Ubuntu server KVM/QEMU two ethernet cards LAN and DMZ with vlanBonding + Bridge : traffic passing through the wrong interfacenetplan config for two network interfacesVirtual machines lost internet after physical host upgradeUbuntu Router with different LAN subnetsInvalid YAML in Netplan/Bridging/VLAN tags for qemu/libvertdUnable to convert partial VLAN from systemd to netplanMACVLAN Bridge in netplan
Alternative axioms for groups.
Meaning/translation of title "The Light Fantastic" By Terry Pratchett
How to explain that the sums of numerators over sums of denominators isn't the same as the mean of ratios?
How does Donald Trump manage to remain so popular over a rather long period of time?
How do I know how many sub-shells deep I am?
Determine the Winner of a Game of Australian Football
Characters in a conversation
Why didn't he give Sam the antidote?
I'm made of obsolete parts
Would Great Old Ones care about the Blood War?
A goat is tied to the corner of a shed
Can someone identify this old round connector?
Why do English transliterations of Arabic names have so many Qs in them?
Can/should you swim in zero G?
I pay for a service, but I miss the broadcast
Power Adapter for Traveling to Scotland (I live in the US)
Did I lie to my friends about how long I have been studying?
Trigger : making API call to validate record creation?
Go (to / in) your own way
Is negative resistance possible?
Had there been instances of national states banning harmful imports before the Opium wars?
How much money should I save in order to generate $1000/month for the rest of my life?
Coffee Grounds and Gritty Butter Cream Icing
Why is the time of useful consciousness only seconds at high altitudes, when I can hold my breath much longer at ground level?
Ubuntu server KVM/QEMU two ethernet cards LAN and DMZ with vlan
Bonding + Bridge : traffic passing through the wrong interfacenetplan config for two network interfacesVirtual machines lost internet after physical host upgradeUbuntu Router with different LAN subnetsInvalid YAML in Netplan/Bridging/VLAN tags for qemu/libvertdUnable to convert partial VLAN from systemd to netplanMACVLAN Bridge in netplan
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty
margin-bottom:0;
I'm struggling with this...
I have a KVM/QEMU hypervisor, running Ubuntu 18.04 server. It manages various VMs, all of them in a DMZ IP class (192.168.63.0/24). All the VMs uses bridged connection br0 as Network source.
The server uses two NIC cards (out of a few more):
- eno1 is connected to our LAN, static IP 192.168.1.221, GW
192.168.1.99, ecc. (VLAN 1 default) - eno2 is connected to our LAN at a specific switch port, traffic has to be tagged for VLAN 63 (DMZ's VLAN)
I have this netplan .yaml file (not working):
network:
version: 2
renderer: networkd
ethernets:
eno1:
addresses:
- 192.168.1.221/24
gateway4: 192.168.1.99
nameservers:
addresses: [8.8.8.8,192.168.1.99]
eno2:
dhcp4: no
bridges:
br0:
addresses: [ 192.168.63.221/24 ]
interfaces: [ vlan63 ]
vlans:
vlan63:
accept-ra: no
id: 63
link: eno2
All my VMs have static IPs, all of their network traffic should ideally be bridged to NIC eno2. Before introducing VLANs, it was working this way.
With the configuration above, from the hypervisor I can ping/ssh into VMs in the DMZ, reach Internet, have normal access to LAN. From the VMs in DMZ, no Internet access, full visibility of other VMs in DMZ.
If I change bridge's definition to this:
bridges:
br0:
dhcp4: no
interfaces: [ vlan63 ]
from the hypervisor I can't no more ping/ssh/reach VMs in the DMZ, but I can ping DMZ's GW (192.168.63.1), accesses to Internet and LAN untouched. So I have no way to connect to my VMs.
I'm obviously doing something all wrong, and I'm not able to sort it out.
Any help or guidance would be great.
Cheers,
rash*
[ Edit ] I finally made it working, details:
- this previously was a 16.04 LTS, freshly upgraded to 18.04 LTS
- I manually enabled netplan, ifupdown was still lying around
- so I purged ifupdown and rebooted
- after reboot, my initial netplan .yaml above works as expected
networking server virtualization kvm network-bridge
asked Apr 17 at 8:29
rashmanirashmani
12 bronze badges
add a comment
|
I'm struggling with this...
I have a KVM/QEMU hypervisor, running Ubuntu 18.04 server. It manages various VMs, all of them in a DMZ IP class (192.168.63.0/24). All the VMs uses bridged connection br0 as Network source.
The server uses two NIC cards (out of a few more):
- eno1 is connected to our LAN, static IP 192.168.1.221, GW
192.168.1.99, ecc. (VLAN 1 default) - eno2 is connected to our LAN at a specific switch port, traffic has to be tagged for VLAN 63 (DMZ's VLAN)
I have this netplan .yaml file (not working):
network:
version: 2
renderer: networkd
ethernets:
eno1:
addresses:
- 192.168.1.221/24
gateway4: 192.168.1.99
nameservers:
addresses: [8.8.8.8,192.168.1.99]
eno2:
dhcp4: no
bridges:
br0:
addresses: [ 192.168.63.221/24 ]
interfaces: [ vlan63 ]
vlans:
vlan63:
accept-ra: no
id: 63
link: eno2
All my VMs have static IPs, all of their network traffic should ideally be bridged to NIC eno2. Before introducing VLANs, it was working this way.
With the configuration above, from the hypervisor I can ping/ssh into VMs in the DMZ, reach Internet, have normal access to LAN. From the VMs in DMZ, no Internet access, full visibility of other VMs in DMZ.
If I change bridge's definition to this:
bridges:
br0:
dhcp4: no
interfaces: [ vlan63 ]
from the hypervisor I can't no more ping/ssh/reach VMs in the DMZ, but I can ping DMZ's GW (192.168.63.1), accesses to Internet and LAN untouched. So I have no way to connect to my VMs.
I'm obviously doing something all wrong, and I'm not able to sort it out.
Any help or guidance would be great.
Cheers,
rash*
[ Edit ] I finally made it working, details:
- this previously was a 16.04 LTS, freshly upgraded to 18.04 LTS
- I manually enabled netplan, ifupdown was still lying around
- so I purged ifupdown and rebooted
- after reboot, my initial netplan .yaml above works as expected
networking server virtualization kvm network-bridge
asked Apr 17 at 8:29
rashmanirashmani
12 bronze badges
add a comment
|
I'm struggling with this...
I have a KVM/QEMU hypervisor, running Ubuntu 18.04 server. It manages various VMs, all of them in a DMZ IP class (192.168.63.0/24). All the VMs uses bridged connection br0 as Network source.
The server uses two NIC cards (out of a few more):
- eno1 is connected to our LAN, static IP 192.168.1.221, GW
192.168.1.99, ecc. (VLAN 1 default) - eno2 is connected to our LAN at a specific switch port, traffic has to be tagged for VLAN 63 (DMZ's VLAN)
I have this netplan .yaml file (not working):
network:
version: 2
renderer: networkd
ethernets:
eno1:
addresses:
- 192.168.1.221/24
gateway4: 192.168.1.99
nameservers:
addresses: [8.8.8.8,192.168.1.99]
eno2:
dhcp4: no
bridges:
br0:
addresses: [ 192.168.63.221/24 ]
interfaces: [ vlan63 ]
vlans:
vlan63:
accept-ra: no
id: 63
link: eno2
All my VMs have static IPs, all of their network traffic should ideally be bridged to NIC eno2. Before introducing VLANs, it was working this way.
With the configuration above, from the hypervisor I can ping/ssh into VMs in the DMZ, reach Internet, have normal access to LAN. From the VMs in DMZ, no Internet access, full visibility of other VMs in DMZ.
If I change bridge's definition to this:
bridges:
br0:
dhcp4: no
interfaces: [ vlan63 ]
from the hypervisor I can't no more ping/ssh/reach VMs in the DMZ, but I can ping DMZ's GW (192.168.63.1), accesses to Internet and LAN untouched. So I have no way to connect to my VMs.
I'm obviously doing something all wrong, and I'm not able to sort it out.
Any help or guidance would be great.
Cheers,
rash*
[ Edit ] I finally made it working, details:
- this previously was a 16.04 LTS, freshly upgraded to 18.04 LTS
- I manually enabled netplan, ifupdown was still lying around
- so I purged ifupdown and rebooted
- after reboot, my initial netplan .yaml above works as expected
networking server virtualization kvm network-bridge
asked Apr 17 at 8:29
rashmanirashmani
12 bronze badges
I'm struggling with this...
I have a KVM/QEMU hypervisor, running Ubuntu 18.04 server. It manages various VMs, all of them in a DMZ IP class (192.168.63.0/24). All the VMs uses bridged connection br0 as Network source.
The server uses two NIC cards (out of a few more):
- eno1 is connected to our LAN, static IP 192.168.1.221, GW
192.168.1.99, ecc. (VLAN 1 default) - eno2 is connected to our LAN at a specific switch port, traffic has to be tagged for VLAN 63 (DMZ's VLAN)
I have this netplan .yaml file (not working):
network:
version: 2
renderer: networkd
ethernets:
eno1:
addresses:
- 192.168.1.221/24
gateway4: 192.168.1.99
nameservers:
addresses: [8.8.8.8,192.168.1.99]
eno2:
dhcp4: no
bridges:
br0:
addresses: [ 192.168.63.221/24 ]
interfaces: [ vlan63 ]
vlans:
vlan63:
accept-ra: no
id: 63
link: eno2
All my VMs have static IPs, all of their network traffic should ideally be bridged to NIC eno2. Before introducing VLANs, it was working this way.
With the configuration above, from the hypervisor I can ping/ssh into VMs in the DMZ, reach Internet, have normal access to LAN. From the VMs in DMZ, no Internet access, full visibility of other VMs in DMZ.
If I change bridge's definition to this:
bridges:
br0:
dhcp4: no
interfaces: [ vlan63 ]
from the hypervisor I can't no more ping/ssh/reach VMs in the DMZ, but I can ping DMZ's GW (192.168.63.1), accesses to Internet and LAN untouched. So I have no way to connect to my VMs.
I'm obviously doing something all wrong, and I'm not able to sort it out.
Any help or guidance would be great.
Cheers,
rash*
[ Edit ] I finally made it working, details:
- this previously was a 16.04 LTS, freshly upgraded to 18.04 LTS
- I manually enabled netplan, ifupdown was still lying around
- so I purged ifupdown and rebooted
- after reboot, my initial netplan .yaml above works as expected
networking server virtualization kvm network-bridge
networking server virtualization kvm network-bridge
asked Apr 17 at 8:29
rashmanirashmani
12 bronze badges
asked Apr 17 at 8:29
rashmanirashmani
12 bronze badges
edited Apr 17 at 11:14
rashmani
asked Apr 17 at 8:29
rashmanirashmani
12 bronze badges
asked Apr 17 at 8:29
rashmanirashmani
12 bronze badges
asked Apr 17 at 8:29
rashmanirashmani
12 bronze badges
12 bronze badges
add a comment
|
add a comment
|
0
active
oldest
votes
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "89"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/4.0/"u003ecc by-sa 4.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1134578%2fubuntu-server-kvm-qemu-two-ethernet-cards-lan-and-dmz-with-vlan%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Ask Ubuntu!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1134578%2fubuntu-server-kvm-qemu-two-ethernet-cards-lan-and-dmz-with-vlan%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
