Creating a virtual router in Proxmox

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
today i'm going to be going over how to set up a virtual router within proxmox there are many operating systems that are designed to be used on routers on little pcs like this some examples include pfsense and unking and these often work well on these small pcs that have dual network ports so one could be used as a lan port and one can be used as a lan port and these pcs are small physically they're low power they're generally pretty reliable and work well as a little router box if you want a more advanced solution than what a normal home router can give you and they could do many more features than a traditional home router with lots of fancy routing abilities the ability to do multiple subnets ability to do like vpns and traffic filtering on the device as well but you can't just do that on devices like this you can also run it within a virtual machine on a hypervisor like proxmox and i'm going to be going over kind of the network setup that you want to do to make that work correctly some of the advantages of doing this within a virtual machine include the ability to easily make backups and restore previous backups of a router in case a configuration change doesn't work the ability to be easily able to switch between operating systems on your virtual router without having to have really any playing with hardware or hardware downtime you could easily move it between nodes if you have multiple high availability nodes in your setup the ability to give it more resources as needed and the fact that you just have fuel hardware this also makes it really nice if you want to play around with router setups so if you maybe want to set up like a virtual multiple routers or a little virtual vpn setup just to play with or maybe just trying to try having one router and a few vms to see how it works for you without having to touch any real hardware but setting up a virtual router also has some disadvantages the biggest one for home users i'd say is the dependency chain of your router just gets a lot higher whereas a normal little untangle box or something like this is pretty easy you make sure it boots and then it works as a router the virtual machines you have to make sure the vulture machine starts up you have to make sure you can access its storage and there's just a lot more things that have to be working to get a virtual router working that a physical router wouldn't need in this video i'm going to be going over how to set up a virtual router using virtual switches within proxmox but there's other ways to do it including using pcie password to password a whole network card to your vm to make this make a bit more sense i'm going to set this all up physically first so you can get a better idea of what's going on under the hood so you understand a little bit more of what's happening when i set it up in proxmox in a little bit so to represent kind of devices within proxmox these two mac minis are going to represent virtual machines these two are switches which is just the basic switch within proxmox this little raspberry pi is going to represent the proxmox host as the host needs its own connection to do things like updates make the web management page or do network storage and this guy is going to represent my virtual router virtual machine so it's going to be a virtual machine that acts as a router and then i have a pilot cables to get everything set up so now i'm going to first do the setup that happens during the proxmox installation so the proxmox host is created so now it can connect over the network to another system and it creates a virtual switch we're going to say this guy right here and by default everything connects to your first virtual switch and that virtual switch works basically exactly like this guy and it's a layer two switch which in simplest terms means it gets packed in and it passes it to the other port has the device that wants that packet so if i take a virtual machine that i've just created i can plug that guy in with a network cable and plug it into this little virtual switch i've created and by default this virtual switch is also connected to the physical network port on your proxmox system so now i've essentially made a three-way switch one port which i don't have here connects to the physical port on your proxmox host one port goes to the host system on the proxmox so this is kind of the management page and one port goes to your virtual machine so now everyone here can go talk to each other and move data and the switch is going to facilitate that data moving now let's say you want to set up another virtual machine i can plug another cable into my proxmox virtual switch it's created and plug it into my second virtual machine and i can keep doing this as much as i want and all of these virtual machines can talk to each other they can all talk to the proxmox host and they can all talk to the outside world via the physical network port on that system but if i want to set up a virtual router the first thing i want to do is create another switch proxmox lets you make as many of these switches as you want within it so by default it will essentially just make a switch it has ports that kinda aren't connected to anything and it's just sitting there and if i want i can assign it another physical port on the system and if you want to do a virtual proxmox system you're going to want two physical ports to set it up well i'd say you could do a vlans if you really want to so then one of those physical ports is going to go to this little guy here and be what i'm going to call my wan system so now this guy might be connected to a modem or some other network connection or maybe your isp router box that you have to use so then it's connected to the external ram port on my proxmox system and i'm going to make a cable that connects it to the weigh-in port on my virtual router so now if my modem can talk directly to this virtual router now one thing i'm going to go over is a lot of home isps and networks so your modem should never connect to a switch between it and the router which is generally true but if you only connect one device to a switch like this it pretty much just works like a cable because there's nowhere else the packets can go and it only uses one ip address and now my virtual router needs to be connected to the rest of devices on the network and the way it can do that is i can take the lan port on my virtual router and plug it into my lan switch so now let's go over how packets would move around in this setup i have here this setup works like a basic home network setup where everyone on the network can talk to each other over a switch at the speed of the switch which in proxmox is almost unlimited or essentially cpu limited and then they can go through the router if they want to talk to anyone outside of that local network now let's go over how to set it up within proxmox and how the same wiring can all be done virtually within a proxmox now that i've gone over what's happening under the hood with a little bit of diagrams with these systems to try to understand a little bit more what's happening i'm going to actually go and make it work in proxmox right now on this system so a little bit about my test configuration here i have first so i have my test proxmox server here and i have this system which is kind of representing my local network these two systems are connected via network switch i'm calling this my lan network i'm then going to use kind of my main home network i have here as my lan network and as long as the router can connect to it and make a nat connection and set up nat it'll work fine if it's under another network connection so generally it's best to have it as close to the modem as possible so that would mean either directly connected to the modem or isp connection or plugged into a isp router modem combo and have it set to forward all the ports but for testing or use you can just have it so it's connected as any other device on the network if you wanted to set up and manage your own little subnet on my screen right now i have the proxmox interface for the network interfaces that i have on the system for my host this is the default that i get after installing it and it has the ip that i've set the system to and the single port that i used by default proxmox just uses one port but if i look at my system here i actually have five ports that i can use and one of them is going to be my wan port and i need to find out which one it is one way i can find out is by just kind of looking at the device name typically if it's like one number off it's the same card but the second nip so on this system i have a dual gigabit on board nick and a dual 10 gigabit neck and an impi neck so probably the single one is the single iron ti net the one i'm using and the other one that's similar to two emp ones are the dual onboard gigabit and these two e and f on e s f somethings are the 10 gigabit fiber optic card i have in here the way i can also check that seems to work reasonably reliably is going to terminal fire up what ipa ddr is to see if they're up or down so it should say right here and then the command ip link set up enf s like six f zero so i'm going to run that command now and it just ran it's not going to return any response but if i ran ipaddr now and look at ens6f0 it still says it's down but if i go to a port that has a cable connected to it which is my actual one that's connected to my wan network so enp6s0 it's going to still run with no response but if i look at it now it's going to say that connection is up so now i know that emp 6s0 is the one i plugged in now this can be a bit confusing and sometimes require a little bit of trial and error to get it working correctly but this is the one i want so now i'm going to go create linux bridge the linux bridge is basically the same as one of these switches it's a layer 2 switch it's relatively dumb and i'm going to set it up so here's its name i'm going to leave it as vmbr 1 right now just so it's simple i could call it maybe something that's a little bit more identifying so we're going to just call it like random one or maybe we'll call it v-ram one that's trying to make it a virtual one you can give it an ip address you probably do not want to do this for ram network as if you're connected to the modem or something that means your proxmox host gets an ip and a lot of modems don't want you to take multiple ips in this case would be one for the proxmox host and one for the virtual router and you can't really do that the other thing is um that would connect your proxmox system to the internet directly and you likely do not want to do that because the security concerns and you want all your connections to go through your virtual router first and have it so the proxmox server is connected internally to its lan network so that's what i'm going to do now i'm not going to give it an ip address it still can access the internet via the virtual one and these switches do not need to have their own internal ip addresses on the host bridge ports is what other ports on the system it's going to be connected to so in this case it's that's the enp-6s0 port that i found out was the one earlier and for name i have to set it to vmbr and then some number so it's going to be vmbr1 right now i can't set it to another fancy name if i'd like under advanced that's mtu if you're going to set that but i'm going to leave it default here because i'm just using that in all my other systems so i'm going to go over create right now and what it said is happening is it's going to edit this etc network interfaces file in debian and i'm going to hit apply configuration and it's going to change it and it's going to restart the networking if you've done everything correctly you can still access this web interface here and if you reload it it'll work fine sometimes if you make a mistake you'll break your web interface if it's a new install you might want to reinstall it if you really broke it but otherwise that etc networking interfaces is where you want to look because that's where it is in debian and what happens so now that i've created the two virtual switches i need to create a virtual machine that will act as the router so let's go into create vm it's going to make it the next one i'm going to just call it like unkangle1 for this example i'm going to be using untangle but pf sense and almost all the other ones will be used working about the same way i'm going to click start at boo since it's a router i want my router to start at boot so it can access the internet and that makes it so when it comes up the whole thing just starts working under os i'm going to pick that image i uploaded earlier so it's just untangle 16.5 i have here i'm going to go into system that all looks fine disks a 32 gig disk is generally fine for it maybe we'll give it the vio block for slightly better performance since it's a linux um router os block should look fine cpu and we'll give it a couple callers for fun giving it the host is normally the best way to do it for performance if you're not in a cluster memory two gigs ram should be fine and networking by default it only lets you set one networking device so we're just going to let it sit here and we're going to add that a little bit later so now i'm going to go under confirm and finish so since i could only create one networking device when creating the vm i have this vm that's going to be created in the config i'm going to go under the hardware settings and i'm going to say add a new network device and it's going to be on that vmbr1 right now and i need to now figure a way to identify it one way i've done this in the past is actually these different types of nicks as you can tell them apart but i don't want to do that for the best performance so i'm just going to say they're both vert i o nicks and you can normally guess and check running in the system so let's get that vm firing up and installing right now so you have to install the os like any other os and i normally have some sort of semi graphical interface to install it that is pretty much pressing next quite a few times so it looks like the setup wizard cannot connect to the internet so i'm going to actually run that setup utility later and run it locally on this system so i'm going to run that setup wizard agree to the licensing terms i'm going to just set up a basic password to configure this guy with install type we're going to say to home here and then network cards this is where we can take a look at it so what's happening here is there i see the two network cards and i can see the status on both is connected but it doesn't really know what's happening so now i'm going to try to figure out what's going on and one way i can do that is i know that my vmbr1 which is the second nick right here is my lan and it ends in 47 with the mac address so it looks like these are reversed so just to double check my external one ends in 47 on the mac address this guy right here and it's going to be my external and my internal ethernet 0 ends in 14 on the mac address number 14 grade 0 which is my lan so that's what i want so now i should be able to connect to the internet with and look here i have an ip address right now this setup should normally work because these switches just pass packets between it if you don't have dhcp on your side you have to set up a static ip here just like you would if you had a physical system now let's take a look at the internal network so for internal network settings this is my lan system so i'm going to be using the 192.168.2.1 this has to be a different subnet than your random one just because you don't want to have the same subnet so i'm going to send it up here with that address and i'm going to make it my dhcp server i'm going to say can automatically install updates if i want i'm going to go to the dashboard on this system so now it says it's ready to be configured i'm gonna set up that account later and we can take a look at this guy here so taking a look at like the networking um under config and then network that's set up if i want to see things like hosts on the system devices i'm likely going to start seeing devices on the network so now my little system right here has access to the internet so i can open any of the web pages that i want it's pretty much a working untangle system and you can have it doing whatever you want so i have like my systems here if i want multiple systems for example i can have like my virtual machine that i want to have connected in order to get a virtual machine connected just make sure that it's connected to the correct virtual network device so in this case that's going to be vmbr0 one little hint i'd have is try making zero whatever the default one is you'll land so then you don't accidentally connect anything to your wan network because it's easy to just click next next next to the installer now i set up my ubuntu vm right now it has network access and here's the speeds it gets that's a little bit more like i was liking and what happens when i give my speed test a little bit faster of a cpu now that i've demonstrated it definitely works one thing to be aware of with virtual routers is because this system that i'm admining it all from is currently set to dhcp if it wants to admin the proxmox system or the untangle system it has to be able to connect to it via dhtp address that it can't get if it's not working so i probably have a system set to static ips or just know a static ip that'll work that you can set to your system if you have to troubleshoot in case your dhcp server is down now i'm going to demonstrate some features of running a virtual router that i find is very convenient and actually kind of cool that you can't do with a physical router so first thing is going to be snapshots so let's say i want to play with changing some network feature and just see how it goes i can go say take a snapshot and i'm going to include the name of like let's say pre-upgrade so now i'm going to do this one before my upgrade and since it's before my upgrade i can take a snapshot update my virtual router and then once i do it it'll either be working or if there's an issue with the upgrade i can go back to its config right there and if i want to restore it to it it's super fast i can go back in like a couple minutes normally now i've uploaded a pf sense iso to my system and i'm going to install psense i'm doing the clone right now because what i want is i want to have the exact same hardware so all the network cards work well so i'm going to go on to cd dvd drive and i'm going to go edit and i'm going to change it from my untangle installer to my pf sense installer and i also need to turn off the untangle one because having two routers running at the same time is a great way to have very annoying network issues so now i've started it up i'm going to select my dvd drive as my boot one and it looks like look there it goes it's starting to load right now so now pfsense has finished booting and i'm in this little menu right here that psense has to configure a few things outside of the web interface so the only thing i really want to do in here right now is set the interface ip address because i'm getting the same ip on my wan and lan network seeing that it found the dhcp address in my wan network means that's all connected correctly so i'm going to just set my lan network on my lan setting which is static and i'm going to set it to 192.168.2.1 so um there's no upstream gateway so it's not going to be using ipv6 and i want to enable the dhcp server on there so we're going to do like 192.168.2.34 and the end this would be like 192.168.2.143. this is the dhcp server range i'm just sent something random essentially right now but that should work fine so now it's going to be reloading the dhcp server and the web server conf curator and now i have a new address so i'm going to punch that into my browser right now and let's see what we get so now i'm going to be getting into the pf sense webpage just to take a look around let's sign with default of admin and pf sense and it's going to give me a little bit as it goes to the setup gui uh yeah you want me to buy more stuff i can just leave leaving this all as default right now just to kind of set it up quickly as a demo for my when interface it's going to be dhcp my lan interface i've already set that up uh it looks like i'm going to keep that password and it's going to be now reloading all the settings let's see if anything changes on here uh no it doesn't and looks like we're gonna finish so this should bring me to let me see kind of whatever is happening in my pf sense box so now i have pf sense working i can access the internet on this system and has full network access and there really isn't any issues on here so if i want to go to like google or something boom there it goes no problems with that and it's super easy to switch between them now as i can just go into my setup window for proxmox reload this and change which virtual router you i'm using and that's most of what setting up a virtual router and proxmox is a vm has access to the virtual switches hopefully this guide helped you set up a virtual router and proxmox or showed you some things about proxmox you haven't used before and thanks for watching my little tutorial on videos like this
Info
Channel: ElectronicsWizardry
Views: 53,383
Rating: undefined out of 5
Keywords:
Id: _YazSroZm68
Channel Id: undefined
Length: 20min 17sec (1217 seconds)
Published: Fri Aug 12 2022
Related Videos
Whats the faster VM storage on Proxmox
ElectronicsWizardry
36K
DO NOT design your network like this!! // FREE CCNA // EP 6
NetworkChuck
3M
A Homelabbers Networking Playground with Opnsense, Proxmox, VLANs and Tailscale
Tailscale
24K
Should You Build Your Own Router?
Wolfgang's Channel
282K
Proxmox VLAN Configuration: Linux Bridge Tagging, Management IP, and Virtual Machines
VirtualizationHowto
28K
Proxmox NETWORKING: VLANs, Bridges, and Bonds!
apalrd's adventures
108K
HomeLab Services Tour 2024 - What Am I Self Hosting?
Techno Tim
269K
How To Create VLANs in Proxmox For a Single NIC
Tech Tutorials - David McKone
92K
Fully Routed Networks in Proxmox! Point-to-Point and Weird Cluster Configs Made Easy with OSPF
apalrd's adventures
18K
How to Virtualize Your Home Router / Firewall Using pfSense
Techno Tim
264K
Exploring Proxmox from a VMware User's Perspective
2GuysTek
88K
Software Defined Network Guide - SDN - How To Create
Jim's Garage
32K
HOW TO SETUP OPNsense: From First Boot to Fully Functional (with IPv6!)
apalrd's adventures
49K
10 tips to get the most out of your Proxmox server
ElectronicsWizardry
44K
Mastering VLAN Configuration on MikroTik, Step-by-Step Guide
The Network Berg
25K
MikroTik CCR2004 PCIe NIC in Proxmox
MikroTik
27K
Converting a Physical system to a Proxmox VM
ElectronicsWizardry
71K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.