기술 노트/proxmox
내부 네트워크의 NAT 설정
미래의억만장자
2024. 10. 13. 22:57
proxmox의 내부 네트워크는 아래 설정을 해야만이 인터넷 통신이 가능합니다.
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.10.10.0/24' -o vmbr0 -j MASQUERADE
어떻게 사용하는지는 아래 제 설정을 보시고 활용하세요.
root@13500T:~# cat /etc/network/interfaces
# network interface settings; autogenerated
# Please do NOT modify this file directly, unless you know what
# you're doing.
#
# If you want to manage parts of the network configuration manually,
# please utilize the 'source' or 'source-directory' directives to do
# so.
# PVE will preserve these directives, but will NOT read its network
# configuration from sourced files, so do not attempt to move any of
# the PVE managed interfaces into external files!
auto lo
iface lo inet loopback
iface eno2 inet manual
auto vmbr0
iface vmbr0 inet static
address 192.168.0.200/24
gateway 192.168.0.1
bridge-ports eno2
bridge-stp off
bridge-fd 0
auto vmbr1
iface vmbr1 inet static
address 10.10.10.1/24
bridge-ports none
bridge-stp off
bridge-fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.10.10.0/24' -o vmbr0 -j MASQUERADE
# post-up iptables -t raw -I PREROUTING -i fwbr+ -j CT --zone 1
# post-down iptables -t raw -D PREROUTING -i fwbr+ -j CT --zone 1
source /etc/network/interfaces.d/*
root@13500T:~#