jaltgen · December 23, 2022 17:14
diff --git a/interfaces b/interfaces
 # Config of PVE networking with one virtual subnet (10.0.4.0/24), connected and routed to a physical subnet (10.0.0.0/24)
 # This file should be saved at /etc/networks/interfaces
 # run the following to make active: > ifreload -a 


 auto lo
 iface lo inet loopback

 # this is the physical interface of the machine
 ###########

 # switching it on automatically
 auto enp0s31f6

 # interface definition
 iface enp0s31f6 inet static
         # the public IP on the port, in the "regular" subnet (here, connected to a physical router)
         address 10.0.0.11/24
         # IP of the physical router
         gateway 10.0.0.1
         # configuring IP forwarding to the virtual subnet
         post-up echo 1 > /proc/sys/net/ipv4/ip_forward
         post-up echo 1 > /proc/sys/net/ipv4/conf/enp0s31f6/proxy_arp
 
 # the "virtual subnet"
 ################

 # switching it to auto same as above
 auto vmbr0
 # interface config:
 iface vmbr0 inet static
         # defines the "private" PVE subnet that is however routed out to the "regular" network. 
         # the *ROUTER* above (10.0.0.1) has a static route of 10.0.4.0/24 > 10.0.0.11 (which is then forwarded in PVE, the post-up... line)
         address 10.0.4.1/24
         bridge-ports none
         bridge-stp off
         bridge-fd 0
 
         # adding routes
         # this route leads back to the 10.0.0.0/24 "Regular" subnet on the physical port
         up ip route add 10.0.0.0/24 dev enp0s31f6
         
 # VM guests can then simply have a 10.0.4.0/24 IP and use 10.0.4.1 as GW. This isn't using a VM instance to route or for firewalling or such. That may be another way to do it.
	# Config of PVE networking with one virtual subnet (10.0.4.0/24), connected and routed to a physical subnet (10.0.0.0/24)
	# This file should be saved at /etc/networks/interfaces
	# run the following to make active: > ifreload -a


	auto lo
	iface lo inet loopback

	# this is the physical interface of the machine
	###########

	# switching it on automatically
	auto enp0s31f6

	# interface definition
	iface enp0s31f6 inet static
	# the public IP on the port, in the "regular" subnet (here, connected to a physical router)
	address 10.0.0.11/24
	# IP of the physical router
	gateway 10.0.0.1
	# configuring IP forwarding to the virtual subnet
	post-up echo 1 > /proc/sys/net/ipv4/ip_forward
	post-up echo 1 > /proc/sys/net/ipv4/conf/enp0s31f6/proxy_arp

	# the "virtual subnet"
	################

	# switching it to auto same as above
	auto vmbr0
	# interface config:
	iface vmbr0 inet static
	# defines the "private" PVE subnet that is however routed out to the "regular" network.
	# the ROUTER above (10.0.0.1) has a static route of 10.0.4.0/24 > 10.0.0.11 (which is then forwarded in PVE, the post-up... line)
	address 10.0.4.1/24
	bridge-ports none
	bridge-stp off
	bridge-fd 0

	# adding routes
	# this route leads back to the 10.0.0.0/24 "Regular" subnet on the physical port
	up ip route add 10.0.0.0/24 dev enp0s31f6

	# VM guests can then simply have a 10.0.4.0/24 IP and use 10.0.4.1 as GW. This isn't using a VM instance to route or for firewalling or such. That may be another way to do it.