Hi everyone,
I’m planning to setup a Proxmox server that I can install pfSense as a test server, Microsoft server and maybe a Netbox. But I don’t know how to manipulate the networking side to be totally separate from primary LAN subnets.
Example, LAN = 10.100.100.x, the Proxmox server has an IP address of 10.100.100.10 but the VM’s would be 192.168.200.x and still have an internet.
Note: I have a bare-metal pfSense also. Thanks.
There are a few ways to set it up, one is to bridge at least 2 NIC interfaces individual bridges and then assigned them to the VM so you have a WAN and a LAN NIC in pfSense. Or you can dedicate 2 NICs to the VM and pass them through using the PCI-E passthrough options in Proxmox. Either way, you want your WAN to go to your modem and then your LAN needs to connect to the rest of the network typically through a switch.
I think I end up doing that on VMware but I’m having a problem setting up separate Networks in Proxmox. Maybe you can link me to a good tutorial? I still don’t get the documentation in their site…
On your Proxmox node, you have a network tab where it lists your interfaces and where you create bridges. When you create a VM or edit the VM’s hardware you can specify a Network card either using the bridge or when in VM hardware you can specify a PCI Device you pass through. I don’t know of a tutorial off hand but I believe Learn Linux TV has a number of Proxmox Tutorials.
You might be interested in this for ESXi Learn How to Build a VMware Home Lab in a Complete Walkthrough have to admit I didn’t quite get it to work with a single NIC, though I didn’t spend much time on it. I’m mainly using Proxmox, it’s networking is also a but confusing with respect to setting up a lab on a different address range. I’d be interested to see any solution you unearth.
The cleanest way to setup a virtual host that will need outside connectivity is to use a switch with it. I would create a trunk between the host and switch, then assign the access points required on the switch and make sure the virtual switch on the host has the same VLANs.
Thanks it’s really confusing to me maybe because I only have 1 NIC?
Could be more nuanced than this obviously. But if I understand your request correctly, single Proxmox Node and assuming your single eth0 NIC is part of vmbr0 BRIDGE, here’s one way:
vmbr1 on the Proxmox node, empty, no IPs or Port/Slave NICsvmbr0 and the other vmbr1, they’ll be your WAN and LAN interfaces respectively. During pfSense VM setup, leave WAN to receive DHCP and create your 192.168.200.0/24 subnet on LAN, enable DHCP server on LAN unless you want to statically assign the other VMsvmbr1, essentially putting them behind your virtualised pfSenseThis is the way^. One thing to note though is with this method all the setup for the virtual lab is done inside Pfsense and on the attached interfaces for the proxmox VMs you would either set a static IP address or use DHCP. Then each VM you attach that vmbr1 to will be inside that testing lan and will have internet access through the pfsense VM. If you want something more lightweight and you could use openwrt-x86. Same setup process though.
Forgot to mention, if you do go with pfSense in a VM, disable hardware checksum offloading under System>Advanced>Networking.