Setting up DHCP for Proxmox VMs

My hobby box over at OVH (which runs a Proxmox host) only has 1 public IP, requiring me to use internal IPs for everything else (I chose with as the gateway). This isn't really a problem in general - except I want to be able to deploy VMs on-the-fly without having to worry about:

  1. Allocating them an IP address
  2. Configuring that IP address in the guest operating system

The second point materialises into a "must have" when testing the Windows VMs (e.g. from The moment you boot their VMs - the 90 day limit begins. This means you cannot install any pre-requisite software (and then take a snapshot) that would allow it dynamic network configuration in advance, and I want to be able to automatically provision these VMs for as long as I want going forwards - without having to incur manual work to re-create snapshots every 90 days.

In any case, it's always better to use the best tool for the job. Here, I'll be using the isc-dhcp-server DHCP server and having it allocate anything from 172.21.*.* to any clients that request an IP address. The most minimal configuration is as follows:

$ fgrep INTERFACES /etc/default/isc-dhcp-server 

$ cat /etc/dhcp/dhcpd.conf
default-lease-time         3600;
max-lease-time             7200;

option subnet-mask;
option broadcast-address;
option routers   ;
option domain-name-servers;
option domain-name         "";

subnet netmask {

Apply the same configuration, then restart the service to apply the changes.

$ sudo service isc-dhcp-server restart
Stopping ISC DHCP server: dhcpd.
Starting ISC DHCP server: dhcpd.

Just make sure any VMs you provision are now on vmbr172 and they'll automatically pick up an IP address:

For completeness, this is my bridge setup in order to be able to use the range I mentioned above on VMs and containers (from /etc/network/interfaces):

auto vmbr172
iface vmbr172 inet static
    bridge_ports none
    bridge_stp off
    bridge_fd 0
    post-up echo 1 > /proc/sys/net/ipv4/ip_forward
    post-up iptables -t nat -A POSTROUTING -s '' -o vmbr0 -j MASQUERADE
    post-down iptables -t nat -D POSTROUTING -s '' -o vmbr0 -j MASQUERADE