couple of strange questions about proxmox and pfsense setup.

[vl1969]

hello,
I have started again with my home server and networking project and am having several issues that need some more research.

here is the outline:

step 1. Setup a ProxmoxVE 4.4 box on my Lenovo M58 ThinkCenter PC (core duo @ 3.0 GHz 6GB RAM and 2x120GB SSD using ZFS Raid-1 setup. . has 3 intel NIC , one on-board and one 2 port PCIe card)
this will be my Router replacement box. running a pfSence 2.3.3 VM.
reason for doing pfSence VM is that I want to try several router/firewall setups like Sophos, ipfire or something and rebuilding the box every time is tedious job. also makes easier to backup and restore things if I screw up.

Step 2 setup a pfSence VM and switch to it replacing my current router.

Step 3 setup my home server with Proxmox as above but that will hold my other VMs.
a file server, a torrent/downloading box (I don't do much torrenting but since I will be running downloading box might have it as well) using Transmission or Deluge with WebUI , maybe SubNZB or NZBGet client as well.

the plan is to have a Debian Server VM strictly for downloading. it will run all downloaders apps and move the finished files to File server via NFS or SMB shares. not sure the final layout. I want to use apps like SubNZB along side with Sonnar and Sick Rage and coach potato to manage my media library.
as of now it is a mess but I think if I setup the apps above properly and dump my files into finish downloads folder for them they will sort them out as I want them.
, also plan to have VM with Emby server or Plex server for media streaming to my HTPC.

and File server VM like OMV to manage the data. but also maybe setting up NFS/SMB servers directly on Proxmox using WebMin as all my storage is on the same box.


Here re my issues so far:

#1. my home network now is using 192.168.5.x/24 subnet.
I want to switch to 10.0.x.x subnet so it is easier to type etc...
however, if I build out the Router box and give it static IP in 10.0.x.x subnet I can not reach it.
what would be the best way to setup all up and than move to the new 10.0.x.x based subnet?

I have tried to setup my ThinkCenter with Proxmox, using 10.0.0.1 IP and could not reach it.
so I change the config to 192.168.5.30 and got the WebUI.

I understand that my Proxmox hosts MUST use static IPs so once finish my router setup and connect all to network I can go and switch the IPs to new schema, but can I use 2 subnets at the same time for a bit?

#2. does anyone know how to setup Proxmox Network so I can use it to run my pfSense on it?
I have build out the Think Center with Proxmox 4.4
it created a vmbr0 on my NIC0 (eth0) all is ok and accessible just fine (on the HOST)
Static IP of 192.168.5.30/24 gateway 192.168.5.1, can reach the internet and all network.

manually created vmbr1 and vmbr2 using NIC 1 and 2 respectively. to be used for pfSense nics only.
vmbr1 is dhcp, vmbr2 is manual ,

created a KVM VM and loaded the PfSense on it. (2GB RAM, 2-core CPU , vmbr1 as nic1, vmbr2 as nic2)
configure WAN as eth0(vmbr1) dhcp , LAN as eth1(vmbr2) static 192.168.5.20(so I can access it.)
connected both ports to network.

I can see the WAN interface gets a dhcp IP but can not reach it from anywhere, not even from within the HOST box.
I can see the LAN interface is set to IP .20 , but can not see or reach it from anywhere.

the VM has no access to outside world at all.

what am I doing wrong?

thanks VL.

 

[MiniKnight]

#1 - you need to add a static network config and it will get to 10.0.x.x. Otherwise, you're going to be on the old network.

#2 - if you just wanted to keep it simple, give the pfSense VM two NICs. LAN, WAN. Then give the third NIC to Proxmox. When I did this I dedicated NICs. You can share a NIC with LAN but then when something goes wrong you don't have access to Proxmox if it's the pfSense LAN NIC.

You can do this with vlans too, but since you've said you have 3 NICs, and you're trying to make things work, start on a non-vlan network.

 

[vl1969]

#1 - you need to add a static network config and it will get to 10.0.x.x. Otherwise, you're going to be on the old network.

#2 - if you just wanted to keep it simple, give the pfSense VM two NICs. LAN, WAN. Then give the third NIC to Proxmox. When I did this I dedicated NICs. You can share a NIC with LAN but then when something goes wrong you don't have access to Proxmox if it's the pfSense LAN NIC.

You can do this with vlans too, but since you've said you have 3 NICs, and you're trying to make things work, start on a non-vlan network.

Not sure what you mean in #1, how do I do this? the vmbr0 is static. when I was installing Proxmox is asked for ip and subnet.
at the install time I entered 10.0.0.10 / 255.255.0.0 and all was installed but I could not get to the WebUI on my PC
so I logged in to the Lenovo(this is the machine I pan to use as my proxmox/router setup but right now I have the keyboard and screen attached to it) and changed the /etc/network/interfaces file to my current ip schema (192.168.5.30/24) and than, I could get to it over the network.


#2 that exactly what I did. I have 3 NICs in the machine, one ETH0 is on MB port and 2 ports on a PCIe card. since it is lenovo, all nics are Intel 1Gb ports.
Proxmox took the eth0 (the on board) nic by default and created vmbr0 on it.
after initial setup and update I added 2 more bridges manually (vmbr1 and vmbr2 on other ports)
and those I add to my pfSense VM.

this is what my interface file for Proxmox (the HOST) looks like (the last time I worked with it.)
I only see one issue that I will try to check, as I have been posting this, I maybe should set both bridges a and 2 to manual and use dhcp setting within the VM instead.

but still not understand why I can not get into VM using the LAn interface.
the HOST works fine, the VM has not connection to network even though I can see the IP properly set in the VM. from outside it is invisible. static and dhcp one. even when I set it to the older schema
i.e. 192.168.5.x

I though I will set all up first using the old schema and than switch when it is properly connected into my cable modem and is primary dhcp /dns server on the network. instead of my current router.

auto lo
iface lo inet loopback

iface eth0 inet manual     ## onboard nic

iface eth1 inet manual    ## port A on PCIe card  will use as WAN

iface eth2 inet manual   ## port B on PCIe card will use as LAN

auto vmbr0
iface vmbr0 inet static
    address  192.168.5.30
    netmask  255.255.255.0
    gateway  192.168.5.1
    bridge_ports eth0
    bridge_stp off
    bridge_fd 0

auto vmbr1
iface vmbr1 inet dhcp
    bridge_ports eth1
    bridge_stp off
    bridge_fd 0
    
    
auto vmbr2
iface vmbr2 inet manual
    bridge_ports eth2
    bridge_stp off
    bridge_fd 0

 

[MiniKnight]

The reason you cannot get to the 10.x address from your PC is because it is on a different subnet. With your Proxmox IP as 10.0.x.x, change your PC IP manually to 10.0.x.y.