![\"pve.webp\"](\"https:\/\/lyvba.com\/wp-content\/uploads\/2021\/11\/2521597231.webp\" "\\"pve.webp\\"")
<\/p>\n<\/p>\n
![\"lxc.png\"](\"https:\/\/lyvba.com\/wp-content\/uploads\/2021\/11\/110933695.png\" "\\"lxc.png\\"")
<\/p>\n
\u63a8\u8350\u6587\u7ae0: \u624b\u5de5\u914d\u7f6eGRUB2+iPXE\u5f15\u5bfcnetboot.xyz\u8fdb\u884c Linux \u8fdc\u7a0b\u91cd\u65b0\u5b89\u88c5\u7cfb\u7edf<\/a><\/p>\n apt update && apt full-upgrade<\/p>\n<\/li>\n<\/ul>\n \u5f00\u4e864\u4e2a\u5c0f\u9e21\u6d4b\u8bd5\uff0c \u5206\u522b\u662f Alpine 3.14 Debian 11 Centos 8 ubunt […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[23,60],"class_list":["post-714","post","type-post","status-publish","format-standard","hentry","category-vps","tag-linux","tag-pve"],"_links":{"self":[{"href":"https:\/\/lyvba.com\/index.php\/wp-json\/wp\/v2\/posts\/714","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lyvba.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lyvba.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lyvba.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/lyvba.com\/index.php\/wp-json\/wp\/v2\/comments?post=714"}],"version-history":[{"count":0,"href":"https:\/\/lyvba.com\/index.php\/wp-json\/wp\/v2\/posts\/714\/revisions"}],"wp:attachment":[{"href":"https:\/\/lyvba.com\/index.php\/wp-json\/wp\/v2\/media?parent=714"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lyvba.com\/index.php\/wp-json\/wp\/v2\/categories?post=714"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lyvba.com\/index.php\/wp-json\/wp\/v2\/tags?post=714"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}$ vim \/etc\/hosts #\u4fee\u6539\u4e3b\u673a\u540d<\/h3>\n
127.0.0.1 localhost\n188.188.188.188 debian.proxmox.com debian\n# \u8fd9\u91cc\u586b\u6bcd\u9e21\u516c\u7f51IP\n\n# The following lines are desirable for IPv6 capable hosts\n::1 localhost ip6-localhost ip6-loopback\nff02::1 ip6-allnodes\nff02::2 ip6-allrouters<\/code><\/pre>\n\u5b89\u88c5 Proxmox VE PVE 7.1-5<\/h2>\n
\u6dfb\u52a0 Proxmox VE \u5b58\u50a8\u5e93\uff1a<\/h3>\n
echo \"deb [arch=amd64] http:\/\/download.proxmox.com\/debian\/pve bullseye pve-no-subscription\" \\r\n> \/etc\/apt\/sources.list.d\/pve-install-repo.list<\/code><\/pre>\n\u4ee5 root \u8eab\u4efd\u6dfb\u52a0 Proxmox VE \u5b58\u50a8\u5e93\u5bc6\u94a5\uff08\u6216\u4f7f\u7528 sudo\uff09\uff1a<\/h3>\n
wget https:\/\/enterprise.proxmox.com\/debian\/proxmox-release-bullseye.gpg \\r\n-O \/etc\/apt\/trusted.gpg.d\/proxmox-release-bullseye.gpg <\/code><\/pre>\n\u901a\u8fc7\u8fd0\u884c\u66f4\u65b0\u60a8\u7684\u5b58\u50a8\u5e93\u548c\u7cfb\u7edf\uff1a<\/h3>\n
\u5b89\u88c5 Proxmox VE \u8f6f\u4ef6\u5305\uff0c\u56e0\u4e3a\u6bcd\u9e21\u56fd\u5185\u4e0a\u6d77\uff0c\u5b89\u88c5\u8fd9\u90e8\u4f7f\u7528\u4e86 http\u4ee3\u7406\u63d0\u9ad8\u901f\u5ea6<\/h3>\n
apt install proxmox-ve postfix open-iscsi\n<\/code><\/pre>\nPVE\u6e90\u53ef\u4ee5\u4f7f\u7528\u6e05\u534e\u7684 \u6e05\u534e\u955c\u50cf\uff1ahttps:\/\/mirrors.tuna.tsinghua.edu.cn\/help\/proxmox\/<\/a><\/h3>\n
![\"11.png\"](\"https:\/\/lyvba.com\/wp-content\/uploads\/2021\/11\/631303955.png\" "\\"11.png\\"")
<\/a><\/p>\n\u5b89\u88c5\u5b8c\u6210\uff0c\u4f7f\u7528
https:\/\/ip:8006<\/code> \u4f7f\u7528WebUI\u7ba1\u7406<\/h3>\n\u5b89\u88c5proxmox-ve\u7684\u65f6\u5019\uff0c\u53ef\u4ee5\u5148\u628a\u7f51\u7edc\u9632\u706b\u5899\uff0c\u6309\u56fe\u793a\u5148\u8bbe\u65bd<\/h3>\n
![\"port.PNG\"](\"https:\/\/lyvba.com\/wp-content\/uploads\/2021\/11\/3544364068.png\" "\\"port.PNG\\"")
<\/p>\n\u7f51\u7edc\u8bbe\u7f6e: WebGUI\u7ba1\u7406\u91cc\u6dfb\u52a0
vmbr0<\/code> \uff0c\u9009linux\u7f51\u6865\uff0c\u518d\u4fee\u6539\u7f51\u7edc\u8bbe\u7f6e<\/h3>\ncat \/etc\/network\/interfaces<\/h3>\n
source \/etc\/network\/interfaces.d\/*\n\nauto lo\niface lo inet loopback\n\nauto ens5\niface ens5 inet dhcp\n\nauto vmbr0\n#private sub network\niface vmbr0 inet static\n address 10.10.10.1\/24\n bridge-ports none\n bridge-stp off\n bridge-fd 0\n\n post-up echo 1 > \/proc\/sys\/net\/ipv4\/ip_forward\n post-up iptables -t nat -A POSTROUTING -s '10.10.10.0\/24' -o ens5 -j MASQUERADE\n post-down iptables -t nat -D POSTROUTING -s '10.10.10.0\/24' -o ens5 -j MASQUERADE<\/code><\/pre>\nens5<\/code> \u662f\u817e\u8baf\u4e91\u5b9e\u9645\u7f51\u5361\u540d\u5b57\uff0c10.10.10.0\/24 \u7f51\u6bb5\u662f\u7ed9NAT\u5c0f\u9e21\u5206\u914d\u7684\u7f51\u6bb5<\/h3>\n\u8bbe\u7f6e\u53c2\u8003\u6587\u7ae0: https:\/\/pve.proxmox.com\/wiki\/Network_Configuration<\/a><\/h3>\n
\n
![\"\u6355\u83b7.PNG\"](\"https:\/\/lyvba.com\/wp-content\/uploads\/2021\/11\/1295888543.png\" "\\"\u6355\u83b7.PNG\\"")
<\/p>\n\u5c0f\u9e21\u7f51\u7edc\u8bbe\u7f6e<\/h2>\n
IP\u5730\u5740: \u4f7f\u752810.10.10.0\u7f51\u6bb5\u9759\u6001<\/h3>\n
10.10.10.101\/24 \u4f7f\u7528\u673a\u5668\u7f16\u53f7\u505aIP\u5730\u5740<\/h3>\n
# \u5c0f\u9e21\u7684 ssh 22 \u548c 80 \u7aef\u53e3 \u51c6\u5907\u7aef\u53e3\u8f6c\u53d1\nIP 101: 10122 10180\nIP 102: 10222 10280\nIP 103: 10322 10380\nIP 104: 10422 10480<\/code><\/pre>\n![\"ipv4.png_new.webp\"](\"https:\/\/lyvba.com\/wp-content\/uploads\/2021\/11\/1351004292.webp\" "\\"ipv4.png_new.webp\\"")
<\/p>\nNAT \u5c0f\u9e21\u7aef\u53e3\u8f6c\u53d1 Iptables \u8c03\u8bd5\u641e\u5b9a\uff0c\u6279\u91cf\u53ea\u8981\u4fee\u6539\u4e0b\u9762\u7684\u8bed\u53e5\u5f88\u5bb9\u6613\u641e\u5b9a<\/h2>\n
![\"nat.png\"](\"https:\/\/lyvba.com\/wp-content\/uploads\/2021\/11\/3081739930.png\" "\\"nat.png\\"")
<\/p>\niptables -t nat -A PREROUTING -p tcp -m tcp --dport 10180 \\r\n -j DNAT --to-destination 10.10.10.101:80<\/code><\/pre>\nPVE NAT \u6279\u91cf\u7aef\u53e3\u8f6c\u53d1\u8bbe\u7f6e\u811a\u672c\uff0c\u4f7f\u7528\u547d\u4ee4
nat.sh $(lxc-ls)<\/code> \u81ea\u52a8\u8c03\u7528 lxc\u5bb9\u5668id<\/h2>\n![\"nat2.png\"](\"https:\/\/lyvba.com\/wp-content\/uploads\/2021\/11\/153502263.png\" "\\"nat2.png\\"")
<\/p>\n# Usage: bash nat.sh $(lxc-ls)\n\n# \u5c0f\u9e21\u7684\u7aef\u53e3\u8f6c\u53d1\u89c4\u5219 ssh 22 http 80 10<N>00 : 10<N>99\n# ID\u5bf9\u5e94IP 101: 10122 10180 10100 : 10199\n#-------------------------------------------------------------#\ninput_id()\n{\n id=101\n echo -e \"\u6d4b\u8bd5\u9ed8\u8ba4ID: \u000033[41;37m ${id} \u000033[0m \u53ef\u4ee5\u4fee\u6539\u8bbe\u7f6e\u5176\u4ed6ID; \"\n read -p \"\u8bf7\u8f93\u5165NAT\u5c0f\u9e21\u7684ID\u53f7(\u6309\u56de\u8f66\u4e0d\u4fee\u6539): \" -t 30 new\n if [[ ! -z \"${new}\" ]]; then\n id=\"${new}\"\n fi\n nat_port\n iptables -t nat -nvL PREROUTING\n echo -e \":: PVE NAT \u6279\u91cf\u7aef\u53e3\u8f6c\u53d1\u8bbe\u7f6e\u811a\u672c: \u000033[41;37m bash nat.sh $(lxc-ls) \u000033[0m\n\u4f7f\u7528\u53c2\u8003: https:\/\/lyvba.com\/index.php\/archives\/714\/\"\n}\n# \u4ee5id\u4e3aip\u8bbe\u7f6e\u7aef\u53e3\u8f6c\u53d1\nnat_port()\n{\n iptables -t nat -I PREROUTING -p tcp -m tcp --dport ${id}22 -j DNAT --to-destination 10.10.10.${id}:22\n# iptables -t nat -I PREROUTING -p tcp -m tcp --dport ${id}80 -j DNAT --to-destination 10.10.10.${id}:80\n iptables -t nat -A PREROUTING -p tcp -m multiport --dport ${id}00:${id}99 -j DNAT --to-destination 10.10.10.${id}\n}\n\n# \u624b\u5de5\u8f93\u5165id\uff0cinput_id\u8c03\u7528nat\u7aef\u53e3\u8f6c\u53d1\nif [ $# -eq 0 ];\n then\n input_id\n exit\nfi\n\n# \u904d\u5386\u53c2\u6570 \u6279\u91cf\u8bbe\u7f6e nat\u7aef\u53e3\u8f6c\u53d1\nfor arg in $*\ndo\n id=$arg\n nat_port\ndone\n\n# \u67e5\u770b nat PREROUTING \u7aef\u53e3\u6620\u5c04\u89c4\u5219\niptables -t nat -nvL PREROUTING\n\n# \u6e05\u7a7a nat PREROUTING \u7aef\u53e3\u6620\u5c04\u89c4\u5219\n# iptables -t nat -F PREROUTING<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"