What is the VMM Network selection for a LAN and WAN NIC
-
@viragomann Thank you for the clarification.
This is what I've been trying to do, to have traffic via the vm router.
Any suggestions, as if I disable the br0's DHCP, it must need some address for a static IP?
How do I check the vm router is connected to br0?
How do I connect the vm router to br0?
How do I check the vm router's WAN is on DHCP? The vm router's Interfaces: [WAN] IPv4 Configuration Type, does say it's on DHCP, so this should be ok? -
@eiger3970-0 I've configured Ubuntu 22.04 to use renderer networkd rather than NetworkManager.
I can now route the Ubuntu host via the vm router for Internet and LAN access.However, only some Internet loads and ping 8.8.8.8 has 100% packet loss?
I think the pfSense configuration needs some details I'm missing.
Any paid support to finalise my configuration please?
I've set LAN and WAN to static IPs, but will probably fail once the ISP changes the public IP. -
@eiger3970-0 said in What is the VMM Network selection for a LAN and WAN NIC:
This updated diagram might help for clarity?
That diagram looks wrong to me. Specifically
Wan side would normally be
ISP <-> Modem (Bridged router) <-> Nic0/eth0/snp3s0 <-> br0 <-> pfSenseVM (and no other VM or hypervisor)Lan side would normally be
pfSenseVM <-> br1 <-> other VMs, Hypervisor, and Nic1/eth1/enp2s0 <-> external switch <-> Wired Lan devices, Wifi APSo in your diagram I don't like br0 connection to VM x and VM y
Nor do I like the non specific connection of the Hypervisor to the pfsense router
- The hypervisor network access should be explicitly via the Lan / br1. In Proxmox that is set by assigning an IP address to the Vbr1. Less sure how to do it directly in Ubuntu 22.04.
- The hypervisor also has VM access via the VM console and Qemu but that is separate to network access
-
@Patch thanks, your reply seems right.
The setup is now working, but I haven’t got my head 100% around it yet.
I’m figuring out how to make a clear and correct topology for easy understanding and replication. -
@eiger3970-0 I have created a new topology map.
However, I am unclear the the packet routes?
As per ip route, line 2 is the default route of this host machine Ubuntu 22.04 LTS Desktop.
100.64.0.1 came from a DHCP, but where is the DHCP from, the VM router or the ISP?ubuntu@ubuntu:/etc/netplan$ ip -c a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: enp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master local-br1.1 state UP group default qlen 1000 link/ether 46:9e:01:27:db:0d brd ff:ff:ff:ff:ff:ff permaddr 1c:61:b4:6d:38:4f 3: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether a8:a1:59:6e:1f:8b brd ff:ff:ff:ff:ff:ff inet 100.76.25.213/10 brd 100.127.255.255 scope global dynamic noprefixroute enp3s0 valid_lft 168sec preferred_lft 168sec inet6 2406:2d40:4100:8fb2:7b54:ac94:277b:140f/64 scope global temporary deprecated dynamic valid_lft 234sec preferred_lft 0sec inet6 2406:2d40:4100:8fb2:f995:e028:b158:4865/64 scope global dynamic mngtmpaddr noprefixroute valid_lft 234sec preferred_lft 84sec inet6 fe80::8cc1:c5d0:5e3e:28b1/64 scope link noprefixroute valid_lft forever preferred_lft forever 4: virbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether 52:54:00:94:0d:bb brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever preferred_lft forever 5: local-br1.1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether 2e:f6:bf:42:0c:f8 brd ff:ff:ff:ff:ff:ff inet 192.168.1.120/24 brd 192.168.1.255 scope global noprefixroute local-br1.1 valid_lft forever preferred_lft forever 6: vnet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master local-br1.1 state UNKNOWN group default qlen 1000 link/ether fe:54:00:3d:53:41 brd ff:ff:ff:ff:ff:ff inet6 fe80::fc54:ff:fe3d:5341/64 scope link valid_lft forever preferred_lft forever 7: vnet1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master virbr0 state UNKNOWN group default qlen 1000 link/ether fe:54:00:a3:f6:c4 brd ff:ff:ff:ff:ff:ff inet6 fe80::fc54:ff:fea3:f6c4/64 scope link valid_lft forever preferred_lft forever 16: vnet3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master local-br1.1 state UNKNOWN group default qlen 1000 link/ether fe:54:00:8d:31:06 brd ff:ff:ff:ff:ff:ff inet6 fe80::fc54:ff:fe8d:3106/64 scope link valid_lft forever preferred_lft forever 17: vnet4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master local-br1.1 state UNKNOWN group default qlen 1000 link/ether fe:54:00:f7:f9:e5 brd ff:ff:ff:ff:ff:ff inet6 fe80::fc54:ff:fef7:f9e5/64 scope link valid_lft forever preferred_lft forever 18: vnet5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master local-br1.1 state UNKNOWN group default qlen 1000 link/ether fe:54:00:b6:35:37 brd ff:ff:ff:ff:ff:ff inet6 fe80::fc54:ff:feb6:3537/64 scope link valid_lft forever preferred_lft foreverubuntu@ubuntu:/etc/netplan$ arp -n Address HWtype HWaddress Flags Mask Iface 192.168.1.160 ether 3c:2a:f4:60:b5:7b C local-br1.1 192.168.1.1 ether 52:54:00:3d:53:41 C local-br1.1 192.168.122.149 ether 52:54:00:a3:f6:c4 C virbr0 192.168.1.102 ether 52:54:00:8d:31:06 C local-br1.1 192.168.1.100 ether 1c:ca:e3:77:c5:53 C local-br1.1 100.64.0.1 ether 00:00:5e:00:01:01 C enp3s0ubuntu@ubuntu:/etc/netplan$ ip route default via 100.64.0.1 dev enp3s0 proto dhcp metric 102 34.120.255.244 dev enp3s0 proto dhcp scope link metric 102 100.64.0.0/10 dev enp3s0 proto kernel scope link src 100.76.25.213 metric 102 169.254.0.0/16 dev virbr0 scope link metric 1000 192.168.1.0/24 dev local-br1.1 proto kernel scope link src 192.168.1.120 metric 425 192.168.100.1 dev enp3s0 proto dhcp scope link metric 102 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 -
@eiger3970-0 updated version of topology map.
ubuntu@ubuntu:/etc/netplan$ route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default _gateway 0.0.0.0 UG 102 0 0 enp3s0 244.255.120.34. 0.0.0.0 255.255.255.255 UH 102 0 0 enp3s0 100.64.0.0 0.0.0.0 255.192.0.0 U 102 0 0 enp3s0 link-local 0.0.0.0 255.255.0.0 U 1000 0 0 virbr0 192.168.1.0 0.0.0.0 255.255.255.0 U 425 0 0 local-br1.1 192.168.100.1 0.0.0.0 255.255.255.255 UH 102 0 0 enp3s0 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
-
This post is deleted! -
@eiger3970-0 this is as far as I can create the topology map
-
@eiger3970-0 A bridge is the virtual equivalent of a multi-port switch.
You will need two virtual switches / bridges
-
Wan bridge connects the physical NIC you want to use for WAN connection your VM routers WAN virtual NIC. I think you a meaning to use vbr0 for this but have not connected to your router VM's Wan virtual NIC.
-
Lan bridge connects the phyiscal NIC you want to use to connect to your physical 24 port switch externally. It also connects your VM which need LAN access (KVM X, Y, Z) as well as your hypervisor network access and your virtual routers Lan virtual NIC. I think you have sort of used vbr1 for this.
-
-
@Patch Thanks, this is working now, just need to sort out some port forwards.