ok, thanks, I'll build the same setup, (is pm0 address in the same range than pm1 ? )
If I understand, the vm tap is plugged on vmbr1, and nat must be done on veth pair ? I'll make a report this afternoon. ----- Mail original ----- De: "Dietmar Maurer" <diet...@proxmox.com> À: "Alexandre DERUMIER" <aderum...@odiso.com> Cc: pve-devel@pve.proxmox.com Envoyé: Mardi 11 Mars 2014 06:43:21 Objet: RE: [pve-devel] pvefw: masquerade problems and conntrack zones > I'm a bit lost for now, I'll try to create a testlab tomorrow to see how > things > works. I currently use the following configuration for testing: ----------------------- auto vmbr0 iface vmbr0 inet manual bridge_ports eth0 bridge_stp off bridge_fd 0 auto pm0 iface pm0 inet static address XXX.XXX.XXX.XXX netmask 255.255.255.0 gateway YYY.YYY.YYY.YYY VETH_BRIDGETO vmbr0 auto vmbr1 iface vmbr1 inet manual bridge_ports none bridge_stp off bridge_fd 0 auto pm1 iface pm1 inet static address 10.10.10.1 netmask 255.255.255.0 VETH_BRIDGETO vmbr1 VETH_MASQUERADE pm0 ------------------------------- _______________________________________________ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
