{"id":6533,"date":"2025-09-17T16:02:19","date_gmt":"2025-09-17T16:02:19","guid":{"rendered":"https:\/\/www.prolimehost.com\/blogs\/?p=6533"},"modified":"2025-10-08T16:48:13","modified_gmt":"2025-10-08T16:48:13","slug":"running-multiple-vms-with-a-single-ipv4","status":"publish","type":"post","link":"https:\/\/www.prolimehost.com\/blogs\/running-multiple-vms-with-a-single-ipv4\/","title":{"rendered":"Running Multiple VMs with a Single IPv4"},"content":{"rendered":"<p><img decoding=\"async\" class=\"wp-image-6561 size-large\" src=\"https:\/\/www.prolimehost.com\/wp-content\/uploads\/sites\/4\/ChatGPT-Image-Sep-16-2025-03_05_01-PM-vms-new-1024x683.png\" alt=\"\" width=\"680\" height=\"454\" srcset=\"https:\/\/www.prolimehost.com\/blogs\/wp-content\/uploads\/sites\/4\/ChatGPT-Image-Sep-16-2025-03_05_01-PM-vms-new-1024x683.png 1024w, https:\/\/www.prolimehost.com\/blogs\/wp-content\/uploads\/sites\/4\/ChatGPT-Image-Sep-16-2025-03_05_01-PM-vms-new-300x200.png 300w, https:\/\/www.prolimehost.com\/blogs\/wp-content\/uploads\/sites\/4\/ChatGPT-Image-Sep-16-2025-03_05_01-PM-vms-new-512x341.png 512w, https:\/\/www.prolimehost.com\/blogs\/wp-content\/uploads\/sites\/4\/ChatGPT-Image-Sep-16-2025-03_05_01-PM-vms-new-920x613.png 920w, https:\/\/www.prolimehost.com\/blogs\/wp-content\/uploads\/sites\/4\/ChatGPT-Image-Sep-16-2025-03_05_01-PM-vms-new.png 1536w\" sizes=\"(max-width: 680px) 100vw, 680px\" \/><\/p>\n<p>Saw a thread on the Webhostingtalk forum this morning asking its members if it was possible to split a dedicated server into several virtual servers using either virtualizor or proxmox and divide them over a single ipv4 without purchasing an IP pool by bridging, or would I need multiple ipv4 addresses?<\/p>\n<p>Lots of great replies from their members, so I thought I&#8217;d expand on this here.\u00a0Yes \u2014 you can split a dedicated server into multiple virtual servers (VMs) using <strong data-start=\"81\" data-end=\"96\">Virtualizor<\/strong> or <strong data-start=\"100\" data-end=\"111\">Proxmox<\/strong>, but the way you handle networking and IPv4 addresses depends on what you want:<\/p>\n<p>You\u2019d configure NAT or a <strong data-start=\"334\" data-end=\"365\">reverse proxy\/load balancer<\/strong> on the host where each VM gets a private\/internal IP (e.g., 10.x.x.x or 192.168.x.x). Outbound traffic from all VMs would be translated to the host\u2019s single IPv4 and inbound traffic would require <strong data-start=\"557\" data-end=\"576\">port forwarding<\/strong> or a proxy to direct connections to the right VM.<\/p>\n<p>This works fine if you don\u2019t need every VM to have its own public IP (e.g., lab, dev servers, internal apps, or web hosting with reverse proxy), but the drawback is that you can\u2019t run identical services (like two VMs both listening on port 443) directly without adding a reverse proxy layer.<\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_80 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.prolimehost.com\/blogs\/running-multiple-vms-with-a-single-ipv4\/#When_You_Need_Multiple_Public_IPs\" >When You Need Multiple Public IPs<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.prolimehost.com\/blogs\/running-multiple-vms-with-a-single-ipv4\/#Practical_Setup_Differences\" >Practical Setup Differences<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.prolimehost.com\/blogs\/running-multiple-vms-with-a-single-ipv4\/#Single_IPv4_NAT_Setup\" >Single IPv4 (NAT Setup)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.prolimehost.com\/blogs\/running-multiple-vms-with-a-single-ipv4\/#Multiple_IPv4s_Bridged_Setup\" >Multiple IPv4s (Bridged Setup)<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.prolimehost.com\/blogs\/running-multiple-vms-with-a-single-ipv4\/#Here_are_clean_copy-pasteable_Proxmox_network_examples_for_both_approaches_Ill_use_generic_names_you_can_adapt\" >Here are clean, copy-pasteable Proxmox network examples for both approaches. I\u2019ll use generic names you can adapt:<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.prolimehost.com\/blogs\/running-multiple-vms-with-a-single-ipv4\/#Single_IPv4_with_NAT_Port_Forwarding\" >Single IPv4 with NAT &amp; Port Forwarding<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.prolimehost.com\/blogs\/running-multiple-vms-with-a-single-ipv4\/#etcnetworkinterfaces_Proxmox_host\" >\/etc\/network\/interfaces (Proxmox host)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/www.prolimehost.com\/blogs\/running-multiple-vms-with-a-single-ipv4\/#NAT_forwarding_run_on_host_make_persistent\" >NAT &amp; forwarding (run on host; make persistent)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/www.prolimehost.com\/blogs\/running-multiple-vms-with-a-single-ipv4\/#VM_NIC_settings_NAT_case\" >VM NIC settings (NAT case)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/www.prolimehost.com\/blogs\/running-multiple-vms-with-a-single-ipv4\/#Multiple_Public_IPv4s_with_Bridging\" >Multiple Public IPv4s with Bridging<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/www.prolimehost.com\/blogs\/running-multiple-vms-with-a-single-ipv4\/#etcnetworkinterfaces\" >\/etc\/network\/interfaces<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/www.prolimehost.com\/blogs\/running-multiple-vms-with-a-single-ipv4\/#VM_NIC_settings_bridged_case\" >VM NIC settings (bridged case)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-13\" href=\"https:\/\/www.prolimehost.com\/blogs\/running-multiple-vms-with-a-single-ipv4\/#Quick_sanity_checks\" >Quick sanity checks<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-14\" href=\"https:\/\/www.prolimehost.com\/blogs\/running-multiple-vms-with-a-single-ipv4\/#When_to_choose_which\" >When to choose which<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-15\" href=\"https:\/\/www.prolimehost.com\/blogs\/running-multiple-vms-with-a-single-ipv4\/#Heres_why_choosing_ProlimeHost_to_customize_your_servers_is_a_smart_move\" >Here\u2019s why choosing ProlimeHost to customize your servers is a smart move:<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-16\" href=\"https:\/\/www.prolimehost.com\/blogs\/running-multiple-vms-with-a-single-ipv4\/#Tailored_Performance\" >Tailored Performance<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-17\" href=\"https:\/\/www.prolimehost.com\/blogs\/running-multiple-vms-with-a-single-ipv4\/#Flexibility_Control\" >Flexibility &amp; Control<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-18\" href=\"https:\/\/www.prolimehost.com\/blogs\/running-multiple-vms-with-a-single-ipv4\/#Scalability_for_Growth\" >Scalability for Growth<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-19\" href=\"https:\/\/www.prolimehost.com\/blogs\/running-multiple-vms-with-a-single-ipv4\/#Security_Compliance\" >Security &amp; Compliance<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-20\" href=\"https:\/\/www.prolimehost.com\/blogs\/running-multiple-vms-with-a-single-ipv4\/#AI_GPU_Optimization\" >AI &amp; GPU Optimization<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-21\" href=\"https:\/\/www.prolimehost.com\/blogs\/running-multiple-vms-with-a-single-ipv4\/#Expert_Guidance_Support\" >Expert Guidance &amp; Support<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<h3 data-start=\"918\" data-end=\"958\"><span class=\"ez-toc-section\" id=\"When_You_Need_Multiple_Public_IPs\"><\/span>When You Need Multiple Public IPs<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p data-start=\"961\" data-end=\"1139\">If each VM must be reachable on its <strong data-start=\"997\" data-end=\"1017\">own IPv4 address<\/strong> (e.g., cPanel hosting, SSL termination per VM, mail servers, etc.), then you\u2019ll need an IP pool from your provider. However, with bridged networking, you simply assign different IPv4s to each VM. Proxmox and Virtualizor both support this directly.<\/p>\n<h3 data-start=\"1275\" data-end=\"1309\"><span class=\"ez-toc-section\" id=\"Practical_Setup_Differences\"><\/span>Practical Setup Differences<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<ul data-start=\"1310\" data-end=\"1637\">\n<li data-start=\"1310\" data-end=\"1469\">\n<p data-start=\"1312\" data-end=\"1329\"><strong data-start=\"1312\" data-end=\"1326\">Proxmox VE<\/strong>:<\/p>\n<ul data-start=\"1332\" data-end=\"1469\">\n<li data-start=\"1332\" data-end=\"1380\">\n<p data-start=\"1334\" data-end=\"1380\">Has built-in NAT, bridge, and routing modes.<\/p>\n<\/li>\n<li data-start=\"1383\" data-end=\"1429\">\n<p data-start=\"1385\" data-end=\"1429\">NAT = use single IPv4, private LAN inside.<\/p>\n<\/li>\n<li data-start=\"1432\" data-end=\"1469\">\n<p data-start=\"1434\" data-end=\"1469\">Bridge = requires multiple IPv4s.<\/p>\n<\/li>\n<\/ul>\n<\/li>\n<li data-start=\"1470\" data-end=\"1637\">\n<p data-start=\"1472\" data-end=\"1490\"><strong data-start=\"1472\" data-end=\"1487\">Virtualizor<\/strong>:<\/p>\n<ul data-start=\"1493\" data-end=\"1637\">\n<li data-start=\"1493\" data-end=\"1563\">\n<p data-start=\"1495\" data-end=\"1563\">Typically expects an IP pool if you want each VM exposed publicly.<\/p>\n<\/li>\n<li data-start=\"1566\" data-end=\"1637\">\n<p data-start=\"1568\" data-end=\"1637\">Can be made to work with NAT (but less plug-and-play than Proxmox).<\/p>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p data-start=\"1644\" data-end=\"1664\">\u2705 <strong data-start=\"1646\" data-end=\"1662\">Bottom line:<\/strong><\/p>\n<p data-start=\"1667\" data-end=\"1798\">If you only have one IPv4 and don\u2019t want to purchase more, you can still create several VMs by using NAT and port forwarding.<\/p>\n<p data-start=\"1801\" data-end=\"1916\">If you want each VM to have its own dedicated IPv4, then you\u2019ll need a pool of IPv4s from your host\/provider.<\/p>\n<article dir=\"auto\" tabindex=\"-1\" data-turn-id=\"request-WEB:eae0b5c3-df79-404e-b1ce-b9ccf0533264-1\" data-testid=\"conversation-turn-4\" data-scroll-anchor=\"false\" data-turn=\"assistant\">\n<h3 data-start=\"146\" data-end=\"184\"><span class=\"ez-toc-section\" id=\"Single_IPv4_NAT_Setup\"><\/span>Single IPv4 (NAT Setup)<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p data-start=\"185\" data-end=\"243\">When you only have <strong data-start=\"204\" data-end=\"223\">one public IPv4<\/strong> from your provider.<\/p>\n<p><code>Internet<br \/>\n|<br \/>\n[ Public IPv4: 203.0.113.10 ]<br \/>\n|<br \/>\nProxmox Host<br \/>\n---------------------<br \/>\n| NAT \/ iptables   |<br \/>\n| Forwarding Rules |<br \/>\n---------------------<br \/>\n\/          |<br \/>\nVM1 (10.0.0.2)  VM2 (10.0.0.3)  VM3 (10.0.0.4)<br \/>\nPrivate IPs only<br \/>\n<\/code><\/p>\n<ul data-start=\"618\" data-end=\"939\">\n<li data-start=\"618\" data-end=\"652\">\n<p data-start=\"620\" data-end=\"652\">Host has the only public IPv4.<\/p>\n<\/li>\n<li data-start=\"653\" data-end=\"720\">\n<p data-start=\"655\" data-end=\"720\">Each VM sits on a <strong data-start=\"673\" data-end=\"691\">private subnet<\/strong> (10.x.x.x or 192.168.x.x).<\/p>\n<\/li>\n<li data-start=\"721\" data-end=\"765\">\n<p data-start=\"723\" data-end=\"765\">Outbound traffic \u2192 NAT\u2019d to host\u2019s IPv4.<\/p>\n<\/li>\n<li data-start=\"766\" data-end=\"838\">\n<p data-start=\"768\" data-end=\"838\">Inbound traffic \u2192 you set <strong data-start=\"794\" data-end=\"811\">port forwards<\/strong> (e.g., 80\u2192VM1, 443\u2192VM2).<\/p>\n<\/li>\n<li data-start=\"839\" data-end=\"939\">\n<p data-start=\"841\" data-end=\"939\">Alternative: run <strong data-start=\"858\" data-end=\"875\">NGINX\/HAProxy<\/strong> on host as a reverse proxy to route based on hostname\/domain.<\/p>\n<\/li>\n<\/ul>\n<p data-start=\"941\" data-end=\"1047\">\u2705 Pros: No need to buy extra IPs.<br data-start=\"974\" data-end=\"977\" \/>\u274c Cons: Can\u2019t easily give each VM its own independent IPv4 identity.<\/p>\n<h3 data-start=\"1054\" data-end=\"1099\"><span class=\"ez-toc-section\" id=\"Multiple_IPv4s_Bridged_Setup\"><\/span>Multiple IPv4s (Bridged Setup)<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p data-start=\"1100\" data-end=\"1161\">When you purchase a <strong data-start=\"1120\" data-end=\"1143\">block\/pool of IPv4s<\/strong> (e.g., \/29, \/28).<\/p>\n<p><code>Internet<br \/>\n|<br \/>\n[ IP Block: 203.0.113.8\/29 ]<br \/>\n|<br \/>\nProxmox Host<br \/>\n--------------------<br \/>\n| vmbr0 (bridge)   |<br \/>\n--------------------<br \/>\n\/        |<br \/>\nVM1 (203.0.113.9) VM2 (203.0.113.10) VM3 (203.0.113.11)<br \/>\nPublic IPs directly assigned<br \/>\n<\/code><\/p>\n<ul data-start=\"1516\" data-end=\"1728\">\n<li data-start=\"1516\" data-end=\"1576\">\n<p data-start=\"1518\" data-end=\"1576\">Host gets one IP from the block, rest are mapped to VMs.<\/p>\n<\/li>\n<li data-start=\"1577\" data-end=\"1640\">\n<p data-start=\"1579\" data-end=\"1640\">VMs connect directly to the Internet with <strong data-start=\"1621\" data-end=\"1637\">unique IPv4s<\/strong>.<\/p>\n<\/li>\n<li data-start=\"1641\" data-end=\"1661\">\n<p data-start=\"1643\" data-end=\"1661\">No NAT required.<\/p>\n<\/li>\n<li data-start=\"1662\" data-end=\"1728\">\n<p data-start=\"1664\" data-end=\"1728\">Each VM can run services independently (e.g., web, mail, SSL).<\/p>\n<\/li>\n<\/ul>\n<p data-start=\"1730\" data-end=\"1866\">\u2705 Pros: Each VM has its own IPv4 \u2014 cleaner and more professional for production hosting.<br data-start=\"1818\" data-end=\"1821\" \/>\u274c Cons: Requires paying for additional IPs.<\/p>\n<p data-start=\"1873\" data-end=\"1890\">\ud83d\udc49 <strong data-start=\"1876\" data-end=\"1888\">My thoughts<\/strong><\/p>\n<p data-start=\"1893\" data-end=\"1972\">If this is for testing, dev, or internal use, go with NAT (Option 1).<\/p>\n<p data-start=\"1975\" data-end=\"2104\">If this is for production hosting (multiple websites, cPanel, mail servers), you\u2019ll want a small IPv4 block (Option 2).<\/p>\n<h4 data-start=\"2111\" data-end=\"2242\"><span class=\"ez-toc-section\" id=\"Here_are_clean_copy-pasteable_Proxmox_network_examples_for_both_approaches_Ill_use_generic_names_you_can_adapt\"><\/span>Here are clean, copy-pasteable <strong data-start=\"37\" data-end=\"48\">Proxmox<\/strong> network examples for both approaches. I\u2019ll use generic names you can adapt:<span class=\"ez-toc-section-end\"><\/span><\/h4>\n<\/article>\n<article dir=\"auto\" tabindex=\"-1\" data-turn-id=\"a79a4f10-3831-4b37-9c69-03f397522978\" data-testid=\"conversation-turn-6\" data-scroll-anchor=\"true\" data-turn=\"assistant\">\n<ul data-start=\"126\" data-end=\"391\">\n<li data-start=\"126\" data-end=\"160\">\n<p data-start=\"128\" data-end=\"160\">Public\/WAN NIC on host: <code data-start=\"152\" data-end=\"158\">eno1<\/code><\/p>\n<\/li>\n<li data-start=\"161\" data-end=\"211\">\n<p data-start=\"163\" data-end=\"211\">Private\/LAN bridge for VMs (NAT case): <code data-start=\"202\" data-end=\"209\">vmbr1<\/code><\/p>\n<\/li>\n<li data-start=\"212\" data-end=\"253\">\n<p data-start=\"214\" data-end=\"253\">Public bridge (bridged case): <code data-start=\"244\" data-end=\"251\">vmbr0<\/code><\/p>\n<\/li>\n<li data-start=\"254\" data-end=\"338\">\n<p data-start=\"256\" data-end=\"338\">Host public IP (single-IP NAT example): <code data-start=\"296\" data-end=\"313\">203.0.113.10\/24<\/code>, gateway <code data-start=\"323\" data-end=\"336\">203.0.113.1<\/code><\/p>\n<\/li>\n<li data-start=\"339\" data-end=\"391\">\n<p data-start=\"341\" data-end=\"391\">Private VM subnet (NAT example): <code data-start=\"374\" data-end=\"389\">10.10.10.0\/24<\/code><\/p>\n<\/li>\n<\/ul>\n<h3 data-start=\"398\" data-end=\"449\"><span class=\"ez-toc-section\" id=\"Single_IPv4_with_NAT_Port_Forwarding\"><\/span>Single IPv4 with NAT &amp; Port Forwarding<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h3 data-start=\"451\" data-end=\"497\"><span class=\"ez-toc-section\" id=\"etcnetworkinterfaces_Proxmox_host\"><\/span><code data-start=\"457\" data-end=\"482\">\/etc\/network\/interfaces<\/code> (Proxmox host)<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><code><code>auto lo<br \/>\niface lo inet loopback<\/code><\/code># ===== WAN: host&#8217;s one public IP =====<br \/>\nauto eno1<br \/>\niface eno1 inet manualauto vmbr0<br \/>\niface vmbr0 inet static<br \/>\naddress 203.0.113.10\/24<br \/>\ngateway 203.0.113.1<br \/>\nbridge-ports eno1<br \/>\nbridge-stp off<br \/>\nbridge-fd 0# ===== LAN bridge for VMs (private subnet) =====<br \/>\nauto vmbr1<br \/>\niface vmbr1 inet static<br \/>\naddress 10.10.10.1\/24<br \/>\nbridge-ports none<br \/>\nbridge-stp off<br \/>\nbridge-fd 0<br \/>\npost-up echo 1 &gt; \/proc\/sys\/net\/ipv4\/ip_forwardReboot networking or the node after saving (or use ifupdown2 if installed).<\/p>\n<h3 data-start=\"1060\" data-end=\"1113\"><span class=\"ez-toc-section\" id=\"NAT_forwarding_run_on_host_make_persistent\"><\/span>NAT &amp; forwarding (run on host; make persistent)<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p data-start=\"1114\" data-end=\"1187\">Create <code data-start=\"1121\" data-end=\"1150\">\/etc\/network\/if-up.d\/99-nat<\/code> and make it executable (<code data-start=\"1175\" data-end=\"1185\">chmod +x<\/code>):<\/p>\n<p><code><code>#!\/bin\/sh<br \/>\n# Enable NAT from vmbr1 (10.10.10.0\/24) out via public interface<br \/>\niptables -t nat -C POSTROUTING -s 10.10.10.0\/24 -o vmbr0 -j MASQUERADE 2&gt;\/dev\/null ||<br \/>\niptables -t nat -A POSTROUTING -s 10.10.10.0\/24 -o vmbr0 -j MASQUERADE<\/code><\/code># Example inbound DNAT: forward ports to a VM<br \/>\n# HTTP (80) -&gt; VM 10.10.10.10<br \/>\niptables -t nat -C PREROUTING -i vmbr0 -p tcp &#8211;dport 80 -j DNAT &#8211;to-destination 10.10.10.10 2&gt;\/dev\/null ||<br \/>\niptables -t nat -A PREROUTING -i vmbr0 -p tcp &#8211;dport 80 -j DNAT &#8211;to-destination 10.10.10.10# HTTPS (443) -&gt; VM 10.10.10.11<br \/>\niptables -t nat -C PREROUTING -i vmbr0 -p tcp &#8211;dport 443 -j DNAT &#8211;to-destination 10.10.10.11# Allow forwarding<br \/>\niptables -C FORWARD -i vmbr0 -o vmbr1 -m state &#8211;state RELATED,ESTABLISHED -j ACCEPT 2&gt;\/dev\/null ||<br \/>\niptables -A FORWARD -i vmbr0 -o vmbr1 -m state &#8211;state RELATED,ESTABLISHED -j ACCEPT<br \/>\niptables -C FORWARD -i vmbr1 -o vmbr0 -j ACCEPT 2&gt;\/dev\/null ||<br \/>\niptables -A FORWARD -i vmbr1 -o vmbr0 -j ACCEPT<\/p>\n<blockquote data-start=\"2166\" data-end=\"2363\">\n<p data-start=\"2168\" data-end=\"2363\">Adjust the DNAT targets (e.g., <code data-start=\"2199\" data-end=\"2212\">10.10.10.10<\/code>) per VM.<br data-start=\"2221\" data-end=\"2224\" \/>Alternative: instead of port forwards, terminate <strong data-start=\"2275\" data-end=\"2292\">NGINX\/HAProxy<\/strong> on the host to route based on hostname\u2014lets multiple VMs share 80\/443.<\/p>\n<\/blockquote>\n<h3 data-start=\"2365\" data-end=\"2397\"><span class=\"ez-toc-section\" id=\"VM_NIC_settings_NAT_case\"><\/span>VM NIC settings (NAT case)<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p data-start=\"2398\" data-end=\"2440\">In Proxmox VM \u2192 Hardware \u2192 Network Device:<\/p>\n<ul data-start=\"2441\" data-end=\"2635\">\n<li data-start=\"2441\" data-end=\"2458\">\n<p data-start=\"2443\" data-end=\"2458\">Bridge: <code data-start=\"2451\" data-end=\"2458\">vmbr1<\/code><\/p>\n<\/li>\n<li data-start=\"2459\" data-end=\"2483\">\n<p data-start=\"2461\" data-end=\"2483\">(Optional) Firewall on<\/p>\n<\/li>\n<li data-start=\"2484\" data-end=\"2635\">\n<p data-start=\"2486\" data-end=\"2522\">Inside the VM, set a static IP like:<\/p>\n<ul data-start=\"2525\" data-end=\"2635\">\n<li data-start=\"2525\" data-end=\"2544\">\n<p data-start=\"2527\" data-end=\"2544\">IP: <code data-start=\"2531\" data-end=\"2544\">10.10.10.10<\/code><\/p>\n<\/li>\n<li data-start=\"2547\" data-end=\"2573\">\n<p data-start=\"2549\" data-end=\"2573\">Netmask: <code data-start=\"2558\" data-end=\"2573\">255.255.255.0<\/code><\/p>\n<\/li>\n<li data-start=\"2576\" data-end=\"2599\">\n<p data-start=\"2578\" data-end=\"2599\">Gateway: <code data-start=\"2587\" data-end=\"2599\">10.10.10.1<\/code><\/p>\n<\/li>\n<li data-start=\"2602\" data-end=\"2635\">\n<p data-start=\"2604\" data-end=\"2635\">DNS: your preferred resolver(s)<\/p>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3 data-start=\"2642\" data-end=\"2690\"><span class=\"ez-toc-section\" id=\"Multiple_Public_IPv4s_with_Bridging\"><\/span>Multiple Public IPv4s with Bridging<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p data-start=\"2692\" data-end=\"2931\">Assume you purchased a routed block (example <code data-start=\"2737\" data-end=\"2742\">\/29<\/code>: <code data-start=\"2744\" data-end=\"2760\">203.0.113.8\/29<\/code>, usable <code data-start=\"2769\" data-end=\"2777\">.9-.14<\/code>, gateway from provider, often <strong data-start=\"2808\" data-end=\"2822\">not inside<\/strong> the \/29). You\u2019ll typically keep your <strong data-start=\"2860\" data-end=\"2879\">primary host IP<\/strong> on the WAN and present the \/29 to VMs via a bridge.<\/p>\n<h2 data-start=\"2933\" data-end=\"2964\"><span class=\"ez-toc-section\" id=\"etcnetworkinterfaces\"><\/span><code data-start=\"2939\" data-end=\"2964\">\/etc\/network\/interfaces<\/code><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><code><code>auto lo<br \/>\niface lo inet loopback<\/code><\/code># Host main uplink (keeps its existing single public IP)<br \/>\nauto eno1<br \/>\niface eno1 inet manual# Public bridge the VMs attach to<br \/>\nauto vmbr0<br \/>\niface vmbr0 inet static<br \/>\naddress 203.0.113.10\/24 # your host\u2019s existing IP (or whatever your provider gave for the main IP)<br \/>\ngateway 203.0.113.1<br \/>\nbridge-ports eno1<br \/>\nbridge-stp off<br \/>\nbridge-fd 0<\/p>\n<blockquote data-start=\"3361\" data-end=\"3443\">\n<p data-start=\"3363\" data-end=\"3443\">You <strong data-start=\"3367\" data-end=\"3377\">do not<\/strong> assign the \/29 IPs to the host. You assign them <em data-start=\"3426\" data-end=\"3442\">inside the VMs<\/em>.<\/p>\n<\/blockquote>\n<h3 data-start=\"3445\" data-end=\"3481\"><span class=\"ez-toc-section\" id=\"VM_NIC_settings_bridged_case\"><\/span>VM NIC settings (bridged case)<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<ul data-start=\"3482\" data-end=\"3764\">\n<li data-start=\"3482\" data-end=\"3499\">\n<p data-start=\"3484\" data-end=\"3499\">Bridge: <code data-start=\"3492\" data-end=\"3499\">vmbr0<\/code><\/p>\n<\/li>\n<li data-start=\"3500\" data-end=\"3764\">\n<p data-start=\"3502\" data-end=\"3547\">Inside each VM, configure one of the \/29 IPs:<\/p>\n<ul data-start=\"3550\" data-end=\"3764\">\n<li data-start=\"3550\" data-end=\"3576\">\n<p data-start=\"3552\" data-end=\"3576\">VM1 IP: <code data-start=\"3560\" data-end=\"3576\">203.0.113.9\/29<\/code><\/p>\n<\/li>\n<li data-start=\"3579\" data-end=\"3743\">\n<p data-start=\"3581\" data-end=\"3743\">Gateway: <strong data-start=\"3590\" data-end=\"3627\">use the provider\u2019s router\/gateway<\/strong> as instructed (some DCs require using the host\u2019s main gateway, others route via the host\u2014follow their handoff doc).<\/p>\n<\/li>\n<li data-start=\"3746\" data-end=\"3764\">\n<p data-start=\"3748\" data-end=\"3764\">DNS: your choice<\/p>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<blockquote data-start=\"3766\" data-end=\"4125\">\n<p data-start=\"3768\" data-end=\"4125\">Some providers deliver the additional block as routed to your host IP (no ARP). In that case, keep the VM NIC on <code data-start=\"3885\" data-end=\"3892\">vmbr0<\/code> but set the VM gateway to the host\u2019s vmbr0 IP and add host routes, or use Proxmox as a router for that \/29. If the DC uses <strong data-start=\"4020\" data-end=\"4037\">MAC filtering<\/strong> or \u201cone MAC per IP\u201d, you may need to request additional MACs or use their vSwitch\/VLAN.<\/p>\n<\/blockquote>\n<h3 data-start=\"4132\" data-end=\"4154\"><span class=\"ez-toc-section\" id=\"Quick_sanity_checks\"><\/span>Quick sanity checks<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<ul data-start=\"4156\" data-end=\"4532\">\n<li data-start=\"4156\" data-end=\"4262\">\n<p data-start=\"4158\" data-end=\"4189\">Enable forwarding persistently:<\/p>\n<ul data-start=\"4192\" data-end=\"4262\">\n<li data-start=\"4192\" data-end=\"4262\">\n<p data-start=\"4194\" data-end=\"4262\">Add <code data-start=\"4198\" data-end=\"4221\">net.ipv4.ip_forward=1<\/code> to <code data-start=\"4225\" data-end=\"4243\">\/etc\/sysctl.conf<\/code>, then <code data-start=\"4250\" data-end=\"4261\">sysctl -p<\/code>.<\/p>\n<\/li>\n<\/ul>\n<\/li>\n<li data-start=\"4263\" data-end=\"4361\">\n<p data-start=\"4265\" data-end=\"4361\">If using <strong data-start=\"4274\" data-end=\"4294\">Proxmox Firewall<\/strong>, allow the necessary FORWARD\/IN rules or disable PF while testing.<\/p>\n<\/li>\n<li data-start=\"4362\" data-end=\"4532\">\n<p data-start=\"4364\" data-end=\"4532\">Confirm which interface actually egresses to the Internet (<code data-start=\"4423\" data-end=\"4445\">ip route get 1.1.1.1<\/code>) and match your iptables <code data-start=\"4471\" data-end=\"4475\">-o<\/code> device accordingly (sometimes it\u2019s <code data-start=\"4511\" data-end=\"4517\">eno1<\/code>, not <code data-start=\"4523\" data-end=\"4530\">vmbr0<\/code>).<\/p>\n<\/li>\n<\/ul>\n<h3 data-start=\"4539\" data-end=\"4562\"><span class=\"ez-toc-section\" id=\"When_to_choose_which\"><\/span>When to choose which<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<ul data-start=\"4564\" data-end=\"4756\">\n<li data-start=\"4564\" data-end=\"4648\">\n<p data-start=\"4566\" data-end=\"4648\"><strong data-start=\"4566\" data-end=\"4602\">Single IPv4, no budget for more:<\/strong> NAT + (port forwards or reverse proxy).<\/p>\n<\/li>\n<li data-start=\"4649\" data-end=\"4756\">\n<p data-start=\"4651\" data-end=\"4756\"><strong data-start=\"4651\" data-end=\"4712\">Production hosting <\/strong>(mail, SSL per VM, cPanel, isolation)<strong data-start=\"4651\" data-end=\"4712\">:<\/strong> buy a small block (\/30-\/28) and bridge.<\/p>\n<\/li>\n<\/ul>\n<p><img decoding=\"async\" class=\"aligncenter size-full wp-image-6271\" src=\"https:\/\/www.prolimehost.com\/wp-content\/uploads\/sites\/4\/Prolimehost-logo1-scaled-e1755887631205.png\" alt=\"\" width=\"350\" height=\"59\" \/><\/p>\n<\/article>\n<article dir=\"auto\" tabindex=\"-1\" data-turn-id=\"a79a4f10-3831-4b37-9c69-03f397522978\" data-testid=\"conversation-turn-6\" data-scroll-anchor=\"true\" data-turn=\"assistant\">\n<h3 style=\"text-align: center;\" data-start=\"0\" data-end=\"78\"><span class=\"ez-toc-section\" id=\"Heres_why_choosing_ProlimeHost_to_customize_your_servers_is_a_smart_move\"><\/span><em>Here\u2019s why choosing <strong data-start=\"20\" data-end=\"35\">ProlimeHost<\/strong> to customize your servers is a smart move:<\/em><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h3 data-start=\"85\" data-end=\"113\"><span class=\"ez-toc-section\" id=\"Tailored_Performance\"><\/span>Tailored Performance<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p data-start=\"114\" data-end=\"471\">Not every workload is the same. With ProlimeHost, you can customize CPU, RAM, storage, and network configurations to match the exact requirements of your application\u2014whether you\u2019re running AI models, hosting high-traffic websites, streaming, or managing databases. This ensures you\u2019re not overpaying for unused resources or underpowered when traffic spikes.<\/p>\n<h3 data-start=\"478\" data-end=\"507\"><span class=\"ez-toc-section\" id=\"Flexibility_Control\"><\/span>Flexibility &amp; Control<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p data-start=\"508\" data-end=\"767\">ProlimeHost gives you <strong data-start=\"530\" data-end=\"550\">full root access<\/strong> and the freedom to install and configure software stacks, security tools, and operating systems as you see fit. Unlike cookie-cutter hosting, <a href=\"https:\/\/www.prolimehost.com\/blogs\/prolimehost-offers-customized-solutions\/\" target=\"_blank\" rel=\"noopener\">customized servers<\/a> let you build the environment your team actually needs.<\/p>\n<h3 data-start=\"774\" data-end=\"804\"><span class=\"ez-toc-section\" id=\"Scalability_for_Growth\"><\/span>Scalability for Growth<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p data-start=\"805\" data-end=\"1046\">As your business grows, your servers can grow with you. ProlimeHost makes it easy to scale vertically (upgrading CPU cores, GPUs, or RAM) or horizontally (adding more servers), so your infrastructure adapts to future demand without downtime.<\/p>\n<h3 data-start=\"1053\" data-end=\"1082\"><span class=\"ez-toc-section\" id=\"Security_Compliance\"><\/span>Security &amp; Compliance<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p data-start=\"1083\" data-end=\"1367\">Customized servers mean you can enforce <strong data-start=\"1123\" data-end=\"1153\">your own security policies<\/strong>\u2014firewalls, encryption, compliance tools\u2014suited to your industry (finance, healthcare, e-commerce, etc.). ProlimeHost supports hardened configurations that protect sensitive data while meeting regulatory standards.<\/p>\n<h3 data-start=\"1374\" data-end=\"1403\"><span class=\"ez-toc-section\" id=\"AI_GPU_Optimization\"><\/span>AI &amp; GPU Optimization<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p data-start=\"1404\" data-end=\"1689\">In 2025, workloads like AI, ML, and automation dominate. ProlimeHost offers <a href=\"https:\/\/www.prolimehost.com\/blogs\/addressing-ai-apps-and-prolimehost-gpu-servers\/\" target=\"_blank\" rel=\"noopener\"><strong data-start=\"1480\" data-end=\"1503\">GPU-powered servers<\/strong><\/a> that you can fine-tune for AI inference, training, or real-time analytics. A customized environment ensures maximum efficiency and cost-effectiveness for these resource-intensive tasks.<\/p>\n<h3 data-start=\"1696\" data-end=\"1729\"><span class=\"ez-toc-section\" id=\"Expert_Guidance_Support\"><\/span>Expert Guidance &amp; Support<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p data-start=\"1730\" data-end=\"1991\">Customization can be complex\u2014but ProlimeHost\u2019s engineers help you design, deploy, and manage a server setup that\u2019s reliable and future-ready. Whether you need <strong data-start=\"1889\" data-end=\"1933\">KVM, IPMI, or advanced networking setups<\/strong>, ProlimeHost provides hands-on support to make it smooth.<\/p>\n<p data-start=\"1998\" data-end=\"2177\">\u2705 <strong data-start=\"2000\" data-end=\"2016\">Bottom line:<\/strong> ProlimeHost lets you transform generic hosting into a <strong data-start=\"2071\" data-end=\"2110\">strategic infrastructure investment<\/strong>\u2014fully aligned with your performance, security, and growth goals.<\/p>\n<p data-start=\"9767\" data-end=\"9907\">\ud83d\udc49\u00a0<strong data-start=\"9770\" data-end=\"9799\">Contact ProlimeHost today<\/strong>\u00a0to explore <a href=\"https:\/\/www.prolimehost.com\/blogs\/why-businesses-are-moving-back-to-dedicated-servers-in-2025\/\" target=\"_blank\" rel=\"noopener\">dedicated server<\/a> solutions designed to deliver growth, scalability, and unmatched performance.<\/p>\n<p data-start=\"9767\" data-end=\"9907\">You can reach us at sales@prolimehost.com or at 1 (877) 477-9454<\/p>\n<\/article>\n","protected":false},"excerpt":{"rendered":"Saw a thread on the Webhostingtalk forum this morning asking its members if it was possible to split&hellip;","protected":false},"author":3,"featured_media":6561,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"csco_display_header_overlay":false,"csco_singular_sidebar":"","csco_page_header_type":"","footnotes":""},"categories":[220,10],"tags":[207,43,107,198,139],"class_list":{"0":"post-6533","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-dedicated-server","8":"category-tutorials-tips","9":"tag-ai-servers","10":"tag-dedicated-server","11":"tag-dedicated-servers-usa","12":"tag-gpu-servers","13":"tag-prolimehost","14":"cs-entry"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.prolimehost.com\/blogs\/wp-json\/wp\/v2\/posts\/6533","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.prolimehost.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.prolimehost.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.prolimehost.com\/blogs\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.prolimehost.com\/blogs\/wp-json\/wp\/v2\/comments?post=6533"}],"version-history":[{"count":0,"href":"https:\/\/www.prolimehost.com\/blogs\/wp-json\/wp\/v2\/posts\/6533\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.prolimehost.com\/blogs\/wp-json\/wp\/v2\/media\/6561"}],"wp:attachment":[{"href":"https:\/\/www.prolimehost.com\/blogs\/wp-json\/wp\/v2\/media?parent=6533"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.prolimehost.com\/blogs\/wp-json\/wp\/v2\/categories?post=6533"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.prolimehost.com\/blogs\/wp-json\/wp\/v2\/tags?post=6533"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}