Public VLAN: Routed with Proxy ARP
Let us assume the host is on a public VLAN 188.8.131.52/26 and has been given the IP of 184.108.40.206. The range 220.127.116.11/24 has been routed to 18.104.22.168.
For this setup:
- IP forwarding needs enabling for virtual machine traffic to leave the machine. The guests can talk to each other without it enabled.
- Proxy ARP needs enabling on tapN so the virtual machines can reach each other.
- eth0 will only emit traffic from its own MAC address as all packets are routed.
- Repeatedly assign 22.214.171.124 to tap interfaces with a peer address of the virtual machine’s IP (or use static routes).
This is what we do on our own virtual machine platform.
The routing table on the host machine should look like:
126.96.36.199/26 via eth0 188.8.131.52 dev tap1 184.108.40.206 dev tap2 220.127.116.11 dev tap3 18.104.22.168/24 dev null default via 22.214.171.124
The line “126.96.36.199/24 dev null” is best practise, but optional and not usually done.
“We recently suffered a hosting crisis and turned to Bytemark for help. The staff were cool, calm and collected throughout. They offered a very high level of customer service. and enabled us to switch over 85 domains and 100s of email addresses in a very short space of time.”