You are using a static config, you can use IPv6 token to add static suffix to your proxmox host.
accept_ra 2
up ip token set ::71c6:b34f:8e2a:54f5 dev vmbr0
Hopefully it works, I am currently using it right now myself. Once you reboot your router and it clears the stored DUID, start proxmox and copy the newly assigned client id from /var/lib/dhcp/dhclient6.vmbr0.leases and paste it in /etc/dhcp/dhclient.conf
interface "vmbr0" {
send...
If your Proxmox host does not boot try rebooting the router, proxmox waits until a new lease is received and once you reboot the router, your router gives a new lease and proxmox boots immediately.
Any update on this, my rules are still not working! Pretty common rules
Allow fd88::1
Allow 10.88.88.1
Reject fd88::/64
Reject 10.88.88.0/24
It used to work in iptables but not in nftables. Pinging out from VM correctly blocks IPv4 ping but not IPv6 ping. Cannot connect to any VMs that has the...
I have a similar problem https://forum.proxmox.com/threads/blocking-lan-access-for-vms-does-not-work-accept-ping-using-nftables.145748/
Pretty common and basic firewall rule. Allow gateway and block LAN, IPv4 is somewhat working IPv6 not at all.
Same rules worked fine with iptables. Now I cannot connect to any of the VMs using SSH. Pinging fd88::7 should be blocked from VMs but is allowing outbound connection while pinging 10.88.88.7 correctly blocks outgoing ping. I allowed IPv6 and IPv4 router gateway in the rules.
cat...
Looks like I need
ct state established,related accept
in my VM config.
chain guest-100-in {
jump allow-dhcp-in
jump allow-ndp-in
ether type arp accept
jump group-block-lan-in
jump after-vm-in...
I used to block private range 10.0.0.0 from the firewall and allowed the gateway and it worked but now after upgrading and enabling nftables I can ping VMs but they will not connect using any other port (SSH, HTTPS). Once I disable outbound rule blocking 10.0.0.0 I can connect to all the VMs in...
How do I enable the nftables and start playing with it, I just upgraded to 8.2
Update: Found it in Datacenter > Node > Firewall > Options > nftables > enable.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.