[SOLVED] problem with VLAN in prox

[offerlam]

Hi all,

This is my setup

Firewalls in HA config has a VLAN 2 interface with the following IP setup:
192.168.253.1/255.255.255.248


Firewall is connected to two switches

HP 1810-g24 v2

port 1-5 on switch1 is tagged with VLAN 2 and is the ports connected to the 3 prox nodes.
port 1-4 on switch2 is tagged with VLAN 2 and is the ports connected to the 3 prox nodes.
port 12 on each switch is tagged VLAN 2 and is connected to firewall

Proxmox nodes.
3 Nodes total
All connected with 3 cables 2 in one switch and 1 in the other in different combinations to even out the load. Thats why one switch has 1-5 ports for prox and the other has 1-4

The 3 nics on each node is bonede in balance-rr and has a VMBR1 which is VLAN two.

below i will provide the /etc/interface file of each node

Proxmox00

root@proxmox00:~# cat /etc/network/interfaces

[FONT=arial]# network interface settings[/FONT]
[FONT=arial]auto lo[/FONT]
[FONT=arial]iface lo inet loopback[/FONT]
[FONT=arial]
[/FONT]
[FONT=arial]iface eth0 inet manual[/FONT]
[FONT=arial]
[/FONT]
[FONT=arial]iface eth1 inet manual[/FONT]
[FONT=arial]
[/FONT]
[FONT=arial]iface eth2 inet manual[/FONT]
[FONT=arial]
[/FONT]
[FONT=arial]iface eth3 inet manual[/FONT]
[FONT=arial]
[/FONT]
[FONT=arial]auto bond0[/FONT]
[FONT=arial]iface bond0 inet manual[/FONT]
[FONT=arial]        slaves eth1 eth2 eth3[/FONT]
[FONT=arial]        bond_miimon 100[/FONT]
[FONT=arial]        bond_mode balance-rr[/FONT]
[FONT=arial]
[/FONT]
[FONT=arial]auto vmbr0[/FONT]
[FONT=arial]iface vmbr0 inet static[/FONT]
[FONT=arial]        address  10.10.99.20[/FONT]
[FONT=arial]        netmask  255.255.255.0[/FONT]
[FONT=arial]        gateway  10.10.99.1[/FONT]
[FONT=arial]        bridge_ports bond0[/FONT]
[FONT=arial]        bridge_stp off[/FONT]
[FONT=arial]        bridge_fd 0[/FONT]
[FONT=arial]        bridge_maxage 0[/FONT]
[FONT=arial]        bridge_ageing 0[/FONT]
[FONT=arial]        bridge_maxwait 0[/FONT]
[FONT=arial]
[/FONT]
[FONT=arial]auto vmbr1[/FONT]
[FONT=arial]iface vmbr1 inet manual[/FONT]
[FONT=arial]        bridge_ports bond0.2[/FONT]
[FONT=arial]        bridge_stp off[/FONT]
[FONT=arial]        bridge_fd 0[/FONT]
[FONT=arial]        bridge_maxage 0[/FONT]
[FONT=arial]        bridge_ageing 0[/FONT]
[FONT=arial]        bridge_maxwait 0[/FONT]

Proxmox01

root@proxmox01:~# cat /etc/network/interfaces

[FONT=arial]# network interface settings[/FONT]
[FONT=arial]auto lo[/FONT]
[FONT=arial]iface lo inet loopback[/FONT]
[FONT=arial]
[/FONT]
[FONT=arial]iface eth0 inet manual[/FONT]
[FONT=arial]
[/FONT]
[FONT=arial]iface eth1 inet manual[/FONT]
[FONT=arial]
[/FONT]
[FONT=arial]iface eth2 inet manual[/FONT]
[FONT=arial]
[/FONT]
[FONT=arial]iface eth3 inet manual[/FONT]
[FONT=arial]
[/FONT]
[FONT=arial]auto bond0[/FONT]
[FONT=arial]iface bond0 inet manual[/FONT]
[FONT=arial]        slaves eth1 eth2 eth3[/FONT]
[FONT=arial]        bond_miimon 100[/FONT]
[FONT=arial]        bond_mode balance-rr[/FONT]
[FONT=arial]
[/FONT]
[FONT=arial]auto vmbr0[/FONT]
[FONT=arial]iface vmbr0 inet static[/FONT]
[FONT=arial]        address  10.10.99.21[/FONT]
[FONT=arial]        netmask  255.255.255.0[/FONT]
[FONT=arial]        gateway  10.10.99.1[/FONT]
[FONT=arial]        bridge_ports bond0[/FONT]
[FONT=arial]        bridge_stp off[/FONT]
[FONT=arial]        bridge_fd 0[/FONT]
[FONT=arial]        bridge_maxage 0[/FONT]
[FONT=arial]        bridge_ageing 0[/FONT]
[FONT=arial]        bridge_maxwait 0[/FONT]
[FONT=arial]
[/FONT]
[FONT=arial]auto vmbr1[/FONT]
[FONT=arial]iface vmbr1 inet manual[/FONT]
[FONT=arial]        bridge_ports bond0.2[/FONT]
[FONT=arial]        bridge_stp off[/FONT]
[FONT=arial]        bridge_fd 0[/FONT]
[FONT=arial]        bridge_maxage 0[/FONT]
[FONT=arial]        bridge_ageing 0[/FONT]
[FONT=arial]        bridge_maxwait 0[/FONT]
[FONT=arial]
[/FONT]

proxmox02

root@proxmox02:~# cat /etc/network/interfaces

[FONT=arial]# network interface settings[/FONT]
[FONT=arial]auto lo[/FONT]
[FONT=arial]iface lo inet loopback[/FONT]
[FONT=arial]
[/FONT]
[FONT=arial]iface eth0 inet manual[/FONT]
[FONT=arial]
[/FONT]
[FONT=arial]iface eth1 inet manual[/FONT]
[FONT=arial]
[/FONT]
[FONT=arial]iface eth2 inet manual[/FONT]
[FONT=arial]
[/FONT]
[FONT=arial]iface eth3 inet manual[/FONT]
[FONT=arial]
[/FONT]
[FONT=arial]auto bond0[/FONT]
[FONT=arial]iface bond0 inet manual[/FONT]
[FONT=arial]        slaves eth1 eth2 eth3[/FONT]
[FONT=arial]        bond_miimon 100[/FONT]
[FONT=arial]        bond_mode balance-rr[/FONT]
[FONT=arial]
[/FONT]
[FONT=arial]auto vmbr0[/FONT]
[FONT=arial]iface vmbr0 inet static[/FONT]
[FONT=arial]        address  10.10.99.22[/FONT]
[FONT=arial]        netmask  255.255.255.0[/FONT]
[FONT=arial]        gateway  10.10.99.1[/FONT]
[FONT=arial]        bridge_ports bond0[/FONT]
[FONT=arial]        bridge_stp off[/FONT]
[FONT=arial]        bridge_fd 0[/FONT]
[FONT=arial]        bridge_maxage 0[/FONT]
[FONT=arial]        bridge_ageing 0[/FONT]
[FONT=arial]        bridge_maxwait 0[/FONT]
[FONT=arial]
[/FONT]
[FONT=arial]auto vmbr1[/FONT]
[FONT=arial]iface vmbr1 inet manual[/FONT]
[FONT=arial]        bridge_ports bond0.2[/FONT]
[FONT=arial]        bridge_stp off[/FONT]
[FONT=arial]        bridge_fd 0[/FONT]
[FONT=arial]        bridge_maxage 0[/FONT]
[FONT=arial]        bridge_ageing 0[/FONT]

[FONT=arial]        bridge_maxwait 0[/FONT]

Here is my problem

VLAN two has this network 192.168.253.0/29 which means vlan 2 has this ip range

192.168.253.0-7 where .0 is network and .7 is broadcast.
Firewall is .1

When i assign VMBR1 to two VMs and give them .2 and .3 they can ping the firewall .1 but not eachother???

based on memory im sure i have had these machines pinging each other before.. but after changing the hosts file on each one it stopped working even with IPs. Since it doesn't work with IPs i guess its not the host file thing and since the whole thing is based on memory i may be remembering wrong...

also i know its not a firewall issue because if the vlan thing is setup right on the switch pinging from .2 to .3 would not require the firewall the switch will...well switch the packets..

So taking the firewall out of the equation im left with either a proxmox probleme or a switch problem. So i figured i would ask here to see if it was a proxmox problem...

THANKS

Casper

 

[offerlam]

Solved the problem.. it was my mistake.. I had starred myself blind that i had typed in the wrong subnet of them VMs..