Setting up DHCP for Proxmox VMs

My hobby box over at OVH (which runs a Proxmox host) only has 1 public IP, requiring me to use internal IPs for everything else (I chose 172.20.0.1/14 with 172.20.0.1 as the gateway). This isn't really a problem in general - except I want to be able to deploy VMs on-the-fly without having to worry about:

  1. Allocating them an IP address
  2. Configuring that IP address in the guest operating system

The second point materialises into a "must have" when testing the Windows VMs (e.g. from modern.ie). The moment you boot their VMs - the 90 day limit begins. This means you cannot install any pre-requisite software (and then take a snapshot) that would allow it dynamic network configuration in advance, and I want to be able to automatically provision these VMs for as long as I want going forwards - without having to incur manual work to re-create snapshots every 90 days.

In any case, it's always better to use the best tool for the job. Here, I'll be using the isc-dhcp-server DHCP server and having it allocate anything from 172.21.*.* to any clients that request an IP address. The most minimal configuration is as follows:

$ fgrep INTERFACES /etc/default/isc-dhcp-server 
INTERFACES="vmbr172"

$ cat /etc/dhcp/dhcpd.conf
default-lease-time         3600;
max-lease-time             7200;

option subnet-mask         255.252.0.0;
option broadcast-address   172.23.255.255;
option routers             172.20.0.1;
option domain-name-servers 8.8.8.8;
option domain-name         "lan.jay.sh";

subnet 172.20.0.0 netmask 255.252.0.0 {
    range 172.21.0.1 172.21.255.254;
}

Apply the same configuration, then restart the service to apply the changes.

$ sudo service isc-dhcp-server restart
Stopping ISC DHCP server: dhcpd.
Starting ISC DHCP server: dhcpd.

Just make sure any VMs you provision are now on vmbr172 and they'll automatically pick up an IP address:

For completeness, this is my bridge setup in order to be able to use the range I mentioned above on VMs and containers (from /etc/network/interfaces):

auto vmbr172
iface vmbr172 inet static
    address 172.20.0.1
    netmask 255.252.0.0
    bridge_ports none
    bridge_stp off
    bridge_fd 0
    post-up echo 1 > /proc/sys/net/ipv4/ip_forward
    post-up iptables -t nat -A POSTROUTING -s '172.20.0.1/14' -o vmbr0 -j MASQUERADE
    post-down iptables -t nat -D POSTROUTING -s '172.20.0.1/14' -o vmbr0 -j MASQUERADE