Problem configuring NethServer as gateway in Proxmox

Support
,
66

Resume

Use Case: Build a virtual Nethserver as gateway on top of a Proxmox-System
Reason for this use case: primarily to use the flexibility of virtual machines, especially backup, snapshots for better disaster management and faster recovery of entire network servers

Initial situation :

  1. Internet-/DSL-Router: 192.168.2.1/24
  • currently connected via switch to my dedicated Nethserver on Server 1
  • later planned to connect to enp2s0 of my Server 2 (Promox)
  1. Server 1 : dedicated NS-Gateway 192.168.3.1/24 (GREEN/LAN) with DHCP and DNS + 192.168.2.5 (RED/WAN)
    Server 1 shout be substituted by Server 2 with Promox and a virtualised Nethserver as Gateway
  2. all Clients (Diskstation, Workstations, Laptops, Mobile Phones…),connected via switch with Server 1 (dedicated NS): 192.168.3.2-192.168.3.254)
  3. for Installation purposes Server 2 (Promox) with enps20 (not connected) and enp3s0 connected via switch to the gateway. This server is pingable from other clients and has internet connection.

My planned Architecture :

  1. Internet-/DSL-Router: 192.168.2.1
  • connected to enp2s0 of my Server 2 (Promox)
  • connection to Server 1 disconnected
  1. Server 2 :
  • enps2s0 with 192.168.2.2 connected to my DSL-Router
  • enp3s0 connected to my switch (LAN-side)
  • virtual NS-Gateway with DHCP and DNS
  1. all Clients (Diskstation, Workstations, Laptops, Mobile Phones…),connected via switch with Server 1 (dedicated NS): 192.168.3.2-192.168.3.254)
  2. Server 2 (Promox) with enps20 (connected to DSl-Router) and enp3s0 (connected to the switch).

Installation of Proxmox:

  1. Connect the server with one NIC enp3s0 to the switch
  2. Install the Proxmox-Server with a static IP inside the LAN-IP-Range
  3. modify the apt sources nano /etc/apt/sources.list.d/pve-enterprise.list and disable the source
    # deb https://enterprise.proxmox.com/debian/pve buster pve-enterprise
  4. modify the apt sources again nano /etc/apt/sources.list by adding
    # PVE pve-no-subscription repository provided by proxmox.com,
    # NOT recommended for production use
    deb http://download.proxmox.com/debian/pve buster pve-no-subscription
  5. update the Proxmox server apt update & apt full-upgrade
  6. install ifupdown2 to avoid reboots in case of network changes: apt install ifupdown2
  7. reboot

Ensure a well defined NIC configuration

root@proxmox:~# nano /etc/network/interfaces
auto lo
iface lo inet loopback

auto enp3s0
iface enp3s0 inet manual
#Connected to Switch

auto enp2s0
iface enp2s0 inet manual
#disconnected: planned to DSL router

auto vmbr0
iface vmbr0 inet static
address 192.168.3.200
netmask 255.255.255.0
gateway 192.168.3.1
bridge-ports enp3s0
bridge-stp off
bridge-fd 0

auto vmbr1
iface vmbr1 inet manual
bridge-ports enp2s0
bridge-stp off
bridge-fd 0

root@proxmox:~# reboot

Ensure the right configuration inside the Proxmox-GUI

image
image1017×138 20.8 KB

Installation of Nethserver inside a new created VM

  1. Install a new VM
    image

  2. Install Nethserver

  3. install QEMU-Guest-Agent: yum install qemu-guest-agent

  4. Update the Nethserver

  5. Configure the Network inside Nethserver
    before:

    image
    image1485×256 38.6 KB

    after:
    image
    image1328×302 23.9 KB

    image
    image724×630 27.2 KB

    image
    image671×622 24.3 KB

  6. Connect the LAN cable from enp2s0 to the router and disconnect the old Server 1 (dedicated Nethserver) if relevant

  7. Activate DHCP on eth1

    image
    image734×72 11.1 KB

  8. have fun

1 Like