X-Git-Url: https://git.proxmox.com/?p=pve-firewall.git;a=blobdiff_plain;f=README;h=7fd313b08d69e500c9a5023a91f749fd4996a9e6;hp=ae0d7ba0ee96b54d532fe62b126dbacb7a936ce4;hb=ce36326d1fc77f0dbd141b9bf0771a1ac21b221a;hpb=e51bd2aa6d30410917f1e6324e9231a5f918c3f2

diff --git a/README b/README
index ae0d7ba..7fd313b 100644
--- a/README
+++ b/README
@@ -93,23 +93,36 @@ use a veth device which is plugged into the bridge:
 
 ...
 
-auto pvemgmt0
-iface pvemgmt0 inet static
-	address  192.168.10.10
-	netmask  255.255.255.0
-	gateway  192.168.10.1
-	pre-up ip link add name pvemgmt0 type veth peer name pvemgmt0peer
- 	pre-up ip link set pvemgmt0peer up
- 	pre-down ip link set pvemgmt0peer down
-	post-down ip link del pvemgmt0
-
 auto vmbr0
 iface vmbr0 inet manual
-	bridge_ports pvemgmt0peer eth0
+	bridge_ports bond0
 	bridge_stp off
 	bridge_fd 0
-	pre-up ifup pvemgmt0
+
+# this create the veth device and plug it into vmbr0
+auto pm0
+iface pm0 inet static
+	address  192.168.10.10
+	netmask  255.255.255.0
+	gateway  192.168.10.1
+	VETH_BRIDGETO vmbr0
+
+auto vmbr1
+iface vmbr1 inet manual
+      bridge_ports none
+      bridge_stp off
+      bridge_fd 0
+
+# setup masqueraded bridge port vmbr1/pm1 using pm0
+# NOTE: this needs kernel 3.10.0 or newer (for conntrack --zone) 
+auto pm1
+iface pm1 inet static
+       address 10.10.10.1
+       netmask 255.255.255.0
+       VETH_BRIDGETO vmbr1
+       VETH_MASQUERADE pm0
 
 ...
 
 --------------------------------
+