[pve-devel] pvefw: masquerade problems and conntrack zones
Alexandre DERUMIER
aderumier at odiso.com
Tue Mar 11 08:06:41 CET 2014
ok, thanks, I'll build the same setup,
(is pm0 address in the same range than pm1 ? )
If I understand, the vm tap is plugged on vmbr1, and nat must be done on veth pair ?
I'll make a report this afternoon.
----- Mail original -----
De: "Dietmar Maurer" <dietmar at proxmox.com>
À: "Alexandre DERUMIER" <aderumier at odiso.com>
Cc: pve-devel at pve.proxmox.com
Envoyé: Mardi 11 Mars 2014 06:43:21
Objet: RE: [pve-devel] pvefw: masquerade problems and conntrack zones
> I'm a bit lost for now, I'll try to create a testlab tomorrow to see how things
> works.
I currently use the following configuration for testing:
-----------------------
auto vmbr0
iface vmbr0 inet manual
bridge_ports eth0
bridge_stp off
bridge_fd 0
auto pm0
iface pm0 inet static
address XXX.XXX.XXX.XXX
netmask 255.255.255.0
gateway YYY.YYY.YYY.YYY
VETH_BRIDGETO vmbr0
auto vmbr1
iface vmbr1 inet manual
bridge_ports none
bridge_stp off
bridge_fd 0
auto pm1
iface pm1 inet static
address 10.10.10.1
netmask 255.255.255.0
VETH_BRIDGETO vmbr1
VETH_MASQUERADE pm0
-------------------------------
More information about the pve-devel
mailing list