What is the best way to provide internet access to guests on a Proxmox VXLAN? Is it:

  1. One node (host) in the cluster is the default gateway, all traffic is routed through it. Sounds clean and simple but there’s multiple layers of jank to get it working, if it works at all
  2. Have a guest (lxc or VM) on the VXLAN act as a gateway. Give it two NICs - one on the vnet and another on the hosts bridge (physical lan), route traffic through the second.

My default approach is the first but despite hours of tinkering and forwarding tricks it never works. I’m leaning more to the second but having a dedicated gateway guest seems like a waste of resources - logically the host should be doing it.

And yes, SNAT is enabled 😅

    • jimmy90@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      2 days ago

      i route all incoming traffic through a tp-link vlan switch to openwrt router in an lxc container to vlan dmz in which all public service traffic is

      all the public services and openwrt are running in proxmox lxc containers. all public traffic is trapped in the vlan dmz