02-21 17:03
Location: Finland
Been thanked: 31 times
#6
Post
by arzgi » 2018-07-13 15:49
Great! I guess you could now mark the thread as solved: edit the header of your first post in thread, and add [SOLVED] to front of header.