Network Question

kirelgt

Member
Nov 16, 2010
85
0
6
Hello everyone.

I have 2 Proxmox. Each proxmox has two NIC cards. I have been following step by step other posts and put everything exactly, but I cannot get it to work. Here is the whole information.

Proxmox_1

auto eth0
iface eth0 inet static
address 0.0.0.0
netmask 0.0.0.0

auto vmbr0
iface vmbr0 inet static
address 10.10.10.6
netmask 255.255.255.0
gateway 10.10.10.3
bridge_ports eth0
bridge_stp off
bridge_fd 0

auto eth1
iface eth1 inet static
address 0.0.0.0
netmask 0.0.0.0

auto eth1.1
iface eth1.1 inet static
address 0.0.0.0
netmask 0.0.0.0

auto vmbr1
iface vmbr1 inet manual
bridge_ports eth1.1
bridge_stp off
bridge_fd 0


Proxmox-2

auto eth0
iface eth0 inet static
address 0.0.0.0
netmask 0.0.0.0

auto vmbr0
iface vmbr0 inet static
address 10.10.10.230
netmask 255.255.255.0
gateway 10.10.10.3
bridge_ports eth0
bridge_stp off
bridge_fd 0

auto eth1
iface eth1 inet static
address 0.0.0.0
netmask 0.0.0.0

auto eth1.1
iface eth1.1 inet static
address 0.0.0.0
netmask 0.0.0.0



auto vmbr1
iface vmbr1 inet manual
bridge_ports eth1.1
bridge_stp off
bridge_fd 0

THE INFORMATION ON THE VM ON EACH ONE OF THE HOST

***VM ON HOST-1

auto eth0
iface eth0 inet static
address 10.10.10.73
netmask 255.255.255.0
gateway 10.10.10.3
network 10.10.10.0
broadcast 10.10.10.255

auto eth1
iface eth1 inet static
address 192.168.1.102
netmask 255.255.255.0
# gateway 192.168.1.1
network 192.168.1.0
broadcast 192.168.1.255




***VM ON HOST-2

iface eth0 inet static
address 10.10.10.223
netmask 255.255.255.0
gateway 10.10.10.3
network 10.10.10.0
broadcast 10.10.10.255


auto eth1
iface eth1 inet static
address 192.168.1.101
netmask 255.255.255.0
# gateway 192.168.1.2
network 192.168.1.0
broadcast 192.168.1.255
 
There is no way I can ping from the VM in host-1 TO the VM in host-2. Please help, what I am doing wrong. Is it the switch I have that is missing something.??? HELP
 
There is no way I can ping from the VM in host-1 TO the VM in host-2. Please help, what I am doing wrong. Is it the switch I have that is missing something.??? HELP
Hi,
your network-config looks a little bit curious.

On eth1 you use vlan-tagging but only with one vlan and this is the default-vlan. Do you have assigned the ports on the switch as tagged (802.1q) ports?

Which IPs do you use for ping? If i'm right you use both networks (vmbr0 + vmbr1) on both VMs?

Can you ping from VM-a - host-a? Further than host-b? VM-b?

What kind of VMs are you use (kvm/openvz - os / driver / VM-config)?

What show the output of tcpdump on the pve-hosts?

Udo
 
Thanks For the quick reply


On eth1 you use vlan-tagging but only with one vlan and this is the default-vlan. Do you have assigned the ports on the switch as tagged (802.1q) ports? (UDO will you explain this a little bit more, what do mean that vlan1.1 is the default-vlan?? The switch I am using is an unmanaged switch that I cannot do anything to it.)

Which IPs do you use for ping? If i'm right you use both networks (vmbr0 + vmbr1) on both VMs? (Yes I do use the two networks, actually that is the idea)(The network I use for pinging is vmbr1 (192.168.1.0/24))

Can you ping from VM-a - host-a? Further than host-b? VM-b? (NO I cannot.)

What kind of VMs are you use (kvm/openvz - os / driver / VM-config)? (I only use KVM)

What show the output of tcpdump on the pve-hosts? (If I ping from the VM on host-1 do not get to host-2)
proxmox2:~# tcpdump -vv -i vmbr1
tcpdump: WARNING: vmbr1: no IPv4 address assigned
tcpdump: listening on vmbr1, link-type EN10MB (Ethernet), capture size 96 bytes
13:43:11.991925 arp who-has 192.168.1.101 tell 192.168.1.102
13:43:12.991887 arp who-has 192.168.1.101 tell 192.168.1.102
 
Thanks For the quick reply


On eth1 you use vlan-tagging but only with one vlan and this is the default-vlan. Do you have assigned the ports on the switch as tagged (802.1q) ports? (UDO will you explain this a little bit more, what do mean that vlan1.1 is the default-vlan?? The switch I am using is an unmanaged switch that I cannot do anything to it.)
Hi,
if you use vlan-tagging you can use vlan-id from 1 to 4096 - vlan1 is the default-network from the switch.
You can't use vlan-tagging with an unmannaged switch!
Which IPs do you use for ping? If i'm right you use both networks (vmbr0 + vmbr1) on both VMs? (Yes I do use the two networks, actually that is the idea)(The network I use for pinging is vmbr1 (192.168.1.0/24))

Can you ping from VM-a - host-a? Further than host-b? VM-b? (NO I cannot.)

What kind of VMs are you use (kvm/openvz - os / driver / VM-config)? (I only use KVM)

What show the output of tcpdump on the pve-hosts? (If I ping from the VM on host-1 do not get to host-2)
proxmox2:~# tcpdump -vv -i vmbr1
tcpdump: WARNING: vmbr1: no IPv4 address assigned
tcpdump: listening on vmbr1, link-type EN10MB (Ethernet), capture size 96 bytes
13:43:11.991925 arp who-has 192.168.1.101 tell 192.168.1.102
13:43:12.991887 arp who-has 192.168.1.101 tell 192.168.1.102
use something like this:
Code:
auto eth0
iface eth0 inet static
        address 0.0.0.0
        netmask 0.0.0.0

auto vmbr0
iface vmbr0 inet static
        address 10.10.10.6
        netmask 255.255.255.0
        gateway 10.10.10.3
        bridge_ports eth0
        bridge_stp off
        bridge_fd 0

auto eth1
iface eth1 inet static
        address 0.0.0.0
        netmask 0.0.0.0

auto vmbr1
iface vmbr1 inet manual
        bridge_ports eth1
        bridge_stp off
        bridge_fd 0
Udo
 
Yes Udo , but the whole idea is to be able to use one network for data and other for webservices. Actually you think that the main problem is the switch???

Yes I can ping on the 10 network w/o a problem. But the main purpose is to be able to ping on the 192 network.
 
Yes Udo , but the whole idea is to be able to use one network for data and other for webservices. Actually you think that the main problem is the switch???

Yes I can ping on the 10 network w/o a problem. But the main purpose is to be able to ping on the 192 network.
Hi,
the ping for the 10 network should check the network-config inside the VM - with some guests/virt-nic-types you can have trouble (e.g. the old M$-own e1000-driver...).
It's fully ok to use an own nic with brigde for the second network. Without vlan-tagging it's should work like the network on eth0.

If not - look with tcpdump - you must see the same traffic (if for both hosts) on both pve-hosts.
Perhaps to find the error, you can temporary assing vmbr1 an ip-address - to see what you can ping (vm-a - host-a - host-b - vm-b).

Good night,

Udo
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!