Normally Proxmox Virtual Environment server goes with the single internal network card, connected to the physical network card with the bridge connection.
In case this Proxmox server is connected to the secure private network, each running virtual machine or container will automatically receive IP address from the DHCP server and has connectivity right away. But what if the Proxmox server has it's own single public IP address and we would like our virtual machines and containers to have private IP addreses within the hypervisor? Then we will have to create our own virtual network inside the Proxmox hypervisor and assign private IP addresses to our internal productive loads.
First let's create additional network interface in the Network section of the Proxmox node and make it bridge connected to the standard vmbr0 interface. Also let's give it first network address of the choosen CIDR block along with the network mask number. For example if we decided to make 192.168.0.0/24 network inside the hyptervisor, lets make this interfase sitting on the 192.168.0.1/24 IP address.
Now we have standard gateway interface pointing to the internet. To get it working, forwarding network traffick both ways and mask private addresses, lets append needed settings to the end of the /etc/network/interfaces file.
auto vmbr1
iface vmbr1 inet static
address 192.168.0.1/24
bridge-ports none
bridge-stp off
bridge-fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '192.168.0.0/24' -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '192.168.0.0/24' -o vmbr0 -j MASQUERADE
After adding these settings network will not automatically start working as intended, so we should either reload the whole server or apply settings directly in the command line:
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s '192.168.0.0/24' -o vmbr0 -j MASQUERADE
From this point everything should have connection, which could be thouroughly tested with ping, traceroute, telnet, nslookup, dig and other network utilities.