[PVE-User] PVE and NAT mode

Uwe Sauter uwe.sauter.de at gmail.com
Tue Feb 28 13:20:24 CET 2017


Hi,

I'm trying to use NAT in one of my VMs as I have no official IP address for it. I found [1] which explains how to setup
masquerading but I'm a bit confused. [1] uses 10.10.10.0/24 as source address. In the PVE documentation [2] it is mentioned that
PVE will serve addresses in the 10.0.2.0/24 range (which I can confirm. My VM got 10.0.2.15/24, gateway is 10.0.2.2).

I tried to use the commands from [1] on the fly but substituted 10.10.10.0/24 with 10.0.2.0/24. With this I am unable to access
internet. Using 10.10.10.0/24 doesn't help either.

I also have a cluster-wide firewall configured that rejects everything that is addressed to the Proxmox host's external interface.
(I have a separate management interface that is on an internal network. The external interface is only used for updates and, if I
get this going, for NAT.) Disabling the firewall didn't solve the issue.

Questions:

1) Which one is the correct network for the configuration? Does the wiki need to be updated?

2) How is the VM actually connected to the host? I don't see any virtual interfaces other than the bridges and VLAN interfaces I
create in /etc/network/interfaces.

3) Related to the 2nd question: If I use tcpdump on the host's interfaces I don't see any ICMP packets when I try to ping from
within the VM. How can I debug this further?

4) Does a cluster-wide firewall affect NATing?

5) Is NATing even working with PVE 4.4?

Any help is appreciated.

Regards,

	Uwe


[1] https://pve.proxmox.com/wiki/Network_Model#Masquerading_.28NAT.29_with_iptables
[2] https://<your proxmox host>:8006/pve-docs/chapter-qm.html#qm_network_device



More information about the pve-user mailing list