← Back to Course Index

Lab Icon Week 3 - Lab 2: Proxmox Networking Deep Dive

Module: Operating Systems 3 (Virtualisation & Cloud Technologies) Instructor: KT Nshimba Topic: Practical VM Networking and Bridge Configuration Estimated Time: 90 Minutes

Lab Overview

Building on your Week 2 Proxmox installation, this lab focuses on practical network configuration. You'll first build a working multi-VM network with static IPs and connectivity, then dive deep into how Proxmox manages these networks through configuration files and bridges.

Objectives:

  1. Configure static IP addresses on multiple VMs
  2. Establish VM-to-VM and Host-to-VM connectivity
  3. Implement floating IPs for high availability scenarios
  4. Analyze Proxmox network configuration files (/etc/network/interfaces)
  5. Troubleshoot common networking issues

Prerequisites: - Completed Week 2 Lab 2 (Proxmox installed and accessible) - Two VMs available for networking experiments - SSH/Shell access to Proxmox host

Part 1: Create Two Network VMs

We need two VMs to test inter-VM communication.

  1. Create VM 200 (if not already exists from Week 2):

    • Name: vm-web
    • OS: Alpine or Ubuntu Server (minimal)
    • Network: Bridge vmbr0, Model VirtIO
    • Start the VM

  2. Clone to create VM 201:

    • Right-click VM 200 → Clone
    • Mode: Full Clone
    • Name: vm-db
    • Start the cloned VM

Verification: You should now have two running VMs (200 and 201).

Part 2: Configure Static IP Addresses

By default, VMs use DHCP. We'll assign static IPs to ensure predictable addressing.

On VM 200 (vm-web):

  1. Log in via Console

  2. Identify the network interface: bash ip addr show

    • Note the interface name (usually eth0 or ens18)

  3. Configure static IP (Alpine Linux example): ```bash # Edit network config vi /etc/network/interfaces

    Add/modify:

    auto eth0 iface eth0 inet static address 192.168.

    Save and restart networking

    rc-service networking restart ```

    Ubuntu/Debian alternative (using netplan): ```bash sudo vi /etc/netplan/01-netcfg.yaml

    Add:

    network: version: 2 ethernets: ens18: dhcp4: no addresses: - 192.168.1.50/24 gateway4: 192.168.1.1 nameservers: addresses: [8.8.8.8]

    sudo netplan apply ```

  4. Verify configuration: bash ip addr show eth0 ping -c 3 192.168.1.1 # Test gateway

Record: VM 200 IP address: _______

On VM 201 (vm-db):

  1. Repeat the same process but use 192.168.1.51 as the IP address
  2. Verify: bash ip addr show

Record: VM 201 IP address: _______

Part 3: Test VM-to-VM Communication

Now verify that the two VMs can communicate on the same network.

  1. From VM 200, ping VM 201: bash ping -c 3 192.168.1.51

    • Expected: 3 successful ping responses

  2. From VM 201, ping VM 200: bash ping -c 3 192.168.1.50

Interactive Question: - Were both pings successful? [ Yes / No ] - If no, which VM failed? ___ - Average latency: ____ ms

Part 4: Configure Default Gateway (Internet Access)

The gateway routes traffic outside the local network.

  1. On both VMs, test external connectivity: bash ping -c 3 8.8.8.8

  2. If ping fails, verify gateway configuration: bash ip route show

    • Expected output: default via 192.168.1.1 dev eth0

  3. If gateway is missing, add it manually: bash ip route add default via 192.168.1.1

  4. Retest internet: bash ping -c 3 google.com

Verification: Can VM 200 reach the internet? [ Yes / No ]

Part 5: Access VMs from Host PC

Now we'll configure access from your host computer (Windows/Mac/Linux laptop) to the VMs.

Step 1: Verify Host Network

  1. On your host PC, check your IP address:

    • Windows: ipconfig
    • Mac/Linux: ifconfig or ip addr

  2. Ensure you're on the same subnet:

    • If your host is 192.168.1.x, you can reach 192.168.1.50 and 192.168.1.51
    • If your host is on a different subnet (e.g., 10.0.0.x), you'll need to adjust VM IPs or configure routing

Host IP: _______

Step 2: Ping VMs from Host

  1. Open terminal/command prompt on host

  2. Ping VM 200: bash ping 192.168.1.50

  3. Ping VM 201: bash ping 192.168.1.51

Interactive: - Can you ping VM 200 from host? [ Yes / No ] - Can you ping VM 201 from host? [ Yes / No ]

Step 3: SSH Access (Bonus)

If you installed SSH server on the VMs:

  1. From host, connect to VM 200: bash ssh root@192.168.1.50

  2. Run a command remotely: bash ssh root@192.168.1.50 "hostname && uptime"

Verification: Were you able to SSH into the VM? [ Yes / No ]

Part 6: Floating IP Concept (HA Scenario)

A Floating IP is an IP address that can "float" between VMs for high availability.

Simulation:

  1. On VM 200, add a secondary IP (the "floating" IP): bash ip addr add 192.168.1.100/24 dev eth0

  2. Verify it exists: bash ip addr show eth0

    • You should see both 192.168.1.50 and 192.168.1.100

  3. Test from host: bash ping 192.168.1.100

  4. Simulate failover - Remove IP from VM 200 and add to VM 201: ```bash # On VM 200 ip addr del 192.168.1.100/24 dev eth0

    On VM 201

    ip addr add 192.168.1.100/24 dev eth0 ```

  5. Test from host again: bash ping 192.168.1.100

    • The IP now points to VM 201!

Critical Thinking: In your own words, why is this useful for web servers?

Part 7: Network Diagram Challenge

Draw a simple diagram showing: - Your host PC - The Proxmox hypervisor - Bridge vmbr0 - VM 200 (192.168.1.50) - VM 201 (192.168.1.51) - The physical network interface - The gateway (192.168.1.1)

Submit your diagram (draw on paper or use a tool like draw.io).

Part 8: Anatomy of /etc/network/interfaces

Now that you've built a working network, let's see how Proxmox manages it behind the scenes.

Proxmox does not use a database for networking; it writes standard Debian configuration text.

  1. SSH into Proxmox host (or use Shell from GUI)

  2. View the Config: bash cat /etc/network/interfaces

  3. Analyze the Output: Find the section for vmbr0. It likely looks like this: bash auto vmbr0 iface vmbr0 inet static address 192.168.1.10/24 gateway 192.168.1.1 bridge-ports eno1 bridge-stp off bridge-fd 0

  4. Field Report (Fill in your values):

    • My Bridge Name: [ _____________________________ ]
    • Physical Interface (bridge-ports): [ _____________________________ ]
    • My IP Address: [ _____________________________ ]
    • Gateway: [ _____________________________ ]

  5. Critical Thinking:

    • What would happen if you deleted the line bridge-ports eno1 and rebooted?
    • [ _________________________________________________________________________ ]

Part 9: Tracing the Cabling (Bridge Layout)

We need to see what is plugged into our switch right now.

  1. Run the Bridge Command: ```bash # If bridge-utils is installed brctl show

    OR using the modern ip command

    ip link show master vmbr0 ```

  2. Field Report: List all interfaces currently plugged into vmbr0 (look for tap... or eno...):

    1. [ _____________________________ ]
    2. [ _____________________________ ]
    3. [ _____________________________ ]

  3. Critical Thinking:

    • If you see an interface named tap100i0, what does the number 100 usually represent in Proxmox?
    • [ _________________________________________________________________________ ]
    • Hint: Look at your VM IDs from Part 1!

Part 10: Simulating a Troubleshooting Scenario

Scenario: A Junior Admin complains that their new VM (VM 105) cannot get an IP address via DHCP. They configured the VM to use Tag 20 (VLAN 20), but the router for VLAN 20 is working fine.

You suspect the issue might be the bridge configuration.

  1. Check Bridge VLAN Awareness: Look at your /etc/network/interfaces again for vmbr0.

    • Do you see bridge-vlan-aware yes?

  2. Investigation:

    • Is VLAN Aware enabled? [ Yes / No ]
    • If No: Can this bridge legally pass VLAN tags, or will it strip them? [ _________________________ ]

  3. The Fix: If you were to fix this via CLI, you would add bridge-vlan-aware yes under the vmbr0 block.

    • Try to simulate this by editing a test file (do NOT edit the real config if on production): ```bash

    Create a dummy config to practice editing

    cp /etc/network/interfaces ~/interfaces.bak nano ~/interfaces.bak ```

Part 11: Open vSwitch (OVS) Exploration (Optional)

If you installed OVS in Lab 1, let's see how it differs in the Proxmox context.

  1. List OVS Bridges: bash ovs-vsctl show

  2. Field Report:

    • What is the UUID of your OVS setup? [ _____________________________ ]
    • Does it show a "Controller" connected? [ Yes / No ]

Lab Reflection

  1. Persistence: Why do we edit /etc/network/interfaces instead of just running ip link add...?

    • [ _________________________________________________________________________ ]

  2. Risk: Why is editing the network config of a remote server considered "high risk"?

    • [ _________________________________________________________________________ ]

  3. Design: In your own words, describe the difference between a Bridge and a Bond.

    • [ _________________________________________________________________________ ]

Final Lab Checkpoint

Practical Skills: - [ ] Configured static IP on VM 200 - [ ] Configured static IP on VM 201 - [ ] Successfully pinged VM 201 from VM 200 - [ ] Verified default gateway and internet access - [ ] Pinged both VMs from host PC - [ ] Demonstrated floating IP migration - [ ] Created network topology diagram

Theoretical Understanding: - [ ] Analyzed /etc/network/interfaces file - [ ] Identified bridge-port relationships - [ ] Troubleshooted VLAN awareness issue - [ ] Explained persistence vs temporary configs

Troubleshooting Checklist: If you cannot ping between VMs: 1. Check firewall: iptables -L (should allow ICMP) 2. Verify IPs: ip addr show 3. Check route: ip route show (should have default gateway) 4. Verify bridge: On Proxmox host, brctl show vmbr0 (both tap interfaces should be present)

Instructor Signature: ___ Date: ___

← Back to Course Index