我有专门的Proxmox作为KVMpipe理器和IP示例networking的Debian服务器:
IP address 175.19.59.209 Netmask 255.255.255.224 Gateway 175.19.59.193 现在我试图用这样的拓扑来configuration子网:
\\\\\\\\\\\\\\\\\\\\\\\\\ \\Gateway 175.19.59.193\\ \\\\\\\\\\\\\\\\\\\\\\\\\ \ +----------+ | KVM-host | | eth0 | | vmbr0 | | vmbr1 | +----------+ | | +------+ +------+ +------+ +--| vm01 |----| vm02 |--/ /--| vm09 | +------+ +------+ +------+
这就是我的主机界面现在如何configuration:
auto lo iface lo inet loopback auto eth0 iface eth0 inet manual auto vmbr0 iface vmbr0 inet static address 175.19.59.209 netmask 255.255.255.224 gateway 175.19.59.193 bridge_ports eth0 bridge_stp off bridge_fd 0 auto vmbr1 iface vmbr1 inet static address 10.10.11.1 netmask 255.255.255.0 bridge_ports none bridge_stp off bridge_fd 0
而这是guest机器vm01的configuration:
auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 10.10.11.12 netmask 255.255.255.0 gateway 10.10.11.1
问题是我无法将vmXX ping出主机, 反之亦然 。 另外,我不知道如何将vm01:80路由到互联网,然后返回为10.10.11.0/24networking制作vm01反向代理。
我错过了什么? 任何build议的networking“newby”?
1)确保vmbr1包含每个虚拟机的tap设备:
brctl add vmbr1 tapX
2)确保主机上的iptables允许网桥stream量:
iptables -I FORWARD -m physdev --physdev-is-bridged -j ACCEPT
3)确保您通过vmbr0允许NAT:
echo "1" > /proc/sys/net/ipv4/ip_forward iptables -t nat -A POSTROUTING -o vmbr0 -j MASQUERADE