Hi there,
Have made some additional tests. Two problems:
I’ve testet on Proxmox KVM. But the prod. system will be installed on real hardware. On the VM, after reboot the domain config is broken. Google says i have to to turn on the promocious mode. But where?
I need a per user quota of the discspace. Like in old SME Server. Thats not available in NS7.??
Cheers
Ruediger
Not yet.
Seems not a “limitation due to no subscription”.
Anyway… some topics are talking about Proxmox
https://community.nethserver.org/search?q=Proxmox%20KVM
There is a wiki install guide for an older version of Proxmox
https://wiki.nethserver.org/doku.php?id=userguide:install_nethserver_on_proxmox
and an idea to create a safe and accessible installation on a ProxMox-based service provider.
https://wiki.nethserver.org/doku.php?id=ns_networking&s[]=proxmox
Hope this could help but… this should be a different topic.
If you are using a virtualized environment it is true you have to enable Promiscuous mode of the interface in the settings of your VM. This is a setting you will find on any hypervisor for the virtual network interfaces you create.
Can you describe in more detail what happens with your domain configuration after reboot? Post logs, screenshots of your settings etc. I have been running NethServer for years on Proxmox now without any problems.
offtopic: I can recommend to keep using Proxmox as an extra layer under Nethserver. It will make your admin life so much easier…
Please define in this specific case what does “broken” means. I suspect there could be any other configuration errors here.
Promiscuous mode has to be enabled on the bridge interface on the Proxmox VE part, and it is not very well documented IIRC.
All you have to do is add the following line in the bridge interface stanza in /etc/network/interfaces in Proxmox:
up /sbin/ip link set $IFACE promisc onAnd reboot the host.
OK, thanks. I’ll give it a try…
Sorry, that makes no difference. Maybe it is better to wait for the physical server to test,…
I’ve added the line:
auto lo
iface lo inet loopback
iface enp3s0 inet manual
auto vmbr0
iface vmbr0 inet static
address 192.168.244.253
netmask 255.255.255.0
gateway 192.168.244.254
bridge_ports enp3s0
bridge_stp off
bridge_fd 0
up /sbin/ip link set vmbr0 promisc on
Or do i have to use the phys. interface in the line, not the bridge…?
Uuups. yes. change vmbr0 to enp3s0 did the trick…
Thanks…
Should be documented into KVM?
Please explain me, why should we use Promiscous mode. What is the benefit? I never used it for NS under Proxmox…
# network interface settings; autogenerated
# Please do NOT modify this file directly, unless you know what
# you're doing.
#
# If you want to manage parts of the network configuration manually,
# please utilize the 'source' or 'source-directory' directives to do
# so.
# PVE will preserve these directives, but will NOT read its network
# configuration from sourced files, so do not attempt to move any of
# the PVE managed interfaces into external files!
auto lo
iface lo inet loopback
iface enp0s25 inet manual
iface enp5s0 inet manual
iface enp6s0 inet manual
iface enp8s0 inet manual
auto vmbr0
iface vmbr0 inet static
address 192.168.xx.xxx
netmask 24
gateway 192.168.xx.xxx
bridge-ports enp0s25
bridge-stp off
bridge-fd 0
auto vmbr1
iface vmbr1 inet manual
bridge-ports enp5s0
bridge-stp off
bridge-fd 0
auto vmbr2
iface vmbr2 inet manual
bridge-ports enp6s0
bridge-stp off
bridge-fd 0
auto vmbr3
iface vmbr3 inet manual
bridge-ports enp8s0
bridge-stp off
bridge-fd 0I really don’t know it. I’ve many Proxmox systems running and never needed to change that in net config. But in my case, i get an error after reboot related to the AD functionality…
“account provider generic error sssd exit code 1”…
Had it too… Could not find out the reason. I just did a recovery under Proxmox…
For what? What google? for what function of the service exactly?
Hi All!
I use Proxmox as foundation layer for all my SME Clients (20+).
The reason promicious is needed for Nethserver is quite simple: The AD Provider is basically a Container VM inside of NethServer, the reason is the special Samba / Kerberos (Heimdal?) combination needed for a working Samba4 AD. The standard upstream (RedHat/Centos) LDAP won’t quite work for AD purposes.
Without promicious mode, the AD won’t work - and problems begin!
Another place promicious mode comes into play is often in systems monitoring, like using Zabbix or the like. Network sniffing needs that too…
My 2 cents!
Andy
OK, for me it’s just for testing… The prod system will run on real hardware…
Thanks for the explanation…
–
Ruediger
Yes, I meant on Proxmox VE documentation; the change has to be done in console on the node itself, it would be a wise decision to provide the correct commands to enable it.
Besides, NS docs are already ok, if you close you eyes on the fact that ifconfig is generally regarded as deprecated.
Check out the docs I pointed out. Maybe this has never been your use case.
I can strongly recommend to keep proxmox as a layer between your ‘real’ hardware and your OS. It will give you so much more flexibility.
/edit: just realize I already stated that in this discussion… 