Ich empfehle vor Änderungen die interfaces zu sichern
mv /etc/network/interfaces /etc/network/interfaces.old
ACHTUNG IHR MÜSST EURE SERVER IPS EINTRAGEN
/etc/network/interfaces
#Host Network Konfiguration auto lo iface lo inet loopback auto eth0 iface eth0 inet static address HAUPTIP PROXMOX SERVER netmask 255.255.255.255 gateway YOURGATEWAY pointopoint YOURGATEWAY iface eth0 inet6 static address HAUPTIP PROXMOX4 SERVER IPV6 netmask 128 up ip -6 route add default via fe80::1 dev eth0 up sysctl -p auto vmbr0 iface vmbr0 inet static address HAUPTIP PROXMOX SERVER netmask 255.255.255.255 bridge_ports none bridge_stp off bridge_fd 0 up ip route add erste zusatz IP/32 dev vmbr0 up ip route add zweite zusatz IP/32 dev vmbr0 up ip route add dritte zusatz IP/32 dev vmbr0 up ip route add vierte zusatz IP/32 dev vmbr0 iface vmbr0 inet6 static address HAUPTIP PROXMOX4 SERVER IPV6 netmask 64
Dann noch die sysctl.conf anpassen oder ersetzen
mv /etc/sysctl.conf /etc/sysctl.old
Nun sysctl.conf ernsetzen
# /etc/sysctl.conf - Configuration file for setting system variables # See /etc/sysctl.d/ for additonal system variables # See sysctl.conf (5) for information. # #kernel.domainname = example.com # Uncomment the following to stop low-level messages on console #kernel.printk = 3 4 1 3 ##############################################################3 # Functions previously found in netbase # # Uncomment the next two lines to enable Spoof protection (reverse-path filter) # Turn on Source Address Verification in all interfaces to # prevent some spoofing attacks #net.ipv4.conf.default.rp_filter=1 #net.ipv4.conf.all.rp_filter=1 # Uncomment the next line to enable TCP/IP SYN cookies # See http://lwn.net/Articles/277146/ # Note: This may impact IPv6 TCP sessions too #net.ipv4.tcp_syncookies=1 # Uncomment the next line to enable packet forwarding for IPv4 net.ipv4.ip_forward=1 # Uncomment the next line to enable packet forwarding for IPv6 # Enabling this option disables Stateless Address Autoconfiguration # based on Router Advertisements for this host net.ipv6.conf.all.forwarding=1 ################################################################### # Additional settings - these settings can improve the network # security of the host and prevent against some network attacks # including spoofing attacks and man in the middle attacks through # redirection. Some network environments, however, require that these # settings are disabled so review and enable them as needed. # # Do not accept ICMP redirects (prevent MITM attacks) #net.ipv4.conf.all.accept_redirects = 0 #net.ipv6.conf.all.accept_redirects = 0 # _or_ # Accept ICMP redirects only for gateways listed in our default # gateway list (enabled by default) # net.ipv4.conf.all.secure_redirects = 1 # # Do not send ICMP redirects (we are not a router) #net.ipv4.conf.all.send_redirects = 0 # # Do not accept IP source route packets (we are not a router) #net.ipv4.conf.all.accept_source_route = 0 #net.ipv6.conf.all.accept_source_route = 0 # # Log Martian Packets #net.ipv4.conf.all.log_martians = 1 #
Bei der Erstellung der LXC Container im Backend müsst ihr als Gateway bei IPV4 und IPV6 die HauptIP verwenden.
Link:
