Basic networking question

M

MimCom

Active Member
Apr 22, 2011
204
3
38
Southwest NM
PVE host is 192.168.X.20
Multiple CTs running fine on that subnet with various addresses.

Adding a new CT with the address 172.16.X.Y
Can not ping workstation, router, or KVM VMs on 172.16.X subnet.

Do I need to assign something in that range to the PVE host?


thank you
 
Added a 172.16 address to the host and rebooted. Now the host can ping the itself and the CT, but not the local KVM machine or the router.

Ping myself:
Code: 
root@pve1:~# ping -c 5 172.16.88.20
PING 172.16.88.20 (172.16.88.20) 56(84) bytes of data.
64 bytes from 172.16.88.20: icmp_req=1 ttl=64 time=0.021 ms
64 bytes from 172.16.88.20: icmp_req=2 ttl=64 time=0.024 ms
64 bytes from 172.16.88.20: icmp_req=3 ttl=64 time=0.031 ms
64 bytes from 172.16.88.20: icmp_req=4 ttl=64 time=0.023 ms
64 bytes from 172.16.88.20: icmp_req=5 ttl=64 time=0.026 ms

--- 172.16.88.20 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 3999ms
rtt min/avg/max/mdev = 0.021/0.025/0.031/0.003 ms

Ping a local KVM machine:
Code: 
root@pve1:~# ping -c 5 172.16.88.2
PING 172.16.88.2 (172.16.88.2) 56(84) bytes of data.
From 172.16.88.20 icmp_seq=1 Destination Host Unreachable
From 172.16.88.20 icmp_seq=2 Destination Host Unreachable
From 172.16.88.20 icmp_seq=3 Destination Host Unreachable
From 172.16.88.20 icmp_seq=4 Destination Host Unreachable
From 172.16.88.20 icmp_seq=5 Destination Host Unreachable

--- 172.16.88.2 ping statistics ---
5 packets transmitted, 0 received, +5 errors, 100% packet loss, time 4007ms
pipe 3

Ping the router:
Code: 
root@pve1:~# ping -c 5 172.16.88.1
PING 172.16.88.1 (172.16.88.1) 56(84) bytes of data.
From 172.16.88.20 icmp_seq=2 Destination Host Unreachable
From 172.16.88.20 icmp_seq=3 Destination Host Unreachable
From 172.16.88.20 icmp_seq=4 Destination Host Unreachable
From 172.16.88.20 icmp_seq=5 Destination Host Unreachable

--- 172.16.88.1 ping statistics ---
5 packets transmitted, 0 received, +4 errors, 100% packet loss, time 4000ms
pipe 3

Ping a local CT:

Code: 
root@pve1:~# ping -c 5 172.16.88.21
PING 172.16.88.21 (172.16.88.21) 56(84) bytes of data.
64 bytes from 172.16.88.21: icmp_req=1 ttl=64 time=0.034 ms
64 bytes from 172.16.88.21: icmp_req=2 ttl=64 time=0.029 ms
64 bytes from 172.16.88.21: icmp_req=3 ttl=64 time=0.027 ms
64 bytes from 172.16.88.21: icmp_req=4 ttl=64 time=0.043 ms
64 bytes from 172.16.88.21: icmp_req=5 ttl=64 time=0.030 ms

--- 172.16.88.21 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4000ms
rtt min/avg/max/mdev = 0.027/0.032/0.043/0.008 ms
 
Thanks. I added 172.16.88.20 on VMBR1 earlier, but left out the explicit binding to eth0. I want to add a default gateway, since this subnet will be served by a different router and upstream than the existing 192.168.44.X network --but I get an error when trying to specify that:
Code: 
Parameter verification failed.  (400)
[B]gateway: Default gateway already exists on interface 'vmbr0'.[/B]
 
Hello mhotel

Only one default gateway can exist. If you need both networks for routing to different destinations you must use the "route" command. See

man route

for more information.

Kind regards

Mr.Holmes
 
I understand routing. I do not yet understand how to setup CT's in a different IP address range using a different default route than the original host has, nor how to get this second range of IPs connected outside the OpenVZ host so they can be utilized.

After adding the binding to vmbr1, and moving the network device for the KVM machine to vmbr1, I still have a segmented network: The host can ping all the CTs in the new address block, and they can ping the host, but neither can reach the KVM machine, the router or my workstation. My workstation, the router and the KVM machine can all communicate with each other on this new subnet, but not with the host or any of the CTs.
 
Last edited:
Hello mhotel

In that case remove the IP address(es) from CT(s) and add Network Device(s) (veth) instead.

Afterwards configure inside of CT(s) networking (addresses, routing) with the usual linux commands inside of the CT(s)

Kind regards

Mr.Holmes
 
OK -- left the IP on for now so I can access via SSH. Added eth1 as a veth on vmbr1. Given the lack of dmesg in CTs how do I verify the existence of the new 'hardware' inside the CT? Forging ahead.

Created /etc/interfaces.tail as below:
Code: 
auto eth1
iface eth1 inet static
    address 172.16.88.26
    netmask 255.255.255.0
    gateway 172.16.88.1

then restart networking and
Code: 
# ifconfig eth1
eth1      Link encap:Ethernet  HWaddr fa:35:9b:d4:b7:4c  
          inet addr:172.16.88.26  Bcast:172.16.88.255  Mask:255.255.255.0
          inet6 addr: fe80::f835:9bff:fed4:b74c/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:11 errors:0 dropped:0 overruns:0 frame:0
          TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:620 (620.0 B)  TX bytes:768 (768.0 B)

# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
172.16.88.0     *               255.255.255.0   U     0      0        0 eth1
default         *               0.0.0.0         U     0      0        0 venet0
default         172.16.88.1     0.0.0.0         UG    0      0        0 eth1

Now I can ping myself, but still can not ping either the KVM guest on the same host and vmbr (.88.2) or the router (.88.1):
Code: 
root@test:~# ping -c 5 172.16.88.26
PING 172.16.88.26 (172.16.88.26) 56(84) bytes of data.
64 bytes from 172.16.88.26: icmp_req=1 ttl=64 time=0.035 ms
64 bytes from 172.16.88.26: icmp_req=2 ttl=64 time=0.036 ms
64 bytes from 172.16.88.26: icmp_req=3 ttl=64 time=0.041 ms
64 bytes from 172.16.88.26: icmp_req=4 ttl=64 time=0.042 ms
64 bytes from 172.16.88.26: icmp_req=5 ttl=64 time=0.045 ms

--- 172.16.88.26 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4000ms
rtt min/avg/max/mdev = 0.035/0.039/0.045/0.008 ms

root@test:~# ping -c 5 172.16.88.2
PING 172.16.88.2 (172.16.88.2) 56(84) bytes of data.
From 172.16.88.26 icmp_seq=2 Destination Host Unreachable
From 172.16.88.26 icmp_seq=3 Destination Host Unreachable
From 172.16.88.26 icmp_seq=4 Destination Host Unreachable
From 172.16.88.26 icmp_seq=5 Destination Host Unreachable

--- 172.16.88.2 ping statistics ---
5 packets transmitted, 0 received, +4 errors, 100% packet loss, time 4001ms
pipe 3

root@test:~# ping -c 5 172.16.88.1
PING 172.16.88.1 (172.16.88.1) 56(84) bytes of data.
From 172.16.88.26 icmp_seq=1 Destination Host Unreachable
From 172.16.88.26 icmp_seq=2 Destination Host Unreachable
From 172.16.88.26 icmp_seq=3 Destination Host Unreachable
From 172.16.88.26 icmp_seq=4 Destination Host Unreachable
From 172.16.88.26 icmp_seq=5 Destination Host Unreachable

--- 172.16.88.1 ping statistics ---
5 packets transmitted, 0 received, +5 errors, 100% packet loss, time 4000ms
pipe 3

At least unreachable replies are coming from the correct interface.

thanks~
 
Last edited:
Hello mhotel,


Hm ... I have some similar configuration working without any problems - with one exception: in case of OVS, see below..

Check in the PROXMOX server

brctl show

and in both PROXMOX server and kvm

ifconfig -a

whether bridges and ip addresses are correctly defined

Or do you use OVS bridges? In this case I detected that sometimes the bridges defined by web gui are not activated correctly.
Then check

ovs-vsctl list-ports vmbr1

and if it is missing add the CT interface manually by (in the examples below 503 is the CT id)

ovs-vsctl add-port vmbr1 veth503.0

The ip-address for venet0 in the CT is not necessary any more and should be deleted to have clear conditions (even it should not disturb), if ssh is not working you can directly connect from PROXMOX server to CT by

vzctl enter 503

Kind regards

Mr. Holmes
 
Thank you.

Mr.Holmes said:
Check in the PROXMOX server

brctl show
Code: 
# brctl show
bridge name    bridge id        STP enabled    interfaces
vmbr0        8000.002354458b04    no        eth0
                            tap100i4
                            veth103.0
                            veth105.0
vmbr0v33        8000.002354458b04    no        eth0.33
                            tap100i3
vmbr0v44        8000.002354458b04    no        eth0.44
                            tap100i2
vmbr0v88        8000.002354458b04    no        eth0.88
                            tap100i1
vmbr0v99        8000.002354458b04    no        eth0.99
                            tap100i0
vmbr1        8000.0ad71973e9d4    no        veth106.0
and in both PROXMOX server and kvm

ifconfig -a

whether bridges and ip addresses are correctly defined
Click to expand...

I have to confess I have not much experience with bridging in linux.
Code: 
root@pve1:~# ifconfig -a
eth0      Link encap:Ethernet  HWaddr 00:23:54:45:8b:04  
          inet6 addr: fe80::223:54ff:fe45:8b04/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2930070 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1875972 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:2900446349 (2.7 GiB)  TX bytes:255926730 (244.0 MiB)
          Interrupt:30 Base address:0x2000 

eth0.33   Link encap:Ethernet  HWaddr 00:23:54:45:8b:04  
          inet6 addr: fe80::223:54ff:fe45:8b04/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2624 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:173256 (169.1 KiB)

eth0.44   Link encap:Ethernet  HWaddr 00:23:54:45:8b:04  
          inet6 addr: fe80::223:54ff:fe45:8b04/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2624 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:173256 (169.1 KiB)

eth0.88   Link encap:Ethernet  HWaddr 00:23:54:45:8b:04  
          inet6 addr: fe80::223:54ff:fe45:8b04/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2628 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:173544 (169.4 KiB)

eth0.99   Link encap:Ethernet  HWaddr 00:23:54:45:8b:04  
          inet6 addr: fe80::223:54ff:fe45:8b04/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:74593 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:3195954 (3.0 MiB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:86079 errors:0 dropped:0 overruns:0 frame:0
          TX packets:86079 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:25309858 (24.1 MiB)  TX bytes:25309858 (24.1 MiB)

tap100i0  Link encap:Ethernet  HWaddr 12:9f:1c:7f:64:b9  
          inet6 addr: fe80::109f:1cff:fe7f:64b9/64 Scope:Link
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:71969 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2628 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500 
          RX bytes:3022698 (2.8 MiB)  TX bytes:173544 (169.4 KiB)

tap100i1  Link encap:Ethernet  HWaddr 7e:79:53:e4:75:c5  
          inet6 addr: fe80::7c79:53ff:fee4:75c5/64 Scope:Link
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:15 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2628 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500 
          RX bytes:1242 (1.2 KiB)  TX bytes:173544 (169.4 KiB)

tap100i2  Link encap:Ethernet  HWaddr be:db:cb:73:7b:19  
          inet6 addr: fe80::bcdb:cbff:fe73:7b19/64 Scope:Link
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2628 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500 
          RX bytes:0 (0.0 B)  TX bytes:173544 (169.4 KiB)

tap100i3  Link encap:Ethernet  HWaddr 8a:e9:8f:29:a0:b6  
          inet6 addr: fe80::88e9:8fff:fe29:a0b6/64 Scope:Link
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2628 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500 
          RX bytes:0 (0.0 B)  TX bytes:173544 (169.4 KiB)

tap100i4  Link encap:Ethernet  HWaddr e6:c1:b1:a7:d6:03  
          inet6 addr: fe80::e4c1:b1ff:fea7:d603/64 Scope:Link
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:3843 errors:0 dropped:0 overruns:0 frame:0
          TX packets:283826 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500 
          RX bytes:2902266 (2.7 MiB)  TX bytes:27464864 (26.1 MiB)

venet0    Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          inet6 addr: fe80::1/128 Scope:Link
          UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1
          RX packets:807599 errors:0 dropped:0 overruns:0 frame:0
          TX packets:791661 errors:0 dropped:5 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:135869203 (129.5 MiB)  TX bytes:324199227 (309.1 MiB)

veth103.0 Link encap:Ethernet  HWaddr fa:bb:7f:bd:99:00  
          inet6 addr: fe80::f8bb:7fff:febd:9900/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:278519 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

veth105.0 Link encap:Ethernet  HWaddr f2:53:2d:04:0c:2d  
          inet6 addr: fe80::f053:2dff:fe04:c2d/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:278499 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

veth106.0 Link encap:Ethernet  HWaddr 0a:d7:19:73:e9:d4  
          inet6 addr: fe80::8d7:19ff:fe73:e9d4/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:18 errors:0 dropped:0 overruns:0 frame:0
          TX packets:291 errors:0 dropped:3 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:720 (720.0 B)  TX bytes:15180 (14.8 KiB)

vmbr0     Link encap:Ethernet  HWaddr 00:23:54:45:8b:04  
          inet addr:192.168.44.20  Bcast:192.168.44.255  Mask:255.255.255.0
          inet6 addr: fe80::223:54ff:fe45:8b04/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2747753 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1787030 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:2831279399 (2.6 GiB)  TX bytes:249134224 (237.5 MiB)

vmbr1     Link encap:Ethernet  HWaddr 0a:d7:19:73:e9:d4  
          inet addr:172.16.88.20  Bcast:172.16.88.255  Mask:255.255.255.0
          inet6 addr: fe80::9838:b4ff:fe8d:463/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:45 errors:0 dropped:0 overruns:0 frame:0
          TX packets:93 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:1980 (1.9 KiB)  TX bytes:5418 (5.2 KiB)

vmbr0v33  Link encap:Ethernet  HWaddr 00:23:54:45:8b:04  
          inet6 addr: fe80::c418:9aff:fe4b:817f/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:14 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:1156 (1.1 KiB)

vmbr0v44  Link encap:Ethernet  HWaddr 00:23:54:45:8b:04  
          inet6 addr: fe80::98:51ff:fef7:2bd7/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:23 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:1930 (1.8 KiB)

vmbr0v88  Link encap:Ethernet  HWaddr 00:23:54:45:8b:04  
          inet6 addr: fe80::e067:40ff:fe07:3443/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:4 errors:0 dropped:0 overruns:0 frame:0
          TX packets:18 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:232 (232.0 B)  TX bytes:1500 (1.4 KiB)

vmbr0v99  Link encap:Ethernet  HWaddr 00:23:54:45:8b:04  
          inet6 addr: fe80::8ccd:f7ff:fe20:5e52/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:71969 errors:0 dropped:0 overruns:0 frame:0
          TX packets:34 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:2015132 (1.9 MiB)  TX bytes:2876 (2.8 KiB)
Code: 
root@test:/# ifconfig -a
eth1      Link encap:Ethernet  HWaddr fa:35:9b:d4:b7:4c  
          inet addr:172.16.88.26  Bcast:172.16.88.255  Mask:255.255.255.0
          inet6 addr: fe80::f835:9bff:fed4:b74c/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:299 errors:0 dropped:0 overruns:0 frame:0
          TX packets:18 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:15596 (15.2 KiB)  TX bytes:720 (720.0 B)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:19 errors:0 dropped:0 overruns:0 frame:0
          TX packets:19 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:1848 (1.8 KiB)  TX bytes:1848 (1.8 KiB)

venet0    Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          inet addr:127.0.0.2  P-t-P:127.0.0.2  Bcast:0.0.0.0  Mask:255.255.255.255
          UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1
          RX packets:266 errors:0 dropped:0 overruns:0 frame:0
          TX packets:165 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:22115 (21.5 KiB)  TX bytes:30260 (29.5 KiB)

venet0:0  Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          inet addr:192.168.44.26  P-t-P:192.168.44.26  Bcast:192.168.44.26  Mask:255.255.255.255
          UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1
Or do you use OVS bridges?
Click to expand...
No OVS bridges yet. Will probably look into those once we move to 3.2.
The ip-address for venet0 in the CT is not necessary any more and should be deleted to have clear conditions (even it should not disturb), if ssh is not working you can directly connect from PROXMOX server to CT by

vzctl enter 503
Click to expand...

Right, will give that a try. It's just so convenient with many terminal windows open to have the hostname in the title bar.

Thank you again.
Click to expand...
 
No change after removing the venet in the original subnet:
Code: 
root@test:/# ifconfig -a
eth1      Link encap:Ethernet  HWaddr fa:35:9b:d4:b7:4c  
          inet addr:172.16.88.26  Bcast:172.16.88.255  Mask:255.255.255.0
          inet6 addr: fe80::f835:9bff:fed4:b74c/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:6 errors:0 dropped:0 overruns:0 frame:0
          TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:348 (348.0 B)  TX bytes:552 (552.0 B)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:4 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:448 (448.0 B)  TX bytes:448 (448.0 B)

venet0    Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          BROADCAST POINTOPOINT NOARP  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

root@test:/# ping -c 5 172.16.88.2
PING 172.16.88.2 (172.16.88.2) 56(84) bytes of data.
From 172.16.88.26 icmp_seq=2 Destination Host Unreachable
From 172.16.88.26 icmp_seq=3 Destination Host Unreachable
From 172.16.88.26 icmp_seq=4 Destination Host Unreachable
From 172.16.88.26 icmp_seq=5 Destination Host Unreachable

--- 172.16.88.2 ping statistics ---
5 packets transmitted, 0 received, +4 errors, 100% packet loss, time 4000ms
pipe 3
root@test:/# ping -c 5 172.16.88.1
PING 172.16.88.1 (172.16.88.1) 56(84) bytes of data.
From 172.16.88.26 icmp_seq=1 Destination Host Unreachable
From 172.16.88.26 icmp_seq=2 Destination Host Unreachable
From 172.16.88.26 icmp_seq=3 Destination Host Unreachable
From 172.16.88.26 icmp_seq=4 Destination Host Unreachable
From 172.16.88.26 icmp_seq=5 Destination Host Unreachable

--- 172.16.88.1 ping statistics ---
5 packets transmitted, 0 received, +5 errors, 100% packet loss, time 4000ms
pipe 4
root@test:/# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
172.16.88.0     *               255.255.255.0   U     0      0        0 eth1
default         172.16.88.1     0.0.0.0         UG    0      0        0 eth1
 
Hello mhotel,

vlan is used here - I didn't now. The interface has to be bridged to vmbr0v88 then (supposing it is connected with segment 172.16.88.0/24).

I cannot find any support for this in the web-interface. On command line it can be done as follows (note that CT must run):

brctl delif vmbr1 veth106.0

brctl addif vmbr0v88 veth106.0

BUT!!

In my tests bridged vlans did not work properly at all (sent out packages correctly but did not receive any, maybe in your case it is ok, try pinging between the machines and from them to router).

Finally I changed to OVS, and it worked. Here the solution is to make in internal port (define a name, e.g. "po88") with the proper vlan tag and bridge it to the kvm (possible via web-interface).
The connection with CT I made as follows (not possible via web-interface, vet106h.0@vmbr1 remains in that case):

brctl addif vmbr1 po88

If the method is "state of the art" or "too tricky" I cannot say - maybe somebody in the forum has an idea ....

Kind regards

Mr.Holmes
 
Mr.Holmes said:
vlan is used here - I didn't now.
Click to expand...

Actually, I started this trying to use VLANs about a week ago and then fell back to "can we just get the CTs to talk to the KVM guests?" The interfaces I am trying to connect (for now) are eth1 in ct106 and net4 on vm100, neither of which uses VLANs. Once that is working, I will tackle the VLAN beast.

Edit: Maybe I should just bite the bullet and upgrade so I can move to OVS. Has anyone tried an in-place upgrade from 2.3 to 3.2?
 
Last edited:
OK, after a bit of work I'm running 3.2.2 now.

Can't find much info on OVS. This and this hint at it a bit, but I don't see anything in the GUI when I try to create a bridge that looks like it will invoke OVS instead of standard linux bridging. Anyone got a step-by-step for OVS on 3.2 ?

thx~
 
The first step is to install OVS (I think you have done already)

To use create NW type OVS. Then you have the possibility to create a virtual NIC for your vlan (select create -> OVS Int port) for the proxmox-host. To use it in kvm bridge this virtual port to the kvm virtual NIC.

For use in CT you define just an IP address.

See also my posts above!
 
Last edited:
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back