PVE Host cannot ping to gateway

[Never]

Hello everyone!

Today I met a problem that gave me a headache. The PVE host cannot ping the gateway (and no internet), but the VMs can (have internet).

There are three ethernet cards in the PVE, two of which work: enp23s0f0 (as eno1 in the map) and enp2s0 (as eno2 in the map). enp23s0f0 is connected to ST5008f (switch), and enp2s0 is connected to a PC (REAL) because the cable is not long enough to make the PC connect to the switch. Those two ports are combined as vmbr0 (Linux Bridge).

OpenWrt (as the VM in esxi) for pppoe and as a DHCP server and gateway. ST5008f is a switch, which LAN 1 is connected to OpenWrt's LAN 1, LAN 2 is connected to PVE's enp23s0f0, LAN 3 is connected to AP.

And here is the problem: the host cannot ping the gateway and has no internet, but the VMs and the PC (connected to enp2s0) can and have internet. Besides, other devices in the local area network can access the web management of the PVE.

The network topological map is as follows.



For simplicity, eno1 in the figure represents enp23s0f0 and eno2 represents enp2s0.

The IP addresses are:
openwrt: 10.10.1.1, DHCP server subnet mask is 255.255.240.0. For IPV4/CIDR is: 10.10.1.1/20.
ESXi management: 10.10.2.1.
PVE management: 10.10.3.1; IPV4/CIDR: 10.10.3.1/20; Gateway: 10.10.1.1; Bridge ports: enp23s0f0 enp2s0; Auto start: ON; mtu: defalut 1500.
st5008f switch: 10.10.0.186 (Via DHCP)

Below is /etc/network/interfaces

auto lo
iface lo inet loopback

iface enp23s0f0 inet manual

iface enp6s0 inet manual

iface wlp2s0 inet manual

iface enp23s0f1 inet manual

iface enp2s0 inet manual

auto vmbr0
iface vmbr0 inet static
        address 10.10.3.1/20
        gateway 10.10.1.1
        bridge-ports enp23s0f0 enp2s0
        bridge-stp off
        bridge-fd 0

Below is ip addr

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: enp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master vmbr0 state UP group default qlen 1000
    link/ether MAC brd ff:ff:ff:ff:ff:ff
3: enp6s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
    link/ether MAC brd ff:ff:ff:ff:ff:ff
4: enp23s0f0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master vmbr0 state UP group default qlen 1000
    link/ether MAC brd ff:ff:ff:ff:ff:ff
5: enp23s0f1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether MAC brd ff:ff:ff:ff:ff:ff
6: wlp4s0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether MAC brd ff:ff:ff:ff:ff:ff
7: vmbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether MAC brd ff:ff:ff:ff:ff:ff
    inet 10.10.3.1/20 scope global vmbr0
       valid_lft forever preferred_lft forever
    inet6 fd14:71e8:f1f5:4fd2:92e2:baff:fec3:603c/64 scope global deprecated dynamic mngtmpaddr
       valid_lft 857sec preferred_lft 0sec
    inet6 GLOBAL IPV6 ADDR scope global dynamic mngtmpaddr
       valid_lft 239224sec preferred_lft 152824sec
    inet6 fe80::92e2:baff:fec3:603c/64 scope link
       valid_lft forever preferred_lft forever

 

[Never]

Update: the host can arping the gateway, and can ping the gateway via the global ipv6 address:

ARPING 10.10.1.1
60 bytes from 00:0c:32:42:1e:4c (10.10.1.1): index=0 time=236.166 usec
60 bytes from 00:0c:32:42:1e:4c  (10.10.1.1): index=1 time=150.088 usec
60 bytes from 00:0c:32:42:1e:4c  (10.10.1.1): index=2 time=151.690 usec
60 bytes from 00:0c:32:42:1e:4c  (10.10.1.1): index=3 time=129.212 usec
60 bytes from 00:0c:32:42:1e:4c  (10.10.1.1): index=4 time=157.083 usec

The mac address matches the gateway's mac address.

 

[mrperson221]

Did you ever find a fix for this? I'm experiencing the same issue and haven't been able to find anything.