Categories
Networking Server SysAdmin Technology Virtualization

Deploying Proxmox 7 behind a firewall VM

How I run Proxmox with a single IP and MAC address.

Discovery

Network information

Since I’m using Hetzner for the basis of this article, I could use their dashboard, Robot, to obtain the IP, netmask, and gateway by hovering my cursor over my server’s IP address:

For the sake of posterity and based upon Gushmazuko‘s Gist, Install any OS on Hetzner VDS, I’ll also demonstrate how to discover this information from within a Debian-based rescue system:

NIC name

NIC_NAME="$(udevadm info -e | \
grep -A 20 ^P.*$(ls /sys/class/net | grep ^e) | \
grep ID_NET_NAME_PATH | \
cut -d "=" -f2)"; echo $NIC_NAME;

In my case, it was enp41s0.

NIC IP

NIC_IP=$(ip -f inet addr show $NIC_NAME | awk '/inet / {print $2}'); echo $NIC_IP;

In my case, it was 65.109.71.115/26. Using a CIDR calculator or looking at the Wikipedia article for Wildcard Masking, you can see that the /26 matches up to the netmask in the above screenshot, 255.255.255.192.

NIC Gateway

NIC_GATEWAY=$(ip -4 route list 0/0 | cut -d ' ' -f 3); echo $NIC_GATEWAY;

In my case, it was 65.109.71.65.

NIC MAC

NIC_MAC=$(ip link show $NIC_NAME | grep link/ether | awk '{print $2}'); echo $NIC_MAC;

In my case, it was ca:fe:41:c0:ff:ee (not really)


Your results will be different, but these were my results which I used for installing Proxmox and building two network configurations for Proxmox (recovery and runtime) as well as configuring a virtualized firewall, and what you’ll see in the upcoming step, Configuration:

  • NIC Name: enp41s0
  • NIC IP: 65.109.71.115
  • NIC CIDR: /26
  • NIC Netmask: 255.255.255.192
  • NIC Gateway: 65.109.71.65

Storage information

To list the block devices attached to the server, and more specifically, the two NVMe SSD that I want to install Proxmox on:

lsblk | grep nvme | awk '{print $1}'

In my case, they were:

  1. nvme0n1 located at /dev/nvme0n1
  2. nvme1n1 located at /dev/nvme1n1

4 replies on “Deploying Proxmox 7 behind a firewall VM”

Great post. Thank you so much – exactly what I was looking for!
But I’m missing a step-by-step guide to include Traefik 2 to your setup.
Or can’t I simply find it?

Leave a Reply

Your email address will not be published. Required fields are marked *