Running multiple virtual machines behind a shared IP

I assume that you have already set up your private VM's to use bridged networking (vmbr0), as described in a previous blog post by me.

On the Proxmox host just setup IP forwarding to the private IP's of the private machines.

For instance, to forward port 60101 on proxmox host to port 22 on the virtual machine (10.0.0.101), so that you can SSH into the virtual machine. Run the following on the proxmox host.

iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 60101 -j DNAT --to-destination 10.0.0.101:22

When you are happy with your config, then run the following and they will be persisted even after a restart:
iptables-save > /etc/iptables.rules


In order to persist and reload automatically when the proxmox host boot, you need to do the following.

# vim /etc/network/interfaces

auto vmbr0
iface vmbr0 inet static
        pre-up iptables-restore < /etc/iptables.rules
        post-down iptables-save > /etc/iptables.rules
        address  10.0.0.1
        netmask  255.255.255.0
....


Giving virtual machines access to the internet, run this on proxmox host

# iptables -t nat -A POSTROUTING -s '10.0.0.0/24' -o eth0 -j MASQUERADE
# reboot

Comments

Post a Comment

Popular posts from this blog

Switching from Docker Desktop to Rancher Desktop on WSL2: Solving the Missing docker-credential-desktop.exe Error

Switching from Docker Desktop to Rancher Desktop on WSL2: Solving the Missing docker-credential-desktop.exe Error I’ve been happily running Kamal inside WSL2 on my home Windows desktop for a while. My original setup included an older Docker Desktop installation. Recently, I wanted to replicate this environment on a different machine, but I discovered that Docker Desktop had changed their licensing terms. Technically, I’m still covered by the new licensing terms, but I decided to try Rancher Desktop instead. Installing Rancher Desktop on WSL2 Installation was straightforward. I installed Rancher Desktop, configured it to integrate with WSL2, and disabled Kubernetes (since I don’t currently need it). My plan was to continue using the Docker CLI inside WSL2 alongside Rancher Desktop for container management. The Authentication Error However, when I was in WSL and tried to authenticate (for example, with Docker Hub via docker login), I ran into this error: ``` failed to store...
Read more

Running LXD/LXC on WSL2 with Ubuntu 20.04

Download Ubuntu 20.04 from the Microsoft Store sudo apt-get update sudo apt-get upgrade cd ~ git clone https://github.com/DamionGans/ubuntu-wsl2-systemd-script.git cd ubuntu-wsl2-systemd-script/ bash ubuntu-wsl2-systemd-script.sh sudo apt-get install snap (exit the shell and reopen it) Source: https://github.com/damionGans/ubuntu-wsl2-systemd-script To the IPv6 question I answer "none". $ sudo lxd init 2020/08/01 15:55:13 usbid: failed to load: open /usr/share/misc/usb.ids: no such file or directory Would you like to use LXD clustering? (yes/no) [default=no]: Do you want to configure a new storage pool? (yes/no) [default=yes]: Name of the new storage pool [default=default]: Name of the storage backend to use (ceph, btrfs, dir, lvm) [default=btrfs]: Create a new BTRFS pool? (yes/no) [default=yes]: Would you like to use an existing block device? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=50GB]: Would you like to connect to a MAAS server? (...
Read more

Proxmox Remote administration via VNC

Image
A few times I've needed to communicate via VNC, for instance when I was changing network configuration and couldn't use SSH or when I tried out Windows. Communicating with VNC to Proxmox wasn't so easy for me as it seemed in the documentation. Basically I never really got the " /etc/inetd.conf " thing to work, but this made it work from my local machine. This blog post is an alternative to the openbsd-inetd solution In the following: 2.2.2.2 is the IP of my Proxmox host 100 is the VM-ID you picked when you created the virtual machine ======================================================================== ssh -f -L 25901:127.0.0.1:5910 root@ 2.2.2.2 'nc -l -p 5910 -c "qm vncproxy 100 "'; "/Applications/TigerVNC Viewer 1.2.0.app/Contents/MacOS/TigerVNC Viewer" localhost:25901 ======================================================================== Please note that I only got TigerVNC to work, since all the other VNCs ha...
Read more