Enabling Cross VLAN Routing within a single Proxmox box?

I’d like proxmox to do cross-vlan routing within the proxmox host, as opposed to seperate containers on different vlans (which live in the same host) sending vlan tagged packes out to the switch and then router, then finally back to another client on the original host.

For example, I might have a seedbox on vlan 99 at 10.10.88.34, when it downloads a file, maybe I want it to rsync it to my media server on vlan 66 @10.10.44.23, at the moment, any crossvlan routing has to be handled by my pfsense router, which is inefficient given that these servers all live in the same host.

So is there a way to set a firewall rule in proxmox, to directly route 10.10.88.34 to 10.10.44.23 without sending the packets out to the router?

Here is my basic network setup:

Router: Dell r220ii running pfSense, 1 gig up to WAN, 4x1gig LACP bond to switch
Switch: Catalyst 3750g
Proxmox Host 1: Dell r320 containers multiple containers:
Bookstack
Dokuwiki
Jellyfin
Ubuntu VM
AlpineLinux VM

Proxmox Host 2: Dell r720 -currently set up but not configured

Machine Learning Box: Dell Precision T5600 running ubuntu with mad ram and a compute card.

Vlans:
MGMT
HOME
GUEST
LAB

Hi @proxTMUX,

Just jotting down some thoughts:

What you’re after is Open vSwitch and is essentially why Open vSwitch was created- to enable the virtualization of network hardware in hypervisors. In your case, what you’d want to do is create an OVSbridge (basically an Open vSwitch switch) and trunk the VLAN traffic over from your physical switch to this OVSbridge.

Your case is slightly more complicated though because you’re using link aggregation, in which case we would normally use an OVSbond to link them together. So really what we need to do is combine the two.

Some resources you might find helpful:

  • I’d start here first to give you some background:
  • Proxmox wiki on OVS:

Read those over and let me know when you’re ready.

Hey Troque,

Sorry for the late reply. This is exactly what I wanted! I haven’t implemented it yet due to some other production work that needs to complete first but wow, exactly what I need.

I’ll drop another update when I deploy.

1 Like