Open menu
You are here: >

How To Configure Proxmox Bridged Networking

Unlike a Promox Routed Networking setup, Bridged networking requires that MAC addresses are assigned to each IP you use. A routed setup requires that you add all of your IPs to the interfaces file. This can cause some issues. It’s possible for customers to add additional IPs they have not paid for. If you use large subnets it would be easy for a client to guess what other IPs are in use.

With a bridged networking setup you assign your IPs MAC addresses and should you require further IPs you simply assign the guest MAC address to any further additional IPs. Bridged networking also has the advantage of being able to use a Proxmox DHCP server to provide networking information. Because each IP is bound to a MAC address you can issue IPs via DHCP. Proxmox cloud templates default DHCP which is useful should a service like Cloud-init fail.

Routed or Bridged Networking

Both types of networking have advantages and disadvantages. With routed networking, you cannot add more IPs to the service on the fly, you would have to reboot the host. It’s also not possible to use MAC addresses. Although a bridged network requires more configuration. It’s much more flexible and secure in the sense customers cannot use IPs not assigned to them.

Configure Networking

The interfaces file for Proxmox bridged networking is pretty simple. Our file below has our bridge on vmbr0 which is linked to our ethernet adapter on eno1. The bridge is configured with the business dedicated servers IPv4 and gateway. With bridged networking, there is no need to specify MAC addresses for each IPv6 address.

When setting up IPv6, use the /64 as the subnet, thats how the world will know where your servers are

auto lo
iface lo inet loopback

iface eno3 inet manual

iface eno1 inet manual

iface eno2 inet manual

iface eno4 inet manual

auto vmbr0
iface vmbr0 inet static
    address 1.2.3.4/32
    gateway 1.2.3.254
    bridge-ports eno3
    bridge-stp off
    bridge-fd 0
    post-up echo 1 > /proc/sys/net/ipv6/conf/vmbr0/proxy_ndp

iface vmbr0 inet6 static
    address 2001:41d0:xXx:xXXx::1/64
    gateway 2001:41d0:xXx:xXff:ff:ff:ff:ff
    post-up /sbin/ip -f inet6 route add 2001:41d0:xXx:xXff:ff:ff:ff:ff dev vmbr0
    post-up /sbin/ip -f inet6 route add default via 2001:41d0:xXx:xXff:ff:ff:ff:ff
    pre-down /sbin/ip -f inet6 route del default via 2001:41d0:xXx:xXff:ff:ff:ff:ff
    pre-down /sbin/ip -f inet6 route del 2001:41d0:xXx:xXff:ff:ff:ff:ff dev vmbr0

auto vmbr1
iface vmbr1 inet manual
    bridge-ports none
    bridge-stp off
    bridge-fd 0

Proxmox Bridged Private Networking

For a private network in a bridged environment, you simply specify the private network and assign it to a new interface. On most systems, this will be vmbr1. As with a routed setup you can forward connections from the private network to vmbr0 which will allow outgoing internet access for each private IP. Because you are forwarding connections using IPtables there is no need to bridge the private network to your ethernet device and doing so would break your networking settings.