Difference between revisions of "OVH"
m (→Introduction) |
|||
| (7 intermediate revisions by 2 users not shown) | |||
| Line 4: | Line 4: | ||
This article describes the OVH specific network settings for Proxmox VE 4.x. | This article describes the OVH specific network settings for Proxmox VE 4.x. | ||
| − | OVH is one of the main [ | + | OVH is one of the main [https://www.proxmox.com/en/partners/hosting Proxmox VE hosting partners] and provides ready-to-use Proxmox VE images which allows you to start immediately with the installation and configuration of your virtual machines and containers. |
= Network configuration = | = Network configuration = | ||
| Line 24: | Line 24: | ||
In order to enable IPv6 networking ''if the firewall is enabled'' you need to | In order to enable IPv6 networking ''if the firewall is enabled'' you need to | ||
| − | + | make sure the the [https://en.wikipedia.org/wiki/Neighbor_Discovery_Protocol neighbor discovery protocol] | |
| − | For this there's a firewall macro called ''NeighborDiscovery'' available | + | is allowed. For this there's an option in the firewall's options tab. |
| − | '' | + | Additionally there's a firewall macro called ''NeighborDiscovery'' available |
| − | + | in case you wish to move the NDP rules to 'below' some other custom rules. | |
| + | |||
| + | See the [[Firewall#_notes_on_ipv6|Firewall notes about IPv6]] for more | ||
| + | information. | ||
== LXC container == | == LXC container == | ||
| Line 42: | Line 45: | ||
Assume we want to assign address 1.2.3.9 to a container, you will get the following. Please note, this is shown in the screenshot. | Assume we want to assign address 1.2.3.9 to a container, you will get the following. Please note, this is shown in the screenshot. | ||
| − | Inside a Debian container, this creates automatically the following '/etc/network/interfaces'' file: | + | Inside a Debian container, this creates automatically the following ''/etc/network/interfaces'' file: |
auto lo | auto lo | ||
| Line 60: | Line 63: | ||
=== IPv6 === | === IPv6 === | ||
| − | With IPv6 the situation is similar, | + | With IPv6 the situation is similar, but you cannot assign virtual mac addresses via the OVH GUI to IPv6 addresses. The easiest setup is to just also assign an IPv4 address to the container with a valid MAC, then the configuration works the same as with IPv4. You can use the regular prefix length of 64 (iow. you do ''not'' need to use the ipv6 equivalent of a 255.255.255.255 netmask). |
| + | Other options include using a routed setup with the host as gateway, this is also possible with IPv4 when configured correctly. Or a routed setup with the normal gateway with proxy-ndp. For this you configure the network like you normally would if you had a valid vMAC, but enable proxy_ndp on the two bridges and add the ipv6 gateway to the neighbor proxy table of the routing bridge (vmbr1 in the default OVH proxmox template), and the container's IPv6 address to the neighbor proxy table on the outer bridge (vmbr0 in the default setup). | ||
| − | + | Assuming the regular setup with a vMAC available, we get a similar result with IPv4, for instance on debian we get the following entry in ''/etc/network/interfaces'': | |
| − | |||
iface vmbr0 inet6 static | iface vmbr0 inet6 static | ||
| − | address 2001:1234:1234:0123:: | + | address 2001:1234:1234:0123::1 |
netmask 64 | netmask 64 | ||
post-up /sbin/ip -f inet6 route add 2001:1234:1234:01ff:ff:ff:ff:ff dev vmbr0 | post-up /sbin/ip -f inet6 route add 2001:1234:1234:01ff:ff:ff:ff:ff dev vmbr0 | ||
| Line 83: | Line 86: | ||
The network configuration files inside your virtual machine (ie. ''/etc/network/interfaces'' on Debian/Ubuntu) are the same as in the above container examples. | The network configuration files inside your virtual machine (ie. ''/etc/network/interfaces'' on Debian/Ubuntu) are the same as in the above container examples. | ||
| + | |||
| + | === IPv6 === | ||
| + | The same as for containers. | ||
=Links= | =Links= | ||
| − | + | [http://help.ovh.com/Proxmox Proxmox on help.ovh.com] | |
[[Category:HOWTO]] | [[Category:HOWTO]] | ||
Latest revision as of 09:01, 4 April 2022
Introduction
This article describes the OVH specific network settings for Proxmox VE 4.x.
OVH is one of the main Proxmox VE hosting partners and provides ready-to-use Proxmox VE images which allows you to start immediately with the installation and configuration of your virtual machines and containers.
Network configuration
In the OVH network the gateway is usually outside the IP subnet. Therefore routes to the gateways have to be added in order for them to be accessible from within containers or VMs.
Proxmox VE host
If you use the OVH Proxmox VE template the network is preconfigured in a working condition.
The IPv6 network is configured in a similar fashion as described in this article's LXC Container section, and the IPv4 network is configured the way you'd expect, with a /24 subnet. Note, that you should not copy this kind of configuration into a container. OVH suggests using a single addresses with a netmask of 255.255.255.255.
In order to enable IPv6 networking if the firewall is enabled you need to make sure the the neighbor discovery protocol is allowed. For this there's an option in the firewall's options tab. Additionally there's a firewall macro called NeighborDiscovery available in case you wish to move the NDP rules to 'below' some other custom rules.
See the Firewall notes about IPv6 for more information.
LXC container
IPv4
If you have a block of IPv4 addresses you can add the IPv4 address just via GUI. But first you need to use the OVH manager to create a virtual OVH mac address for the IPv4 address you want to assign. As soon as the OVH virtual mac is created, you can add this virtual OVH mac and the IPv4 address via the Proxmox VE GUI.
The GUI will add the required route to make the gateway reachable.
Let's for instance assume you have the IPv4 block 1.2.3.8/30. Then your addresses range from 1.2.3.8 to 1.2.3.11. In the OVH network your gateway will always end with an octet of 254, so if your Proxmox VE host main IPv4 is 4.3.2.1, the gateway is 4.3.2.254
Assume we want to assign address 1.2.3.9 to a container, you will get the following. Please note, this is shown in the screenshot.
Inside a Debian container, this creates automatically the following /etc/network/interfaces file:
auto lo iface lo inet loopback
auto eth0
iface eth0 inet static
address 1.2.3.9
netmask 255.255.255.255
post-up ip route add 4.3.2.254 dev eth0
post-up ip route add default via 4.3.2.254
pre-down ip route del default via 4.3.2.254
pre-down ip route del 4.3.2.254 dev eth0
Some background info. This is because Debian would refuse to use a gateway that is not part of the network, and with the above configuration the network is assumed to be 1.2.3.9/32, consisting of only this one address. Therefore we need to use post-up commands to first add a route to the gateway via the same interface we're configuring (eth0), then we add the gateway (default route).
IPv6
With IPv6 the situation is similar, but you cannot assign virtual mac addresses via the OVH GUI to IPv6 addresses. The easiest setup is to just also assign an IPv4 address to the container with a valid MAC, then the configuration works the same as with IPv4. You can use the regular prefix length of 64 (iow. you do not need to use the ipv6 equivalent of a 255.255.255.255 netmask). Other options include using a routed setup with the host as gateway, this is also possible with IPv4 when configured correctly. Or a routed setup with the normal gateway with proxy-ndp. For this you configure the network like you normally would if you had a valid vMAC, but enable proxy_ndp on the two bridges and add the ipv6 gateway to the neighbor proxy table of the routing bridge (vmbr1 in the default OVH proxmox template), and the container's IPv6 address to the neighbor proxy table on the outer bridge (vmbr0 in the default setup).
Assuming the regular setup with a vMAC available, we get a similar result with IPv4, for instance on debian we get the following entry in /etc/network/interfaces:
iface vmbr0 inet6 static
address 2001:1234:1234:0123::1
netmask 64
post-up /sbin/ip -f inet6 route add 2001:1234:1234:01ff:ff:ff:ff:ff dev vmbr0
post-up /sbin/ip -f inet6 route add default via 2001:1234:1234:01ff:ff:ff:ff:ff
pre-down /sbin/ip -f inet6 route del default via 2001:1234:1234:01ff:ff:ff:ff:ff
pre-down /sbin/ip -f inet6 route del 2001:1234:1234:01ff:ff:ff:ff:ff dev vmbr0
The IPv6 gateway address on OVH consists of the first 54 bits of your server's IP address filled it up with "XXff:ff:ff:ff:ff", with XX being the upper byte of the 4th group. (Note that this means that in the case of a number with fewer than 4 digits, for instance 1ab, you need to treat it as if it was padded with zeroes to 4 digits, in this case 01ab, so the XX would be 01.)
Virtual machines (QEMU)
IPv4
If you have a block of IPv4 addresses you can use them for your virtual machines.
First you need to use the OVH manager to create a virtual mac address for the address you want to assign. Then you can create the virtual machine in the Proxmox VE GUI and assign the generated mac address to your virtual network card.
The network configuration files inside your virtual machine (ie. /etc/network/interfaces on Debian/Ubuntu) are the same as in the above container examples.
IPv6
The same as for containers.