Homelab networking: the basics
I briefly mentioned the network setup in a post about starting my homelab, but wanted to describe the steps I took to get connectivity to the machine and the VMs within it.
Proxmox creates a basic network configuration during installation. It provides connectivity to the VM via a bridge interface—a virtual switch. The configuration assumes that the machine has a static IP, and is connected via an Ethernet interface.
auto lo
iface lo inet loopback
iface wlp3s0 inet manual
auto vmbr0
iface vmbr0 inet static
address 192.168.0.101/24
gateway 192.168.0.1
dns-nameserver 192.168.0.1
bridge-ports wlp3s0
bridge-stp off
bridge-fd 0
source /etc/network/interfaces.d/*
This assumption works well for servers (the intended place to setup a hypervisor), but not for a laptop with only a WiFi interface. Running the default configuration with a WiFi interface returns an error, as the interface could not be bridged directly.
# systemctl restart networking.service
# journalctl -u networking.service -n 2
Nov 14 23:47:32 pve /usr/sbin/ifup[7397]: warning: vmbr0: apply bridge ports settings: cmd '/bin/ip -force -batch - [link set dev wlp3s0 master vmbr0]' failed: returned 1 (Error: Device does not allow enslaving to a bridge.
Command failed -:1
)
Nov 14 23:47:32 pve systemd[1]: Finished networking.service - Network initialization.
Searching for workarounds brought up this guide from Vivek Kaushik, which worked for me!
auto lo
iface lo inet loopback
auto wlp3s0
iface wlp3s0 inet dhcp
wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf
auto vmbr0
iface vmbr0 inet static
address 10.10.0.1/24
bridge-ports none
bridge-stp off
bridge-fd 0
post-up sysctl -w net.ipv4.ip_forward=1
post-up iptables -t nat -A POSTROUTING -s '10.10.0.0/24' -o wlp3s0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.10.0.0/24' -o wlp3s0 -j MASQUERADE
source /etc/network/interfaces.d/*
The bridge interface acts as the gateway of a private network, and NAT rules are set to rewrite the packets with the correct address before sending and after receiving them. With this setup, you can either set an IP address for each VM manually, or setup a DHCP server on the physical machine to assign addresses automatically. The latter option is covered in the guide, which I implemented.
This setup worked just fine, however I was curious if I could separate the routing configuration into a VM of its own. I’d seen posts and videos configuring routers using open-source router distributions like pfSense and OpenWRT, and I wanted to try them out too.
Another option I found was to pass-through the network card to a VM and configure that VM into a router, inspired by this guide from Ryjelsum. It didn’t work for my network card though, and I also had problems with troubleshooting as I would lose internet access each time I attempted the passthrough.
Having an Ethernet interface on the machine would make things easier, so I purchased a USB-to-Ethernet adapter. Figuring out how to get an Ethernet connection to my room from the main home router was quite the learning experience—figuring out how my home router is setup, knowing which Ethernet cables to buy and where to connect them. I also assigned a static IP to my homelab machine, making it easier to access and simplifying the network configuration.
auto lo
iface lo inet loopback
iface wlp3s0 inet manual
auto enx00e04c461997
iface enx00e04c461997 inet manual
auto vmbr0
iface vmbr0 inet static
address 192.168.0.101/24
gateway 192.168.0.1
dns-nameservers 192.168.0.1
bridge-ports enx00e04c461997
bridge-stp off
bridge-fd 0
source /etc/network/interfaces.d/*
Each VM now receives an IP address from my main home router via DHCP, so all VMs + the physical machine itself are on the same network. I have also been using the Ethernet adapter for a few months, and it seems to be working reliably so far!
The next step would be to create the router VM, and expand on that further. Also, now that the WiFi interface is unused and I have a working ethernet interface, I might try to make the passthrough work again.