[PVE-User] How-to : Vrack and RIPE ip range on an OVH proxmox 4 server

Sat, 16 Jul 2016 03:17:58 -0700

This how-to explains how to configure an OVH proxmox 4 server, and its lxc containers, using a RIPE ip range and a vrack. You should have a vrack compatible server (with 2 network interfaces) and a RIPE ip range associated to it.
For this example, we have a proxmox server with ipv4 164.132.161.137, ipv6 range 2001:41d0:1510:1c89::/64 (gateway is 2001:41d0:1510:1cff:ff:ff:ff:ff) and a ripe range of 51.234.231.80/28. 
The RIPE range is like this and allow to use 13 ip :
    51.234.231.80 : network
    51.234.231.81 : usable
    51.234.231.82 : usable
    51.234.231.83 : usable
    51.234.231.84 : usable
    51.234.231.85 : usable
    51.234.231.86 : usable
    51.234.231.87 : usable
    51.234.231.88 : usable
    51.234.231.89 : usable
    51.234.231.90 : usable
    51.234.231.91 : usable
    51.234.231.92 : usable
    51.234.231.93 : usable
    51.234.231.94 : gateway
    51.234.231.95 : broadcast
Before you can use any of these ip in a container, you should associate it a virtual mac address from the ovh dedicated manager. 

For the vrack, we will use the private range 192.168.0.0/24.

Add the server to your vrack, but not the ripe range.
Edit /etc/network/interfaces on your proxmox server and edit the bold lines (may begin with * - to remove - on your email client) so it will look like this : 
(if you ever have an ipv6 gateway set, remove it)

auto lo
iface lo inet loopback

iface eth0 inet manual

iface eth1 inet manual

auto vmbr1
iface vmbr1 inet manual
    bridge_ports dummy0
    bridge_stp off
    bridge_fd 0
    post-up /etc/pve/kvm-networking.sh

auto vmbr0
iface vmbr0 inet static
    address  164.132.161.137
    netmask  255.255.255.0
    gateway  164.132.161.254
    broadcast  164.132.161.255
    bridge_ports eth0
    bridge_stp off
    bridge_fd 0
    network 164.132.161.0
*    # RIPE**
**    post-up /sbin/ip route add to 51.234.231.80/28 dev vmbr0**
** post-up /sbin/ip route add to default via 51.234.231.94 dev vmbr0 table 5** 
**    post-up /sbin/ip rule add from 51.234.231.80/28 table 5**
**    pre-down /sbin/ip rule del from 51.234.231.80/28 table 5**
** pre-down /sbin/ip route del to default via 51.234.231.94 dev vmbr0 table 5** 
**    pre-down /sbin/ip route del to 51.234.231.80/28 dev vmbr0*

iface vmbr0 inet6 static
    address  2001:41d0:1510:1c89::1
    netmask  64
    # You should not have a gateway here
post-up /sbin/ip -f inet6 route add 2001:41d0:1510:1cff:ff:ff:ff:ff dev vmbr0 post-up /sbin/ip -f inet6 route add default via 2001:41d0:1510:1cff:ff:ff:ff:ff pre-down /sbin/ip -f inet6 route del default via 2001:41d0:1510:1cff:ff:ff:ff:ff pre-down /sbin/ip -f inet6 route del 2001:41d0:1510:1cff:ff:ff:ff:ff dev vmbr0 

*auto vmbr2**
**iface vmbr2 inet static**
**    address  192.168.0.1**
**    netmask  255.255.255.0**
**    broadcast  192.168.0.255**
**    bridge_ports eth1**
**    bridge_stp off**
**    bridge_fd 0**
**    network 192.168.0.0**
**    # MULTICAST**
**    post-up /sbin/ip route add to 224.0.0.0/4 dev vmbr0**
**    pre-down /sbin/ip route del to 224.0.0.0/4 dev vmbr0*


Next, create your lxc container, with 2 network interfaces.
If you set the network interface at this time, it will be named eth0 by default. Otherwise, name it that way. It should have its bridge set on vmbr0 and its v4 and v6 ip must be static (set "Static" in the window).
Give it the first vrack range available ip (with its prefix at the end), 51.234.231.81/28, and its gateway 51.234.231.94. 
Mac address should be the one generated for this ip in the ovh manager.
Set the ipv6 with one of your choice in your range (e.g.: 2001:41d0:1510:1c89::100/64) and its gateway 2001:41d0:1510:1cff:ff:ff:ff:ff. 
Validate.
Next, create a second network interface for your container, which we will name eth1 and set on bridge vmbr2. Give it a static ip in the private range (e.g.: 192.168.30.100/24) and validate. 

Start your container.
Its /etc/network/interfaces file should look like this (nothing to edit) :

# interfaces(5) file used by ifup(8) and ifdown(8)
# Include files from /etc/network/interfaces.d:
source-directory /etc/network/interfaces.d

auto eth0
iface eth0 inet static
    address 51.234.231.81
    netmask 255.255.255.240
    gateway 51.234.231.94
    network 51.234.231.80

auto eth1
iface eth1 inet static
    address 192.168.30.100
    netmask 255.255.255.0

iface eth1 inet6 static

iface eth0 inet6 static
    address 2001:41d0:1510:1c89::100
    netmask 64
# --- BEGIN PVE ---
    post-up ip route add 2001:41d0:1510:1cff:ff:ff:ff:ff dev eth0
post-up ip route add default via 2001:41d0:1510:1cff:ff:ff:ff:ff dev eth0 pre-down ip route del default via 2001:41d0:1510:1cff:ff:ff:ff:ff dev eth0 
    pre-down ip route del 2001:41d0:1510:1cff:ff:ff:ff:ff dev eth0
# --- END PVE ---
You should be able to access to the net and talk to other servers (virtual or physical ones) in your vrack. 

_______________________________________________
pve-user mailing list
[email protected]
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Reply via email to