I have a network configuration puzzle.
I have a remote SUSE (Leap15.1) machine on a standard private network 192.168.27.0/24. With a local ethernet adaptor ‘eth0’
I access that macine using a wireguard vpn. As I need to access the whole network I masquerade eth0 and all the routing issues get taken care of with no issues.
Now here is the problem. I want to run virtual machines on that remote server using the KVM hypervisor and have done this with no problems except I can’t get the networking right as I want to be able to access not only the physical network but also the virtual machines on the host. I have a bridge device, ‘br0’ (the virtual machines are automatically added as ‘vnet0’ etc.) if I add ‘eth0’ to the bridge all internet access is fine but can only access the host 192.168.27.27. If I masqerade ‘eth0’ or ‘br0’ I am able to access the rest of the network but not the virtual machines attached to the bridge.
It feels like I want to create a vitual ethernet device on the SUSE box which is masqueraded and then add that to the bridge along with the physical ‘eth0’. I guess it wants to look like this:
192.168 | 192.168 192.168.27.27 |
200.2 | 200.1 |
| -------- |
| | | |
---- wg0 ---- (masquerading here) ----| br0 |------------- eth0 and the rest of 192.168.27.0/24
| | | |
wireguard | | |--- vnet0 |
vpn con | | | |
| | |--- vnet1 |
| | | |
| | |--- vnet2 |
| --------
or am I just approaching this in the wrong way?